x27;t
chmod g+w /dev/*, I did that once and things broke very badly I seem
to recall, though I don't remember details since I was more like
"shitshitfixfix").
What's the risk in doing it this way? The only thing I can see is that
if someone breaks into your account they can burn CDs remotely (or
overwrite any unmounted partitions) while you're not logged in which
is obviously so much more dangerous than someone breaking into your
account while you are logged in.
-Nick
?
I've never seen it not work. Does it work for you on -RELEASE? Does it
work if you don't set HISTSIZE at all?
-Nick
On Thu, Apr 2, 2009 at 12:52 AM, Chris wrote:
> On Thu, Apr 2, 2009 at 3:46 PM, Nick Guenther wrote:
>> On Thu, Apr 2, 2009 at 12:37 AM, Chris wrote:
>>> I am trying to get the shell history with page-up but looks like it's
>>> not working. I'm running -c
On Thu, Apr 2, 2009 at 12:58 AM, Chris wrote:
> On Thu, Apr 2, 2009 at 3:55 PM, Nick Guenther wrote:
>> On Thu, Apr 2, 2009 at 12:52 AM, Chris wrote:
>>> On Thu, Apr 2, 2009 at 3:46 PM, Nick Guenther wrote:
>>>> On Thu, Apr 2, 2009 at 12:37 AM, Chris wrote:
>
On Thu, Apr 2, 2009 at 3:06 AM, J.C. Roberts
wrote:
> On Wed, 1 Apr 2009 21:24:16 -0400 Nick Guenther
> wrote:
>
>> On Wed, Apr 1, 2009 at 10:48 AM, J.C. Roberts
>> wrote:
>> > On Wed, 1 Apr 2009 04:46:10 + Jacob Meuser
>> > wrote:
>> >
multi-prong problem -- storage HW, computer HW and
OS all have to support whatever is done. The fact that you are
signing NDAs causes me to believe it is going to be a specialty
combination of HW and SW for some time...
'course, I spent about 20 years hoping that One Day the IBM XT/AT
abomination that we've been stuck with would be replaced. I think
I've given up.
Nick.
On Fri, Apr 3, 2009 at 12:24 PM, kytoon wrote:
> hello whiners and crybabies,
>
> you people make me sick. theo has a right to run obsd anyway he wants. why?
> he runs the project! don't like that? start coding. because that's the only
> thing that matters. you know, like you got anything going on
On Mon, Apr 6, 2009 at 5:06 PM, Jose P.G wrote:
> Wow... i never expected so many responses... i still have problems, and *this
> time i have written it correct* for sure: "export pkg_path=
> ftp://ftp.openbsd.org/pub/OpenBSD/4.4/packages/i386/";. This time is written
> well, i still don't know wh
On Mon, Apr 6, 2009 at 7:54 PM, Chris wrote:
> On Mon, Apr 6, 2009 at 6:13 PM, J.C. Roberts wrote:
>> If you are using ksh, and the above keys/key-combos do not work, then
>> you have screwed around with the default ksh settings, or you are using
>> a garbage terminal emulator that is screwing wi
On Mon, Apr 6, 2009 at 8:10 PM, Chris wrote:
> On Tue, Apr 7, 2009 at 10:04 AM, Nick Guenther wrote:
>> On Mon, Apr 6, 2009 at 7:54 PM, Chris wrote:
>>> On Mon, Apr 6, 2009 at 6:13 PM, J.C. Roberts
>>> wrote:
>>>> If you are using ksh, and the above key
On Tue, Apr 7, 2009 at 4:25 PM, job2international
wrote:
> Hello.
> Job2international is an association that helps students to find a
work-placement. Our students generally have a good command of English -- and
we have also have students who have mastered two additional languages.
Job2internationa
pointers it
gives you. Once you're bored with that go the the FAQ and read that.
And then just watch misc@, and whenever anyone mentions a device (e.g.
wd(4) or ath(4)) look it up in the manpages (if you're not on an
OpenBSD system at the time there's
http://www.openbsd.org/cgi-bin/man.
behaves as you describe with a very modest
(smaller than suggested) root partition, but I'm feeling very alone
here. :D
Nick.
n a building with randomly
assigned people and sharing a bathroom. You may end up learning things
about others you may not want to know.
