Miscellaneous Operating Systems/Hardware

OpenBSD/sgi - Page 2

nekonoko wrote:
(And yes, hamei - I know php-5.3.0 was just released today. xcache doesn't support 5.3 just yet so I'm going to wait a little) ;)

Hey, the only way I know about these releases is when I see them here. When Nekochan gets a new subsystem, that means that 2 1/2 hours ago a new version came out :D
nekonoko wrote:
The only truly secure system is one not connected to the public internet.

Don't forgot to put it in a closed room with an armed guard in the front ;)

_________________
Now this is a deep dark secret, so everybody keep it quiet :)
It turns out that when reset, the WD33C93 defaults to a SCSI ID of 0, and it was simpler to leave it that way... -- Dave Olson, in comp.sys.sgi

Currently in commercial service: Image :Onyx2: (2x) :O3x02L:
In the museum : almost every MIPS/IRIX system.
Wanted : GM1 board for Professional Series GT graphics (030-0076-003, 030-0076-004)
jan-jaap wrote:
nekonoko wrote:
The only truly secure system is one not connected to the public internet.

Don't forgot to put it in a closed room with an armed guard in the front ;)

And NO USB !!!
hamei wrote:
And NO USB !!!

Guess SGI has got that one covered....

Why has everyone been complaining about the security features of IRIX?
dc_v01 wrote:
hamei wrote:
And NO USB !!!

Guess SGI has got that one covered....

Why has everyone been complaining about the security features of IRIX?


Irix at some point had a reputation for not being that secure, I think it had to do with the fact that a ton of stuff was open in the default install, whether that reputation still stands today is a bit moot since the system is pretty much EOL for all intents and purposes and the damage in "mindshare" was already done.

Also early releases of Irix were awful, and that also affected the perception of the OS. A shame since it ended up being a nice Unix variant.

_________________
"Was it a dream where you see yourself standing in sort of sun-god robes on a
pyramid with thousand naked women screaming and throwing little pickles at you?"
R-ten-K wrote:
dc_v01 wrote:
hamei wrote:
And NO USB !!!

Guess SGI has got that one covered....

Why has everyone been complaining about the security features of IRIX?


Irix at some point had a reputation for not being that secure, I think it had to do with the fact that a ton of stuff was open in the default install, whether that reputation still stands today is a bit moot since the system is pretty much EOL for all intents and purposes and the damage in "mindshare" was already done.

Also early releases of Irix were awful, and that also affected the perception of the OS. A shame since it ended up being a nice Unix variant.


Compared to contemporary UNIXes I don't think the 4D1-3.x or 4.0.5 releases were very bad. SunOS 4 might have been a bit better, but 3.x wasn't too bad. Early IRIX 5 releases were, though. I recall one bug (I think it was in Objectserver) that was particularly pernicious and compromised security.

SGI was building systems for people who wanted to throw them on LANs and not worry about them, so they were pretty much wide open. Unfortunately this translated into them keeping things open for a long time after they branched into HPC/servers so they didn't get too many disgruntled "I want to plug it in and have it work instead of having to worry about all this password junk" types.

_________________
Damn the torpedoes, full speed ahead!

Systems available for remote access on request.

:Indigo: :Octane: :Indigo2: :Indigo2IMP: :Indy: :PI: :O200: :ChallengeL: :O2000R: (single-CM)
True.

However, the perception did a lot of damage. I remember some sysadmins being completely hostile to the idea of having Irix machines into the network of the school I was at the time. Probably due more to FUD than reality, but I assume such a negative view must have hurt sales of SGI systems, esp. when the internet was taking off.

Anyhow, all major operating systems seem to have had growing pains at some point in their development. Early releases of Irix 5 were utter sh*t, and same goes for the first releases of Solaris.

_________________
"Was it a dream where you see yourself standing in sort of sun-god robes on a
pyramid with thousand naked women screaming and throwing little pickles at you?"
Only moron, crazy-minded or envious will be intreresting in hacking not a production box from outside.
Or did someone put his eye on nekochan already? :lol:
If you'll stop and pull out all useless services like time and e.t.c., and keep only really using (like ftpd, sshd, httpd, e.t.c.) and better to use stable versions with security patches applied services, well then you may say that the box is not just critical hole from outside view.
Of course if you get ssh accounts to anyone from your friends, wait presents :lol: But in this war case almost all UNIXes are under disgrace if there are just installed out from a box.

