Removing openldap?

2014-10-02 Thread Thomas Klausner 
Hi!

lukem imported openldap into NetBSD in 2008 and had big plans for
working on it, but they didn't materialize; and as I understood him
last weekend, he doesn't have these plans any longer. (Correct me if
I'm wrong, Luke.)

I think there is no particular need to have openldap in the base
system; I don't see any particular integration, and it puts more
burden of maintenance on us. I think that installing openldap from
pkgsrc should be good enough.

So I suggest removing it from the base system.

Comments welcome!
 Thomas

Re: drmkms on sandy bridge

2014-10-02 Thread Patrick Welche 
On Mon, Sep 15, 2014 at 09:59:11PM -0500, Patrick Welche wrote:
 After a recent -current update, using new drmkms on a sandy bridge,
 I found that e.g., when using firefox, the cpu would hit 100%, all
 would freeze, and I would have to hard reset, so no actual clue on
 the problem.
 
 This is on a:
 
 i915drmkms0 at pci0 dev 2 function 0: Intel Sandy Bridge Integrated Graphics 
 Device (rev. 0x09)
 
 
 The work around was to pop
 
 Option  AccelMethod SNA
 
 in /etc/X11/xorg.conf, and things are now stable...

Despite the S in SNA meaning Sandy, this also fixes Ivy bridge for
me (slightly different symptom of UXA on Ivy bridge: no graphics output
at all)

Cheers,

Patrick

Re: Removing openldap?

2014-10-02 Thread Thor Lancelot Simon 
On Thu, Oct 02, 2014 at 10:33:02AM +, Michael van Elst wrote:
 w...@netbsd.org (Thomas Klausner) writes:
 
 I think there is no particular need to have openldap in the base
 system; I don't see any particular integration, and it puts more
 burden of maintenance on us. I think that installing openldap from
 pkgsrc should be good enough.
 
 openldap is used by postfix, sshd and amd. There is also pam-ldap in
 pkgsrc that we might want to import into base.
 
 All this is only using the client part of openldap.

I would support removing the server parts of openldap but wonder whether
this would actually reduce maintenance burden.

It would reduce attack surface on some systems.

-- 
 Thor Lancelot Simon  t...@panix.com
From the tooth paste you use in the morning to the salt on your evening meal,
it's easy to take for granted the many products brought to us with explosives.
- Institute of Manufacturers of Explosives, Explosives Make It Possible

Re: Removing openldap?

2014-10-02 Thread Aleksej Saushev 
mlel...@serpens.de (Michael van Elst) writes:

 w...@netbsd.org (Thomas Klausner) writes:

I think there is no particular need to have openldap in the base
system; I don't see any particular integration, and it puts more
burden of maintenance on us. I think that installing openldap from
pkgsrc should be good enough.

 openldap is used by postfix, sshd and amd. There is also pam-ldap in
 pkgsrc that we might want to import into base.

 All this is only using the client part of openldap.

I'd like better intergration of LDAP with at least PAM and NSS modules.


-- 
HE CE3OH...

Re: Removing openldap?

2014-10-02 Thread Hauke Fath 
On Thu, 02 Oct 2014 22:56:56 +0400, Aleksej Saushev wrote:
 openldap is used by postfix, sshd and amd. There is also pam-ldap in
 pkgsrc that we might want to import into base.
 
 All this is only using the client part of openldap.
 
 I'd like better intergration of LDAP with at least PAM and NSS modules.

Yes, but Thomas' point (which I support) is that unless _you_ commit to 
doing it, it's not going to happen any time soon.

Note that back then, ldap support was a major selling point for an 
all-dynamically linked userland. Statically linking the distribution, 
meanwhile, has been broken for several releases.

I've seen too many things go into the distribution with promises of 
great things to pass (build it, and they will come), and then go 
stale. ldap and mdns support are only two of them. 

New subsystems should come with a watchdog timer and zip lines, to be 
cut loose, if the promised development hasn't happened. As a 
side-effect, this might cut bikeshed debates short, since the proof 
will be in the pudding, instead of the hype and fears about it.

hauke 

-- 
Hauke Fathha...@espresso.rhein-neckar.de
Ernst-Ludwig-Straße 15
64625 Bensheim
Germany

daily CVS update output

2014-10-02 Thread NetBSD source update 

Updating src tree:
P src/doc/BRANCHES
P src/games/factor/factor.6
P src/games/factor/factor.c
P src/games/primes/Makefile
P src/games/primes/pattern.c
P src/games/primes/pr_tbl.c
P src/games/primes/primes.6
P src/games/primes/primes.c
P src/games/primes/primes.h
U src/games/primes/spsp.c
P src/gnu/dist/groff/tmac/ascii.tmac
P src/sbin/gpt/biosboot.c
P src/sbin/gpt/create.c
P src/sbin/gpt/gpt.c
P src/sbin/gpt/gpt_uuid.c
P src/sbin/gpt/gpt_uuid.h
P src/sbin/gpt/migrate.c
P src/sys/arch/arm/broadcom/bcm2835_mbox.c
P src/sys/arch/arm/samsung/exynos5_reg.h
P src/sys/arch/arm/samsung/exynos_soc.c
P src/sys/arch/arm/samsung/sscom.c
P src/sys/arch/evbarm/conf/ODROID-XU
P src/sys/arch/evbarm/odroid/odroid_start.S
P src/sys/dev/cgd.c
P src/sys/dev/fss.c
P src/sys/dev/acpi/acpi_bat.c
P src/sys/dev/dm/device-mapper.c
P src/sys/dev/dm/dm.h
P src/sys/dev/dm/dm_ioctl.c
P src/sys/dev/pci/pcidevs.h
P src/sys/dev/pci/pcidevs_data.h
P src/sys/dev/scsipi/cd.c
P src/sys/dev/sdmmc/files.sdmmc
P src/sys/dev/sdmmc/ld_sdmmc.c
P src/sys/dev/sdmmc/sdhc.c
P src/sys/external/bsd/drm2/dist/drm/radeon/kv_dpm.c
P src/sys/external/bsd/drm2/dist/drm/radeon/radeon_drv.c
P src/sys/external/bsd/drm2/radeon/files.radeon
P src/sys/kern/kern_sysctl.c

Updating xsrc tree:


Killing core files:

Running the SUP scanner:
SUP Scan for current starting at Fri Oct  3 03:05:02 2014
SUP Scan for current completed at Fri Oct  3 03:05:20 2014
SUP Scan for mirror starting at Fri Oct  3 03:05:20 2014
SUP Scan for mirror completed at Fri Oct  3 03:08:09 2014




Updating file list:
-rw-rw-r--  1 srcmastr  netbsd  44102550 Oct  3 03:12 ls-lRA.gz