Nick.
Dec 13 06:20:42 MST 2018
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
So ... Doesn't appear to be a systemic problem, most likely either a
knob you twisted before the upgrade or something about your upgrade process.
You need to provide more details about what you did...both before and
during the upgrade...and some indication of what platform you are
running and the snapshot you upgraded to.
Nick.
need to allocate all of it. Give me 20g spare
space and there isn't much I couldn't shuffle on a system, even remotely
(I can't move /. I can't necessarily save data without someplace else
to put it).
Nick.
t now you have tested every
bit of the disk for one and zero storage and remapped them.
Did this recently with some annoying SSDs that have been bugging me for
years, and the results have been ... promising (NO problems since).
Nick.
e
(or worse) as part of whatever they are investigating and maintain a
chain of custody; this won't happen if you roll your own. I'll admit I
hadn't thought of that until a police officer friend of mine started
telling me about the training he was taking on exactly this topic --
*they* need to be able to get the video out of the device in a timely
manner, and they have to explain to the judge and jury how it was done.
Nick.
ISO. Who cares? Just use a -current bsd.rd!),
boot off that, reinstall exactly as you want it. The Vultr console
works great on OpenBSD chrome and firefox browsers. Use DHCP for
network. Done.
If you have ever used VMWare's craptastic management clients, you will
be amazed how well Vultr works.
Nick.
about the decisions you make OTHER
than HW platform, as they matter far more.
Nick.
On 2/12/19 3:19 AM, ¯\_(ツ)_/¯ ¯\_(ツ)_/¯ wrote:
> try running stable.
>
Stunningly bad advice for a hardware problem.
There's literally nothing in -stable that isn't in -current, and when it
comes to hardware support, a most recent snapshot is always the best.
Nick.
the same problem -- under
circumstances I haven't quite figured out, the CMOS resets to default,
which, oddly, is RAID.
Nick.
other than some customized CSS.
>
> You can see the log here:
> https://cvsweb.openbsd.org/ports/devel/cvsweb/Makefile
>
customized CSS? You have more faith in my skills than you should. :)
It's the stock ports, with a few knobs twisted in the config file.
Nick.
d just fine, but the rest
of the machine was "eh".
So... If you end up with an nvidia powered machine in your pile, give
it a try and see how it works for *your application*. If you are
buying, no, I'd just avoid it, the alternatives work better.
Nick.
to make a DOS partition (first) and an OpenBSD
fdisk partition (physically after the DOS/FAT partition), disklabel it
and format it on Windows, then format it on OpenBSD.
Few small files a few at a time? Just use the defaults.
If performance matters, mounting with "noatime" and "softdep" are HUGE
wins. If you aren't waiting, though, you won't get any benefit, so just
use the defaults.
Nick.
eate your OpenBSD partition, then your RAID disklabel
partitions, and you should be in business.
If that doesn't do it, show us your exact commands and exact output you
are seeing.
Nick.
hereas this
feature is useful for real security reasons. You can't fix stupid
behavior with technology.
Nick.
ar/tmp is a symlink to /tmp.
It can't make the link. No surprise.
Answer "Yes" to the "Continue anyway?" prompt, and all will be fine, I
believe.
Nick.
ible.
You are trying to solve a non-problem. And sometimes, 'specially on an
upgraded machine, it's great to see how things WERE when the machine was
set up. If you really care, go ahead, delete stuff.
Nick.
On 5/1/19 10:28 PM, Adam Steen wrote:
> Hi
>
> In a shell script invoked by doas, is it possible to find which user
> invoke the script? my search a the moment has come up empty.
most likely place would be an environment variable, right?
So ...
$ whoami
nick
On 5/2/19 8:04 AM, Ted Unangst wrote:
> Nick Holland wrote:
>> > In a shell script invoked by doas, is it possible to find which user
>> > invoke the script? my search a the moment has come up empty.
>>
>> most likely place would be an environment variable, right
On 5/3/19 2:32 PM, Strahil Nikolov wrote:
> On May 3, 2019 10:49:55 PM GMT+03:00, Nick Holland
> wrote:
>> On 5/2/19 1:52 AM, Consus wrote:
>>> Hi,
>>>
>>> I've upgraded my systems from 6.4 to 6.5 without a glitch, but I
>>> see that /
ing an upgrade, if the upgrade deleted
all those libraries BEFORE you had a chance to upgrade that binary, it
would quit working. While I'm all for "Fail Closed", it might be
premature to call it a failure. Or not.