_________________
:rx2600: ( CHNPP node), custom build PC ( ducksta r host), one dead PowerBook G4 ( nokacheflush host)

More info at my web page!
hamei wrote:
jan-jaap wrote:
nekonoko wrote:
The only truly secure system is one not connected to the public internet.

Don't forgot to put it in a closed room with an armed guard in the front ;)

And NO USB !!!


And don't forget the Faraday cage. :mrgreen:

_________________
Sitting in a room.....thinkin' shit up. :evil:

:O2: 400MHz R12k - Apple G4 Cube dual 500MHz/GF6200 - Newton Messagepad 2100 - Apple PowerBook 2400c/G3@240 - DECstation5000/133 - Apple Workgroup Server 9150/120 - Apple Macintosh IIfx - Apple Macintosh Color Classic (Mystic upgrade) - Sun Cobalt Cube 3 - Tadpole RDI UltraBook IIi
zahal wrote:
And don't forget the Faraday cage. :mrgreen:



Just turn it off, pull the cables, and weld some steel plate over the back just in case.

I remember when my college moved from SunOS 4.1.4 to Solaris 2.can't_remember. I think it was 2.6 (1997-1998 year). First halfway decent Solaris 2 release, and I hated it.

Solaris has gotten better, and I've gotten more used to it, but 5 years after first release to get a decent product is pretty bad.

_________________
Damn the torpedoes, full speed ahead!

Systems available for remote access on request.

:Indigo: :Octane: :Indigo2: :Indigo2IMP: :Indy: :PI: :O200: :ChallengeL: :O2000R: (single-CM)
hamei wrote:
Hey, the only way I know about these releases is when I see them here. When Nekochan gets a new subsystem, that means that 2 1/2 hours ago a new version came out :D


I try :) I just got 5.3.0 up and running today along with a SVN pull of xcache-1.3. So far so good - I'll move the archive over to the usual place.

_________________
Twitter: @neko_no_ko
IRIX Release 4.0.5 IP12 Version 06151813 System V
Copyright 1987-1992 Silicon Graphics, Inc.
All Rights Reserved.
badapple wrote:
Although only the O2 is currently supported, there are some recent commits for IP30 and IP27 and IP35 is being worked on too. Backwards support for IP22 doesn't seem to be that much of a priority looking at the thread, which is a shame - I'm happy with Irix on the faster machines but OpenBSD is increasingly useful on many older architectures as an alternative to linux. It's already effectively superseded linux on sparc32 now that nearly everyone has dropped support, and I'd really like it as an option on my older MIPS stuff, like the Indy currently running Debian under my desk. OpenBSD 4.3 is looking very promising.


NetBSD has support for IP6, IP10, IP12, IP20, IP22 and IP32. OpenBSD supports more of newer machines, Linux has some IP26 and IP28 (along with IP22, IP32 and IP30?) support, and Russ Cox's Plan9 sources contain SGI Power code. Graphics aside, the opensource world supports most of the SGI machines already. The graphics being the most interesting part in most cases, the allure of IRIX will remain unparalleled, but for the server-class or headless machines, there's plenty you can still do with them -- even a 4D/20 will run the NetBSD-current ;)

It would be nice to see this all consolidated a bit, though. Maybe someday the OpenBSD guys will import the support NetBSD has for the older machines, or the other way around.
When I spoke to Art Grabowski years ago, picking up my Indy from him, he told me someone in .se had code for the Indy it in his attic... They are kinda lazy with pushing the code to the trunk the OBSD'ers ;-) .

_________________
SGI Systems: R4K :Indigo: /256MB/XS-24, R5K 150MHz :Indy: /160MB/XL-24, R10K 175MHz :O2: /640MB, R12K 400MHz :Octane2: /Vpro6/1GB & R4K 250 MHz :Indigo2IMP: /128 MB/XZ Extreme/GIO64 FDDI

"It's a UNIX system! I know this! "
Any more current comments on the status of OpenBSD/sgi?

