I noticed this email message this morning:
> Subject: mjoelnir.fritz.box daily insecurity output
> From: "Charlie Root @ mjoelnir_aa1667" ...
> To: ...
> Date: Fri, 07 Jun 2024 01:32:17 +0200 (CEST)
>
>
> Running security(8):
>
> Setuid changes:
> -r-x--s--x 1 root _sshagnt 435040 May 20 14:18
Sorry about the delay in replying, i was travelling ...
On Fri, May 24, 2024 at 06:04:25PM +0200, Peter N. M. Hansteen wrote:
> ...
> > May 23 10:32:13.267374 rule 1/(match) pass in on em0: 192.168.178.166.56334
> > > 192.168.178.11.54321: udp 7
> So this last one never leaves, right?
Right.
>
Hi Guys,
Thanks for the feedback, to address your points:
1> Possibly stupid question, but did you set the sysctl(s) to enable forwarding?
Yes I tried this pf rule change with version 4 forwarding
(net.inet.ip.forwarding) both enabled and disabled.
Either way the pf "pass out tagged" rule is
Hi All,
I need to quickly create a solution for forwarding multicast traffic
between two systems, so I though perhaps I could use pf to do just that
by writing some rules along the lines of:
1. pass in on iface A proto UDP ... tag mcast
2. pass out on iface B tagged mcast
And anoth
On Sat, Apr 06, 2024 at 02:42:25PM +0200, Eivind Eide wrote:
> After upgrading to 7.5 amd64 -stable (and all ports updated) I get
> these messages in /var/log/messages. This is with bash from ports
> inside tmux over SSH:
>
> tmux: vfprintf %s NULL in "%.*s"
> bash: vfprintf %s NULL in "%.*s"
>
On Thu, Dec 21, 2023 at 08:20:37AM -0300, Crystal Kolipe wrote:
> > login.conf used to allow unlimited datasize for the 'daemon' class. That was
> > changed to cap at 4G
>
> Actually the value is an architecture dependent setting.
>
> On amd64 it is indeed 4G, but typically 1024 Mb on the small
On Wed, Dec 20, 2023 at 10:57:41AM -0500, Nick Holland wrote:
> the ROOTBACKUP process is making an image of a live file system; fsck
> grumblings ARE expected. It's just one of those things you aren't supposed
> to do (but I do it regularly, because normally, you can get away with it).
>
> Why
On Wed, Dec 20, 2023 at 03:23:52PM -, Stuart Henderson wrote:
> > ...
> > When I started gdb (no expert) I noticed this "Dwarf error":
> > mjoelnir:/tmp 20.12 12:04:38 % gdb -e /usr/local/bin/Thunar -c thunar.core
> > GNU gdb 6.3
>
> https://www.openbsd.org/faq/ports/ports.html#Backtrace
Th
Hi All,
I'm running XFCE on OpenBSD 7.4 GENERIC.MP#1535 amd64
I pressed Control+h in thunar thinking that it would toggle the display
of hidden files ( .dot files), but instead thunar core dumps:
-rw--- 1 robb robb 20656304 Dec 19 21:02 thunar.core
Would this be an OpenBSD (portin
...
Reply-To:
Hi All,
A couple of questions ...
I have "ROOTBACKUP=1" in /etc/daily.local to replicate my root partition
as described in the FAQ (https://www.openbsd.org/faq/faq14.html#altroot)
I noticed after an update to a new snapshot via sysupgrade that the next
daily output email contains
Hi All,
I just noticed that "simple-scan" no longer works, it cannot find my
scanner. This used to work just fine.
I'm running the latest (installed today) snapshot, but I don't know when
this stopped working - I try not to do much scanning :-)
The scanner is a Canon Pixma "Multi Function" dev
Hi All,
FYI, I noticed this in the last couple of daily insecurity output emails:
> From: "Charlie Root @ mjoelnir_aa1667"
> Date: Fri, 7 Jul 2023 01:32:09 +0200 (CEST)
>
> Running security(8):
>
> Checking special files and directories.
> Output format is:
> filename:
>
I have no idea how I could make my question any clearer:
> My question is not about how to disable pf, but rather why the packets
> are see as "in" when coming from my own address, and, why they are
> blocked i.e. ...
On Thu, Jul 06, 2023 at 11:09:27AM -0600, Zack Newman wrote:
> For added clari
On Tue, Jul 04, 2023 at 10:42:39AM -0600, Zack Newman wrote:
> ...
> I am guessing you didn't flush the rules after disabling pf since
> clearly pf rules are still being used. Run pfctl -F all after disabling
> pf. Run pfctl -s all to verify there are no active rules.
