Re: bash velnerability
echo Testing Exploit 1 (CVE-2014-6271)
CVE6271=$(env x='() { :;}; echo -n V' bash -c : 2/dev/null)
[ ${CVE7187} == V ] echo VULNERABLE || echo NOT VULNERABLE
echo Testing Exploit 2 (CVE-2014-7169)
CVE7169=$(env X='() { (4lpi.com)=\' bash -c echo date 2/dev/null; cat echo
2/dev/null; rm -f echo)
[ ! ${CVE7169} == date ] echo VULNERABLE || echo NOT VULNERABLE
echo Testing Exploit 3 (CVE-2014-6277)
CVE6277=$(env -i X=' () { }; echo -n V' bash -c :)
[ ${CVE6277} == V ] echo VULNERABLE || echo NOT VULNERABLE
echo Testing Exploit 4 (CVE-2014-7186)
CVE7186=$(bash -c 'true EOF EOF EOF EOF EOF EOF EOF EOF EOF
EOF EOF EOF EOF EOF' 2/dev/null ||echo -n V)
[ ${CVE7186} == V ] echo VULNERABLE || echo NOT VULNERABLE
echo Testing Exploit 5 (CVE-2014-7187)
CVE7187=$((for x in {1..200}; do echo for x$x in ; do :; done; for x in
{1..200}; do echo done; done) |bash 2/dev/null ||echo -n V)
[ ${CVE7187} == V ] echo VULNERABLE || echo NOT VULNERABLE”
Good luck ;-)
On Sep 30, 2014, at 13:54, Jung-uk Kim j...@freebsd.org wrote:
On 2014-09-29 12:13:15 -0400, Bryan Drewery wrote:
On 9/29/2014 11:01 AM, Mike Tancsa wrote:
On 9/26/2014 5:01 PM, Bryan Drewery wrote:
On 9/26/2014 12:41 PM, Bryan Drewery wrote:
On 9/26/2014 11:51 AM, Bryan Drewery wrote:
On 9/26/2014 11:46 AM, Bartek Rutkowski wrote:
Apparently, the full fix is still not delivered, accordingly to this:
http://seclists.org/oss-sec/2014/q3/741
Kind regards,
Bartek Rutkowski
I'm pretty sure they call that a feature. This is a bit different.
I've disabled environment function importing in the port. Using
--import-functions will allow it to work if you need it.
Hi Bryan,
With the latest ports, bashcheck still sees some issues with bash.
Are these false positives on FreeBSD ?
Using
https://raw.githubusercontent.com/hannob/bashcheck/master/bashcheck
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
./bashcheck: line 18: 54908 Segmentation fault (core dumped) bash
-c true $(printf 'EOF %.0s' {1..79}) 2 /dev/null
Vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Variable function parser inactive, likely safe from unknown parser bugs
---Mike
Yes we have not applied the RedHat fix for CVE-2014-7186 or CVE-2014-7187.
Applying the first patch for parse.y from the following post passed the
tests for me.
http://www.openwall.com/lists/oss-security/2014/09/25/32
In fact, all major Linux distros seem to use it now.
FYI,
Jung-uk Kim
___
freebsd-secur...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to freebsd-security-unsubscr...@freebsd.org
--
Jason Hellenthal
Mobile: +1 (616) 953-0176
jhellent...@dataix.net
JJH48-ARIN
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: bash velnerability
I would agree with that. Considering the korn shell was found out to be
importing functions from bash this morning that it does not completely know how
to interpret goes to say that there is a much bigger issue at face here than
the mere sys admins can begin to fathom quite yet.
There is still more to come from this. We may not see the end of it for the
next 10 years.
But also to state bash 4.3.27 on 10-RELEASE-p9 reports as not vulnerable to the
five known CVEs right now but that same shell compiled on a 9.1-RELEASE system
is still vulnerable to the last two CVEs … That said this is deep just when you
think you have it conquered.
On Sep 30, 2014, at 16:25, Charles Swiger cswi...@mac.com wrote:
On Sep 30, 2014, at 12:46 PM, Bryan Drewery bdrew...@freebsd.org wrote:
[ ... ]
I even saw a reddit post last night complaining that OSX had updated
bash only to leave it still vulnerable because of the redir_stack issue.
It doesn't seem to be?
bash-3.2$ bash --version
GNU bash, version 3.2.53(1)-release (x86_64-apple-darwin13)
Copyright (C) 2007 Free Software Foundation, Inc.
bash-3.2$ echo Testing Exploit 4 (CVE-2014-7186)
Testing Exploit 4 (CVE-2014-7186)
bash-3.2$ CVE7186=$(bash -c 'true EOF EOF EOF EOF EOF EOF EOF
EOF EOF EOF EOF EOF EOF EOF' 2/dev/null ||echo -n V)
bash-3.2$ [ ${CVE7186} == V ] echo VULNERABLE || echo NOT
VULNERABLE
NOT VULNERABLE
This being said, I'm not confident that there won't be further issues found
with bash
Regards,
--
-Chuck
___
freebsd-secur...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to freebsd-security-unsubscr...@freebsd.org
--
Jason Hellenthal
Mobile: +1 (616) 953-0176
jhellent...@dataix.net
JJH48-ARIN
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: [broken] security/tripwire
+1
--
Jason Hellenthal
Voice: 95.30.17.6/616
JJH48-ARIN
On Dec 16, 2013, at 17:45, 'Baptiste Daroussin' b...@freebsd.org wrote:
On Mon, Dec 16, 2013 at 10:58:44PM +0100, Peter Looyenga wrote:
/usr/ports/security/tripwire # make
Makefile, line 164: Malformed conditional (${PORT_OPTIONS:MDB_BUILD}
${WITH_DB_BUILD} == true)
Makefile, line 177: if-less endif
make: fatal errors encountered -- cannot continue
This has already been fixed long ago
While that may be so I can confirm that this problem has re-appeared on
FreeBSD 9.2 with a current check out of the ports collection. I updated my
ports collection this evening using portsnap for the weekly server
maintenance session and was also confronted with this error.
First when running 'portmaster -L' to check up on new versions (this crashed
due to the error), then it turned out that its currently even impossible to
run something as trivial as 'make config' without this error showing up:
root@chihiro:/usr/ports/security/tripwire # make config
Makefile, line 122: Malformed conditional (${PORT_OPTIONS:MSW_ONLY}
${WITH_SW_ONLY} == true)
Makefile, line 127: if-less endif
make: fatal errors encountered -- cannot continue
Kind regards,
Peter
Oh you are right there was a second one, fixed now.
Thanks for reporting
Bapt
smime.p7s
Description: S/MIME cryptographic signature
Re: install tcpdump 4.5.1 and libpcap 1.5.1 to filter in/out trafic
Never thought if catch myself saying this butt . . . Push it in please! On Nov 27, 2013, at 4:13, Rodrigo Osorio rodr...@bebik.net wrote: Hi all, In order to take advantage of the new '-P' switch in tcpdump to filter in/out trafic from an interface, I need to move from tcpdump 4.4.0 to 4.5.1. http://www.tcpdump.org/tcpdump_man.html I did a set of minimal patches to upgrade tcpdump and its companion libpcap in ports to the latest versions. In our tests (FreeBSD-i386-9.1-RELEASE and i386-10.0-BETA1) tcpdump 4.5.1 works fine and capture the desired trafic. I didn't perform any test to check if the deinstall/package works, this will come with a future PR. regards -rodrigo http://files.bebik.net/patches/tcpdump-4.5.1/tcpdump-patch http://files.bebik.net/patches/tcpdump-4.5.1/pcap-patch ___ freebsd-...@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to freebsd-net-unsubscr...@freebsd.org smime.p7s Description: S/MIME cryptographic signature
pkg - stderr/stdout
Ref: pkg |less Why should anyone need to . . . pkg 21 |less Just to page the help ? -- Jason Hellenthal Voice: +1 (616) 953-0176 JJH48-ARIN smime.p7s Description: S/MIME cryptographic signature
Subversion 1.8 / FreeBSD 8 x86 STABLE Symlinks
When using svn 1.8 I have come across a situation where when it is used pointing to a symlink that refers to a working directory that a update will either segfault or exit prematurely and leave a lock held on the working directory that the symlink points to. This leaves you with one choice but to run cleanup on the referenced actual working directory which was AFAIK never the case for any version below 1.8. Not sure if this is a problem with svn or FreeBSD itself but thought I would report the characteristics in case it's noticed elsewhere. Details: Using UFS FreeBSD 8-STABLE i386 as of this date. In the directory... cd /exports/usr ln -s src8 src svn up /exports/usr/src -- Jason Hellenthal Inbox: jhellent...@dataix.net Voice: +1 (616) 953-0176 JJH48-ARIN smime.p7s Description: S/MIME cryptographic signature
pkgng/git pkg_config.c:257: warning: comparison between signed and unsigned
Hi all, On stable/8 most current updated system with most recent version of pkgng from git checked out I am getting the following warning being treated as an error. I don't have further time to look into ATM but if this catches someones attention to look at it further it would be appreciated. stable/8 i386 --- pkg_config.c: In function 'pkg_config_parse': pkg_config.c:257: warning: comparison between signed and unsigned *** Error code 1 Thanks, -- - (2^(N-1)) JJH48-ARIN ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: [devel/newfile] - Problem with patch.
