fastnetmon on OpenBSDamd64 tends to stop and output in insecurity mails

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

fastnetmon on OpenBSDamd64 tends to stop and output in insecurity mails

Tom Smyth
Hello,

I have noticed fastnetmon on OpenBSDamd64  can stop after a couple of
weeks Im trying to get more info,
but there doesnt seem to be anyhting in /var/log/daemon or /var/log/messages

in an earlier release I had modified /etc/rc.d/fastnetmon  (because of
a directory  that was not being created  at start up (which has been
since corrected by Stuart@ (thanks)  but  I think the mg created
backup fastnetmon~ may have caused me issues then

I noticed the following in insecurity
that Services that should be running but aren't:
/usr/sbin/rcctl: ${cached_svc_is_special_fastnetmon~}: bad substitution
/usr/sbin/rcctl: set: cached_svc_is_special_fastnetmon~: is not an identifier
/usr/sbin/rcctl: ${cached_svc_is_base_fastnetmon~}: bad substitution
/usr/sbin/rcctl: set: cached_svc_is_base_fastnetmon~: is not an identifier
/usr/sbin/rcctl: ${cached_svc_is_meta_fastnetmon~}: bad substitution
/usr/sbin/rcctl: set: cached_svc_is_meta_fastnetmon~: is not an identifier

im presuming this is because /etc/rc.d/fastnetmon~  backup file was
in  /etc/rc.d/fastnemon

as anyone come across this issue before ?

does anyone have an idea why the fastnetmon would suddenly stop
working (the machine had plenty of ram, (perhaps newsyslog) ?
anyway I have deleted /etc/rc.d/fastnetmon~ and we will take it from there

Im running  release + syspatch and have done a pkg_add -u

cheers

Dmesg below

OpenBSD 6.8 (GENERIC.MP) #4: Mon Jan 11 10:35:56 MST 2021
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4278038528 (4079MB)
avail mem = 4133335040 (3941MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf5980 (10 entries)
bios0: vendor SeaBIOS version
"rel-1.11.1-0-g0551a4be2c-prebuilt.qemu-project.org" date 04/01/2014
bios0: QEMU Standard PC (i440FX + PIIX, 1996)
acpi0 at bios0: ACPI 1.0
acpi0: sleep states S3 S4 S5
acpi0: tables DSDT FACP APIC SSDT HPET
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Xeon(R) CPU X5650 @ 2.67GHz, 282.25 MHz, 06-2c-02
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,SSE3,PCLMUL,SSSE3,CX16,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,TSC_ADJUST,IBRS,IBPB,SSBD,ARAT,MELTDOWN
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 999MHz
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Xeon(R) CPU X5650 @ 2.67GHz, 736.72 MHz, 06-2c-02
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,HTT,SSE3,PCLMUL,SSSE3,CX16,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,TSC_ADJUST,IBRS,IBPB,SSBD,ARAT,MELTDOWN
cpu1: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB
64b/line 16-way L2 cache
cpu1: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu1: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 0 pa 0xfec00000, version 11, 24 pins
acpihpet0 at acpi0: 100000000 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
"ACPI0006" at acpi0 not configured
acpipci0 at acpi0 PCI0
acpicmos0 at acpi0
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"QEMU0002" at acpi0 not configured
"ACPI0010" at acpi0 not configured
"QEMUVGID" at acpi0 not configured
acpicpu0 at acpi0: C1(@1 halt!)
acpicpu1 at acpi0: C1(@1 halt!)
cpu0: using IvyBridge MDS workaround
pvbus0 at mainbus0: KVM
pvclock0 at pvbus0
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA,
channel 0 wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0: <QEMU, QEMU DVD-ROM, 2.5+> removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
uhci0 at pci0 dev 1 function 2 "Intel 82371SB USB" rev 0x01: apic 0 int 11
piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev 0x03: apic 0 int 9
iic0 at piixpm0
vga1 at pci0 dev 2 function 0 "Bochs VGA" rev 0x02
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
virtio0 at pci0 dev 5 function 0 "Qumranet Virtio SCSI" rev 0x00
vioscsi0 at virtio0: qsize 128
scsibus2 at vioscsi0: 255 targets
sd0 at scsibus2 targ 0 lun 0: <QEMU, QEMU HARDDISK, 2.5+>
sd0: 32768MB, 512 bytes/sector, 67108864 sectors, thin
virtio0: msix shared
virtio1 at pci0 dev 18 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio1: address ba:7f:a5:2a:a7:99
virtio1: msix shared
virtio2 at pci0 dev 19 function 0 "Qumranet Virtio Network" rev 0x00
vio1 at virtio2: address ce:a4:14:79:b6:de
virtio2: msix shared
ppb0 at pci0 dev 30 function 0 "Red Hat Qemu PCI-PCI" rev 0x00
pci1 at ppb0 bus 1
ppb1 at pci0 dev 31 function 0 "Red Hat Qemu PCI-PCI" rev 0x00
pci2 at ppb1 bus 2
isa0 at pcib0
isadma0 at isa0
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 configuration 1 interface 0 "Intel UHCI root hub" rev
1.00/1.00 addr 1
uhidev0 at uhub0 port 1 configuration 1 interface 0 "QEMU QEMU USB
Tablet" rev 2.00/0.00 addr 2
uhidev0: iclass 3/0
ums0 at uhidev0: 3 buttons, Z dir
wsmouse1 at ums0 mux 0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (506c166d884037c5.a) swap on sd0b dump on sd0b
fd0 at fdc0 drive 1: density unknown
--
Kindest regards,
Tom Smyth.

