cmeerw
cmeerw
(Image)
About
- Username
- cmeerw
- Joined
- Visits
- 11,414
- Last Active
- Roles
- Member
- Thanked
- 539
Comments
-
(Quote) As it's now already Saturday in central Europe (and you are no longer logged into the machine), I have started the tilemaker job. I'll then check on the server in the morning.
-
Now that we are running OpenBSD current, I think it's a good time to try running that tilemaker job again that crashed the machine last time. Planning to do that next weekend. @Not_Oles let me know if I should avoid running any disruptive jobs durin…
-
(Quote) Can you describe the process of getting the certificate? How long did the audit take, and what did they look at? BTW, can you even get a product certified for ISO 27001? I thought it's usually an organisation that gets certified. And is ISO…
-
(Quote) Sorry, never got around to actually adding that to /etc/sysctl.conf - but I have done that now (so should hopefully be fine on the next reboot) Do you want to run sysctl hw.smt=1 to add smt to the running system?
-
(Quote) As OpenBSD has quite restrictive limits (in particular, maxproc-cur=128 for the default login class), I'd guess it should be fine (unless you change those limits first or run it as root)
-
(Quote) Seems to have finished now.
-
(Quote) I have set the login class for the build user to build now and restarted a make build (Quote) At least we should get the OpenBSD build done before switching to anything else.
-
(Quote) Just having a look at what make build actually does: hlcs# make -n buildumask 007; exec make do-buildhlcs# make -n do-buildif [[ `id -u` -ne 0 ]]; then echo do-build must be called by root >&2; false; ficd /usr/src/share/mk &&…
-
(Quote) Sorry, I meant that just running that llvm-tblgen from the command line worked (but it doesn't seem to work when being run using make) - and I have no idea either why we are seeing that difference.
-
Just tried running that command in a normal shell, and that seems to work. BTW, /usr/bin/time -l reports 31.70 real 29.59 user 2.05 sys 1519720 maximum resident set size 3500 average shared memory size 1166415 aver…
-
(Quote) Could be another case where the ulimit needs to be adjusted? I have done ulimit -d 25165824 in that tmux session and done another make build BTW, to get all 8 threads, sysctl hw.smt=1 is needed (probably need to add that to /etc/sysctl.con…
-
(Quote) Shouldn't the compile steps ideally be done under an unprivileged user, and then only switch to root for make install and reboot?
-
(Quote) Sure.
-
(Quote) I have also seen those request attacks coming from Chinese networks - the interesting thing with these is that they are all using HTTP/1.1, while most browsers use HTTP/2.0 nowadays. At least for my Python-based web apps, I can pretty easily…
-
So the update seems to have overwritten /etc/rc.conf - the main thing that I had changed in there was setting httpd_flags= (from httpd_flags=NO - the old file was backed up in /var/backups/etc_rc.conf.backup). I have made that change again now. @No…
-
(Quote) That sounds like a lot of marketing BS.
-
(Quote) Can this be clarified, please. To what extent is it allowed to advertise services that are more expensive than the maximum price? I think I have seen something like "see web site for other offers", but also including specific serv…
-
My plan here is to fingerprint the request headers (to hopefully tell browsers and bots apart) and delay or potentially block bots based on that.
-
I am seeing two kinds of bots: * those that request a page every few seconds - so far they still seem pretty harmless (although annoying) * bots that hit your server at full speed over several concurrent connections (usually using Scrapy) - those a…
-
(Quote) Some people do care. And some people also care about Reverse DNS (for IPv4 and IPv6). Also, any ports blocked? Any test IPs (IPv4/IPv6)?
-
Actually, I have now added an OpenBSD menu entry in grub (with that chainloader (hd0,msdos3)+1 in /etc/grub.d/40_custom) and set grub to boot that by default (in /etc/default/grub)
-
(Quote) In grub, press c and then chainloader (hd0,msdos3)+1boot Edit: There should be a way to add it to the grub menu (maybe even just an update-grub in Debian would do that?)
-
Just did the reboot to OpenBSD: (Image)
-
(Quote) Sorry, didn't get around to properly adding OpenBSD to grub, but I did mention some time ago how to boot OpenBSD: (Quote)
-
(Quote) I am busy with other things this week. At some point I want to re-run tilemaker to see if it crashes the server again under OpenBSD (but that can also be done under OpenBSD-current).
-
FreeBSD 14.3 has been released.
-
(Quote) Please read the discussions starting with https://lowendspirit.com/discussion/comment/198134/#Comment_198134 - you seem to be suggesting something very similar here.
-
(Quote) Maybe I need that as well: https://github.com/systemed/tilemaker/blob/master/get-coastline.sh
-
The generated mbtiles file for Europe seems to be fine - map of Europe
-
Oops, so I let it run overnight, as everything seemed to be fine. And this morning the server didn't respond with the console showing scsi_xfer pool exhausted!. Rebooted now. Edit: dmesg (and in /var/log/messages) there also is: Jun 4 01:05:10 hl…
-
I have changed my login class to staff using chpass - see /etc/login.conf: ## Staff have fewer restrictions and can login even when nologins are set.#staff:\ :datasize-cur=1536M:\ :datasize-max=infinity:\ :maxproc-max=512:\ …
-
(Quote) Not sure a debugger will really help. Maybe it's just a configuration setting on OpenBSD that can be adjusted. Maybe just one of the ulimit settings? hlcs$ ulimit -atime(cpu-seconds) unlimitedfile(blocks) unlimitedcoredump(blocks…
-
Tried to use tilemaker on Europe, but this doesn't seem to work on OpenBSD: Store size 24G | Block 445856/445929 libc++abi: terminating due to uncaught exception of type std::bad_alloc: std::bad_allocAbort trap (core dumped) I did give it a tempo…
-
(Quote) Got the SSL certificate created with acme-client - seems to be very similar in spirit to acme-tiny
-
(Quote) Which provider acts on that? Have you asked that provider to explain the abuse report (if they act on it, they must have understood it). Never heard of an ENTRO protocol either.
-
(Quote) That's actually this one - it's based on my socket abstractions for epoll/kevent. (Quote) The acme-client is from OpenBSD: https://man.openbsd.org/acme-client.1 (still haven't looked at it yet) For now I am serving a map of Austria via htt…
-
(Quote) But that's the shell for root, not tom (the /etc/passwd entry for tom does show /bin/sh) (Quote) The 6995 p2 Ip 0:00.01 -ksh (ksh) one is from my tmux session that's running fcgisrv (just trying the bundled httpd - it's quite interes…
-
The server is now running OpenBSD. During installation I chose network autoconfig for both IPv4 and IPv6 - only IPv4 seems to work with autoconfig (DHCP), so I have now statically configured the IPv6 address (and IPv6 default route) in /etc/hostname…
-
(Quote) I think we can move to OpenBSD for some time then. The way it's currently set up is that if it's running OpenBSD, the ssh daemon is listening on a different port (Linux ssh port + 1), but I have copied all the root authorized ssh keys from L…
-
Tried booting a NetBSD HEAD kernel, but doesn't seem to make a difference compared to 10.1. Replaced FreeBSD again with OpenBSD (installed 7.6 via netboot.xyz, and then upgraded to 7.7). But booted into Debian trixie again now.