There is nothing useful in that patch file anyway... Remove it! and continue forward. On Tue, Sep 25, 2012 at 06:21:30AM +0200, Rafał Szkodziński wrote: Hi. When I upgrade the port devel/newfile, I get the following problem: [cut] === The following actions will be taken if you choose to proceed: Upgrade newfile-1.0.14_2 to newfile-1.0.14_3 === Proceed? y/n [y] === Starting build for ports that need updating === === Launching child to install devel/newfile === All devel/newfile (1/1) === Currently installed version: newfile-1.0.14_2 === Port directory: /usr/ports/devel/newfile === Starting check for build dependencies === Gathering dependency list for devel/newfile from ports === Dependency check complete for devel/newfile === All newfile-1.0.14_2 (1/1) === Cleaning for newfile-1.0.14_3 === Extracting for newfile-1.0.14_3 = SHA256 Checksum OK for newfile-1.0.14.tar.gz. === newfile-1.0.14_3 depends on file: /usr/local/bin/ruby18 - found === Patching for newfile-1.0.14_3 === newfile-1.0.14_3 depends on file: /usr/local/bin/ruby18 - found === Applying FreeBSD patches for newfile-1.0.14_3 1 out of 2 hunks failed--saving rejects to data/projects/p...@makefile.rej = Patch patch-data_projects_port_Makefile failed to apply cleanly. *** [do-patch] Error code 1 Stop in /usr/ports/devel/newfile. === make failed for devel/newfile === Aborting update === Update for devel/newfile failed === Aborting update Terminated === You can restart from the point of failure with this command line: portmaster flags devel/newfile root@atnus:/root # [/cut] I add a file p...@makefile.rej [cut] uid@atnus:~ uname -a FreeBSD atnus.com 9.1-RC1 FreeBSD 9.1-RC1 #0: Fri Sep 21 16:17:42 CEST 2012 r...@atnus.com:/usr/obj/usr/src/sys/ATNUS i386 [/cut] -- Pozdrowienia, Rafał Szkodziński ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- - (2^(N-1)) JJH48-ARIN ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
pkg.c broke 561 pkg.c: In function 'pkg_adddep': on stable/8
Thought I would let you know... This seems to have broken the build... === libpkg (all) Warning: Object directory not changed from original /exports/pkgng/libpkg cc -O2 -pipe -march=native -DHAVE_GRUTILS -std=c99 -I/exports/pkgng/libpkg -I/exports/pkgng/libpkg/../external/sqlite -I/exports/pkgng/libpkg/../external/libyaml/include -I/exports/pkgng/libpkg/../external/uthash -DPREFIX=\/usr/local\ -g -O0 -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -Wcast-align -Wunused-parameter -Wchar-subscripts -Winline -Wnested-externs -Wredundant-decls -Wno-pointer-sign -c pkg.c cc1: warnings being treated as errors pkg.c: In function 'pkg_adddep': pkg.c:561: warning: cast discards qualifiers from pointer target type *** Error code 1 Stop in /exports/pkgng/libpkg. *** Error code 1 Stop in /exports/pkgng. # git log -p commit 657802f7eef98f2aa3b4a77ec52bfc39e5792afc Author: Baptiste Daroussin b...@freebsd.org Date: Thu Sep 6 19:49:34 2012 +0200 -- - (2^(N-1)) JJH48-ARIN ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: wireshark
On Sat, Aug 18, 2012 at 06:31:26PM -0700, Doug Barton wrote: I can't update wireshark to the latest version in ports due to the portaudit warning. Meanwhile, I just tried 1.8.2 and it seems like a simple version upgrade. The result builds and runs just fine, plist looks good, etc. I can vouche for this as well. Been running this since it was announced. Only one thing to consider. When opening a large packet dump with certain options like GeoIP SNMP MIB turned on from a previous version you may find that wireshark crashes depening upon the captured data. Workaround is to move your .wireshark directory over and migrate any files back that are neccesary to your SOP which is fairly trivial. After that it will continue to operate as expected without flaw. Any chance of getting this in soon'ish? Or do I have your permission to do the version upgrade? -- - (2^(N-1)) JJH48-ARIN pgpmzmbW4tZyP.pgp Description: PGP signature
ports/net/openldap24-* CONFLICTS usage problems
It seems that ports/net/openldap24-* has some conflict redundancies when it comes to using the options provided from ports/net/openldap24-client. When option SASL is turned on a conflict is occured when a recompile must happen and breaks the build. It appears that the cause of the problem is the extraneos meta-port ports/net/openldap24-sasl-client which is conflicting for some reason with ports/net/openldap24-client with that option turned on. I am proposing removing the useless meta-port as the fix. -- - (2^(N-1)) JJH48-ARIN pgpHA8rytAPY8.pgp Description: PGP signature
line 91 of [github] pkgng libpkg/update.c (use: mkstemp inplace of mktemp)
Yeah yeah I know mkstemp instead of mkstemp ??? we already do strlcpy in
place. But why not DTRT...
On the same subject of /tmp
As well should we not be attempting to get environ(7) TMPDIR and honor
it throughout all of pkgng ?
Added verbage: (off topic)
Also line 4 14 have an extra space after the asterisks(*)
Anyway... nice work on pkgng folks, keep up the AWESOME! work.
--
- (2^(N-1)) JJH48-ARIN
diff --git a/libpkg/update.c b/libpkg/update.c
index 0ede23c..942b6b7 100644
--- a/libpkg/update.c
+++ b/libpkg/update.c
@@ -88,7 +88,7 @@ pkg_update(const char *name, const char *packagesite, bool force)
snprintf(url, MAXPATHLEN, %s/repo.txz, packagesite);
(void)strlcpy(tmp, /tmp/repo.txz.XX, sizeof(tmp));
- if (mktemp(tmp) == NULL) {
+ if (mkstemp(tmp) == -1) {
pkg_emit_error(Could not create temporary file %s,
aborting update.\n, tmp);
return (EPKG_FATAL);
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: FreeBSD Port: bash-4.2.28
Kevin sorry for posting this from your message it had to go somewhere since there was no such great message to reply to. not intended directly toward anyone in general. This thread has turned to nothing but obnoxious dribble of what used to be a simple problem to solve. All of the bash-* patches that were inquired about are important to the user interface and some of them are directly related to most everyone. ESPECIALLY $HOME/ expansiion if I might need to state one. But let me state one thing here Ports is a framework containing lots of development. And justly it should not be judged that a port should not be upgraded because it might introduce new bugs to a stable community. Just because a port is being updated does not neccesarily mean that end-user needs to update their local install. It does mean that if its there it will get more exposure to further fixes... There are several ports which go head - head with the most current release that could stand to not be updated quite so often. So for what its worth Stop pu??y wiping ports! especially when it does not break the ports system itself. All this written from mutt(1) ontop of bash(1) 4.2.37(0)-release since Jul 17! On Sun, Jul 29, 2012 at 06:29:37PM -0700, Kevin Oberman wrote: On Sun, Jul 29, 2012 at 4:49 PM, Jerry je...@seibercom.net wrote: On Sun, 29 Jul 2012 15:42:38 -0700 Doug Barton articulated: Umm ... wow. I'll try to respond substantively below. On 07/29/2012 04:46, Jerry wrote: On Sat, 28 Jul 2012 16:54:40 -0700 (PDT) Doug Barton articulated: Completely aside from my being thoroughly impressed with your mind-reading abilities, upgrading to the latest/greatest is not always the best strategy. Speaking generally, even things that are (nominally) strictly bug fixes can bring in new problems, and Bash patches are not always strictly bug fixes. First of all, I see you CC'd me AGAIN. Obviously your comprehension skills are rather lax since I have a clearly noted request NOT to be CC'd and have in the past specifically asked you not to do so. I made a point of cc'ing you on my last message because I wanted to make sure you saw the bit about not using foul language. I appreciate you respecting that. First of all, lets make something clear, I have no respect for you. You are like a frigging kid. The only permanent solution is to smash your frigging head in with a bat. Oops, I hope I didn't offend you. Maybe you should CC your mother so she can protect you, you asshole. Meanwhile, yes, you've expressed a preference not to be cc'ed on list mail previously. Rather than trying to rehash the whole discussion, I'll simply repeat the main 2 points: 1. Asking the entire Internet to conform to your whim is not a rational strategy. 2. The FreeBSD mailman implementation allows you to specify only receiving 1 copy of a message that you are cc'ed on. Allow me to respond to that, BULLSHIT. Oh, did I offend you? I never asked the frigging entire Internet to bow down to my will; I simple asked not to be CC'd. Since you, most likely due to your NPD affiliation are unable to honor my simple request, why the frigging hell should I afford yours any traction? You do realize that you do not have to include my name in the CC line don't you? I took the time to relay your CC'd message to SpamCop. I know it won't do any good, but it is a feel good thing. Knock yourself out. :) Strictly speaking, it is none of your business if bug fixes can bring in or expose new or undiscovered problems. You keep repeating this none of your business line as if for some reason I don't have the right to ask the question. This is an open project, we can all ask questions. Ask question yes; stating that any patch or whatever not be instituted because it doesn't meet your standards is repulsive. (NPD strikes again) It has been shown throughout history that any advancement can bring with it, its own new set of problems. Should we all abandon the use of electricity because there is a real possibility that someone man get electrified. Yeah, that's just silly. Before we upgrade something it's useful to ask the question of whether or not the upgrade is qualitatively better or not. Just because something comes down from upstream doesn't mean it's an improvement from our users' perspective. Based upon who's opinion, yours? There is that NPD kicking in again. Lets all bow down to Dough the magnificent. Only he is worthy to judge whether a port is deemed worthy of being updated. I am going to file a PR against this for insertion into the handbook. I know it will never get published, but it just another feel good thing. By the way, do you use bash? if not then what is your problem? If you do, have you read what the patches actually entail? I have. I already mentioned that I did review the patches.
Re: mutt 1.5 much slower than mutt 1.4
On Tue, Jul 24, 2012 at 06:18:43PM +0100, Anton Shterenlikht wrote: mail/mutt is much slower on my amd64 and ia64 -current boxes after it was updated from 1.4 to 1.5. Each keystroke takes few seconds to act. Below is my mutt 1.5 config: === The following configuration options are available for mutt-1.5.21: MUTT_ASPELL=off: Enable aspell support MUTT_COMPRESSED_FOLDERS=on: Enable compressed folders MUTT_CYRUS_SASL2=off: Enable SASL2 authentication MUTT_DEBUG=off: Enable debugging capabilities MUTT_FLOCK=off: Enable flock() usage MUTT_GPGME=off: Enable gpgme interface MUTT_GREETING_PATCH=off: Enable greeting MUTT_HTML=on: Enable HTML documentation MUTT_ICONV=on: Enable iconv support MUTT_IDN=off: Enable idn support MUTT_IFDEF_PATCH=off: Enable ifdef feature MUTT_IMAP_HEADER_CACHE=on: Enable imap header cache MUTT_ISPELL=off: Enable ispell support MUTT_LOCALES_FIX=off: Enable locales fix MUTT_MAILBOX_MANPAGES=on: Install mbox.5/mmdf.5 manpages MUTT_MAILDIR_HEADER_CACHE=off: Enable maildir header cache MUTT_MAILDIR_MTIME_PATCH=off: Enable Maildir mtime patch MUTT_MBOX_HOOK_PATCH=off: Enable enhanced mbox-hook MUTT_NCURSES=on: Enable ncurses support MUTT_NCURSES_PORT=off: Use ncurses from port MUTT_NNTP=off: Enable news reader MUTT_PARENT_CHILD_MATCH_PATCH=off: Enable parent/child match MUTT_QUOTE_PATCH=on: Enable extended quoting MUTT_REVERSE_REPLY_PATCH=off: Enable reverse_reply MUTT_SGMLFORMAT=on: Enable sgml support MUTT_SIDEBAR_PATCH=off: Enable sidebar MUTT_SIGNATURE_MENU=off: Enable signature menu MUTT_SLANG=off: Enable slang support MUTT_SMIME_OUTLOOK_COMPAT=on: SMIME outlook compatible MUTT_SMTP=off: Enable SMTP relay support MUTT_TRASH_PATCH=off: Enable trash folder support MUTT_XML=off: Use XML tools for docu === Use 'make config' to modify these settings BUZI# Anybody else is seeing this behaviour? No I can't say that I am. I have been using it since it stepped its way into mail/mutt-devel Any advice? Willing to post your muttrc ? -- Anton Shterenlikht Room 2.6, Queen's Building Mech Eng Dept Bristol University University Walk, Bristol BS8 1TR, UK Tel: +44 (0)117 331 5944 Fax: +44 (0)117 929 4423 ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- - (2^(N-1)) JJH48-ARIN pgpmKwLTEC2l9.pgp Description: PGP signature
SAMBA_PORT= usage different by port.