It is very hard to please all, and even harder to cover all possible
situations.
Nick.
ller?
> (Also, am I asking the right questions here?)
Once you have "unlocked" the encryped partition and it becomes a new
logical drive, make note of that, and answer that drive to the installer
if it doesn't figure it out on its own.
Nick.
. Complex systems break in
complex ways. You want me to swear you'll never have to manually
intervene in boot after an "event"? Nope. But I've walked
non-technical people through single-user fsck's over the phone; when
your bastardized system breaks, you will be down for a lot longer and
you will be going on-site to fix.
Nick.
them.
Remember: Security is important for ethical reasons. Compliance is
important for legal reasons. The key to workplace contentment is
understanding they are unrelated to each other. Both are important, but
one does not lead to the other.
And audits go better when the auditor finds something to complain about
and get you to change.
Nick.
#x27;s not possible"?
To save 45k per copy of this message, links to dmesg and xorg log:
http://nickh.org/Xorg.0.log.txt
http://nickh.org/dmesg.txt
Nick.
To be more precise, i can't control screen brightness by pressing
Fn + Home (increase) or Fn + End (decrease). These are thinkpad's
shortcuts for controlling brightness. Controlling brightness
by command line works.
The shortcuts worked in OpenBSD 5.9.
Dmesg:
OpenBSD 6.0 (RAMDISK_CD) #2100: Tue
My original mail was after a clean OpenBSD 6.0 installation.
After installing a load of packages and doing what Henrik said,
brightness shortcuts now work. I really don't know what did the
trick because i hadn't read the replies to my email and didn't
notice if the brightness control came up afte
t changed was the serial console support.
Since you are changing your media and doing a wipe and reload, just use
the miniroot60.fs to overwrite the beginning of your 8G CF, and boot that.
(or netboot, or any of the other ways to bring up such a system)
Nick.
ave almost any character, and they are all equally valid
in all places in the file name. This ain't CP/M or its derivatives
(like Windows).
(and it wouldn't surprise me if Linux "saves" you from this error, and
it would just make me hate it all the more)
Nick.
>
> -rw-r--
6 at 8:01 PM, wrote:
>>
>> [...]
>> [...]
>> [...]
>>
>
> IIRC (and I might not) the only supported path from -current to release
> is reinstallation.
No.
You can always move forward in time by upgrades. You can't move
BACKWARDS, say from today's snapshot to yesterday's, or 6.0-current to
6.0-release. But 6.0-current to 6.1-beta to 6.1-release is all good.
Nick.
failed and hope they don't look to closely,
and rush out to buy the upgrade. The panicked look is important, though.
Nick.
hing: the change won't break anything, either. Just works.
Yes, lousy problem report, but I'll bet this is it.
Nick.
n wipe the media before the hw is disposed of. (Company
policy says "overwrite entire disk with random data", who's got the
fastest random number generator in town? OpenBSD, of course!)
Nick.
nd it helped you...so sounds
like there's a problem with your process.
What did you do, what did you expect to happen, what did you see happen?
Nick.
this code needs to be modified if we want it to be
included, but my question is, is this old, dead code, or is
there some reason it's still in the source?
Regards,
- Nick Gonella
7.0.0.2 netmask 0x
NSD/UNBOUND require rethinking a lot of wrong-ideas that BIND permitted
and encouraged for years.
Nick.
fails, the write will be unable to
be relocated. Or maybe I'm the one with problems.)
I'm not convinced this will help you, but it has helped me. Really
seemed to settle down some SSDs that I'd been fighting with.
Nick.
B, next
week, it's servicing machineD). So far, perfectly predictable (and
I suspect it will stay that way).
Bad news: we HAVE had problems with the device locking up. Now, our
machine with the eight port USB->serial device is devoted to being
the serial console for five other machines, so a quick reboot when we
need console is no big deal, and this fixes the port lockups. But if
you are hoping an important production machine can ALSO be the console
for other important machines...this is probably not your best choice.
