Hey FreeBSD Stable,
I'm having issues printing out the curpsinfo-pr_psargs. Has anyone
had any success printing out the arguments passed to a program? Below
is the log of what happens when I run my script the source for my
script.
[root@fbsd-sec ~/dtrace/security]# ./log_exec.d 80
dtrace: buffer
Thanks. That's what I'm running into. I've partially fixed
walltimestamp. I have walltimestamp in kernel returning to dtrace
userland the seconds since epoch. With my patch, dtrace userland shows
the value fine if printed with %d, but not with %Y.
I'll be moving onto squashing the curpsinfo bug
Yes. You can use VIMAGE/vnet with jails. In fact, I just blogged about
how to set it up:
http://0xfeedface.org/blog/2011-11-21/lattera/freebsd-vnet-jail-admin-project
I'm also writing a php project that will help administer FreeBSD jails:
https://github.com/lattera/jailadmin
Thanks,
Shawn
On
accept patches if
another use-case needs to be addressed.
Thanks,
Shawn
On Fri, Nov 25, 2011 at 1:32 PM, Denny Schierz linuxm...@4lin.net wrote:
hi Shawn,
Am 25.11.2011 um 16:54 schrieb Shawn Webb:
Yes. You can use VIMAGE/vnet with jails. In fact, I just blogged about
how to set it up:
http
Some people (like me) already knew about the vulnerabilities. And
others are already exploiting some of these vulnerabilities.
Thanks,
Shawn Webb
On Fri, Dec 23, 2011 at 9:50 AM, Damien Fleuriot m...@my.gd wrote:
My point (which may or may not be valid) was that if the vulnerabilities
but I don't recall seeing an advisory
there ahead of today.
On 12/23/11 6:03 PM, Shawn Webb wrote:
Some people (like me) already knew about the vulnerabilities. And
others are already exploiting some of these vulnerabilities.
Thanks,
Shawn Webb
On Fri, Dec 23, 2011 at 9:50 AM, Damien
As others have mentioned, you don't _have_ to patch this weekend. All
of the vulnerabilities have been [semi-]public knowledge for at least
a week. What's the harm in waiting till next week? Just pretend like
the patches came in on Tuesday.
I, for one, am grateful that FreeBSD has provided
Hey stable@,
First off, I'm not too sure if this is the right mailing list (maybe
freebsd-hackers@?). Sorry if it is. This is just the mailing list I
subscribe to, so I thought I'd start here.
Anyways, I'm looking at the regs struct (machine/reg.h) on FreeBSD
9-stable amd64. It appears that
Nevermind. It's rdi and rsi that I should use. Sorry for the wasted
bandwidth. ;)
Thanks,
Shawn
On Mon, Jan 16, 2012 at 7:41 PM, Shawn Webb latt...@gmail.com wrote:
Hey stable@,
First off, I'm not too sure if this is the right mailing list (maybe
freebsd-hackers@?). Sorry
The `zpool` command does not show all the overhead from ZFS. The `zfs`
command does. That's why the `zfs` command shows less available space
than the `zpool` command.
Thanks,
Shawn
On Tue, Jan 17, 2012 at 8:47 AM, Christer Solskogen
christer.solsko...@gmail.com wrote:
Hi!
I have a zpool
On Tue, Jan 17, 2012 at 9:00 AM, Christer Solskogen
christer.solsko...@gmail.com wrote:
On Tue, Jan 17, 2012 at 4:52 PM, Shawn Webb latt...@gmail.com wrote:
The `zpool` command does not show all the overhead from ZFS. The `zfs`
command does. That's why the `zfs` command shows less available space
shawn@indianapolis:~$ pfexec format
Searching for disks...done
AVAILABLE DISK SELECTIONS:
0. c1d0 WDC WD30- WD-WCAWZ084341-0001-2.73TB
/pci@0,0/pci-ide@11/ide@0/cmdk@0,0
1. c1d1 WDC WD30- WD-WCAWZ087742-0001-2.73TB
/pci@0,0/pci-ide@11/ide@0/cmdk@1,0
2.
