On Mar 03 16:10:45, Louis Opter wrote: > Hello, > > I'm running OpenBSD 4.4 release on an i386 machine. > I use a Compact Flash card as hdd. Without manual configuration the bios > recognizes it as removable and refuses to boot OpenBSD.
What machine is that? > The machine is used for nat/filtering + dns server, and do it very well. > > But, I have noticed something strange with the compact flash. Sometimes, > I get this in dmesg : > > Feb 24 08:12:10 gw-pri-eaubonne /bsd: wd0(pciide0:0:0): timeout > Feb 24 08:12:10 gw-pri-eaubonne /bsd: type: ata > Feb 24 08:12:11 gw-pri-eaubonne /bsd: c_bcount: 16384 > Feb 24 08:12:11 gw-pri-eaubonne /bsd: c_skip: 0 > Feb 24 08:12:11 gw-pri-eaubonne /bsd: pciide0:0:0: bus-master DMA error: > missing interrupt, status=0x20 > Feb 24 08:12:11 gw-pri-eaubonne /bsd: wd0d: device timeout reading fsbn > 209760 of 209760-209791 (wd0 bn 604896; cn 75 tn 1 sn 33), retrying > Feb 24 08:12:11 gw-pri-eaubonne /bsd: wd0: soft error (corrected) > Feb 24 08:12:11 gw-pri-eaubonne savecore: no core dump > Feb 24 08:12:12 gw-pri-eaubonne /bsd: wd0: transfer error, downgrading to > Ultra-DMA mode 1 > Feb 24 08:12:13 gw-pri-eaubonne /bsd: wd0(pciide0:0:0): using PIO mode 4, > Ultra-DMA mode 1 > Feb 24 08:12:13 gw-pri-eaubonne /bsd: wd0e: aborted command, interface CRC > error reading fsbn 466560 of 466560-466591 (wd0 bn 1272960; cn 157 tn 109 sn > 45), retrying > Feb 24 08:12:13 gw-pri-eaubonne /bsd: wd0: soft error (corrected) (You should always provide a full dmesg with hardware issues.) If you are sure all other hardware is OK, then the card is faulty. Throw it away and buy a new one, they are very cheap now. > However the machine works normally. (And, I have checked the card is > correctly plugged in) > > But, yesterday I have also noticed that I can't use setuid programs : > > Mar 2 15:02:14 gw-pri-eaubonne su: cannot stat > /usr/libexec/auth/login_passwd: Permission denied > Mar 2 15:02:14 gw-pri-eaubonne su: /usr/libexec/auth/login_passwd: path not > secure Not sure what this means. Who is trying the su? > After I bit of searching I have seen this mail received from daily > insecurity output. > > Checking setuid/setgid files and devices: > Setuid additions: > -r-sr-xr-x 1 root bin 157440 Aug 13 00:56:44 2008 /sbin/ping > -r-sr-xr-x 1 root bin 182208 Aug 13 00:56:46 2008 /sbin/ping6 > [...] > ====== > /etc/fstab diffs (-OLD +NEW) > ====== > --- /dev/null Wed Feb 25 01:30:08 2009 > +++ /etc/fstab Mon Feb 16 15:32:45 2009 > @@ -0,0 +1,5 @@ > +/dev/wd0a / ffs rw 1 1 > +/dev/wd0f /tmp ffs rw,nodev,nosuid 1 2 > +/dev/wd0e /usr/ ffs rw,nodev,nosuid 1 2 > +/dev/wd0d /var ffs rw,nodev,nosuid 1 2 > +/dev/wd0g /var/tmp ffs rw,nodev,nosuid 1 2 > [...] This looks to me like the first insecurity report after a fresh install - note that it's a diff between /dev/null (as of Feb 25 = OLD) and /etc/fstab (as of Feb 16 = NEW). Strange. > So the system replaced my configuration files and put nosuid on /usr. Why would the system change your mount flags? > The modifications that I have done on other configurations files (I > haven't touched the fstab since the install) were kept. When did you install? > I have corrected the fstab and it works. But now I have three > questions : > - Why this happened ? > - From where my configuration was restored ? (I don't use altroot) The system doesn't "restore" your configs (whatever that means), but keeps daily backups in /var/backups. It might be interesting to see the stat(1) of the files there. > - These warnings in dmesg can be considered harmless ? No. Jan