Hi,
I see that I was not c
Hi All,
I just noticed that "simple-scan" no longer discovers my scanner.
While trying to debug the issue, it occurred to me that it could be a
network / pf problem. This doesn't seem to be the issue though, even
after I disable pf (pfctl -d), the scanner is still not seen.
However, running "t
On Tue, Jun 13, 2023 at 09:37:32AM +0200, Theo Buehler wrote:
> ...
> That's because libruby32 did not link explicitly against libc++abi, which
> is now needed on aarch64 and amd64 for the Rust-based YJIT compiler.
>
> Fixed in this commit:
> https://marc.info/?l=openbsd-ports-cvs&m=16866324031
Hi All,
FYI, After running "sysupgrade -s" + "pkg_add -u" earlier today, I now
see these messages when I exit vim:
mjoelnir:awk 11.06 18:42:45 % vi substrtest.awk
...
vim:/usr/local/lib/libruby32.so: undefined symbol '_Unwind_Backtrace'
vim:/usr/local/lib/libruby32.so: undefined symbol '_Unwind
Hi All,
Our 7.2 system just paniced again in pmap_page_remove / uvm_fault:
> ddb{1}> show panic
> *cpu1: uvm_fault(0xfd818b0ca560, 0x7f817ca74cb0, 0, 2) -> e
> ddb{1}> trace
> pmap_page_remove(fd8109c56480) at pmap_page_remove+0x21d
> uvm_anfree_list(fd804a0e7e40,800022eab518) at
On Thu, Apr 06, 2023 at 04:17:26PM +0200, Martin Schröder wrote:
> > I'd like to create a "bridge" between two IP networks which will pass
> > only multicast info. / traffic.
>
> So it should only route FF00::/8?
I'm not exactly sure of the siginificance of that address range, but in
the curren
Hi All,
I'd like to create a "bridge" between two IP networks which will pass
only multicast info. / traffic.
Is that something that I could do using OpenBSD and pf? I don't see
anything specific to multicasting in the pf.conf man page but I suppose
it should be possible to define a set of rule
On Mon, Feb 13, 2023 at 01:50:13PM -, Stuart Henderson wrote:
> ...
> It maybe worth checking whether mfs is actually helping -
> it's easy to assume that because it's in RAM it must be fast,
> but I've had machines where mfs was slower than SSD
> (https://marc.info/?l=openbsd-misc&m=16494211
On Sun, Feb 05, 2023 at 02:50:44PM -0300, Crystal Kolipe wrote:
> On Sun, Feb 05, 2023 at 06:05:22PM +0100, Why 42? The lists account. wrote:
> ...
> > The fstab file contains this mount entry for tmp:
> > swap /tmp mfs rw,nodev,nosuid,-s=16777216 0 0
>
> This is 8 Gb, w
Hi All,
Recently I have noticed some XFCE screensaving weirdness e.g.
The XFCE desktop seems to ignore my preference for xscreensaver, but
rather always starts the xfce4-screensaver instead.
Currently I think I have disabled both in my settings and yet the xfce
saver is still getting started e
Hi All,
After an update to a recent snapshot on my desktop system, I noticed
these mount_mfs messages at boot time:
/dev/sd0h (7a1775fef773535e.h): file system is clean; not checking /dev/sd1j
(281ef747da03afe7.j): file system is clean; not checking
/dev/sd1k (281ef747da03afe7.k): file system i
On Tue, Dec 13, 2022 at 11:12:18AM -, Stuart Henderson wrote:
> On 2022-12-12, Why 42? The lists account. wrote:
> > Today sysupgrade failed for me, but I'm not sure why? Here's the output:
>
> As the various mirrors get updated, this should be coming back to no
On Mon, Dec 12, 2022 at 11:11:24PM -0500, Nick Holland wrote:
> On 12/12/22 07:22, Why 42? The lists account. wrote:
> >
> > Hi All,
> >
> > Today sysupgrade failed for me, but I'm not sure why? Here's the output:
> [ ... ]
>
> There is a p
On Mon, Dec 12, 2022 at 07:39:49AM -0600, Amit Kulkarni wrote:
> retry, and all should be ok.
What's the basis of your statement, did something change?
It still fails for me (now @16:15 CET).
I also tried a different mirror, same failure (below).
@Stuart: Although sysupgrade output says that
Hi All,
Today sysupgrade failed for me, but I'm not sure why? Here's the output:
> # sysupgrade -s -n
> Fetching from http://ftp.fau.de/pub/OpenBSD/snapshots/amd64/
> SHA256.sig 100%
> |**
Hi All,
I seem to have a sysupgrade problem ...
sysupgrade fails after reboot with an error:
The directory '/home/_sysupgrade/' does not exist.