It seems that the usage of SAMBA_PORT= var has been confused quite a
bit.
SAMBA_PORT= as judged by ports/net/samba* is defined to be net/samba??
while ports/net/samba-libsmbclient defines it as samba??
I found when creating index that no matter which way you define it both
of the two ways will end up indicating failure for different ports
because /usr/ports/samba?? does not exist or /usr/ports/net/net/samba??
does not exist.
Can someone please go through these ports and unify there usage of
SAMBA_PORT.
/usr/ports/net/samba-libsmbclient/Makefile:16:SAMBA_PORT= samba34
/usr/ports/net/samba-libsmbclient/Makefile:19:MASTERDIR=
${.CURDIR}/../${SAMBA_PORT}
/usr/ports/net/samba-nmblookup/Makefile:16:SAMBA_PORT= samba34
/usr/ports/net/samba-nmblookup/Makefile:19:MASTERDIR=
${.CURDIR}/../${SAMBA_PORT}
/usr/ports/net/samba-pdbsql/Makefile:23:SAMBA_PORT?=net/samba34
/usr/ports/net/samba-pdbsql/Makefile:30:SAMBA_WRKSRC!= cd
${PORTSDIR}/${SAMBA_PORT} ${MAKE} -V WRKSRC
/usr/ports/net/samba-pdbsql/Makefile:34:SAMBA_MODULEDIR!= cd
${PORTSDIR}/${SAMBA_PORT} ${MAKE} -V SAMBA_MODULEDIR
/usr/ports/net/samba-pdbsql/Makefile:40:BUILD_DEPENDS+=
${NONEXISTENT}:${PORTSDIR}/${SAMBA_PORT}:configure
/usr/ports/net/samba-smbclient/Makefile:16:SAMBA_PORT= samba36
/usr/ports/net/samba-smbclient/Makefile:21:MASTERDIR=
${.CURDIR}/../${SAMBA_PORT}
/usr/ports/net/samba4-devel/Makefile:7:PORTNAME?=
${SAMBA_PORTNAME}
/usr/ports/net/samba4-devel/Makefile:23:SAMBA_PORTNAME= samba4
/usr/ports/net/samba4-devel/Makefile:25:SAMBA_DISTNAME=
${SAMBA_PORTNAME:S|4$||}-${SAMBA_VERSION:S|.p|pre|:S|.r|rc|:S|.t|tp|:S|.a|alpha|}
/usr/ports/net/samba4-devel/Makefile:26:OPTIONSFILE=
${PORT_DBDIR}/${SAMBA_PORTNAME}/options
/usr/ports/net/samba4-devel/Makefile:187:USE_RC_SUBR=
${SAMBA_PORTNAME}
Thanks
--
- (2^(N-1)) JJH48-ARIN
pgpyZdbgJOsiL.pgp
Description: PGP signature
Re: [HEADS UP] Ports tree migration to Subversion
On Sun, Jul 15, 2012 at 06:54:19PM -0400, Thomas Mueller wrote: On Sun, Jul 08, 2012 at 11:05:29PM -0400, Thomas Mueller wrote: pkgsrc is NetBSD's version of FreeBSD ports framework but also ported to other, mostly (quasi-)Unix OSes including even FreeBSD. Mark Linimon lini...@lonesome.com responded: To correct a misapprehension: although many years ago pkgsrc and FreeBSD ports shared common ancestry, it is not fair to say that pkgsrc is their version. pkgsrc and FreeBSD ports have different goals, and to that purpose, pkgsrc has been through multiple major rewrites and no longer even vaguely resembles FreeBSD ports. As well, the FreeBSD ports infrastructure has evolved substantially. IIUC pkgsrc's major goal is to run on as many OSes as possible, and to that end has to do a tremendous amount of work to evade those limitations. We don't have that problem, nor the bootstraping problems that are associated. I'm sure there are many other places where we have diverged. mcl pkgsrc is NetBSD's version of FreeBSD ports framework in that it plays the same role in NetBSD, even if the infrastructures have greatly diverged. Nothing like buildlink3.mk in FreeBSD ports. But I see partial resemblances in the directory structures of pkgsrc and FreeBSD ports framework. Most of the base system of *BSD would be packages in Linux. This poses great difficulty porting a BSD package-management system to Linux, as pkgsrc has tried to do. What to do with coreutils, util-linux, udev and now systemd? WFC -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Standard file permissions for /usr/local
In this whole thread I don't any relation as to what perms are on what directory ... which inherently makes the whole point mud. What is actually trying to be accomplished here? Given there is no context as to what these are and belong to the numbers below with the symbolic meaning are useless besides saying the system is being populated and things are different. Also having a standard for file permissions is nearly irrelevent with the exceptions to specific areas of the filesytem like documents can easily be said needing to be 'a=rX' /usr/local/share/doc ... examples etc. Blindly going through installed software with a massively large comb chmod -R anything=anything is a bad idea. packages and ports need to be singly identified and looked at more closely as to whether they are doing the right thing. Do you have anything relevant as to a particular port or package ? On Sat, Jul 07, 2012 at 11:39:24PM +0100, Chris Rees wrote: On Jul 7, 2012 11:02 PM, grarpamp grarp...@gmail.com wrote: Given a /usr/local populated only by ports (more specifically, packages), we have the following stats... /usr/local 54378 -r--r--r-- 1 -r-sr-xr-x 1505 -r-xr-xr-x 21790 -rw-r--r-- 9 -rw-rw-r-- 1 -rws--x--x 1 -rwsr-x--- 1 -rwsr-xr-- 4 -rwsr-xr-x 4 -rwxr-sr-x 3515 -rwxr-xr-x 1 drwx-- 6064 drwxr-xr-x 1 drwxrwsr-x 1638 lrwxr-xr-x 1 lrwxrwxrwx For /usr, we have... 24907 -r--r--r-- 4 -r-sr-sr-x 3 -r-sr-x--- 24 -r-sr-xr-x 8 -r-xr-sr-x 786 -r-xr-xr-x 2 -rw--- 8 -rw-r--r-- 1 -rwxr-xr-x 1284 drwxr-xr-x 1 drwxrwxrwt 947 lrwxr-xr-x 34 lrwxrwxrwx Am I to, or should I, believe that there is some standard or preference such that files should not have mode u+w? Let's take a look at etc' s 'configurables area' too... /usr/local/etc 198 -r--r--r-- 19 -r-xr-xr-x 40 -rw-r--r-- 1 drwx-- 77 drwxr-xr-x 16 lrwxr-xr-x /etc 25 -r--r--r-- 1 -r-x-- 153 -r-xr-xr-x 20 -rw--- 1 -rw-r- 121 -rw-r--r-- 1 -rw-rw-r-- 6 -rwx-- 57 -rwxr-xr-x 2 drwx-- 25 drwxr-xr-x 3 lrwxr-xr-x 4 lrwxrwxrwx Now see that I have amended my /usr/local perms after install such that root can more easily manage that tree. (I could have just as easily conformed it to u-w). 76179 -rw-r--r-- 1 -rwsr-xr-x 5029 -rwxr-xr-x 6066 drwxr-xr-x 1639 lrwxr-xr-x I don't see the point in making things mode u-w? 'Security' cannot be the case, as even setting dirs u-w, schg, capabilities, read-only mount, etc will make no difference... for root, it's only annoying for a moment. What standard / guide am I missing that says u-w is the way (for at least the large majority of the files in the first two counts above)? It's pointless having most files u+w, since they won't be edited, but soonish I'm told that http://bugs.freebsd.org/157168 should be committed, which will make conf files u+w. -- - (2^(N-1)) pgpxHtXHndvge.pgp Description: PGP signature
Re: [HEADS UP] Ports tree migration to Subversion
On Wed, Jun 27, 2012 at 03:11:30PM -0700, Kevin Oberman wrote: On Wed, Jun 27, 2012 at 2:52 PM, Jason Helfman jhelf...@e-e.com wrote: On Wed, Jun 27, 2012 at 02:47:34PM -0700, Kevin Oberman thus spake: On Wed, Jun 27, 2012 at 10:30 AM, Thomas Abthorpe tabtho...@freebsd.org wrote: The FreeBSD ports tree will migrate from CVS to Subversion soon. The anticipated date for the migration is July 14th. This will have no impact for ports tree users as there will be a SVN to CVS exporter. Please note that cvsup will still work after the migration. Nevertheless c(v)sup is pretty dated so you may want to see if portsnap(8) will fit your needs. Beat and Thomas on behalf of portmgr@ http://blogs.freebsdish.org/portmgr/2012/06/27/ports-tree-migration-to-subversion/ While portsnap has several advantages over csup, it is unusable in my case because I have always maintained local mods to ports in the ports tree and portsnap neatly removes them. I may move to using svn to maintain my own copy of the tree and update the working directory where I can keep my customizations. You may want to look at the manpage for portsnap.conf and see how advantageous it may be to use the REFUSE option. That an excellent idea. I was thinking that, since I keep my private patches in the files directory and let the normal 'make patch' apply them, that it would still delete them, but careful reading of the man page implies that I could list these file (paths) as REFUSED and portsnap would leave them alone. I'll experiment and see of this works. If so, I can move away from csup. In any event it may be more resourcful just to go to SVN as the advantages of that cannot be taken if something like portsnap or csup is used. Updating Diffing Committing Stating Reverting I am sure the list of 'ing goes on and on. -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: [HEADS UP] Ports tree migration to Subversion
On Thu, Jun 28, 2012 at 06:45:20PM +0300, mbsd wrote: Ok. I'll be submitting a pr when ports move to svn. Without testing, this patch is not more than dirty code. On Thu, 2012-06-28 at 07:55 -0700, Eitan Adler wrote: On 28 June 2012 05:33, mbsd m...@isgroup.com.ua wrote: Hi list. It will be wonderful. When src had moved to svn, nobody cared about make update command. I wish to had this in ports makefile: Submit a PR with this patch so portmgr will look at it. How do you propose it should define a OOB repo ? since there is no official ... repo for git. Yes I know! there are some out there. But thats not to say they should be supported in tree until one has at least been announced as official and can be pointed to and has shown to be kept just as up to date as the svn tree. JMO -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Linux binary looks for /proc/cpuinfo, dies when cannot be found, even when linprocfs mounted.