The OpenBSD port page says things are working fine (including X11), while FAQ page on X configuration mentions for sgi "no X servers, only X clients." (Apr 09 version).
polytrope wrote:
Any more current comments on the status of OpenBSD/sgi?
Comments? You found the wrong topic: viewtopic.php?f=15&t=16721761&p=7307390&

_________________
***********************************************************************
Welcome to ARMLand - 0/0x0d00
running...(sherwood-root 0607201829)
* InfiniteReality/Reality Software, IRIX 6.5 Release *
***********************************************************************
polytrope wrote:
Any more current comments on the status of OpenBSD/sgi?

The OpenBSD port page says things are working fine (including X11), while FAQ page on X configuration mentions for sgi "no X servers, only X clients." (Apr 09 version).

That's clearly an error in the FAQ. Framebuffer support is currently still limited to the O2 machines. However there is promising work behind the scene to support VPro boards on Octane and Fuel systems, which will be commited soon.

As for non-framebuffer hardware support, Origin 350 are now working since a few hours :!: , and there is ongoing SMP work targeting the Octane and Origin 200 systems.

_________________
:Indigo: R4000 :Indigo2: R4400 :Indigo2IMP: R4400 :Indigo2: R8000 :Indigo2IMP: R10000 :Indy: R4000PC :Indy: R4000SC :Indy: R5000SC :O2: R5000 :O2: RM7000 :Octane: 2xR10000 :Octane: R12000 :O200: - :O200: 2x2xR10000 :Fuel: R16000 :A350:
among more than 150 machines : Apollo, Be, Data General, Digital, HP, IBM, MIPS before SGI , Motorola, NeXT, SGI, Solbourne, Sun...
miod wrote:
As for non-framebuffer hardware support, Origin 350 are now working since a few hours :!: , and there is ongoing SMP work targeting the Octane and Origin 200 systems.


O350 "working" meaning what?

Is PCI probing supported? Does NUMA work? Linux has been "working" on O350 for quite a long time now - in a single-CPU configuration with no PCI support (and therefore no way to access any storage - making it completely and totally useless).

_________________
:0300: <> :0300: :Indy: :1600SW: :1600SW:
bri3d wrote:
miod wrote:
As for non-framebuffer hardware support, Origin 350 are now working since a few hours :!: , and there is ongoing SMP work targeting the Octane and Origin 200 systems.


O350 "working" meaning what?

Is PCI probing supported? Does NUMA work? Linux has been "working" on O350 for quite a long time now - in a single-CPU configuration with no PCI support (and therefore no way to access any storage - making it completely and totally useless).


Hey, bri, don't be so down on it; at least you can see how fast the delay loop is running! Unless they haven't figure out how to bring up the serial ports either...

_________________
:O3000: :1600SW: :Indigo2IMP: :0300:

"Remember, if they can't find you handsome, they should at least find you handy."
bri3d wrote:
O350 "working" meaning what?

Meaning that an Origin 350 is now used to build the OpenBSD/sgi snapshots.

bri3d wrote:
Is PCI probing supported?

Yes. Which also means the on-board SCSI and gigabit Ethernet controllers are recognized and working.

bri3d wrote:
Does NUMA work?

Multiple-o350 configurations could not be tested for lack of hardware (the only multiple-node system which has been tested, to the best of my knowledge, is a dual Origin 200 system).

_________________
:Indigo: R4000 :Indigo2: R4400 :Indigo2IMP: R4400 :Indigo2: R8000 :Indigo2IMP: R10000 :Indy: R4000PC :Indy: R4000SC :Indy: R5000SC :O2: R5000 :O2: RM7000 :Octane: 2xR10000 :Octane: R12000 :O200: - :O200: 2x2xR10000 :Fuel: R16000 :A350:
among more than 150 machines : Apollo, Be, Data General, Digital, HP, IBM, MIPS before SGI , Motorola, NeXT, SGI, Solbourne, Sun...
miod wrote:
bri3d wrote:
O350 "working" meaning what?

Meaning that an Origin 350 is now used to build the OpenBSD/sgi snapshots.

bri3d wrote:
Is PCI probing supported?

Yes. Which also means the on-board SCSI and gigabit Ethernet controllers are recognized and working.

bri3d wrote:
Does NUMA work?

Multiple-o350 configurations could not be tested for lack of hardware (the only multiple-node system which has been tested, to the best of my knowledge, is a dual Origin 200 system).

I'm going to have to check this out. Thanks!

_________________
:O3000: :1600SW: :Indigo2IMP: :0300:

"Remember, if they can't find you handsome, they should at least find you handy."