Sometime ago I had a similar issue due to my having "/home" as a
sub-directory of a filesystem "/space". My mistake apparently. Never the
less, I had
Hi All,
I thought I would try running unwind on my desktop at home. Reading the
manual page, it doesn't seem to require any specific configuration, so I
started it via rcctl and everything seemed to work as expected e.g. it
found the address of my router/DHCP server, resolv.conf was updated and
Well, errors related to the python package ...
After updating to the latest snapshot and rebooting I ran "pkg_add -vu"
to update all my packages, which I think is the right thing to do.
I noticed some strange errors related to python scroll past i.e.
> ...
> Update candidates: p7zip-16.02p6 ->
On Fri, Nov 19, 2021 at 01:58:20PM +0100, Jan Stary wrote:
> This is current/amd64 on a Thinkpad T400
> (full dmesg and sysctl hw below).
>
> It provides various sensors reporting temperatures,
> but I don't really know what temperatures these are.
>
> $ sysctl hw | grep temp
>
> hw.sensors.cp
On Mon, May 03, 2021 at 12:59:27AM +0200, Patrick Wildt wrote:
> > ...
> > But when I do (as root): "sysctl kern.allowdt=1" it returns this error:
> > sysctl: kern.allowdt: Operation not permitted
>
> Similarly to kern.allowkmem, you can only set it when the securelevel is
> still 'low'. That's
On Sun, May 02, 2021 at 03:08:12PM -0700, cal wrote:
> > ...
> If you would click on it, you would notice that it was a link to the
> page with upgrade instructions from 6.7 to 6.8. ...
And that is what I found confusing.
Cheers,
Robb.
Actually I do notice one thing, having just upgraded to:
kern.version=OpenBSD 6.9-current (GENERIC.MP) #492: Sat May 1 17:37:28 MDT 2021
I checked the output from dmesg and I have a new boot time message:
dt: 443 probes
man dt tells me that dt is dynamic tracing and that I can enable it by
set
The second item (right after the separator) on this page:
https://www.openbsd.org/faq/upgrade69.html
Reads: "[FAQ Index] | [6.7 -> 6.8]"
Probably that should be 6.8 -> 6.9 ?
Otherwise looking good, just sysupgraded from a snapshot, everything
seems to be working perfectly so far.
Thanks fo
Hi All,
What would cause pkg_add -u to report this error?
> https://ftp.fau.de/pub/OpenBSD/snapshots/packages/amd64/: TLS handshake
> failure: ocsp verify failed: Undefined error: 0
> https://ftp.fau.de/pub/OpenBSD/snapshots/packages/amd64/: empty
> Couldn't find updates for ... a long list of
On Tue, Jan 19, 2021 at 05:56:16PM -, Stuart Henderson wrote:
> > What causes "proc: table is full", or better asked, what limit might I be
> > hitting?
> Perhaps kern.maxthread; check kern.nthreads.
Hi Stuart,
Aha. I think you have nailed it:
> mjoelnir:/etc 19.01 21:13:02 # sysctl kern |
Hi All,
What causes "proc: table is full", or better asked, what limit might I be
hitting?
I wrote a quick loop to check how many processes are running i.e.
> while true
> do
> DATE=`date +'%Y.%m.%d %H:%M:%S'`
> echo -n "${DATE}: "
> ps -AHk | wc -l
> sleep 90
> done
> 2021.01.19 12:
> ...
> > 2. Figure out how to tell sysupgrade the right answers in advance i.e.
> > via the auto_upgrade.conf mechanism
>
> This is fairly easy:
>
> sysupgrade -s -n
> vi /auto_upgrade.conf, edit "Pathname to the sets"
> reboot
> ...
FYI, or for the record, I just tried the above and it
On Mon, Sep 28, 2020 at 08:25:34AM -0600, Theo de Raadt wrote:
> ...
> So we are at an impasse. The recommended solution is for people to stop
> making sysupgrade-incompatible layouts in the future, and to consider
> repairing their incompatible layouts from the past.
>
> if sysupgrade doesn't w
Theo de Raadt wrote:
> Your system is layed out strangely and sysupgrade cannot handle all
> absurd layouts.
And:
> The correct proposal is:
>
> Install your machines in a normal way.
>
> It is not unreasonable.
Hi,
You are right, that is a reasonable requirement.