On Sat, Jun 23, 2012 at 02:23:42PM +1200, Benjamin wrote: Hi all. I have posted this question on the forums, and it was suggested that I post it here. I am currently porting Altera Quartus II design software to FreeBSD. I have got it installing, but running the binary requires /proc/cpuinfo to exist, and it dies when it can't find it. I have both procfs and linprocfs mounted. As a workaround (read hack) I can do the following to make the binary execute. 1. unmount procfs. 2. symlink /compat/linux/proc/cpuinfo to /proc/cpuinfo Since this problem has no doubt come up before, what is the best way to get around this issue? Run it in a chroot of /compat/linux instead ? Might be best to just write a wrapper around the existing binary to launch it with proper args etc... while chrooting it. -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: percona-server-5.5.19.24.0 cannot install
On Sun, Jun 17, 2012 at 11:44:37PM +, Iqbal Aroussi wrote: Hi dear friends, I need to setup several production servers using Percona Server. However I keep getting this error: percona-server-5.5.19.24.0 cannot install: unknown MySQL version: 55p. when installing from ports. Do you possibly also have mysql55 installed ? if so can you pkg_delete it and attempt to run it again ? Do you have percona55-client installed ? What are you running atop of ??? uname -a ? I dont see a BROKEN= in either of the Makefiles. I know that this port is marked as broken for almost a month, and for how long it's going to stay at this state? is there a work around to install Percona Server ? It's very crucial piece of software. I dont understand how come it's not been fixed sooner. Thanks in advance. Iqbal A. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Patches for Review (security/vpnc)
David, Could you take a look over the following attached patches and comments and make a consideration on these. Thanks. -- - (2^(N-1)) r2 | jh | 2012-06-14 01:14:16 -0400 (Thu, 14 Jun 2012) | 4 lines ASCII'fy the copyrights section. less(1) and other tools see it as binary. Index: vpnc-script === --- vpnc-script (revision 1) +++ vpnc-script (revision 2) @@ -1,8 +1,8 @@ #!/bin/sh # # Originally part of vpnc source code: -# © 2005-2012 Maurice Massar, Jörg Mayer, Antonio Borneo et al. -# © 2009-2012 David Woodhouse dw...@infradead.org +# (c) 2005-2012 Maurice Massar, Jörg Mayer, Antonio Borneo et al. +# (c) 2009-2012 David Woodhouse dw...@infradead.org # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by r3 | jh | 2012-06-14 01:25:31 -0400 (Thu, 14 Jun 2012) | 13 lines Adjust checking for if_tun to use kldstat(8) in place of /dev/tun /dev/tun is legacy usage and should be discouraged from further use. When sysctl net.link.tun.devfs_cloning=0 there is no /dev/tun device to probe. kldstat(8) and the current flags (-qm) for FreeBSD reach back to 7.X and possibly further, so invoke them. While here kldload if_tun.ko quietly (-q) See if_tun(4), kldstat(8), kldload(8) Index: vpnc-script === --- vpnc-script (revision 2) +++ vpnc-script (revision 3) @@ -593,12 +593,12 @@ fi fi elif [ $OS = FreeBSD ]; then - if [ ! -e /dev/tun ]; then - kldload if_tun + if ! kldstat -qm if_tun; then + kldload -q if_tun fi elif [ $OS = GNU/kFreeBSD ]; then - if [ ! -e /dev/tun ]; then - kldload if_tun + if ! kldstat -qm if_tun; then + kldload -q if_tun fi elif [ $OS = NetBSD ]; then : r4 | jh | 2012-06-14 01:42:30 -0400 (Thu, 14 Jun 2012) | 11 lines Interface creation and deletion should be handled directly by vpnc and return status should be handed back over to the script for negotiation. For now comment out the implicit tunnel deletion function until it can be reworked. Things to consider are possible legacy use cases net.link.tun.devfs_cloning but should not be depended on. Index: vpnc-script === --- vpnc-script (revision 3) +++ vpnc-script (revision 4) @@ -712,7 +712,7 @@ if [ -n $INTERNAL_IP4_DNS ]; then $RESTORERESOLVCONF fi - destroy_tun_device + #destroy_tun_device } Main pgp8weoFh0DnY.pgp Description: PGP signature
[0x72142...@gmail.com: [php=5.4.3] Parsing Bug in PHP PDO prepared statements may lead to access violation]
FYI I verified this on a working system. - Forwarded message from 0x721427D8 0x721427D8 0x72142...@gmail.com - Date: Sun, 10 Jun 2012 15:02:43 +0200 From: 0x721427D8 0x721427D8 0x72142...@gmail.com To: bugt...@securityfocus.com Subject: [php=5.4.3] Parsing Bug in PHP PDO prepared statements may lead to access violation [php=5.4.3] Parsing Bug in PHP PDO prepared statements may lead to access violation Affected Product: PHP Affected Component: PDO - PHP Data Objects Affected Versions: =5.4.3 (latest version and trunk) PHP Bug Ref: #61755 Patch: bug61755.diff Discovery Date: Feb 2012 Advisory Date: 2012-06-10 Description: Inconsistent parsing of PHP PDO prepared statements. Erroneous design of parsers state machine. Under special circumstances parsing of prepared statements does not stop leading in cycling the whole stack without terminating on \0. This leads to access violations, accessing of stack data, DoS. Bug Description: There are several design errors in the state-machine responsible for parsing PHP PDO based statement objects. These errors are based on the state-machines inability to consistently check the supplied SQL-Query. Under special circumstances an attacker is able to force the responsible PDO code to iterate beyond the termination of the supplied query string resulting in a buffer out of bounds access. This access may lead to uncontrollable as well as attacker controllable behavior and Access Violations caused by the code iterating the whole stack and trying to access addresses beyond the stack end. In very unlikely and constructed environments it may also be possible to force parameter rebinding of prepared statements - even though some context specific input filtering is applied - by utilizing the stack cycling behavior of the state machine. This can be accomplished by 1) pushing a manipulated SQL string containing fake parameter bindings (:named:, ?) onto the stack (e.g. using post variables) 2) manipulating the main SQL query string (see preconditions) to make the pdo_parser cycle the stack 3) until it cycles into the fake query previously pushed to stack where the magic happens. This forces the state machine into cycling into random stack data and then into the previously pushed manipulated SQL string with fake parameter bindings. To finalize this attack the manipulated SQL string then terminates the SQL parsing resulting in rebinding of prepared parameters. The attacker needs to know the original binding names (for named parameters) and the number of bound params for this attack to succeed. This scenario is unlikely to occur but as usual in computer security this may be used in conjunction with other attacks to multiply the impact. Preconditions: -- * PDO is used to access the DB * For remote attacks: User must be able to directly control any part of the query string prior its preparation (stm-prepare()). We are well aware that this is a general coding fault which leads to other security relevant implications but sadly enough it’s also quite common in many frameworks, projects to use prepared statements with user controlled data instead of binding them after preparation. State-Machine Graph, Test-Scripts, Traces, PoCs are available. Vendor Response: * Patch 2012-04-19 (bug61755.diff) (see php bugref) Patch available, but still not fixed in 5.4.3 (latest) Timeline: - * 2012 Feb - Discovered in 5.3.8, verified for 5.3.0/5.3.10 and 5.4.0 * 2012 March - Responsible Disclosure via SSD/BeyondSecurity * 2012 April - Patch available 2012-04-19 * 2012 May/June - No trace of bugfix in svn for 5.3/5.4/trunk although mentioned in bugref #61755 * 2012 June - No trace of bugfix in svn for 5.3/5.4/trunk, code ... * 2012 June - public disclosure CREDITS: Discovered by 0x721427D8 via BeyondSecurity - SecuriTeam Secure Disclosure Refs: - http://php.net/ http://www.php.net/manual/en/intro.pdo.php http://svn.php.net/viewvc/php/php-src/trunk/ext/pdo/ http://www.securiteam.com/ - End forwarded message - -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Why are you NOT using FreeBSD -- an example
On Wed, Jun 13, 2012 at 09:53:04AM +0700, Erich wrote: Hi, Hi, Do we really need another one of these pointless rambling threads... I placed FreeBSD 10 on an empty disk and downloaded then the ports tree from yesterday. /etc/make/conf looks like this: # Uncomment this if you want to do port builds with no interaction #BATCH=yes # Keep KDE4 in /usr/local, fixes sharing of icons / mime and others KDE4_PREFIX=/usr/local # added by use.perl 2012-01-05 20:44:40 PERL_VERSION=5.12.4 # # 12.06.12 ed: added to support new Intel KMS. # WITH_NEW_XORG=true New user probably would not have gotten to this point... Just sayin. All the rest is plain default. One thing I have to mention as it might is the cause. I used PCBSD to get FreeBSD onto the machine and upgraded then via sources to 10. I extra did not do anything else as I wanted to show how newcomers who just follow 'official' documentation hit a wall during this procedurefree. The below page is not official documentation. It is a wiki, its soley devoted to developers and those that wish to check the current status and or debug problems. I used this page to get information for installing X with Intel KMS support: http://wiki.freebsd.org/Intel_GPU Read the FAQ ? This whole thread would be better suited to be on x11@ as the FAQ states Here is the current status: Ports tree downloaded during the day 12.06.12 Installation of Joe. Joe is always the first port I install as I am used to its commands. I then download and compile other ports. As I am currently on a low-bandwidth Internet connection, I try to keep the machine busy during the night with large downloads. Irrelevant Parallel downloading and compilation of scribus and xorg-server This error came from compiling scribus while xorg was still downloading: g++ -c -O2 -pipe -fno-strict-aliasing -O2 -Wall -W -DQT_NO_CAST_FROM_ASCII -DQT_NO_CAST_TO_ASCII -DQFORMINTERNAL_NAMESPACE -DQT_KEYWORDS -DQT_NO_DEBUG -DQT_XML_LIB -DQT_GUI_LIB -DQT_CORE_LIB -DQT_HAVE_MMX -DQT_HAVE_SSE -DQT_HAVE_MMXEXT -DQT_HAVE_SSE2 -DQT_HAVE_SSE3 -DQT_HAVE_SSSE3 -D_LARGEFILE64_SOURCE -D_LARGEFILE_SOURCE -DQT_SHARED -I/usr/local/share/qt4/mkspecs/freebsd-g++ -I. -I../../../include/QtUiTools -I../../../include/QtCore -I../../../include/QtGui -I../../../include/QtXml -I../../../include -I../shared -I../../designer/src/uitools -I../../designer/src/lib/uilib -I.moc/release-shared -I.uic/release-shared -I/usr/local/include/qt4 -I/usr/local/include -o .obj/release-shared/moc_finddialog.o .moc/release-shared/moc_finddialog.cpp g++ -Wl,-rpath-link,/usr/ports/devel/qt4-linguist/work/qt-everywhere-opensource-src-4.8.2/lib -Wl,-O1 -pthread -Wl,-rpath,/usr/local/lib/qt4 -Wl,-rpath,/usr/local/lib/qt4 -o ../../../bin/linguist-qt4 .obj/release-shared/numerus.o .obj/release-shared/translator.o .obj/release-shared/translatormessage.o .obj/release-shared/qm.o .obj/release-shared/qph.o .obj/release-shared/po.o .obj/release-shared/ts.o .obj/release-shared/xliff.o .obj/release-shared/batchtranslationdialog.o .obj/release-shared/errorsview.o .obj/release-shared/finddialog.o .obj/release-shared/formpreviewview.o .obj/release-shared/globals.o .obj/release-shared/main.o .obj/release-shared/mainwindow.o .obj/release-shared/messageeditor.o .obj/release-shared/messageeditorwidgets.o .obj/release-shared/messagehighlighter.o .obj/release-shared/messagemodel.o .obj/release-shared/phrasebookbox.o .obj/release-shared/phrase.o .obj/release-shared/phrasemodel.o .obj/release-shared/phraseview.o .obj/release-shared/printout.o .obj/release-shared/recentfiles.o .obj/release-shared/sourcecodeview.o .obj/release-shared/statistics.o .obj/release-shared/translatedialog.o .obj/release-shared/translationsettingsdialog.o .obj/release-shared/simtexth.o .obj/release-shared/moc_batchtranslationdialog.o .obj/release-shared/moc_errorsview.o .obj/release-shared/moc_finddialog.o .obj/release-shared/moc_formpreviewview.o .obj/release-shared/moc_mainwindow.o .obj/release-shared/moc_messageeditor.o .obj/release-shared/moc_messageeditorwidgets.o .obj/release-shared/moc_messagehighlighter.o .obj/release-shared/moc_messagemodel.o .obj/release-shared/moc_phrasebookbox.o .obj/release-shared/moc_phrase.o .obj/release-shared/moc_phrasemodel.o .obj/release-shared/moc_phraseview.o .obj/release-shared/moc_recentfiles.o .obj/release-shared/moc_sourcecodeview.o .obj/release-shared/moc_statistics.o .obj/release-shared/moc_translatedialog.o .obj/release-shared/moc_translationsettingsdialog.o .obj/release-shared/qrc_linguist.o-L/usr/ports/devel .obj/release-shared/mainwindow.o:(.rodata._ZTV19SortedContextsModel[_ZTV19SortedContextsModel]+0xc0): undefined reference to `QAbstractProxyModel::setItemData(QModelIndex const, QMapint, QVariant const)'
Re: devel/git compile clash with kwallet
On Sat, Jun 09, 2012 at 01:51:22PM -0300, Raphael Kubo da Costa wrote: David Southwell ad...@vizion2000.net writes: When trying to install git I get the following: Just for posterity's sake, this is probably git with the SVN option enabled, and devel/subversion with KWALLET enabled. === kwallet-4.8.3 conflicts with installed package(s): kdeutils-4.7.3 They install files into the same place. You may want to stop build with Ctrl + C. Take a look at the UPDATING entry from 20120525 about many KDE ports having been split. kdeutils4 is now a metaport that depends on the many kdeutils applications that have each been moved into a separate port. Since when would git have any direct relationship to KDE ? -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: How to uninstall pkgng
On Sat, Jun 09, 2012 at 07:03:23PM +0100, Matthew Seaman wrote: On 09/06/2012 18:46, Marcin Wisnicki wrote: I've made a mistake of installing pkgng on 9.0-amd64 but since there is no up-to-date repository I want to remove it. What would be the correct procedure to achieve that ? Invoking `pkg delete -a` still leaves some files including /usr/sbin/pkg. Not easy. You'ld have to delete the pkg port, undo any additional configuration you may have added to eg. /etc/make.conf (ie. remove WITH_PKGNG settings), undo any patches to portmaster (if you're using that) and then reinstall all your ports using the original package tools to rebuild /var/db/pkg/ contents. /usr/sbin/pkg is part of base nowadays. You don't want to delete that. When was pkgng made part of base ? /usr/sbin/pkg would be from pkgng if you are using it to delete itself then the problem you are experiencing is the file is busy at the time of deletion. Try pkg_delete instead ? -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: How to uninstall pkgng
On Sat, Jun 09, 2012 at 08:32:03PM +0200, Julien Laffaye wrote: On 6/9/2012 8:23 PM, Jason Hellenthal wrote: On Sat, Jun 09, 2012 at 07:03:23PM +0100, Matthew Seaman wrote: On 09/06/2012 18:46, Marcin Wisnicki wrote: I've made a mistake of installing pkgng on 9.0-amd64 but since there is no up-to-date repository I want to remove it. What would be the correct procedure to achieve that ? Invoking `pkg delete -a` still leaves some files including /usr/sbin/pkg. Not easy. You'ld have to delete the pkg port, undo any additional configuration you may have added to eg. /etc/make.conf (ie. remove WITH_PKGNG settings), undo any patches to portmaster (if you're using that) and then reinstall all your ports using the original package tools to rebuild /var/db/pkg/ contents. /usr/sbin/pkg is part of base nowadays. You don't want to delete that. When was pkgng made part of base ? The bootstrap binary is in base, not pkgng. /usr/sbin/pkg would be from pkgng if you are using it to delete itself then the problem you are experiencing is the file is busy at the time of deletion. Try pkg_delete instead ? Wrong, this is the bootstrap binary. The pkg binary is in LOCALBASE. Missed that. This is pretty confusing as stable/8 releng/9 does not have a pkg while head and stable/9 do. -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please rebuild all ports that depend on PNG
On Sun, Jun 03, 2012 at 08:14:40AM +0100, Matthew Seaman wrote: On 02/06/2012 23:53, Chad Perrin wrote: In fact, many of the weaknesses of SSL systems as currently designed could be obviated by having used OpenPGP as the basis of the system rather than creating this whole PKI system for the sole purpose of making corporate CAs seem necessary as imaginary authorities who claim to be able to provide special security guarantees. There's very interesting work going on at the moment about publishing SSL keys or fingerprints via DNSSEC-secured DNS. See: http://www.internetsociety.org/articles/dane-taking-tls-authentication-next-level-using-dnssec https://tools.ietf.org/html/draft-ietf-dane-protocol-21 So anyone in control of a DNS domain and capable of enabling DNSSEC can issue themselves authenticable TLS certificates without having to line the pockets of the CAs. Server-side, support for the TLSA RR type this is all based on was added to the last update of BIND, which hit stable on Friday. Client side, support is available in Chrome and FireFox by various means. Other than throwing a big spanner into the works for the whole CA business model, this moves the responsibility for identifying the site owner from the CA to the DNS Registrar[*]. While the normal mode will be to have authenticity assured from the root, this does in principle permit any number of DLV-style trust anchors. Whether that can be parlayed into PGP style web-of-trust is an interesting question. Hey! thats pretty cool. Thanks for the information Matt. -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/openssh-portable HPN 404
Yeah I was told about that earlier on today. This version is closer to 5.8 so its an easy patch to fix multiple vulns. Not really meant as an end solution. On Thu, May 31, 2012 at 05:51:19AM +, Michael Scheidell wrote: There is a pr already for 6.0 that needs submitter fixes. Search gnats for prs owned by scheidell. -- Michael Scheidell, CTO |SECNAP Network Security -Original message- From: Jason Hellenthal jhellent...@dataix.net To: Michael Scheidell scheid...@freebsd.org Cc: freebsd-ports@freebsd.org freebsd-ports@freebsd.org Sent: Thu, May 31, 2012 03:38:32 GMT+00:00 Subject: Re: security/openssh-portable HPN 404 You guys may want to try these out... This updates to openssh-portable-5.9p1_2,1 See the attached config file for the options I tested with. If you want something else and it does not work feel free to email me directly and I will see what I can do. I don't have time to put this up publicly yet but will soon. On Wed, May 30, 2012 at 09:44:13PM -0400, Michael Scheidell wrote: On 5/30/12 9:25 PM, Bryan Drewery wrote: cd /usr/ports/security/openssh-portable fetchhttp://www.freebsd.org/cgi/query-pr.cgi?pr=ports%2F168306getpatch=1 patch patch-openssh-hpn-mirror.txt actually, the in the command line mucks things up. this should work: cd /usr/ports/security/openssh-portable fetch -o - 'http://www.freebsd.org/cgi/query-pr.cgi?pr=ports%2F168306getpatch=1' | patch (-o is output file.. unless you want a strange file hanging around, - means stdout, | patch just pipes standard out to in and to patch. -- Michael Scheidell, CTO *| * SECNAP Network Security Corporation d: +1.561.948.2259 w: http://people.freebsd.org/~scheidell ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- - (2^(N-1)) -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: [ GSOC ] Differences in shell behaviour
On Thu, May 31, 2012 at 11:21:10PM +0400, Alexander Pronin wrote:
Hello everyone!
I am GSOC student at FreeBSD Project.
So my GSOC Project is Parallelization in the ports collection.
You may checkout wiki page of this project:
http://wiki.freebsd.org/SummerOfCode2012/Parallelization_in_the_ports_collection
Is it suitable to write sh script for 9.0, that does not work in 8.3?
