headers
Dag-Erling Smorgrav | 1 Feb 2003 01:02
Picon
Favicon

alpha tinderbox failure

--------------------------------------------------------------
>>> Rebuilding the temporary build tree
--------------------------------------------------------------
>>> stage 1: bootstrap tools
--------------------------------------------------------------
>>> stage 2: cleaning up the object tree
--------------------------------------------------------------
>>> stage 2: rebuilding the object tree
--------------------------------------------------------------
>>> stage 2: build tools
--------------------------------------------------------------
>>> stage 3: cross tools
--------------------------------------------------------------
>>> stage 4: populating /home/des/tinderbox/alpha/obj/h/des/src/alpha/usr/include
--------------------------------------------------------------
>>> stage 4: building libraries
--------------------------------------------------------------
>>> stage 4: make dependencies
--------------------------------------------------------------
>>> stage 4: building everything..
--------------------------------------------------------------
>>> Kernel build for GENERIC started on Fri Jan 31 15:08:21 PST 2003
--------------------------------------------------------------
>>> Kernel build for GENERIC completed on Fri Jan 31 15:40:14 PST 2003
--------------------------------------------------------------
>>> Kernel build for LINT started on Fri Jan 31 15:40:15 PST 2003
--------------------------------------------------------------
===> vinum
"Makefile", line 4447: warning: duplicate script for target "geom_bsd.o" ignored
/h/des/src/sys/dev/lmc/if_lmc.c:32:2: warning: #warning "The lmc driver is broken and is not compiled
(Continue reading)

Permalink | Reply | 0 comments |
headers
John | 1 Feb 2003 01:56

Re: Smart Array 5312 (Compaq)

Well looks like it does work after all! I must not have created my install
floppies correctly (panic was couldn't find init btw) . I moved a few a
drives onto a 5i just so i could get 5.0 installed and running and 
recompiled the kernel with said patch and i can see and write to the drives. i 
have not tried booting off them yet but i will email back once i have.

Should i submit a PR for this?

On Fri, Jan 31, 2003 at 08:58:07AM -0800, Paul Saab wrote:
> The actual panic message would be a good thing to see.
> 
> John (strgout <at> unixjunkie.com) wrote:
> > yea i tried that. 
> > it almost works in 4.7. I can see the the drives in dmesg, 
> > but it panics when it comes time to mount the mfs file system. 
> > I'll have more time to test tomorrow (5.x, 4.x and CISS_BOARD_SA5 (no B) etc etc).
> > 
> > 
> > Thanks!
> > 

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Permalink | Reply | 1 comment |
headers
Mark Linimon | 1 Feb 2003 02:26

State of the Union Report (backout request department)

(This is just a view from the sidelines; I generally do ports hacking
and not kernel hacking, and thus my views might not carry much
weight, but here goes anyways).

One of the more interesting features of the FreeBSD development
model seems to me to be the ability for people to request controversial
CVS commits to be backed out pending further technical discussion.
IMHO this seems like a wise (albeit nonintuitive) plan to avoid
meta-discussions about what should and should not have been
committed by whom and reviewed by whom (and so on and so forth).

But recently (especially since the 5.0 release) the backout request
mechanism seems to have fallen on hard times.  Without too much
difficulty, I was able to find 5 separate backout requests in this
year's archive of cvs-all alone which were not quickly honored.
(I'm not counting an ignored request for which the underlying
change was apparently security-related).  I'm not sure, but there
may have been others, possibly on freebsd-current.

The point I'm trying to make by posting this is not to take sides with
anyone, assign blame or credit, or anything like that.  I personally
came up in the old Usenet days, and thus have already gone down
that same road so many times that I would hope I've earned a lifetime 
"Get-Out-Of-Flames-Free" card for that reason alone (never mind
various mailing lists and other places controversy loves to incubate ....)