Nick.
;6.1-beta" before you managed to do
the update.
So you got an install kernel looking for *60.tgz, and what was available
was *61.tgz.
Just get yourself a new bsd.rd. And a lottery ticket. In fact, get the
lottery ticket first.
Nick.
people
don't understand that -- it's THREE copies of your data. Lose a disk,
you still got TWO copies to rebuild from.
So my recommendation would be a simple solution that will fit you for
maybe two or three years, maybe three disk RAID1, and every two or three
years look at your system and the alternatives out there and ask if it
makes sense to upgrade now or wait a year or two. Move your data to a
new system when appropriate, asking yourself each time, "what's a good
solution NOW?". And have an off-site rotated backup of all your data.
Nick.
x27;ing zeros over entire
partitions before using them. Your milage may vary.)
Nick.
trust chain. And I'm pretty sure
that's not the way it is supposed to work.
So -- is there a way to add the intermediate cert to httpd.conf other
than concatenating the files? Am I doing something wrong? Or do I just
need to add the concatenation step to my refresh script?
Thanks!
Nick.
Nothing like posting a question to misc@ to cause the fog to lift. :-/
see below...
On 03/15/17 22:37, Nick Holland wrote:
> First of all, I did set up an acme-client(1) ssl cert a few months ago
> before the acme-client.conf(5) file days, and it was stupidly,
> jaw-droppingly simple,
instead of updating
the .tgz files, since for MOST people, Internet bandwidth is not
something needing conservation.
Nick.
aid0
Volume Status Size Device
softraid0 0 Online 985661513728 sd2 RAID1 0% done
0 Online 985661513728 0:0.0 noencl
1 Online 985661513728 0:1.0 noencl
/home/nick $ uptime
11:00PM up 4 days, 15:16, 1 user, load averages: 1.13, 1.12, 1.08
Nick.
On 03/19/17 12:03, Theo Buehler wrote:
> On Sat, Mar 18, 2017 at 11:36:15AM -0400, Joe Gidi wrote:
>> Apologies for the horribly mangled formatting on the first attempt.
>> Resending, hopefully much more legibly...
>>
>> I have a file server running -current on amd64. It has a three-drive RAID1
>>
...@obsdacvs.cs.toronto.edu:/cvs
> and
> anon...@anoncvs1.ca.openbsd.org:/cvs
...
On behalf of obsdacvs.cs.toronto.edu... oops!
Should be fixed now.
Nick.
t have that setting, even after
upgrading your BIOS to the latest and least buggy, look at the patch
that Paul de Weerd posted. But really, just turn that mode off.
Nick.
can have real networking (wireless (sometimes with a hw swapout)
and wired), several USB devices attached, huge (relatively speaking)
disks installed, lots of RAM, usable keyboards, etc.
With lots of patience (and some swap), can even run modern browsers on them.
Nick.
t I would like to know.
Some time ago (maybe in the 3.5 era), I put five 4-port dc(4) cards in
one machine, plus a 3com xl(4) chip on the mobo. Didn't actually DO
anything with it, but they all counted out just fine.
"lots" :)
Nick.
This e-mail is complementary to the one i sent at dm...@openbsd.org.
After the completion of the installation process, everything works except:
-screen brightness controlled by the keyboard
-suspend/resume when i close the lid
Both minor issues were resolved when i suspended the laptop from the
tition) your data as best you can, so you can mount
blocks of storage Read Only, as "full and unchanging" (note lack of
questionmark -- you want to do this if at all possible) (chunk your
data, but NOT your RAID partitions -- last thing you want to get stuck
doing is remirroring multiple RAID partitions on one disk at the same time!)
* Something else relevant to your situation?
Nick.
erge AFTER you upgrade,
not before. 5.5's sysmerge (which is what you are running) knows how to
bring things up to 5.5, not 5.6, which is what you are trying to do.
If you want to see what you are in for for the upgrade, look at the
upgrade notes, or try on a non-production machine.
Nick.
bs of library files and other things that get left behind on
an upgrade that really aren't an issue. The deletion list this time
around was too long as it is. If you want to look for files that are
older than the upgrade you just did, go for it, but I suspect you have
better uses of your time.