I've done a bit of research about vnet jails:
http://archive.0xfeedface.org/blog/2011-11-21/lattera/freebsd-vnet-jail-admin-project
On Wed, Jan 18, 2012 at 6:59 AM, Denny Schierz linuxm...@4lin.net wrote:
hi,
after most parts works with my bridge setups works, I want to get vnet for my
jails
Let's all calm down here. No need to make this personal. Let's please try
to keep this conversation professional and respectful to all parties
involved.
Richard, I suggest that if you think the current implementation is less
secure than other implementations, you could write a patch and submit it
If there is malicious code in a kernel module, then discussions of
relocations become moot.
Sent from my Android 4.0 device. Please forgive any spelling or grammatical
errors.
On Apr 4, 2012 11:35 AM, jb jb.1234a...@gmail.com wrote:
Peter Wemm peter at wemm.org writes:
...
There is no way
Hey All,
I've been working on sharing a 6in4 IPv6 tunnel (via a gif device) I have
with Hurricane Electric (tunnelbroker.net) to my jails via epair devices.
My setup is a bit unique in that the IPv6 tunnel is behind an OpenVPN
connection. I've had varying degrees of success. I might have a bug to
On Tue, Jan 15, 2013 at 12:29 AM, Ben Morrow b...@morrow.me.uk wrote:
Quoth Shawn Webb latt...@gmail.com:
I've been working on sharing a 6in4 IPv6 tunnel (via a gif device) I have
with Hurricane Electric (tunnelbroker.net) to my jails via epair
devices.
My setup is a bit unique
On Tue, Jan 15, 2013 at 2:54 PM, Ben Morrow b...@morrow.me.uk wrote:
Quoth Shawn Webb latt...@gmail.com:
On Tue, Jan 15, 2013 at 12:29 AM, Ben Morrow b...@morrow.me.uk wrote:
Quoth Shawn Webb latt...@gmail.com:
# ifconfig bridge0
bridge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX
Somehow there ended up a typo in the CC to freebsd-stable@freebsd.org. Last
email below:
On Tue, Jan 15, 2013 at 5:53 PM, Shawn Webb latt...@gmail.com wrote:
On Tue, Jan 15, 2013 at 4:52 PM, Ben Morrow b...@morrow.me.uk wrote:
Quoth Shawn Webb latt...@gmail.com:
On Tue, Jan 15, 2013 at 2:54
Hey All,
I'm looking to generate a FreeBSD 9-stable (and maybe 10-current) ISO that
has certain packages pre-installed. I'd like to create my own installation
media that will have certain things installed, like a web management UI
that I'm actively working on. It'd be like what pfSense does.
I
On Tue, Aug 27, 2013 at 10:41 AM, Marko Cupać marko.cu...@mimar.rs wrote:
On Tue, 27 Aug 2013 15:59:19 +0200
David Demelier demelier.da...@gmail.com wrote:
Yes you can paste the dump here
kaa.mimar.rs dumped core - see /var/crash/vmcore.1
Tue Aug 27 12:34:13 CEST 2013
FreeBSD
On Tue, 2015-03-31 at 21:03 +0200, Baptiste Daroussin wrote:
Hi all,
We just released pkg 1.5.0 beta1 (in ports-mgmt/pkg-devel),
Hey Baptiste,
Great work to you and all those involved in this project! I'm grateful
to have such an awesome tool.
For those of us who run our own package repos
= 0x156d6ae08ca, rsp =
0x7be2c988, rbp = 0x7be2c9b0 ---
=== End Log ===
If there's anything you need from me, please let me know. It's 100%
reproducible at bootup on one of my systems.