Reply | Threaded
Open this post in threaded view
|

Re: fastnetmon on OpenBSDamd64 tends to stop and output in insecurity mails

Stuart Henderson
On 2021/02/17 16:37, Tom Smyth wrote:

> Hello,
>
> I have noticed fastnetmon on OpenBSDamd64  can stop after a couple of
> weeks Im trying to get more info,
> but there doesnt seem to be anyhting in /var/log/daemon or /var/log/messages
>
> in an earlier release I had modified /etc/rc.d/fastnetmon  (because of
> a directory  that was not being created  at start up (which has been
> since corrected by Stuart@ (thanks)  but  I think the mg created
> backup fastnetmon~ may have caused me issues then
>
> I noticed the following in insecurity
> that Services that should be running but aren't:
> /usr/sbin/rcctl: ${cached_svc_is_special_fastnetmon~}: bad substitution
> /usr/sbin/rcctl: set: cached_svc_is_special_fastnetmon~: is not an identifier
> /usr/sbin/rcctl: ${cached_svc_is_base_fastnetmon~}: bad substitution
> /usr/sbin/rcctl: set: cached_svc_is_base_fastnetmon~: is not an identifier
> /usr/sbin/rcctl: ${cached_svc_is_meta_fastnetmon~}: bad substitution
> /usr/sbin/rcctl: set: cached_svc_is_meta_fastnetmon~: is not an identifier
>
> im presuming this is because /etc/rc.d/fastnetmon~  backup file was
> in  /etc/rc.d/fastnemon

Yes that is the reason. The daily script uses "rcctl ls failed" which
runs through all /etc/rc.d files.

> does anyone have an idea why the fastnetmon would suddenly stop
> working (the machine had plenty of ram, (perhaps newsyslog) ?
> anyway I have deleted /etc/rc.d/fastnetmon~ and we will take it from there

I would guess probably crashing due to a bug (segfault or something).
There are a few issues open on https://github.com/pavel-odintsov/fastnetmon/issues
relating to crashes. Some have workarounds e.g.
https://github.com/pavel-odintsov/fastnetmon/issues/890#issuecomment-734857957
but not really fixed, others not at all.

Even if fixed though, the port is at a bit of an impasse. Newer
fastnetmon versions want to build with a specific version of boost, a
specific version of gcc, a specific version of openssl, etc and at least
for some of these it's hard to disable. It might be possible to get
working but it will need someone who is fairly committed to wanting to
use it specifically on OpenBSD with a bunch of time.

Realistically the approach with a highest chance of working is probably
to run a newer version on Linux and, if crashes still occur, work with
upstream to debug it.

Reply | Threaded
Open this post in threaded view
|

Re: fastnetmon on OpenBSDamd64 tends to stop and output in insecurity mails

Antoine Jacoutot-7
In reply to this post by Tom Smyth
On Wed, Feb 17, 2021 at 04:37:00PM +0000, Tom Smyth wrote:

> Hello,
>
> I have noticed fastnetmon on OpenBSDamd64  can stop after a couple of
> weeks Im trying to get more info,
> but there doesnt seem to be anyhting in /var/log/daemon or /var/log/messages
>
> in an earlier release I had modified /etc/rc.d/fastnetmon  (because of
> a directory  that was not being created  at start up (which has been
> since corrected by Stuart@ (thanks)  but  I think the mg created
> backup fastnetmon~ may have caused me issues then
>
> I noticed the following in insecurity
> that Services that should be running but aren't:
> /usr/sbin/rcctl: ${cached_svc_is_special_fastnetmon~}: bad substitution
> /usr/sbin/rcctl: set: cached_svc_is_special_fastnetmon~: is not an identifier
> /usr/sbin/rcctl: ${cached_svc_is_base_fastnetmon~}: bad substitution
> /usr/sbin/rcctl: set: cached_svc_is_base_fastnetmon~: is not an identifier
> /usr/sbin/rcctl: ${cached_svc_is_meta_fastnetmon~}: bad substitution
> /usr/sbin/rcctl: set: cached_svc_is_meta_fastnetmon~: is not an identifier
>
> im presuming this is because /etc/rc.d/fastnetmon~  backup file was
> in  /etc/rc.d/fastnemon
>
> as anyone come across this issue before ?
>
> does anyone have an idea why the fastnetmon would suddenly stop
> working (the machine had plenty of ram, (perhaps newsyslog) ?
> anyway I have deleted /etc/rc.d/fastnetmon~ and we will take it from there
>
> Im running  release + syspatch and have done a pkg_add -u