Nick.
orrect. Next person will come along and switch
it back.
> These are the only visible changes. While
> there, I zapped a lot of trailing whitespace.
no. This makes the diff huge, buries the real changes. And next time I
do anything, I'll put a bunch more in.
I'v
environment variable causes it to be used ONLY if there's nothing on the
command line AND nothing in the CVS tree.
Nick.
"This is so either missed, forgotten or failed file sets can be
re-installed, and also so custom file sets can be installed" - I think
"that" after "so" would make it clearer.
Section 4.9 - Multibooting OpenBSD (amd64, i386)
"The boot(8) program is loaded from the floppy, looks for and reads
/etc/boot.conf" - maybe change to "...is loaded from the floppy, it then
looks for and reads /etc/boot.conf"?
Best regards,
Nick Permyakov
old disk to the new disk,
and then fluffed things out on the new disk...but it's hard to justify
with OpenBSD, as the reconfig of a new system is usually pretty easy.
Nick.
ar where other sections are
already in place without renumbering everything else.
I do not want the renumber at this time...when I do, you will know
(because I'll have done it. :)
>> - 14.5.*, 14.17.* and 14.20.* are not linked in the "Table of Contents"
>
> It'
and
under some conditions you can have the BIOS clobber data on the second
disk that your non-SW RAID OS set up as a second disk.
OpenBSD was one of the first OSs to disable the support of those
controlers in that mode to prevent problems, but at least some Linux
systems do now, too.
AHCI is a huge performance boost over "legacy" in general, and in some
cases, the "legacy" support is horrifically slow, slower than the old
pciide interfaces that never dreamed of AHCI.
Good news is if you flip it from "Legacy" to "AHCI", things will Just
Work if you used DUIDs during setup.
Nick.
te perhaps? Looks like you are missing the firmware files which
are fetched on first boot. If your machine was not attached to the
network on first boot, you have to do it manually.
man fw_update.
Nick.
working.
* Point your installer at the same URL you used above.
Not counting load times, you could build a brand new install server in
well under an hour, and should be able to modify your existing server in
minutes.
Nick.
the packets that your pipes support, the rest is just wasted
effort.
There are other considerations. My primary firewall/router is an AMD64
capable processor, but running i386. Why? Because if I blow out the
computer, I have more i386-capable scrap hw than I do amd64 capable hw.
Nick.
gt;
> Thanks
>
> Lars
>
Looks like something went wrong with the distribution system, causing
massive deletions. It has been fixed, but the refill process is slow
(150+G x lots of mirrors...)
Nick.
(glad to see it WASN'T his fault this time)
changes, then do a "cvs diff -u" of
your changed file against the original, and send us the diff, either to
misc@ (as you did) or to faq@ (if related to the FAQ).
However, what you did was fine -- you provided context so we could find
the problem you are referring to, you indicated why you felt it was
wrong and backed it up with documentation.
Nick.
t in
that directory.
Most likely, you have some local changes which conflicted with something
new, if you run "cvs up -Pd" in that directory, you will probably see an
"M" or "C" in front of at least parse.y
Either reconcile your local changes with the ones in tree, or delete the
files with "M" and "C" chars in the beginning of the CVS output and
update again.
> Here is dmesg if anyone wants it.
We love dmesg porn. Unfortunately, your mail client mangled that pretty
completely. :(
Nick.
n management uses, and
you can't be able to be blamed for the breach. Anything more than that
is probably wasted effort. If there is a breach that permits the
download of the hashed PW file, both may be similarly prone to off-line
brute-forcing.
Sounds cynical, but really, if you are arguing over which is the
"better" password, you are wasting time that should be spent looking for
more likely security problems. That kinda brings it back to OpenBSD for
you. :)
Nick.
ns, hire a lawyer. It isn't hard to
do right. Isn't hard to do wrong, either... Advice on the 'net is
cheap and often wrong. :)
Nick.
artition.
Look at the install scripts -- it doesn't prefetch just anywhere, it has
a few specific places. /tmp, /home I think are two of the choices, may
be more (NOTE: I am too tired to bother looking this up myself now, and
it would be good experience for you to do so). I don't think /usr is.
Thus, your original config, which had nowhere near enough space in /tmp
or /home for the prefetch caused it not to.