But if we've got that model, it seems to me we ought to honor it, even
if (especially if?) we think the request is frivolous or ill-intentioned.
After all, if the backout request itself wasn't controversial, it would
probably imply the original change wasn't controversial, and thus
(Continue reading)

Permalink | Reply | 4 comments |
headers
Sean Chittenden | 1 Feb 2003 02:28
Gravatar

Re: Cisco vpnclient

> Cisco is offering a VPN client for Linux. I wonder if it would be
> possible to run this under FreeBSD. An extra linux kernel module is
> being built.  Is this already the 'ruled out'?
> 
> If this won't work, I'm afraid I will have to set a dedicated redhat
> 6.x/7.x beside my FreeBSD gateway. Would it be possible to use NAT
> to extend the VPN (I only have one dedicated fixed IP on the
> gateway).

Might I suggest using pppd + ssh.  In my prior experience, it worked
worlds better than the Cisco VPN client and was likely provided a more
secure authentication (ssh keys vs. IKE?).  As an added bonus, it ssh
+ pppd doesn't hijack your interface so you can connect to the
Internet directly and to your office without having to send your
normal Internet traffic through the office.  Yes there are security
problems with this, but running ipf(w) on the split host works
exceedingly well and is generally a tighter firewall than what's put
up to protect the office.  ;)  -sc

--

-- 
Sean Chittenden

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Permalink | Reply | 3 comments |
headers
Joe Marcus Clarke | 1 Feb 2003 02:52
Favicon

Re: Cisco vpnclient

On Fri, 2003-01-31 at 20:28, Sean Chittenden wrote:
> > Cisco is offering a VPN client for Linux. I wonder if it would be
> > possible to run this under FreeBSD. An extra linux kernel module is
> > being built.  Is this already the 'ruled out'?
> > 
> > If this won't work, I'm afraid I will have to set a dedicated redhat
> > 6.x/7.x beside my FreeBSD gateway. Would it be possible to use NAT
> > to extend the VPN (I only have one dedicated fixed IP on the
> > gateway).
> 
> Might I suggest using pppd + ssh.  In my prior experience, it worked
> worlds better than the Cisco VPN client and was likely provided a more
> secure authentication (ssh keys vs. IKE?).  As an added bonus, it ssh
> + pppd doesn't hijack your interface so you can connect to the
> Internet directly and to your office without having to send your
> normal Internet traffic through the office.  Yes there are security
> problems with this, but running ipf(w) on the split host works
> exceedingly well and is generally a tighter firewall than what's put
> up to protect the office.  ;)  -sc

This is actually what I use to connect into Cisco (well, I use
ppp+ssh).  The downside is that right now, my "VPN concentrator" is
being moved from one building to another, and I have no FreeBSD
connectivity.  Also, other companies might only allow inbound access via
a proprietary VPN client.  For those that also offer SSH, you're right,
my make-shift VPN is much more flexible that what the Cisco VPN client
provides.

Joe
(Continue reading)

Permalink | Reply | 0 comments |
headers
Marcin Dalecki | 1 Feb 2003 03:20
Picon

Re: Cisco vpnclient

Sean Chittenden wrote:
>>Cisco is offering a VPN client for Linux. I wonder if it would be
>>possible to run this under FreeBSD. An extra linux kernel module is
>>being built.  Is this already the 'ruled out'?
>>
>>If this won't work, I'm afraid I will have to set a dedicated redhat
>>6.x/7.x beside my FreeBSD gateway. Would it be possible to use NAT
>>to extend the VPN (I only have one dedicated fixed IP on the
>>gateway).
> 
> 
> Might I suggest using pppd + ssh.  In my prior experience, it worked
> worlds better than the Cisco VPN client and was likely provided a more
> secure authentication (ssh keys vs. IKE?).  As an added bonus, it ssh
> + pppd doesn't hijack your interface so you can connect to the
> Internet directly and to your office without having to send your
> normal Internet traffic through the office.  Yes there are security
> problems with this, but running ipf(w) on the split host works
> exceedingly well and is generally a tighter firewall than what's put
> up to protect the office.  ;)  -sc

The "connection hijack" by Cisco is indeed a very silly thing,
since the disabling of the routing of interfaces different
from the *one true and very secure* IPSec connection it is establishing
can be easly, very easly circumvented be deliberately changing
a string in the cisco linux kernel module. You have just to change
the string "eth" to "eth0" or whatever in the source code there.
Well indeed some linux ethernet devices do not obey the "ethXX" naming
schema, namely they register themself as "usbXXX" devices, so
the whole thing in without any good reason in first place anyway.
(Continue reading)

Permalink | Reply | 1 comment |
headers
"Brandon S. Allbery " KF8NH | 1 Feb 2003 03:38
Picon
Favicon

Re: Cisco vpnclient

On Fri, 2003-01-31 at 21:20, Marcin Dalecki wrote:
> The "connection hijack" by Cisco is indeed a very silly thing,

Unfortunately, it's there because some corporate network policies demand
it.  And some companies are loath to allow Linux/FreeBSD/etc. on their
networks because it can be defeated.

