On console: newsyslog(3865): sycall 59 "exec"

[Andreas Kusalananda Kähäri]

Hi,

I wonder if this message that I'm seeing in my console is coming from
the 1.96 commit to usr.bin/newsyslog/newsyslog.c?

newsyslog(): syscall 59 "exec"

Running "newsyslog" as root produces no such output, in the console or
elsewhere that I can spot.  However, running "newsyslog -F" seems to set
off one of those messages per rotated log file(?).

My system is an amd64 system with sources from this morning.

Andreas

-- 
:: Andreas Kusalananda Kähäri
:: Bioinformatics Developer
:: Uppsala, Sweden
::--

Re: sndio.1 vs -L

[Jason McIntyre]

On Wed, Nov 18, 2015 at 12:18:00PM +0100, Jan Stary wrote:
> On Nov 18 01:30:08, ratc...@openbsd.org wrote:
> > usr.bin/sndiod : sndiod.1 
> > say that network communication is not secure
> 
> "listen _on_" an address,
> even if -L is disabled for now.
> 
>   Jan
> 

fixed, thanks.
jmc

> Index: sndiod.1
> ===
> RCS file: /cvs/src/usr.bin/sndiod/sndiod.1,v
> retrieving revision 1.7
> diff -u -p -r1.7 sndiod.1
> --- sndiod.1  18 Nov 2015 08:30:08 -  1.7
> +++ sndiod.1  18 Nov 2015 11:15:00 -
> @@ -213,7 +213,7 @@ The default is
>  .It Fl L Ar addr
>  Specify a local network address
>  .Nm
> -should listen;
> +should listen on;
>  .Nm
>  will listen on TCP port 11025+n, where n is the unit number
>  specified with
> 

Re: sndiod_flags=NO in /etc/rc.conf on recent snapshots

[Jan Stary]

On Nov 18 12:47:01, st...@openbsd.org wrote:
> On 2015/11/18 07:30, Maxim Khitrov wrote:
> > On Wed, Nov 18, 2015 at 12:02 AM, Theo de Raadt  
> > wrote:
> > >> I only just noticed that, trying to watch a video while having a web
> > >> browser open at the same time, I don't get any sound.
> > >>
> > >> Only going through recent daily insecurity emails, had I found out that:
> > >>
> > >> sndiod_flags=
> > >>
> > >> in /etc/rc.conf, has been changed to:
> > >>
> > >> sndiod_flags=NO
> > >>
> > >> on snapshots from around the 10th November.
> > >>
> > >> The source in CVS doesn't have that change. I couldn't find any
> > >> information about it in the mailing list archives either.
> > >>
> > >> What (if any) is the reason behind it?
> > >
> > > Testing reactions.
> > 
> > One down, two to go: check_quotas, pflogd_flags :)
> 
> It's really a required part of the audio layer for many uses.
> Various parts were removed from the kernel because they were moved to
> sndiod. Hopefully it will back after the cleanup. (I don't notice this
> on my workstation because I have sndiod_flags=-f rsnd/1..)

Exactly. Having specific sndiod_flags in rc.local
to accommodate my MIDI setup etc, I haven't noticed.
But having sndiod running is indispensable for much of the audio work.
Then again, anyone who needs that can craft their own sndiod_flags.

Re: sndiod_flags=NO in /etc/rc.conf on recent snapshots

[Stuart Henderson]

On 2015/11/18 07:30, Maxim Khitrov wrote:
> On Wed, Nov 18, 2015 at 12:02 AM, Theo de Raadt  
> wrote:
> >> I only just noticed that, trying to watch a video while having a web
> >> browser open at the same time, I don't get any sound.
> >>
> >> Only going through recent daily insecurity emails, had I found out that:
> >>
> >> sndiod_flags=
> >>
> >> in /etc/rc.conf, has been changed to:
> >>
> >> sndiod_flags=NO
> >>
> >> on snapshots from around the 10th November.
> >>
> >> The source in CVS doesn't have that change. I couldn't find any
> >> information about it in the mailing list archives either.
> >>
> >> What (if any) is the reason behind it?
> >
> > Testing reactions.
> 
> One down, two to go: check_quotas, pflogd_flags :)

It's really a required part of the audio layer for many uses.
Various parts were removed from the kernel because they were moved to
sndiod. Hopefully it will back after the cleanup. (I don't notice this
on my workstation because I have sndiod_flags=-f rsnd/1..)

