From rd at tilde.se Fri Sep 1 19:48:49 2006 From: rd at tilde.se (Rickard Dahlstrand) Date: Fri, 01 Sep 2006 11:48:49 +0200 Subject: [flashboot] Updated patch Message-ID: <44F80201.9020207@tilde.se> Hi All, On popular request here are some updated diffs with bugfixes and cleanups, the ro/rw-scripts are committed and blink got scraped. Please test and comment. Rickard. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: README.diff Url: http://lists.mindrot.org/pipermail/flashboot/attachments/20060901/21b4b6df/attachment.ksh -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: extension.diff Url: http://lists.mindrot.org/pipermail/flashboot/attachments/20060901/21b4b6df/attachment-0001.ksh -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: largekernel.diff Url: http://lists.mindrot.org/pipermail/flashboot/attachments/20060901/21b4b6df/attachment-0002.ksh From massimo at cedoc.mo.it Mon Sep 4 22:33:41 2006 From: massimo at cedoc.mo.it (Massimo Lusetti) Date: Mon, 04 Sep 2006 14:33:41 +0200 Subject: [flashboot] Updated patch In-Reply-To: <44F80201.9020207@tilde.se> References: <44F80201.9020207@tilde.se> Message-ID: <1157373222.17742.2.camel@massimo.datacode.it> On Fri, 2006-09-01 at 11:48 +0200, Rickard Dahlstrand wrote: > Hi All, > > On popular request here are some updated diffs with bugfixes and > cleanups, the ro/rw-scripts are committed and blink got scraped. Please > test and comment. > ./build-largekernel.sh GENRIC-RD produce a kernel which doesn't boot, it stops loading the 'second stage' during the boot phase even before starting to outputting the result of the boot process (dmesg). The result is the box continuisly rebooting while uncompressing/loading the kernel. Regards -- Massimo.run(); From rd at tilde.se Mon Sep 4 22:55:43 2006 From: rd at tilde.se (Rickard Dahlstrand) Date: Mon, 04 Sep 2006 14:55:43 +0200 Subject: [flashboot] Updated patch In-Reply-To: <1157373222.17742.2.camel@massimo.datacode.it> References: <44F80201.9020207@tilde.se> <1157373222.17742.2.camel@massimo.datacode.it> Message-ID: <44FC224F.8020607@tilde.se> Massimo Lusetti wrote: > On Fri, 2006-09-01 at 11:48 +0200, Rickard Dahlstrand wrote: > > >> Hi All, >> >> On popular request here are some updated diffs with bugfixes and >> cleanups, the ro/rw-scripts are committed and blink got scraped. Please >> test and comment. >> >> > > ./build-largekernel.sh GENRIC-RD produce a kernel which doesn't boot, it > stops loading the 'second stage' during the boot phase even before > starting to outputting the result of the boot process (dmesg). > The result is the box continuisly rebooting while uncompressing/loading > the kernel. > That was what we suspected. What factors that are involved when booting large kernels are a bit of a mystery to us. The 25 mb WRAP12 kernel boots fine on my 128 MB WRAP-box. But the generic is a bit larger and could possibly cause problems. This is what Damien wrote on the subject: /A couple of caveats regarding kernel customisation: First, if your kernel+ramdisk blob is larger than 16Mb, then you will need to increase NKPTP in the kernel config (just uncomment the entry in the file, it's good for 32Mb kernels). The symptom of a kernel with a too-small NKPTP is an immediate crash or reboot after the kernel is loaded. Another caveat is that kernels larger than about 14Mb in size will use up all the ISA DMA memory and the kernel will panic at boot unless isadma is disabled in the config or via UKC. This leads to the final problem: if isadma is disabled, then things that attempt to use it (e.g. floppy disk access) will panic the kernel. The best solution is to try to keep your kernels small./ As far as I can tell both of these are done for all kernels: http://cvsweb.mindrot.org/index.cgi/flashboot/GENERIC-RD.diff?r1=1.7;r2=1.8 And then we have this where Damien had some kind of idea on what could be done: http://cvsweb.mindrot.org/index.cgi/flashboot/TODO?rev=1.6 I'm afraid that I understand to little on this, we need an expert. Until we get some facts here people should only use the large-kernel option if tested properly and on systems with console access and a backup obsd-kernel. Rickard. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/flashboot/attachments/20060904/45a6b881/attachment.html From rd at tilde.se Mon Sep 4 22:56:30 2006 From: rd at tilde.se (Rickard Dahlstrand) Date: Mon, 04 Sep 2006 14:56:30 +0200 Subject: [flashboot] Changes are now in the CVS Message-ID: <44FC227E.2080509@tilde.se> The additions that where made during the last couple of week are now in the CVS thanks to the help of Jakob and others. Please help us by testing and proving feedback on these changes. Here are a complete list of the damage: 20060904 - (jakob) Add simple package extraction framework from Rickard - (jakob) More README from Rickard 20060903 - (jakob) Create rndc.key if needed - (jakob) Add 20MB and 25MB disktabs - (jakob) More SUDO tweeks - (jakob) Large (25MB) kernel build script and list from Rickard 20060831 - (jakob) Add sasyncd(8) - (jakob) Add rw/ro scripts (for easy flash remounting) from Rickard 20060830 - (jakob) Add watchdogd(8) - (jakob) Fix ipsecctl startup - (jakob) Add hostapd and ospfd to startup 20060826 - (jakob) Add ral(4) firmware to list (commented out) - (jakob) Do not require rc.{init,more} to be executable - (jakob) New build scripts from Rickard Dahlstrand Rickard. From rd at tilde.se Tue Sep 5 01:42:56 2006 From: rd at tilde.se (Rickard Dahlstrand) Date: Mon, 04 Sep 2006 17:42:56 +0200 Subject: [flashboot] 3.9-stable Kernels Message-ID: <44FC4980.2050306@tilde.se> I use OpenBSD-stable quite a lot, I like packages fresh from the ftp-site and having to upgrade only twice a year. If you are like me, feel free to download my newly baked binary release for 3.9-stable from my website: http://tilde.se/flashboot/ Using packages with flashboot is now quick and easy, the only work you need to do is to make sure you have enough memory in /usr/local/ and then download the packages from the ftp-site right to your /flash/pkg/ directory. Rickard. From massimo at cedoc.mo.it Tue Sep 5 02:20:12 2006 From: massimo at cedoc.mo.it (Massimo Lusetti) Date: Mon, 04 Sep 2006 18:20:12 +0200 Subject: [flashboot] Problem starting isakmpd Message-ID: <1157386812.17742.17.camel@massimo.datacode.it> Just building a 4.0 as of today (no largekernel) i get the following error during isakmpd startup at boot while executing the same commands after the boot completes isakmpd doesn't complain, "isakmpd -K; ipsecctl -f /etc/ipsec.conf" at console works smoothly. Sep 4 18:02:40 c7 isakmpd[25293]: m_priv_bind: bind(6,0x81ed30c0,28) returned -1: Can't assign requested address Sep 4 18:02:40 c7 isakmpd[11775]: udp_make: bind (24, fe80:3::230:18ff:feb2:7410, 4): Can't assign requested address Sep 4 18:02:40 c7 isakmpd[11775]: virtual_bind_if: failed to create a socket on fe80:3::230:18ff:feb2:7410 Sep 4 18:02:40 c7 isakmpd[11775]: virtual_init: could not bind the ISAKMP port(s) on all interfaces: Can't assign requested address rc.conf has: isakmpd_flags="-K" ipsec=YES and ipsec.conf exist and is fully funciontal. -- Massimo.run(); From rd at tilde.se Tue Sep 5 18:47:56 2006 From: rd at tilde.se (Rickard Dahlstrand) Date: Tue, 05 Sep 2006 10:47:56 +0200 Subject: [flashboot] Problem starting isakmpd In-Reply-To: <1157386812.17742.17.camel@massimo.datacode.it> References: <1157386812.17742.17.camel@massimo.datacode.it> Message-ID: <44FD39BC.4030505@tilde.se> Massimo Lusetti wrote: > Just building a 4.0 as of today (no largekernel) i get the following > error during isakmpd startup at boot while executing the same commands > after the boot completes isakmpd doesn't complain, "isakmpd -K; ipsecctl > -f /etc/ipsec.conf" at console works smoothly. > > > Sep 