--

-- 
brandon s allbery [openafs/solaris/japh/freebsd] allbery <at> kf8nh.apk.net
system administrator [linux/heimdal/too many hats] allbery <at> ece.cmu.edu
electrical and computer engineering                              KF8NH
carnegie mellon university  [better check the oblivious first -ke6sls]

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Permalink | Reply | 0 comments |
headers
Mike Barcroft | 1 Feb 2003 03:43
Picon
Favicon

Re: State of the Union Report (backout request department)

Mark Linimon <linimon <at> lonesome.com> writes:
> (This is just a view from the sidelines; I generally do ports hacking
> and not kernel hacking, and thus my views might not carry much
> weight, but here goes anyways).
> 
> One of the more interesting features of the FreeBSD development
> model seems to me to be the ability for people to request controversial
> CVS commits to be backed out pending further technical discussion.
> IMHO this seems like a wise (albeit nonintuitive) plan to avoid
> meta-discussions about what should and should not have been
> committed by whom and reviewed by whom (and so on and so forth).
> 
> But recently (especially since the 5.0 release) the backout request
> mechanism seems to have fallen on hard times.  Without too much
> difficulty, I was able to find 5 separate backout requests in this
> year's archive of cvs-all alone which were not quickly honored.
> (I'm not counting an ignored request for which the underlying
> change was apparently security-related).  I'm not sure, but there
> may have been others, possibly on freebsd-current.

The archives might not be telling the whole story.  A lot of times
these things get handled behind closed doors, whether private e-mail
or developer-only lists.  Thankfully though, most conflicts *do* get
resolved. :)

Best regards,
Mike Barcroft

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
(Continue reading)

Permalink | Reply | 3 comments |
headers
Juli Mallett | 1 Feb 2003 04:08
Picon
Favicon

Re: State of the Union Report (backout request department)

* De: Mike Barcroft <mike <at> FreeBSD.org> [ Data: 2003-01-31 ]
	[ Subjecte: Re: State of the Union Report (backout request department) ]
> The archives might not be telling the whole story.  A lot of times
> these things get handled behind closed doors, whether private e-mail
> or developer-only lists.  Thankfully though, most conflicts *do* get
> resolved. :)

Might be nice if we had an internal trouble ticket system for things like
this, TODOs that are high priority, and pending MFCs.  I got the impression
NetBSD does something like this for branch pullups that are needed?
Then there's a clearer qudit trail, and it's easier to find out if things
have "not been honoured".  And to keep other sorts of things from falling
behind.

Thanx,
juli.
--

-- 
Juli Mallett <jmallett <at> FreeBSD.org>
AIM: BSDFlata -- IRC: juli on EFnet
OpenDarwin, Mono, FreeBSD Developer
ircd-hybrid Developer, EFnet addict
FreeBSD on MIPS-Anything on FreeBSD

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Permalink | Reply | 0 comments |
headers
Wesley Morgan | 1 Feb 2003 04:35

Re: State of the Union Report (backout request department)

On Fri, 31 Jan 2003, Mike Barcroft wrote:

> The archives might not be telling the whole story.  A lot of times
> these things get handled behind closed doors, whether private e-mail
> or developer-only lists.  Thankfully though, most conflicts *do* get
> resolved. :)

I have always LOVED watching the commits and backouts. I find it much more
exciting to watch the actual development commit by commit, watch the
brainiacs audit each other, and resolve to the best course. It seems much
better than the way Linux traditionally did it (although they seem to have
moved to bitkeeper) and much more like a professional development team.

--

-- 
Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread!

To Unsubscribe: send mail to majordomo <at> FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Permalink | Reply | 1 comment |

Gmane