> At least those are the three things I always disable on new firewalls.
> check_quotas is harmless, but just unnecessary if I don't use quotas.
> pflogd can fill-up /var if "log" is added to a frequently-matching
> rule (had that happen to me once).

"don't do that then" ;-)

You can use "log to pflog1" for things which you don't want
pflogd to see.

It might be useful to run newsyslog more frequently if you have
small partitions..

Re: sndiod_flags=NO in /etc/rc.conf on recent snapshots

[Maxim Khitrov]

On Wed, Nov 18, 2015 at 12:02 AM, Theo de Raadt  wrote:
>> I only just noticed that, trying to watch a video while having a web
>> browser open at the same time, I don't get any sound.
>>
>> Only going through recent daily insecurity emails, had I found out that:
>>
>> sndiod_flags=
>>
>> in /etc/rc.conf, has been changed to:
>>
>> sndiod_flags=NO
>>
>> on snapshots from around the 10th November.
>>
>> The source in CVS doesn't have that change. I couldn't find any
>> information about it in the mailing list archives either.
>>
>> What (if any) is the reason behind it?
>
> Testing reactions.

One down, two to go: check_quotas, pflogd_flags :)

At least those are the three things I always disable on new firewalls.
check_quotas is harmless, but just unnecessary if I don't use quotas.
pflogd can fill-up /var if "log" is added to a frequently-matching
rule (had that happen to me once).

-Max

Re: sndio.1 vs -L

[Jan Stary]

On Nov 18 01:30:08, ratc...@openbsd.org wrote:
>   usr.bin/sndiod : sndiod.1 
> say that network communication is not secure

"listen _on_" an address,
even if -L is disabled for now.

Jan

Index: sndiod.1
===
RCS file: /cvs/src/usr.bin/sndiod/sndiod.1,v
retrieving revision 1.7
diff -u -p -r1.7 sndiod.1
--- sndiod.118 Nov 2015 08:30:08 -  1.7
+++ sndiod.118 Nov 2015 11:15:00 -
@@ -213,7 +213,7 @@ The default is
 .It Fl L Ar addr
 Specify a local network address
 .Nm
-should listen;
+should listen on;
 .Nm
 will listen on TCP port 11025+n, where n is the unit number
 specified with

Re: Pledge shutdown halt

[Stuart Henderson]

On 2015/11/17 23:31, Theo de Raadt wrote:
> What ttys are you guys rebooting from.  Is it seen on console?  Or... is it
> only seen from xterm...?

In my case, reboot is run from an ssh session, the message is seen on
that session, and system console is on serial.

Re: Pledge shutdown halt

[Ian McWilliam]

On 18/11/2015 5:31 PM, Theo de Raadt wrote:

What ttys are you guys rebooting from.  Is it seen on console?  Or... is it
only seen from xterm...?


ssh session. I'll have to check the console tomorrow. No X configured to 
run on the box.


Ian McWilliam

Re: Pledge shutdown halt

[Ian McWilliam]

 

- Original Message -
From: "Ian McWilliam" 
To:"Theo de Raadt" , 
Cc:
Sent:Wed, 18 Nov 2015 20:09:58 +1100
Subject:Re: Pledge shutdown halt

 On 18/11/2015 5:31 PM, Theo de Raadt wrote:
 > What ttys are you guys rebooting from. Is it seen on console? Or...
is it
 > only seen from xterm...?
 >
 >
 ssh session. I'll have to check the console tomorrow. No X configured
to 
 run on the box.

 Ian McWilliam

Rebuilt kernel + userland from todays sources.

OpenBSD 5.8-current (GENERIC.MP) #0: Thu Nov 19 10:32:02 AEDT 2015

 
  r...@ianm-openbsd.xxx.edu.au:/usr/src/sys/arch/amd64/compile/GENERIC.MP
The message is no longer displayed on reboot / shutdown on ssh session
or console.
Ian McWilliam

Re: calloc -> malloc in get_data() and get_string()

[Michael McConville]

Ted Unangst wrote:
> Joerg Jung wrote:
> > > Michael McConville wrote:
> > > Relayd, httpd, and ntpd define the functions get_data() and
> > > get_string(). Both call calloc and then immediately memcpy.
> > > Calloc's zeroing isn't optimized out. These functions are called
> > > in network data paths in at least a couple places, so all this
> > > extra writing could have a meaningful performance impact.
> > 
> > I think this impact is negligible small and I believe that you can
> > not even measure it. So this change makes not so much sense to me.
> 
> I think there's no reason to be inefficient if the faster way of doing
> things is just as simple and correct.
> 
> > I wonder if using strndup() would make more sense for the first case
> > here?
> 
> Agreed on that point.

ok?