This system was inst
On Sun, Sep 27, 2020 at 04:25:58PM -0400, Ian Darwin wrote:
> > ...
> > after the download of the new sets and the reboot, I would have been
> > prompted as to what to do i.e. Install, Upgrade, or Shell. Then for a
> > keyboard layout (e.g. de) and for the name of the disk containing OpenBSD
> >
Hi All,
I am running:
kern.version=OpenBSD 6.8-beta (GENERIC.MP) #69: Tue Sep 15 12:34:41 MDT 2020
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
I just tried to use sysupgrade and I notice that its behaviour has
changed a bit since my last upgrade. Previously (last si
Hi All,
By the way, I just wanted to say how great this is.
I have problem, I ask for help, I get (good) help. With relative easy I
can build the necessary debugging tool and use it to find out that the OS
has helped to identify a problem in the application.
Pretty nice and not necessarily my e
On Tue, Sep 22, 2020 at 07:12:47AM -, Stuart Henderson wrote:
> Sounds like they are trapping sigbus themselves but the handler isn't
> giving useful information.
>
> Try just running it under gdb:
> pkg_add gdb
> egdb ods-signerd
> set args -dv
> run
>
> and see if you can get a backtrace.
Hi All,
I am attempting to setup secure DNS on an OpenBSD 6.7 system using NSD,
Unbound and a package called Opendnssec.
I seem to have arrived at a point where one of the Opendnssec daemons,
"ods-signerd", crashes on startup i.e.
> # ods-signerd -dv
> OpenDNSSEC signer engine version 2.1.6
> B
Hi All,
I just used sysupgrade (followed by pkg_add -u) to update my desktop
system to:
OpenBSD 6.7-current (GENERIC.MP) #22: Tue Aug 11 21:29:51 MDT 2020
All is working quite well but I noticed some issue with the iridium
browser. When I tried to export my bookmarks, iridium crashed.
As an ex
On Sat, Jul 11, 2020 at 07:38:58PM +0200, Caspar Schutijser wrote:
> > > [501037.408] _XSERVTransSocketUNIXAccept: accept() failed
> > > ...
>
> This message may be of interest:
> https://marc.info/?l=openbsd-misc&m=155787066627780&w=2
Hi,
I must have missed that message - thanks for pointing
Hi All,
I'm running 6.7 snapshot (6.7 GENERIC.MP#302 amd64) as my main desktop
with Xfce.
Two or three times now I've noticed that these two files in /var/log have
become unexpectedly huge:
> mjoelnir:log # du -sh xenodm.log Xorg.0.log
> 378M xenodm.log
> 487M Xorg.0.log
Apart from the usual
Hi Again,
Sorry about the delay in responding. I disabled the uftdi using config as
described.
(also added it to /etc/shutdown.rc as mentioned by Chris Bennett. Seemed
like a good idea.)
It does now seem to be disabled, the boottime message has changed to show
"ugen" rather than "uftdi" i.e.
> u
On Wed, Jun 24, 2020 at 09:55:05AM -, Stuart Henderson wrote:
> >
> > Disable uftdi in your kernel config (boot -c, disable uftdi, quit) and
> > see if that works. The device is attaching as a serial port, but libftdi
> > probably wants it attaching to ugen. If that helps maybe we can add a
>
On Tue, Jun 23, 2020 at 07:33:20PM +0100, Ed Gray wrote:
> I have an issue with XFCE on OpenBSD 6.6 and current on an amd64 system.
> XFCE works fine except for accessing the applications menu with the Alt +
> F1 keyboard shortcut. Instead of loading the menu it gets highlighted in
> grey and not
Hi All,
Has anyone ever tried the Infinite Noise TRNG hardware random number generator
with OpenBSD?
It's a USB stick that contains hardware to generate random numbers. See:
https://github.com/13-37-org/infnoise
I had a couple of these working with ArchLinux and would like to try using
them wi
Hi All,
Just FYI,
I noticed that with the newest OpenBSD versions (e.g. I currently have
6.7 GENERIC.MP#273 amd64) a bit more of the Intel Platform Controller Hub
(PCH) is now recognised. At boot time the kernel logs:
> pchtemp0 at pci0 dev 18 function 0 "Intel 300 Series Thermal" rev 0x30
An
Hi All,
I'm running 6.7 snapshot version (6.7 GENERIC.MP#273 amd64) as my main
desktop with XFCE.