Nick.
nd
you may well have your dependencies screwed up, and a -q to skip over
verifying signatures would probably be good, too, set options accordingly.
Once you do that, you should have no old binaries left to run on your
system, and you should be back to 100% functional base OpenBSD install.
You can now reinstall your packages, or since you have another upgrade
to go, upgrade the base system to 5.6 first.
Nick.
, too.
(btw, I have a bunch of good patches that have been sent to me that I
haven't got in yet... I hope to return to the world of the committing
shortly)
Nick.
x27;d
suggest letting your registrar handle your dns for you.
Design your network properly, it gets really easy -- all my internal
systems are in the zone "in.nickh.org", my local DNS resolver knows to
pass *.in.nickh.org to my local authoritative server, the rest is
resolved as "normal".
Nick.
bytes. Depending on your
application, this is probably a GOOD thing -- if you find a zero byte
file, that normally means something went wrong (or hasn't yet gone
right). A 1.7TB file? You have no idea if that's complete or not.
If you want true "data safety", you pr
, unpack a
tar file with a lot of small files, such as the ports or source files.
No stopwatch will be needed to see the difference.
Nick.
y
first choice. Or my second. Probably not even my third.
All depends on the application. If you are mostly booting and little
logging, a USB flash boot disk works fine. Disk intensive, not so good.
I've softraided USB drives, not sure I'd recommend that level of
complexity, though.
Nick.
bably do.
OpenBSD uses a "Sane Default" model, so very often the flags ARE empty,
but a lot (I'd guess "most", based on that model and spot checking of
daemons listed in rc.conf) of the daemons have knobs that some people
need to twist. You may not, but while we appreciate your support, you
aren't our only user. :)
Nick.
her system, maybe it
would be considered for commit, but I think this still qualifies as a
serious hardware defect that manufacturers need to be aware of and fix.
(Using an old DOS boot disk to do an FDISK /MBR will probably render
these machines bootable, but I'd still consider the machine broken.)
Nick.
ed it, dismount or
RO it when you don't...tripping over the power power cords won't
(shouldn't?) corrupt a file system that is mounted RO. You don't get to
ignore the issues, but you can reduce their occurrence.
Nick.
On 02/12/15 10:10, Boris Goldberg wrote:
> Hello Nick,
...
> I was entertaining the idea of making a 100 TB OpenBSD based archive
> storage, even asked the list. The only answer pointed to that FAQ page, and
> it stopped me from pursuing that idea. Servers with 128 GB of RAM aren&
stem and mine...and I'm putting my money on his firewall
or proxy.
Nick.
Also, yes, I believe sudo only carries over the environment variables
explicitly told to do so.
Can you download packages with a web browser? Have you tried using
the ftp program directly?
When you loose con
On 02/17/15 18:59, Stefan Wollny wrote:
> ftp: connect: No route to host
you need to fix that before you worry about anything.
Once you get THAT fixed, then you can get back to worrying about your
dropping connections.
Gotta make it before you can drop it.
but again, all it
will do in your case is reduce the load on the CPU even more, but it
won't pump any more packets.
Nick.
the problem still happens on versions I know it didn't).
Curiously, I think I have noticed it impacting my (completely stock)
android phone, too, though that may just mean it is over due for a reboot.
I'm not losing any sleep over it, however. I seem to have low
expectations for people coding not-stupidly.
Nick.
table)
* Using wrong CVS options (the -P and -d options are not options!)
Nick.
x it for 5.7?
b) an OS which is a Frankenstein's monster of bits and pieces mushed
together and 100% not supported by anyone?
I'd go for "a", and I'd suggest you consider doing the same.
Nick.
mething better than
vesa out there.
The first question sets things up so X *could* be used (if needed). For
security reasons, this can't be changed after the system has fully
booted. The second determines if X should be started at boot, but X can
certainly be started post-boot. Two different things.
Nick.
ggest
security problem. If your computer is a wooden ship, X is the termite
colony that might eat through the hull of your ship and sink it some
day. Firefox is the cluster of icebergs that are currently surrounding
your ship.
Nick.
ard. You have a few basic parameters, you have a
place to put them. Then it works.
Nick.
501 - 600 of 2677 matches
Mail list logo