To sum up, the scenario is as following:
I need to spawn some processes in background to build port's dependencies.
Store their pids.
Wait for a while or do some stuff.
explore exit codes of spawned processes by their pids.
The problem is:
### sh in 8.3
$ false pid=$!
$
[1] Done (1)false
$ wait ${pid}
wait: No such job: 4852
I don't see this behavior on 8.3-STABLE @r236350 i386
---
Console false pid=$!
Console wait ${pid}
[1] Done (1)false
Console echo $?
1
Console
Using (builtin false) or (/usr/bin/false) I get the same results. Is
this a GENERIC system your working on ? And is this a blank user account
with no login.conf or profile modifications ?
---
ident /bin/sh ... for reference.
/bin/sh:
$FreeBSD: stable/8/lib/csu/i386-elf/crti.S 146369 2005-05-19 07:31:06Z dfr
$
$FreeBSD: stable/8/lib/csu/i386-elf/crtn.S 146369 2005-05-19 07:31:06Z dfr
$
$FreeBSD: stable/8/lib/csu/i386-elf/crt1_s.S 217470 2011-01-16 10:41:47Z
kib $
$FreeBSD: stable/8/lib/csu/common/crtbrand.c 174251 2007-12-04 12:18:43Z
kib $
$FreeBSD: stable/8/bin/sh/alias.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/sh/arith.y 213390 2010-10-03 21:56:20Z jilles $
$FreeBSD: stable/8/bin/sh/arith_lex.l 234001 2012-04-07 20:52:21Z jilles $
$FreeBSD: stable/8/bin/sh/cd.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/sh/bltin/echo.c 127958 2004-04-06 20:06:54Z markm $
$FreeBSD: stable/8/bin/sh/error.c 214123 2010-10-21 01:13:41Z obrien $
$FreeBSD: stable/8/bin/sh/eval.c 231086 2012-02-06 13:36:49Z dumbbell $
$FreeBSD: stable/8/bin/sh/exec.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/sh/expand.c 218992 2011-02-24 10:23:22Z brucec $
$FreeBSD: stable/8/bin/sh/histedit.c 217485 2011-01-16 22:10:18Z jilles $
$FreeBSD: stable/8/bin/sh/input.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/sh/jobs.c 08 2011-05-22 22:28:07Z jilles $
$FreeBSD: stable/8/bin/sh/mail.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/sh/main.c 222452 2011-05-29 15:07:53Z jilles $
$FreeBSD: stable/8/bin/sh/memalloc.c 214190 2010-10-21 23:45:57Z obrien $
$FreeBSD: stable/8/bin/sh/miscbltin.c 213390 2010-10-03 21:56:20Z jilles $
$FreeBSD: stable/8/bin/sh/mystring.c 213390 2010-10-03 21:56:20Z jilles $
$FreeBSD: stable/8/bin/sh/options.c 221515 2011-05-05 22:07:02Z jilles $
$FreeBSD: stable/8/bin/sh/output.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/sh/parser.c 221522 2011-05-06 12:49:32Z jilles $
$FreeBSD: stable/8/bin/sh/redir.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/sh/show.c 214113 2010-10-20 18:25:00Z obrien $
$FreeBSD: stable/8/bin/test/test.c 220250 2011-04-01 18:23:44Z delphij $
$FreeBSD: stable/8/bin/sh/trap.c 231086 2012-02-06 13:36:49Z dumbbell $
$FreeBSD: stable/8/bin/sh/var.c 231531 2012-02-11 20:37:08Z jilles $
/usr/bin/false:
$FreeBSD: stable/8/lib/csu/i386-elf/crti.S 146369 2005-05-19 07:31:06Z dfr
$
$FreeBSD: stable/8/lib/csu/i386-elf/crtn.S 146369 2005-05-19 07:31:06Z dfr
$
$FreeBSD: stable/8/lib/csu/i386-elf/crt1_s.S 217470 2011-01-16 10:41:47Z
kib $
$FreeBSD: stable/8/lib/csu/common/crtbrand.c 174251 2007-12-04 12:18:43Z
kib $
$FreeBSD: stable/8/usr.bin/false/false.c 07 2003-02-19 00:10:28Z peter
$
---
### sh in releng9
$ false pid=$!
$
[1] Done(1) false
$ wait ${pid}
$ echo $?
1
$
I am currently working in releng9 environment, so the result suits my needs.
But, is it suitable to write sh script for 9.0, that does not work in 8.3?
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
--
- (2^(N-1))
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/openssh-portable HPN 404
You guys may want to try these out...
This updates to openssh-portable-5.9p1_2,1
See the attached config file for the options I tested with. If you want
something else and it does not work feel free to email me directly and
I will see what I can do.
I don't have time to put this up publicly yet but will soon.
On Wed, May 30, 2012 at 09:44:13PM -0400, Michael Scheidell wrote:
On 5/30/12 9:25 PM, Bryan Drewery wrote:
cd /usr/ports/security/openssh-portable
fetchhttp://www.freebsd.org/cgi/query-pr.cgi?pr=ports%2F168306getpatch=1
patch patch-openssh-hpn-mirror.txt
actually, the in the command line mucks things up.
this should work:
cd /usr/ports/security/openssh-portable
fetch -o -
'http://www.freebsd.org/cgi/query-pr.cgi?pr=ports%2F168306getpatch=1'
| patch
(-o is output file.. unless you want a strange file hanging around, -
means stdout, | patch just pipes standard out to in and to patch.
--
Michael Scheidell, CTO
*| * SECNAP Network Security Corporation
d: +1.561.948.2259
w: http://people.freebsd.org/~scheidell
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
--
- (2^(N-1))
=== The following configuration options are available for
openssh-portable-5.9.p1_2,1:
BSM=on: Enable OpenBSM Auditing
FILECONTROL=off: Enable file control patch (broken)
HPN=on: Enable HPN-SSH patch
KERBEROS=off: Enable kerberos (autodetection)
KERB_GSSAPI=off: Enable Kerberos/GSSAPI patch (req: GSSAPI)
LIBEDIT=on: Enable readline support to sftp(1)
LPK=off: Enable LDAP Public Key (LPK) patch
OPENSSH_CHROOT=on: Enable CHROOT support
OVERWRITE_BASE=off: OpenSSH overwrite base
PAM=on: Enable pam(3) support
TCP_WRAPPERS=on: Enable tcp_wrappers support
X509=off: Enable x509 certificate patch
=== Use 'make config' to modify these settings
diff -urN security/openssh-portable-5.8p2/Makefile security/openssh-portable/Makefile
--- security/openssh-portable-5.8p2/Makefile 2012-05-01 05:56:31.0 -0400
+++ security/openssh-portable/Makefile 2012-05-30 20:01:26.493449509 -0400
@@ -6,9 +6,9 @@
#
PORTNAME= openssh
-DISTVERSION= 5.8p2
-PORTREVISION= 2
-PORTEPOCH= 1
+DISTVERSION= 5.9p1
+PORTREVISION= 2
+PORTEPOCH= 1
CATEGORIES= security ipv6
MASTER_SITES= ${MASTER_SITE_OPENBSD}
MASTER_SITE_SUBDIR= OpenSSH/portable
@@ -42,7 +42,6 @@
OPTIONS= PAM Enable pam(3) supporton \
TCP_WRAPPERS Enable tcp_wrappers support on \
LIBEDIT Enable readline support to sftp(1) on \
- SUID_SSH Enable suid SSH (Recommended off) off \
BSM Enable OpenBSM Auditing off \
KERBEROS Enable kerberos (autodetection) off \
KERB_GSSAPI Enable Kerberos/GSSAPI patch (req: GSSAPI) off \
@@ -87,10 +86,6 @@
CONFIGURE_ARGS+= --with-libedit
.endif
-.if !defined(WITH_SUID_SSH)
-CONFIGURE_ARGS+= --disable-suid-ssh
-.endif
-
.if defined(WITH_BSM)
CONFIGURE_ARGS+= --with-audit=bsm
.endif
@@ -119,7 +114,7 @@
.if defined(WITH_HPN)
PATCH_SITES+= http://www.psc.edu/networking/projects/hpn-ssh/
-PATCHFILES+= ${PORTNAME}-5.8p1-hpn13v11.diff.gz
+PATCHFILES+= ${PORTNAME}-5.9p1-hpn13v12.diff.gz
PATCH_DIST_STRIP=
.endif
@@ -194,11 +189,9 @@
-e 's|%%RC_SCRIPT_NAME%%|${RC_SCRIPT_NAME}|' ${WRKSRC}/sshd.8
@${REINPLACE_CMD} -E -e 's|SSH_VERSION|TMP_SSH_VERSION|' \
-e 's|.*SSH_RELEASE.*||' ${WRKSRC}/version.h
- @${ECHO_CMD} '#define FREEBSD_PORT_VERSION FreeBSD-${PKGNAME}' \
- ${WRKSRC}/version.h
- @${ECHO_CMD} '#define SSH_VERSION TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' \
+ @${ECHO_CMD} '#define SSH_VERSION TMP_SSH_VERSION SSH_PORTABLE' \
${WRKSRC}/version.h
- @${ECHO_CMD} '#define SSH_RELEASE TMP_SSH_VERSION SSH_PORTABLE FREEBSD_PORT_VERSION' \
+ @${ECHO_CMD} '#define SSH_RELEASE TMP_SSH_VERSION SSH_PORTABLE' \
${WRKSRC}/version.h
.if defined(WITH_HPN)
@${REINPLACE_CMD} -e 's|TMP_SSH_VERSION SSH_PORTABLE|TMP_SSH_VERSION SSH_PORTABLE SSH_HPN|' \
diff -urN security/openssh-portable-5.8p2/distinfo security/openssh-portable/distinfo
--- security/openssh-portable-5.8p2/distinfo 2011-10-21 12:18:56.0 -0400
+++ security/openssh-portable/distinfo 2012-05-30 19:07:47.129970365 -0400
@@ -1,8 +1,4 @@
-SHA256 (openssh-5.8p2.tar.gz) = 5c35ec7c966ce05cc4497ac59c0b54a556e55ae7368165cc8c4129694654f314
-SIZE (openssh-5.8p2.tar.gz) = 1115475
-SHA256 (openssh-5.8p1-hpn13v11.diff.gz) = 62b500d29d8889ce76c8b596eb65731d8ac3469d89d9c6eb29fec2a845159df7
-SIZE (openssh-5.8p1-hpn13v11.diff.gz) = 22993
-SHA256 (openssh-5.8p1+x509-7.0.diff.gz) = 3b578cbf69f25e630e8da52b6586a36c62c0c7ce026f95acda91c023dc47c85b
-SIZE (openssh-5.8p1+x509-7.0.diff.gz) = 184277
-SHA256 (openssh-5.7p1-gsskex-all-20110125.patch) = bfdc72c3d7d5d4f9f8a78b649988dff8fad780cfa72bad4a69eb94c54de9a359
-SIZE (openssh-5.7p1-gsskex-all-20110125.patch) = 91889
+SHA256
ircII distfile fetch failing (new location or found here)
http://ftp.netbsd.org/pub/pkgsrc/distfiles/ircii-2015.tar.bz2 -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Imagemagick: FAIL: Magick++/tests/averageImages.sh
On Sat, May 26, 2012 at 10:16:11PM -0400, Robert Huff wrote: Doug Barton writes: What would be helpful to diagnose this? I'm on current r236118 I'm getting failures on tests also, whether I use clang, gcc42 of gcc46. (System: FreeBSD 10.0-CURRENT #0: Sun Mar 11 08:20:02 EDT 2012 amd64 ) As a matter of fact I have had failures on 1-3 of the tests that have run for quite some time. I turned them off -- no problem. I must not be using the functionality that the tests were testing for so I really don't care. If something breaks or isnt working right... and uses Magick++ then it might be time to look into it then but I have not seen any significant failure just due to them failing. -- - (2^(N-1)) pgpAadmnThjnV.pgp Description: PGP signature
Re: PHP 5.4.0 : lang/php54