Hi Tom.

This doesn't really belong to ports but could you try this:


Index: rcctl.sh
===================================================================
RCS file: /cvs/src/usr.sbin/rcctl/rcctl.sh,v
retrieving revision 1.108
diff -u -p -r1.108 rcctl.sh
--- rcctl.sh 31 Mar 2020 08:03:44 -0000 1.108
+++ rcctl.sh 17 Feb 2021 17:56:19 -0000
@@ -54,7 +54,7 @@ ls_rcscripts()
 
  cd /etc/rc.d && set -- *
  for _s; do
- [[ ${_s} = *.* ]] && continue
+ [[ ${_s} == +([[:alnum:]_]) ]] || continue
  [ ! -d "${_s}" ] && echo "${_s}"
  done
 }


Reply | Threaded
Open this post in threaded view
|

Re: fastnetmon on OpenBSDamd64 tends to stop and output in insecurity mails

Tom Smyth
Hi Antoine,

Ill give that a try I'm just trying to work out what it does (pardon
my ignorance)...

Thanks,
Tom Smyth

On Wed, 17 Feb 2021 at 17:57, Antoine Jacoutot <[hidden email]> wrote:

>
> On Wed, Feb 17, 2021 at 04:37:00PM +0000, Tom Smyth wrote:
> > Hello,
> >
> > I have noticed fastnetmon on OpenBSDamd64  can stop after a couple of
> > weeks Im trying to get more info,
> > but there doesnt seem to be anyhting in /var/log/daemon or /var/log/messages
> >
> > in an earlier release I had modified /etc/rc.d/fastnetmon  (because of
> > a directory  that was not being created  at start up (which has been
> > since corrected by Stuart@ (thanks)  but  I think the mg created
> > backup fastnetmon~ may have caused me issues then
> >
> > I noticed the following in insecurity
> > that Services that should be running but aren't:
> > /usr/sbin/rcctl: ${cached_svc_is_special_fastnetmon~}: bad substitution
> > /usr/sbin/rcctl: set: cached_svc_is_special_fastnetmon~: is not an identifier
> > /usr/sbin/rcctl: ${cached_svc_is_base_fastnetmon~}: bad substitution
> > /usr/sbin/rcctl: set: cached_svc_is_base_fastnetmon~: is not an identifier
> > /usr/sbin/rcctl: ${cached_svc_is_meta_fastnetmon~}: bad substitution
> > /usr/sbin/rcctl: set: cached_svc_is_meta_fastnetmon~: is not an identifier
> >
> > im presuming this is because /etc/rc.d/fastnetmon~  backup file was
> > in  /etc/rc.d/fastnemon
> >
> > as anyone come across this issue before ?
> >
> > does anyone have an idea why the fastnetmon would suddenly stop
> > working (the machine had plenty of ram, (perhaps newsyslog) ?
> > anyway I have deleted /etc/rc.d/fastnetmon~ and we will take it from there
> >
> > Im running  release + syspatch and have done a pkg_add -u
>
> Hi Tom.
>
> This doesn't really belong to ports but could you try this:
>
>
> Index: rcctl.sh
> ===================================================================
> RCS file: /cvs/src/usr.sbin/rcctl/rcctl.sh,v
> retrieving revision 1.108
> diff -u -p -r1.108 rcctl.sh
> --- rcctl.sh    31 Mar 2020 08:03:44 -0000      1.108
> +++ rcctl.sh    17 Feb 2021 17:56:19 -0000
> @@ -54,7 +54,7 @@ ls_rcscripts()
>
>         cd /etc/rc.d && set -- *
>         for _s; do
> -               [[ ${_s} = *.* ]] && continue
> +               [[ ${_s} == +([[:alnum:]_]) ]] || continue
>                 [ ! -d "${_s}" ] && echo "${_s}"
>         done
>  }
>
>


--
Kindest regards,
Tom Smyth.