Index: sbin/iked/util.c
===
RCS file: /cvs/src/sbin/iked/util.c,v
retrieving revision 1.27
diff -u -p -r1.27 util.c
--- sbin/iked/util.c21 Aug 2015 11:59:28 -  1.27
+++ sbin/iked/util.c19 Nov 2015 02:59:16 -
@@ -636,17 +636,12 @@ char *
 get_string(uint8_t *ptr, size_t len)
 {
size_t   i;
-   char*str;
 
for (i = 0; i < len; i++)
if (!isprint(ptr[i]))
break;
 
-   if ((str = calloc(1, i + 1)) == NULL)
-   return (NULL);
-   memcpy(str, ptr, i);
-
-   return (str);
+   return strndup(ptr, i);
 }
 
 const char *
Index: usr.sbin/httpd/httpd.c
===
RCS file: /cvs/src/usr.sbin/httpd/httpd.c,v
retrieving revision 1.46
diff -u -p -r1.46 httpd.c
--- usr.sbin/httpd/httpd.c  5 Nov 2015 18:00:43 -   1.46
+++ usr.sbin/httpd/httpd.c  19 Nov 2015 02:59:19 -
@@ -831,18 +831,13 @@ char *
 get_string(uint8_t *ptr, size_t len)
 {
size_t   i;
-   char*str;
 
for (i = 0; i < len; i++)
if (!(isprint((unsigned char)ptr[i]) ||
isspace((unsigned char)ptr[i])))
break;
 
-   if ((str = calloc(1, i + 1)) == NULL)
-   return (NULL);
-   memcpy(str, ptr, i);
-
-   return (str);
+   return strndup(ptr, i);
 }
 
 void *
@@ -850,7 +845,7 @@ get_data(uint8_t *ptr, size_t len)
 {
uint8_t *data;
 
-   if ((data = calloc(1, len)) == NULL)
+   if ((data = malloc(len)) == NULL)
return (NULL);
memcpy(data, ptr, len);
 
Index: usr.sbin/ntpd/constraint.c
===
RCS file: /cvs/src/usr.sbin/ntpd/constraint.c,v
retrieving revision 1.20
diff -u -p -r1.20 constraint.c
--- usr.sbin/ntpd/constraint.c  17 Nov 2015 15:34:36 -  1.20
+++ usr.sbin/ntpd/constraint.c  19 Nov 2015 02:59:19 -
@@ -979,15 +979,10 @@ char *
 get_string(u_int8_t *ptr, size_t len)
 {
size_t   i;
-   char*str;
 
for (i = 0; i < len; i++)
if (!(isprint(ptr[i]) || isspace(ptr[i])))
break;
 
-   if ((str = calloc(1, i + 1)) == NULL)
-   return (NULL);
-   memcpy(str, ptr, i);
-
-   return (str);
+   return strndup(ptr, i);
 }
Index: usr.sbin/relayd/relayd.c
===
RCS file: /cvs/src/usr.sbin/relayd/relayd.c,v
retrieving revision 1.144
diff -u -p -r1.144 relayd.c
--- usr.sbin/relayd/relayd.c14 Oct 2015 07:58:14 -  1.144
+++ usr.sbin/relayd/relayd.c19 Nov 2015 02:59:19 -
@@ -1494,18 +1494,13 @@ char *
 get_string(u_int8_t *ptr, size_t len)
 {
size_t   i;
-   char*str;
 
for (i = 0; i < len; i++)
if (!(isprint((unsigned char)ptr[i]) ||
isspace((unsigned char)ptr[i])))
break;
 
-   if ((str = calloc(1, i + 1)) == NULL)
-   return (NULL);
-   memcpy(str, ptr, i);
-
-   return (str);
+   return strndup(ptr, i);
 }
 
 void *
@@ -1513,7 +1508,7 @@ get_data(u_int8_t *ptr, size_t len)
 {
u_int8_t*data;
 
-   if ((data = calloc(1, len)) == NULL)
+   if ((data = malloc(len)) == NULL)
return (NULL);
memcpy(data, ptr, len);