On Mon, May 21, 2012 at 06:40:11PM +0200, Miroslav Lachman wrote: Jason Hellenthal wrote: On Mon, May 21, 2012 at 11:38:50AM -0400, Michael Scheidell wrote: On 5/21/12 11:36 AM, Chris Rees wrote: When would have been a better time? after it was regression tested? after the security posture (susosin patch) wasn't downgraded? after a announcement in ports/UPDATING saying it will become the default no later than ...XX...XX...XX days be prepared! I think that the best will be to not have any default php5 port and just use php52, php53, php54, php5X, php60... as we have apache20, apache22, apache24, or mysql50-server, mysql51-server, mysql55-server. There is no default apache2 or mysql5-server, so there is no confusion what is / what will be installed. Then it can be choosed in make.conf what version will be used as default, similar to WITH_MYSQL_VER=51 or APACHE_PORT=www/apache22 I agree. This does seem like a very sane option. -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Smokeping failure
This has nothing to do with the webserver configuration. This is a build failure due to a missing depend. On Mon, May 14, 2012 at 11:32:16AM -0400, Lowell Gilbert wrote: Darin derw...@naebunny.net writes: It's apparently failing on the absence of FCGI or CGI::Fast. Any idea why this is happening all of a sudden? I don't use (or know anything about) smokeping, but I did notice the new entry in UPDATING saying that such configurations were preferred, and pointing to the documentation. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: portsnap.FreeBSD.org is now geodns-enabled
On Sat, May 12, 2012 at 07:44:25AM -0700, Colin Percival wrote:
Hi all,
The portsnap.FreeBSD.org SRV records now point at the magic geodns endpoints,
so users outside of North America will probably end up using a mirror in one
of {Ireland, Tokyo, Singapore, Sao Paulo}. Please let me know if you run into
any problems.
Thank you.
I will be writing a blog post about this in the upcoming days, so please don't
ask me to provide all the details right now. :-)
And thank you again.
Nice work! now I can portsnap tarsnap really quick! ;)
--
- (2^(N-1))
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: problem running pkg_delete
On Sat, May 12, 2012 at 02:24:16PM -0400, Robert Huff wrote: Suddenly I'm getting: pkg_delete: the package info for package Source is corrupt Any ideas? I would inspect the contents of the package directory in question. /var/db/pkg/Source/??? Does it differ from any of the other directories... If so rm -rf /var/db/pkg/Source and then reinstall the same version you had installed before and you should be fine to do whatever it is you are doing... There is not much info here... which leads to guessing. -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: problem running pkg_delete
On Sat, May 12, 2012 at 06:31:44PM -0500, Stephen Montgomery-Smith wrote: On 05/12/2012 06:25 PM, Stephen Montgomery-Smith wrote: On 05/12/2012 01:24 PM, Robert Huff wrote: Suddenly I'm getting: pkg_delete: the package info for package Source is corrupt Any ideas? Is it possible that you created a directory by accident inside /var/db/pkg called Source? Also, I am trying to look through the source code in pkg_delete to see what could have created this message. As best as I can tell, this message must have been created by the function matchallbyorigin in /usr/src/usr.sbin/pkg_install/lib/match.c which was called by the function pkg_do in /usr/src/usr.sbin/pkg_install/delete/perform.c. The source code for pkg_do contains the disclaimer This is seriously ugly code following. Written very fast! Do you remember at all the command you typed that created this message? You would probably get the same message from: mkdir /var/db/pkg/Source pkg_delete Source Try it out! -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Please test geodns.portsnap.freebsd.org
There is no A record @8.8.8.8 or @8.8.4.4 or at the root servers. or here: dig +short @72.52.71.1 geodns.portsnap.freebsd.org A dig +short @38.103.2.1 geodns.portsnap.freebsd.org A dig +short @63.243.194.1 geodns.portsnap.freebsd.org A Maybe this hasnt propogated yet ? or is it @ 127.0.0.1 ;) On Fri, May 11, 2012 at 08:54:17PM -0700, Colin Percival wrote: Hi all, Please test: # portsnap fetch -s geodns.portsnap.freebsd.org If you experience any problems, please let me know where you are, which mirror was selected, and what address `host -t a $mirror` returns for it. (As the name suggests, different people should will get different mirrors.) -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- - (2^(N-1)) pgpWOASpXYM1J.pgp Description: PGP signature
Re: Please test geodns.portsnap.freebsd.org
On Fri, May 11, 2012 at 09:55:13PM -0700, Colin Percival wrote: On 05/11/12 21:54, Jason Hellenthal wrote: There is no A record @8.8.8.8 or @8.8.4.4 or at the root servers. There's not supposed to be an A record. Portsnap should work anyway... it uses SRV. :-) Aaah! you got me there. Confused with the request of host -t a $mirror As that will always return: Console host -t a geodns.portsnap.freebsd.org Host geodns.portsnap.freebsd.org not found: 3(NXDOMAIN) Anyway... coming from: portsnap fetch -s geodns.portsnap.freebsd.org [...] Fetching snapshot tag from geodns-1.portsnap.freebsd.org... done. [...] traceroute -a geodns-1.portsnap.freebsd.org [...Hop 1 2 Removed...] 3 [AS65534] 10.179.128.1 (10.179.128.1) 29.264 ms 17.160 ms 19.436 ms 4 [AS20115] dtr01hlldmi-gbe-1-15.hlld.mi.charter.com (96.34.36.6) 19.179 ms 26.340 ms 20.013 ms 5 * [AS20115] crr02aldlmi-tge-0-2-0-2.aldl.mi.charter.com (96.34.32.76) 20.143 ms 16.769 ms 6 [AS20115] bbr01aldlmi-tge-0-1-0-3.aldl.mi.charter.com (96.34.2.216) 19.888 ms 17.378 ms 29.909 ms 7 [AS20115] bbr01chcgil-tge-0-2-0-6.chcg.il.charter.com (96.34.0.99) 29.639 ms 17.517 ms 30.024 ms 8 [AS20115] prr01chcgil-tge-0-1-0-1.chcg.il.charter.com (96.34.3.200) 19.815 ms 27.360 ms 19.918 ms 9 [AS6939] v201.core1.chi1.he.net (216.66.73.241) 29.967 ms 37.066 ms 29.795 ms 10 [AS6939] 64.71.148.238 (64.71.148.238) 19.928 ms 27.328 ms 29.942 ms 11 [AS26943] update5.freebsd.org (204.9.55.80) 19.831 ms 27.494 ms 19.926 ms Hope this helps. -- Colin Percival Security Officer, FreeBSD | freebsd.org | The power to serve Founder / author, Tarsnap | tarsnap.com | Online backups for the truly paranoid -- - (2^(N-1)) pgp2Rfr5FtBbF.pgp Description: PGP signature
[jhellent...@dataix.net: database/rrdtool = 1.4.6]
I meant to send this here too!. - Forwarded message from Jason Hellenthal jhellent...@dataix.net - Date: Wed, 9 May 2012 03:59:18 -0400 From: Jason Hellenthal jhellent...@dataix.net To: syl...@freebsd.org Subject: database/rrdtool = 1.4.6 Sylvio, Ports, After the recent bump of rrdtool to 1.4.7 it has been broken on stable/8 i386. I am unsure if it is broken elsewhere but the nature of the errors leads me to believe it is. Default configuration fails to configure properly and does not find libs that it has readily available that version 1.4.5 is still able to configure with. The JSON third party patch fails to apply for versions 1.4.6 and 1.4.7 Both 1.4.6 and 1.4.7 have errors in finding libs for glib, cairo, xml2 and I believe two others. Also somewhere in configure there is an error running sed(1) and end up in an /bin/sed: File not found Fortunately the sed(1) is easy to get around just using a temporary symlink to beat through to the other errors but from what I see it may just be it needs to use a GNU specific program like gsed(1) instead. Hope this helps a little and hope someone looks into this soon... -- - (2^(N-1)) - End forwarded message - -- - (2^(N-1)) ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: textproc/p5-XML-SAX: prerequisite XML::SAX::Base 1.05 not found
On Wed, May 09, 2012 at 09:21:38AM +0200, kron wrote: On 2012/05/09 08:16, Rainer Hurling wrote: When I try to update textproc/p5-XML-SAX I get the following warning: portmaster p5-XML-SAX-0.96 === Currently installed version: p5-XML-SAX-0.96 === Port directory: /usr/ports/textproc/p5-XML-SAX === Gathering distinfo list for installed ports === Launching 'make checksum' for textproc/p5-XML-SAX in background === Gathering dependency list for textproc/p5-XML-SAX from ports === Initial dependency check complete for textproc/p5-XML-SAX === Starting build for textproc/p5-XML-SAX === === All dependencies are up to date === Cleaning for p5-XML-SAX-0.99 === License check disabled, port has not defined LICENSE === Extracting for p5-XML-SAX-0.99 = SHA256 Checksum OK for XML-SAX-0.99.tar.gz. === p5-XML-SAX-0.99 depends on file: /usr/local/bin/perl5.14.2 - found === Patching for p5-XML-SAX-0.99 === p5-XML-SAX-0.99 depends on file: /usr/local/bin/perl5.14.2 - found === p5-XML-SAX-0.99 depends on package: p5-XML-NamespaceSupport=0.03 - found === p5-XML-SAX-0.99 depends on package: p5-XML-SAX-Base=1.05 - found === p5-XML-SAX-0.99 depends on file: /usr/local/bin/perl5.14.2 - found === Configuring for p5-XML-SAX-0.99 Checking if your kit is complete... Looks good Warning: prerequisite XML::SAX::Base 1.05 not found. We have 1.04. Do you want XML::SAX to alter ParserDetails.ini? [Y] Accepting this choice it contiues with a failure: Writing Makefile for XML::SAX Writing MYMETA.yml === Building for p5-XML-SAX-0.99 cp SAX/PurePerl/Exception.pm blib/lib/XML/SAX/PurePerl/Exception.pm cp SAX/PurePerl/UnicodeExt.pm blib/lib/XML/SAX/PurePerl/UnicodeExt.pm cp SAX/ParserFactory.pm blib/lib/XML/SAX/ParserFactory.pm cp SAX/PurePerl/NoUnicodeExt.pm blib/lib/XML/SAX/PurePerl/NoUnicodeExt.pm cp SAX/PurePerl/DocType.pm blib/lib/XML/SAX/PurePerl/DocType.pm