--
Shawn Webb
HardenedBSD
GPG Key ID:0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486
On Saturday, 18 July 2015 09:12:52 David Wolfskill wrote:
On Sat, Jul 18, 2015 at 11:54:59AM -0400, Shawn Webb wrote:
Looks like there's some locking issues in 10.2-BETA1/amd64. I'm at
revision bf2d0b176566519b95f21d01cc101f4b60247ab8 in this repo:
https://github.com/HardenedBSD
On Saturday, 18 July 2015 12:24:37 Shawn Webb wrote:
On Saturday, 18 July 2015 09:12:52 David Wolfskill wrote:
On Sat, Jul 18, 2015 at 11:54:59AM -0400, Shawn Webb wrote:
Looks like there's some locking issues in 10.2-BETA1/amd64. I'm at
revision bf2d0b176566519b95f21d01cc101f4b60247ab8
ig
I can't find any documentation in neither Poudriere's manpage nor in
poudriere.conf.sample on how toadd a post bulk hook.
Is the signing_command option to `pkg repo` really only used in generating
pkg.txz.sig? Is there any formal documentation about the cryptography design
and architecture in relation to pkg's repositories?
Thanks,
--
Shawn Webb
HardenedBSD
GPG Key ID:0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: This is a digitally signed message part.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On August 1, 2016 7:02:05 PM EDT, Ben Woods wrote:
>Hi,
>
>FreeBSD wireless users who are upgrading to FreeBSD 11.0 will likely
>get a
>surprise when they try and identify which wireless adapters are
>available
>in their
tree to a chroot directory.
Here's the log (granted, -s was added to make): http://ix.io/1fN3
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
GPG Key ID: 0x6A84658F52456EEE
GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE
signature.asc
Description: PGP signature
oll hasn't completed, and I don't want to send a possibly-false
> date on when 11.0-RC3 will happen.
>
> I am hoping Saturday, but this is not yet definitive.
>
> Glen
>
Hey Glen,
I'm just checking in to see if you saw this bug report I filed:
https://bugs.freebsd.org/bugzilla/s
Now that `lint` was removed from 12-CURRENT base, 12-CURRENT now
cannot build 11-STABLE. Building usr.bin/xlint/llib in 11-STABLE
depends on `lint`.
https://github.com/freebsd/freebsd/blob/stable/11/usr.bin/xlint/llib/Makefile
Thanks,
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
On Sun, Nov 26, 2017 at 05:33:26PM -0500, Shawn Webb wrote:
> Now that `lint` was removed from 12-CURRENT base, 12-CURRENT now
> cannot build 11-STABLE. Building usr.bin/xlint/llib in 11-STABLE
> depends on `lint`.
>
> https://github.com/freebsd/freebsd/blob/stable/11/usr.bin/xlin
ne of which is to toggle IBRS. Vendors like Dell have started issuing
firmware updates that also applies the new CPU microcode. Check with
your vendor to see if they've shipped such firmware updates.
Having the CPU microcode applied is not enough. The OS needs to
support the new MSRs. FreeBSD 11-STAB
eger
> >- Default value: unsure. Variable declaration has 1 but
> > SYSCTL_PROC() macro has 0.
> >
>
>
> Strange thing is that tweaking `hw.ibrs_disable` has no effect on
> `hw.ibrs_active` on my side.
Did you install the latest Intel microcode update?
uld have done this back when I added it to
> legacy, I think, but it seems to fix this for me.
Hey Kyle,
Thank you very much for looking into this issue. HardenedBSD was
affected as well. I've tested the patch and am happy to report
success.
Thanks,
--
Shawn Webb
Cofound
FreeBSD 11.2
> Corrected: 2019-11-24 17:11:47 UTC (stable/11, 11.2-STABLE)
Corrected November of 2018 or 2019? ;)
--
Shawn Webb
Cofounder and Security Engineer
HardenedBSD
Tor-ified Signal:+1 443-546-8752
Tor+XMPP+OTR:latt...@is.a.hacker.sx
GPG Key ID: 0x6A84658
Hey all,
It appears the Handbook and the nfsv4 manpages don't really agree,
leading to some confusion as to how to properly set up an NFSv4 server
on FreeBSD.
Any guidance would be appreciated.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
GPG Key ID
fortunately, bhyve doesn't support renamed tap devices. You'll need
to keep the original tapN name.
What you might want to experiment with is setting a description for
the tap device. For example:
ifconfig tapN description "private vNIC"
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
37 matches
Mail list logo