4 18:02:40 c7 isakmpd[25293]: m_priv_bind: bind(6,0x81ed30c0,28) > returned -1: Can't assign requested address > Sep 4 18:02:40 c7 isakmpd[11775]: udp_make: bind (24, > fe80:3::230:18ff:feb2:7410, 4): Can't assign requested address > Sep 4 18:02:40 c7 isakmpd[11775]: virtual_bind_if: failed to create a > socket on fe80:3::230:18ff:feb2:7410 > Sep 4 18:02:40 c7 isakmpd[11775]: virtual_init: could not bind the > ISAKMP port(s) on all interfaces: Can't assign requested address > > > rc.conf has: > > isakmpd_flags="-K" > ipsec=YES > > > and ipsec.conf exist and is fully funciontal Have you tried doing exactly the same thing on a system with the same code not running flashboot? Rickard. From rd at tilde.se Tue Sep 5 18:52:29 2006 From: rd at tilde.se (Rickard Dahlstrand) Date: Tue, 05 Sep 2006 10:52:29 +0200 Subject: [flashboot] Updated patch In-Reply-To: <1157373222.17742.2.camel@massimo.datacode.it> References: <44F80201.9020207@tilde.se> <1157373222.17742.2.camel@massimo.datacode.it> Message-ID: <44FD3ACD.4020801@tilde.se> Massimo Lusetti wrote: > On Fri, 2006-09-01 at 11:48 +0200, Rickard Dahlstrand wrote: > > >> Hi All, >> >> On popular request here are some updated diffs with bugfixes and >> cleanups, the ro/rw-scripts are committed and blink got scraped. Please >> test and comment. >> >> > > ./build-largekernel.sh GENRIC-RD produce a kernel which doesn't boot, it > stops loading the 'second stage' during the boot phase even before > starting to outputting the result of the boot process (dmesg). > The result is the box continuisly rebooting while uncompressing/loading > the kernel. > A uncompressed generic kernel on 3.9 seems to be over the 32 mb limit, try moving down to the 20 mb ramdisk. Have a look in the build.largekernel file on how to modify it and give us a report on what your progress are. Rickard. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/flashboot/attachments/20060905/72d24bf9/attachment.html From massimo at cedoc.mo.it Tue Sep 5 23:31:37 2006 From: massimo at cedoc.mo.it (Massimo Lusetti) Date: Tue, 05 Sep 2006 15:31:37 +0200 Subject: [flashboot] Problem starting isakmpd In-Reply-To: <44FD39BC.4030505@tilde.se> References: <1157386812.17742.17.camel@massimo.datacode.it> <44FD39BC.4030505@tilde.se> Message-ID: <1157463097.4307.1.camel@massimo.datacode.it> On Tue, 2006-09-05 at 10:47 +0200, Rickard Dahlstrand wrote: > Have you tried doing exactly the same thing on a system with the same > code not running flashboot? Didn't have had time to try that but i figure it should be ok (i've figured also on flashboot) since i use the same config with the production environment I'm using right now and which is a slightly dated 3.9-current as of mid of August. -- Massimo.run(); From massimo at cedoc.mo.it Fri Sep 15 18:52:12 2006 From: massimo at cedoc.mo.it (Massimo Lusetti) Date: Fri, 15 Sep 2006 10:52:12 +0200 Subject: [flashboot] isakmpd odd behavior and rc.initial normalize Message-ID: <1158310332.4306.18.camel@massimo.datacode.it> I got a strange behavior[1] running isakmpd with -K at boot, this happen only on the flashboot-box (which is GENERIC-RD right now) not on the box used to build flashboot image. Flashboot is the 20060915 cvs snapshot as OpenBSD is cvs updated at the same date. In regards of this error i try to workaround this behavior setting isakmpd to boot with -4 -K flags, which this settings isakmpd starts fine. During this process I've noticed that settling isakmpd_flags="-4 -K" in rc.conf result in a script error by /etc/rc which does not handle blank in *_flags variables in some cases so i just made a quick fix (attached) normalizing the test cases under rc.initial. Hope this helps and if someone would like to suggest why the i got the below behavior I'm more then happy to try to understand :) Regards [1] Sep 15 18:38:25 c7-2 isakmpd[7958]: m_priv_bind: bind(6,0x858220c0,28) returned -1: Can't assign requested address Sep 15 18:38:25 c7-2 isakmpd[27957]: udp_make: bind (24, fe80:3::230:18ff:fea4:a965, 4): Can't assign requested address Sep 15 18:38:25 c7-2 isakmpd[27957]: virtual_bind_if: failed to create a socket on fe80:3::230:18ff:fea4:a965 Sep 15 18:38:25 c7-2 isakmpd[27957]: virtual_init: could not bind the ISAKMP port(s) on all interfaces: Can't assign requested address -- Massimo.run(); -------------- next part -------------- --- rc.initial.ori Fri Sep 15 10:27:52 2006 +++ rc.initial Fri Sep 15 10:34:41 2006 @@ -188,7 +188,7 @@ echo -n ' hostapd'; /usr/sbin/hostapd ${hostapd_flags} fi -if [ "X${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then +if [ X"${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then touch /var/db/dhcpd.leases if [ -f /etc/dhcpd.interfaces ]; then dhcpd_ifs=`stripcom /etc/dhcpd.interfaces` @@ -196,7 +196,7 @@ echo -n ' dhcpd'; /usr/sbin/dhcpd ${dhcpd_flags} ${dhcpd_ifs} fi -if [ "X${spamd_flags}" != X"NO" ]; then +if [ X"${spamd_flags}" != X"NO" ]; then echo -n ' spamd'; /usr/libexec/spamd ${spamd_flags} /usr/libexec/spamd-setup fi @@ -205,19 +205,19 @@ echo -n ' ftp-proxy'; /usr/sbin/ftp-proxy ${ftpproxy_flags} fi -if [ "X${identd_flags}" != X"NO" ]; then +if [ X"${identd_flags}" != X"NO" ]; then echo -n ' identd'; /usr/libexec/identd ${identd_flags} fi -if [ X${inetd} != X"NO" -a -e /etc/inetd.conf ]; then +if [ X"${inetd}" != X"NO" -a -e /etc/inetd.conf ]; then echo -n ' inetd'; inetd fi -if [ X${ospfd_flags} != X"NO" -a -e /etc/osfpd.conf ]; then +if [ X"${ospfd_flags}" != X"NO" -a -e /etc/osfpd.conf ]; then echo -n ' osfpd'; osfpd ${osfpd_flags} fi -if [ X${bgpd_flags} != X"NO" -a -e /etc/bgpd.conf ]; then +if [ X"${bgpd_flags}" != X"NO" -a -e /etc/bgpd.conf ]; then echo -n ' bgpd'; bgpd ${bgpd_flags} fi @@ -246,7 +246,7 @@ echo 'starting sasyncd'; sasyncd ${sasyncd_flags} fi -if [ X${isakmpd_flags} != X"NO" ]; then +if [ X"${isakmpd_flags}" != X"NO" ]; then echo -n ' isakmpd'; isakmpd ${isakmpd_flags} fi @@ -254,7 +254,7 @@ ipsecctl -f /etc/ipsec.conf fi -if [ X${ntpd_flags} != X"NO" -a -e /etc/ntpd.conf ]; then +if [ X"${ntpd_flags}" != X"NO" -a -e /etc/ntpd.conf ]; then echo -n ' ntpd'; ntpd ${ntpd_flags} fi From massimo at cedoc.mo.it Fri Sep 15 19:30:18 2006 From: massimo at cedoc.mo.it (Massimo Lusetti) Date: Fri, 15 Sep 2006 11:30:18 +0200 Subject: [flashboot] isakmpd odd behavior and rc.initial normalize In-Reply-To: <1158310332.4306.18.camel@massimo.datacode.it> References: <1158310332.4306.18.camel@massimo.datacode.it> Message-ID: <1158312618.4306.22.camel@massimo.datacode.it> On Fri, 2006-09-15 at 10:52 +0200, Massimo Lusetti wrote: > Hope this helps and if someone would like to suggest why the i got the > below behavior I'm more then happy to try to understand :) I forgot to mention that firing /sbin/isakmpd -K at prompt after the boot process complete start isakmpd without any problem so i guess is really something like a 'race' during the boot process. -- Massimo.run(); From rd at tilde.se Sat Sep 16 02:00:18 2006 From: rd at tilde.se (Rickard Dahlstrand) Date: Fri, 15 Sep 2006 18:00:18 +0200 Subject: [flashboot] isakmpd odd behavior and rc.initial normalize In-Reply-To: <1158310332.4306.18.camel@massimo.datacode.it> References: <1158310332.4306.18.camel@massimo.datacode.it> Message-ID: <450ACE12.4000405@tilde.se> Excellent. Rickard. Massimo Lusetti wrote: > I got a strange behavior[1] running isakmpd with -K at boot, this happen > only on the flashboot-box (which is GENERIC-RD right now) not on the box > used to build flashboot image. > Flashboot is the 20060915 cvs snapshot as OpenBSD is cvs updated at the > same date. > > In regards of this error i try to workaround this behavior setting > isakmpd to boot with -4 -K flags, which this settings isakmpd starts > fine. > > During this process I've noticed that settling isakmpd_flags="-4 -K" in > rc.conf result in a script error by /etc/rc which does not handle blank > in *_flags variables in some cases so i just made a quick fix (attached) > normalizing the test cases under rc.initial. > > Hope this helps and if someone would like to suggest why the i got the > below behavior I'm more then happy to try to understand :) > > > Regards > > > > [1] > Sep 15 18:38:25 c7-2 isakmpd[7958]: m_priv_bind: bind(6,0x858220c0,28) > returned -1: Can't assign requested address > Sep 15 18:38:25 c7-2 isakmpd[27957]: udp_make: bind (24, > fe80:3::230:18ff:fea4:a965, 4): Can't assign requested address > Sep 15 18:38:25 c7-2 isakmpd[27957]: virtual_bind_if: failed to create a > socket on fe80:3::230:18ff:fea4:a965 > Sep 15 18:38:25 c7-2 isakmpd[27957]: virtual_init: could not bind the > ISAKMP port(s) on all interfaces: Can't assign requested address > > > > > > ------------------------------------------------------------------------ > > --- rc.initial.ori Fri Sep 15 10:27:52 2006 > +++ rc.initial Fri Sep 15 10:34:41 2006 > @@ -188,7 +188,7 @@ > echo -n ' hostapd'; /usr/sbin/hostapd ${hostapd_flags} > fi > > -if [ "X${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then > +if [ X"${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then > touch /var/db/dhcpd.leases > if [ -f /etc/dhcpd.interfaces ]; then > dhcpd_ifs=`stripcom /etc/dhcpd.interfaces` > @@ -196,7 +196,7 @@ > echo -n ' dhcpd'; /usr/sbin/dhcpd ${dhcpd_flags} ${dhcpd_ifs} > fi > > -if [ "X${spamd_flags}" != X"NO" ]; then > +if [ X"${spamd_flags}" != X"NO" ]; then > echo -n ' spamd'; /usr/libexec/spamd ${spamd_flags} > /usr/libexec/spamd-setup > fi > @@ -205,19 +205,19 @@ > echo -n ' ftp-proxy'; /usr/sbin/ftp-proxy ${ftpproxy_flags} > fi > > -if [ "X${identd_flags}" != X"NO" ]; then > +if [ X"${identd_flags}" != X"NO" ]; then > echo -n ' identd'; /usr/libexec/identd ${identd_flags} > fi > > -if [ X${inetd} != X"NO" -a -e /etc/inetd.conf ]; then > +if [ X"${inetd}" != X"NO" -a -e /etc/inetd.conf ]; then > echo -n ' inetd'; inetd > fi > > -if [ X${ospfd_flags} != X"NO" -a -e /etc/osfpd.conf ]; then > +if [ X"${ospfd_flags}" != X"NO" -a -e /etc/osfpd.conf ]; then > echo -n ' osfpd'; osfpd ${osfpd_flags} > fi > > -if [ X${bgpd_flags} != X"NO" -a -e /etc/bgpd.conf ]; then > +if [ X"${bgpd_flags}" != X"NO" -a -e /etc/bgpd.conf ]; then > echo -n ' bgpd'; bgpd ${bgpd_flags} > fi > > @@ -246,7 +246,7 @@ > echo 'starting sasyncd'; sasyncd ${sasyncd_flags} > fi > > -if [ X${isakmpd_flags} != X"NO" ]; then > +if [ X"${isakmpd_flags}" != X"NO" ]; then > echo -n ' isakmpd'; isakmpd ${isakmpd_flags} > fi > > @@ -254,7 +254,7 @@ > ipsecctl -f /etc/ipsec.conf > fi > > -if [ X${ntpd_flags} != X"NO" -a -e /etc/ntpd.conf ]; then > +if [ X"${ntpd_flags}" != X"NO" -a -e /etc/ntpd.conf ]; then > echo -n ' ntpd'; ntpd ${ntpd_flags} > fi > > > ------------------------------------------------------------------------ > > _______________________________________________ > flashboot mailing list > flashboot at mindrot.org > http://lists.mindrot.org/mailman/listinfo/flashboot > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/flashboot/attachments/20060915/4719286f/attachment.html From jakob at rfc.se Sat Sep 16 23:28:54 2006 From: jakob at rfc.se (Jakob Schlyter) Date: Sat, 16 Sep 2006 15:28:54 +0200 Subject: [flashboot] isakmpd odd behavior and rc.initial normalize In-Reply-To: <1158310332.4306.18.camel@massimo.datacode.it> References: <1158310332.4306.18.camel@massimo.datacode.it> Message-ID: <8DB04017-94A6-42E6-8691-B2113FDD47CC@rfc.se> On 15 sep 2006, at 10.52, Massimo Lusetti wrote: > During this process I've noticed that settling isakmpd_flags="-4 - > K" in > rc.conf result in a script error by /etc/rc which does not handle > blank > in *_flags variables in some cases so i just made a quick fix > (attached) > normalizing the test cases under rc.initial. patch committed. jakob