A couple of time now I've noticed that these two files in /var/log have
become unexpectedly huge:
mjoelnir:log 23.06 09:44:15 # du -sh xenodm.log Xorg.0.log
378Mxenodm.log
487MXorg.0.log
A
Hi All,
My preferred music player application is (was) clementine. But with a 6.7
snapshot (GENERIC.MP#213 amd64) and clementine-1.4.0rc1p0 the application
seems to have problems opening files.
For example the file open dialog opens a blank dialog box and a series
of assertion failures/errors a
On Mon, May 25, 2020 at 04:51:51PM +0200, Antoine Jacoutot wrote:
> > ...
> > It looks as if the file has been sorted e.g.
> Did you use rcctl(8) ?
Hi Antoine,
You are correct, that does it. I checked the history and after the
upgrade I had run rcctl to enable sensorsd. Just tested it again and
Hi Again,
Couple of points regarding this new feature:
> Imported dt(4), a driver and framework for Dynamic Profiling, and an
> accompanying bug tracer that speaks the dt(5) language.
What is this "bug tracer" executable called? So far I have been unable to
find it :(
Could it be that this is
Hi All,
After running sysupgrade to update from 6.6 (snapshot) to the newest
version I noticed that the comments I added to /etc/rc.conf.local no
longer made sense (if they ever did :)).
It looks as if the file has been sorted e.g.
> ...
> # Also increase the number of -b(uffer) frames so as to
Hi All,
I use sysupgrade to update to new snapshot versions (of 6.6). Brilliant!
At some point I added a second (larger) disk to hold my user data (i.e.
home). It seems that this new disk took over the name sd0 and the OpenBSD
system disk itself became known as sd1.
The OpenBSD OS still boots
On Sun, Apr 05, 2020 at 10:19:30AM +0200, Olivier wrote:
>
> Please, how to identify junk to remove in /dev below :
> ...
> +---> doas find -x / -size +1 -exec du -h {} \;
> 17.9M /bsd
> 9.8M /bsd.rd
> 848K /dev/sdXc
> 884M /dev/sd3
I know you found it already, but this used to happen s
On Thu, Mar 05, 2020 at 11:45:30PM +0100, Why 42? wrote:
> ...
> When this happens the mouse is frozen, the capslock LED on the (USB)
> keyboard doesn't light up and the system doesn't respond to ssh. To
> recover I have to hold down the power switch to shutoff the system, then
> turn it on again,
Hi All,
We've been running OpenBSD on a server for several years now and its been
reliable with minimal issues, so I thought I would also like to try it as
a desktop system.
Thus I've been experimenting with an Intel NUC 8i5BEH running OpenBSD
current snapshots and with XFCE as the Windowing sy
On Wed, Nov 21, 2018 at 05:37:05PM -0700, Theo de Raadt wrote:
> First time you need to
>
> stty com0
> set tty com0
>
> then you can boot.
>
> The installer will remember this for next time, but our kernel does not
> know the speed so early on.
That was it! Excellent:
boot> stty com0 38400
Quick question, should the PC Engines ALIX 2D13 work with 6.4? Or is the
hardware too old?
Or (perhaps more likely :-)) did I screw up the installation process
somehow?
I created an install media (cf card) and boot functions but as the kernel
is loading, the system reboots:
PC Engines ALIX.2 v
FWIW, you don't have to out in the sticks (the backwoods?) to have
a network problem:
http://mina.naguib.ca/blog/2012/10/22/the-little-ssh-that-sometimes-couldnt.html
However, as I understand it, in this case the TCP checksumming worked
and protected the application from the corrupted data.
Hi All,
Saw this and found it very interesting:
http://www.kosagi.com/w/index.php?title=Novena_Main_Page
In summary the intention is to create an open laptop computer e.g.
- All the components should have a reasonably complete set of
NDA-free documentation.
- No binary blobs
But returning, if possible, to the original question ...
On Thu Oct 4 19:23:41 2012, Tito Mari Francis Escaño wrote:
> I'd like to seek your advise what new laptop brand and model should I buy
> that is fully functional (video, LAN, Wifi, sound) with OpenBSD 5.x.
> ...
I have also been consideri
Hi All,
Summarising, for future reference...
I received some six responses. Overall the feedback was a little
disappointing. Three responses suggested that it would be easier/less
time consuming/more stable to simply connect a consumer access point
device via Ethernet. Of course, I wouldn't learn
Hi All,
First post to misc. I'd like to create an OpenBSD based router + wifi
access point. I thought I might buy myself one of these for Christmas:
PC Engines ALIX 2D13: http://www.pcengines.ch/alix2d13.htm
That's a AMD Geode LX800 with on-board serial, Ethernet (3), USB and
miniPCI.
The sam
71 matches
Mail list logo
