View Single Post
  #3   (View Single Post)  
Old 17th March 2012
shep shep is offline
Real Name: Scott
Arp Constable
 
Join Date: May 2008
Location: Dry and Dusty
Posts: 1,503
Default

@J65nko Thanks for the suggestion, the warning though persists. To see if I was on the right tract I increased the openfiles for all login classes. I have since restored /etc/login.conf to the original settings
Quote:
Startup Exception

Startup Exception(s):
xxxterm requires at least 1024 (2048 recommended) file descriptors, currently it has up to 1024 available
Welcome to xxxterm 1.11.3!


Beware that this is the final version that will use the xxxterm name.
Moving forward the browser will be called xombrero.


Details will soon appear on the xombrero wiki page
My /etc/login.conf
Quote:
$ cat /etc/login.conf
# $OpenBSD: login.conf.in,v 1.6 2012/02/06 21:25:13 sobrado Exp $

#
# Sample login.conf file. See login.conf(5) for details.
#

#
# Standard authentication styles:
#
# krb5-or-pwd First try Kerberos V password, then local password file
# passwd Use only the local password file
# krb5 Use only the Kerberos V password
# chpass Do not authenticate, but change users password (change
# the YP password if the user has one, else change the
# local password)
# lchpass Do not login; change user's local password instead
# radius Use radius authentication
# reject Use rejected authentication
# skey Use S/Key authentication
# activ ActivCard X9.9 token authentication
# crypto CRYPTOCard X9.9 token authentication
# snk Digital Pathways SecureNet Key authentication
# tis TIS Firewall Toolkit authentication
# token Generic X9.9 token authentication
# yubikey YubiKey authentication
#

# Default allowed authentication styles
auth-defaults:auth=passwd,skey:

# Default allowed authentication styles for authentication type ftp
auth-ftp-defaults:auth-ftp=passwd:

#
# The default values
# To alter the default authentication types change the line:
# :tc=auth-defaults:\
# to be read something like: (enables passwd, "myauth", and activ)
# :auth=passwd,myauth,activ:\
# Any value changed in the daemon class should be reset in default
# class.
#
default:\
:path=/usr/bin /bin /usr/sbin /sbin /usr/X11R6/bin /usr/local/bin /usr/local/sbin:\
:umask=022:\
:datasize-max=512M:\
:datasize-cur=512M:\
:maxproc-max=256:\
:maxproc-cur=128:\
:openfiles-cur=1024:\
:stacksize-cur=4M:\
:localcipher=blowfish,6:\
:ypcipher=old:\
:tc=auth-defaults:\
:tc=auth-ftp-defaults:

#
# Settings used by /etc/rc and root
# This must be set properly for daemons started as root by inetd as well.
# Be sure reset these values back to system defaults in the default class!
#
daemon:\
:ignorenologin:\
:datasize=infinity:\
:maxproc=infinity:\
:openfiles-cur=1024:\
:stacksize-cur=8M:\
:localcipher=blowfish,8:\
:tc=default:

#
# Staff have fewer restrictions and can login even when nologins are set.
#
staff:\
:datasize-cur=512M:\
:datasize-max=infinity:\
:maxproc-max=512:\
:maxproc-cur=128:\
:ignorenologin:\
:requirehome@:\
:tc=default:

#
# Authpf accounts get a special motd and shell
#
authpf:\
:welcome=/etc/motd.authpf:\
:shell=/usr/sbin/authpf:\
:tc=default:

#
# Override resource limits for certain daemons started by rc.d(8)
#
bgpd:\
:openfiles-cur=1024:\
:tc=daemon:$
My /etc/sysctl.conf
Quote:
# This file contains a list of sysctl options the user wants set at
# boot time. See sysctl(3) and sysctl(8) for more information on
# the many available variables.
#
#net.inet.ip.forwarding=1 # 1=Permit forwarding (routing) of IPv4 packets
#net.inet.ip.mforwarding=1 # 1=Permit forwarding (routing) of IPv4 multicast packets
#net.inet.ip.multipath=1 # 1=Enable IP multipath routing
#net.inet.icmp.rediraccept=1 # 1=Accept ICMP redirects
#net.inet6.icmp6.rediraccept=1 # 1=Accept IPv6 ICMP redirects (for hosts)
#net.inet6.ip6.forwarding=1 # 1=Permit forwarding (routing) of IPv6 packets
#net.inet6.ip6.mforwarding=1 # 1=Permit forwarding (routing) of IPv6 multicast packets
#net.inet6.ip6.multipath=1 # 1=Enable IPv6 multipath routing
#net.inet6.ip6.accept_rtadv=1 # 1=Permit IPv6 autoconf (forwarding must be 0)
#net.inet.tcp.rfc1323=0 # 0=Disable TCP RFC1323 extensions (for if tcp is slow)
#net.inet.tcp.rfc3390=0 # 0=Disable RFC3390 for TCP window increasing
#net.inet.esp.enable=0 # 0=Disable the ESP IPsec protocol
#net.inet.ah.enable=0 # 0=Disable the AH IPsec protocol
#net.inet.esp.udpencap=0 # 0=Disable ESP-in-UDP encapsulation
#net.inet.ipcomp.enable=1 # 1=Enable the IPCOMP protocol
#net.inet.etherip.allow=1 # 1=Enable the Ethernet-over-IP protocol
#net.inet.tcp.ecn=1 # 1=Enable the TCP ECN extension
#net.inet.carp.preempt=1 # 1=Enable carp(4) preemption
#net.inet.carp.log=3 # log level of carp(4) info, default 2
#ddb.panic=0 # 0=Do not drop into ddb on a kernel panic
#ddb.console=1 # 1=Permit entry of ddb from the console
#fs.posix.setuid=0 # 0=Traditional BSD chown() semantics
#vm.swapencrypt.enable=0 # 0=Do not encrypt pages that go to swap
#vfs.nfs.iothreads=4 # Number of nfsio kernel threads
#net.inet.ip.mtudisc=0 # 0=Disable tcp mtu discovery
#kern.usercrypto=1 # 1=Enable userland use of /dev/crypto
#kern.userasymcrypto=1 # 1=Permit userland to do asymmetric crypto
#kern.splassert=2 # 2=Enable with verbose error messages
#kern.nosuidcoredump=2 # 2=Put suid coredumps in /var/crash
#kern.watchdog.period=32 # >0=Enable hardware watchdog(4) timer if available
#kern.watchdog.auto=0 # 0=Disable automatic watchdog(4) retriggering
#kern.pool_debug=0 # 0=Disable pool corruption checks (faster)
#hw.allowpowerdown=0 # 0=Disable power button shutdown
kern.maxfiles=8192 # Increase maximum open files
machdep.allowaperture=2 # See xf86(4)
#machdep.apmhalt=1 # 1=powerdown hack, try if halt -p doesn't work
#machdep.kbdreset=1 # permit console CTRL-ALT-DEL to do a nice halt
#machdep.lidsuspend=1 # laptop lid closes cause a suspend
machdep.userldt=1 # allow userland programs to play with ldt,
# required by some ports
#kern.emul.aout=1 # enable running dynamic OpenBSD a.out bins
#kern.emul.linux=1 # enable running Linux binaries

Last edited by shep; 17th March 2012 at 10:59 PM. Reason: tried to disable smilies in pasted text
Reply With Quote