cp SAX/PurePerl/Reader/UnicodeExt.pm blib/lib/XML/SAX/PurePerl/Reader/UnicodeExt.pm cp SAX/DocumentLocator.pm blib/lib/XML/SAX/DocumentLocator.pm cp SAX/PurePerl/Reader/Stream.pm blib/lib/XML/SAX/PurePerl/Reader/Stream.pm cp SAX/PurePerl/EncodingDetect.pm blib/lib/XML/SAX/PurePerl/EncodingDetect.pm cp SAX.pm blib/lib/XML/SAX.pm cp SAX/PurePerl/DebugHandler.pm blib/lib/XML/SAX/PurePerl/DebugHandler.pm cp SAX/PurePerl/Productions.pm blib/lib/XML/SAX/PurePerl/Productions.pm cp SAX/PurePerl/XMLDecl.pm blib/lib/XML/SAX/PurePerl/XMLDecl.pm cp SAX/PurePerl/Reader/NoUnicodeExt.pm blib/lib/XML/SAX/PurePerl/Reader/NoUnicodeExt.pm cp SAX/PurePerl/Reader/String.pm blib/lib/XML/SAX/PurePerl/Reader/String.pm cp SAX/PurePerl/Reader/URI.pm blib/lib/XML/SAX/PurePerl/Reader/URI.pm cp SAX/PurePerl/DTDDecls.pm blib/lib/XML/SAX/PurePerl/DTDDecls.pm cp SAX/Intro.pod blib/lib/XML/SAX/Intro.pod cp SAX/PurePerl.pm blib/lib/XML/SAX/PurePerl.pm cp SAX/PurePerl/Reader.pm blib/lib/XML/SAX/PurePerl/Reader.pm Manifying blib/man3/XML::SAX::DocumentLocator.3 Manifying blib/man3/XML::SAX.3 Manifying blib/man3/XML::SAX::Intro.3 Manifying blib/man3/XML::SAX::PurePerl.3 Manifying blib/man3/XML::SAX::ParserFactory.3 Manifying blib/man3/XML::SAX::PurePerl::Reader.3 === Creating a backup package for old version p5-XML-SAX-0.96 pkg_delete: '/usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/ParserDetails.ini' fails original MD5 checksum - deleted anyway. === Installing for p5-XML-SAX-0.99 === Generating temporary packing list === Checking if textproc/p5-XML-SAX already installed Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/ParserFactory.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/DocumentLocator.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/Intro.pod Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/Exception.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/UnicodeExt.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/NoUnicodeExt.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/DocType.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/EncodingDetect.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/DebugHandler.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/Productions.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/XMLDecl.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/DTDDecls.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/Reader.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/Reader/UnicodeExt.pm Installing /usr/local/lib/perl5/site_perl/5.14.2/XML/SAX/PurePerl/Reader/Stream.pm Installing
security/pulledpork p5-Switch with perl 5.14.2
Switch's use in perl has been deprecated for some time now. On one hand pulledpork has made use of p5-Switch but yet does not require it as a runtime dependancy. Could you update the port to require lang/p5-Switch please ? Thanks -- ;s =; pgpIVdeQTqpHU.pgp Description: PGP signature
devel/subversion 1.7.4_1 svnversion errors E200030: sqlite: callback requested query abort
After going through a few problem solving sessions with subversion and the errors it prints doing a svnversion on /usr/src/sys E200030: sqlite: callback requested query abort I came to the conclusion that either svnversion is broken in its path discovery or they are implying a new syntax on which svnversion should be used. newvers.sh calls svnversion on (.) while in /usr/src/sys which omits the error: E200030: sqlite: callback requested query abort. If svnversion is called on the root directory /usr/src there is no error so I believe either we need to adjust newvers.sh to work on (../) or create a patch for the current subversion to adjust svnversions path discovery. Keep in mind that I have already been through (svn cleanup) and other such methods of trying to fix this. Console# sqlite3 .svn/wc.db pragma integrity_check ok Console# cd /usr/src/sys/ Console# svnversion svn: E200030: sqlite: callback requested query abort svn: E200030: sqlite: callback requested query abort Console# svnversion ../ 234182M There have been reports that a checkout after the upgrade to the newer subversion and sqlite3 that it solves the problem but I have not verified that at all. Working changes are currently fairly busy. Thoughts ? Suggestions ? -- ;s =; pgpDZZ0m8Kh41.pgp Description: PGP signature
Re: devel/subversion 1.7.4_1 svnversion errors E200030: sqlite: callback requested query abort
In 1.7 and upgrade results in only one .svn directory located in /usr/src/.svn. On Thu, Apr 12, 2012 at 07:53:15PM +0200, Mel Flynn wrote: On 4/12/2012 17:30, Jason Hellenthal wrote: Console# sqlite3 .svn/wc.db pragma integrity_check ok Does that mean /usr/src/sys/.svn is a directory? -- Mel -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: PICO port
Open your eyes editors/pico-alpine find(1) or ports-mgmt/psearch or ( make -C /usr/ports quicksearch name=... ) will help you in the future On Sun, Apr 01, 2012 at 11:25:35AM +0200, Jos Chrispijn wrote: I have been out of FreeBSD some time, but when installing BSD9 I can't locate pico anymore. What I did is: - portsnap fetch - portsnap extract - portsnap update but pico seems to be completely gone? Who can tell me what I oversee here? Jos Chrispijn ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
FW: [ast-users] Feature request: AST grep as shell built in
Just a heads up for everyone who may find this interesting... But
builtin grep and friends have now been added to ksh93...
- Forwarded message from Glenn Fowler g...@research.att.com -
Date: Fri, 30 Mar 2012 02:42:05 -0400
From: Glenn Fowler g...@research.att.com
To: g...@research.att.com, wendlin1...@googlemail.com
Cc: ast-us...@research.att.com, ast-develop...@research.att.com
Subject: Re: [ast-users] Feature request: AST grep as shell built in
X-Mailer: mailx (ATT/BSD) 9.9 2012-02-29
ast-cmdtst.2012-03-30.tgz md5 e84b44ba46bef61cf68c4d22dddf3b6b
source just posted to www.research.att.com/sw/download/beta/
it requires nmake to build so
you will need either the ast-base or ast-open package installed
download ast-cmdtst.2012-03-30.tgz lib/package/tgz
bin/package read
bin/package use # new ksh with viewpath env ready to build
cd cmdtst
nmake install
nmake test
then this line in a ksh script to test
builtin -f cmdtst grep egrep fgrep xargs
all of the standalone grep and xargs tests pass
but the builtin environment could introduce new bug vectors
--
don't ask me or the list how to build plugins without nmake
its encoded in the nmake rules and probe files
its portable to all target architectures (including linux hpux aix cygwin uwin
mvs macos)
it uses the same conditional-free makefile on all target architectures
it generates files using the native system file and directory naming conventions
in general ast { plugins, shared libraries, dlls } require nmake and
do not build with the bootstrap mamake/Mamfile
that's why bin/package always builds nmake first and then proceeds with the
remaining components
___
ast-users mailing list
ast-us...@research.att.com
https://mailman.research.att.com/mailman/listinfo/ast-users
- End forwarded message -
--
;s =;
pgpWcbGsYXnFi.pgp
Description: PGP signature
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/gnutls update when...
There are no problems with this that can be seen. Thank you Roman. On Sun, Mar 25, 2012 at 07:26:34PM +0400, Roman Bogorodskiy wrote: Jason Hellenthal wrote: Apparently this port has fell two versions behind. Is there anything that is going to happen to update it to the current stable version ? These advisories have been out for a week now. And the current version is 2.12.18. Database created: Sat Mar 24 13:15:03 EDT 2012 Affected package: gnutls-2.12.16 Type of problem: libtasn1 -- ASN.1 length decoding vulnerability. Reference: http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html Affected package: gnutls-2.12.16 Type of problem: gnutls -- possible overflow/Denial of service vulnerabilities. Reference: http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html 2 problem(s) in your installed packages found. The port was updated to 2.12.18 with some hacks to prevent shlib version bump. Please report if you have any problems with that. Roman Bogorodskiy -- ;s =; pgpUUO2M3j2FE.pgp Description: PGP signature
Re: new port request
Translation... On Mon, Mar 26, 2012 at 02:56:30PM -0400, AN wrote: I would like this to be a port I would like to request the following app be added to the ports tree. I am not a developer or I would try to do it myself. Here is its pirated address... Packet Tracer Version 5.3.3 www.mediafire.com/?sx7on7xjuowncl3 It is a Cisco application that is very helpful for learning networking, and studying for Cisco exams. It would be a useful tool to have on FreeBSD. Thanks in advance to anyone who may work on this. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
security/gnutls update when...
Apparently this port has fell two versions behind. Is there anything that is going to happen to update it to the current stable version ? These advisories have been out for a week now. And the current version is 2.12.18. Database created: Sat Mar 24 13:15:03 EDT 2012 Affected package: gnutls-2.12.16 Type of problem: libtasn1 -- ASN.1 length decoding vulnerability. Reference: http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html Affected package: gnutls-2.12.16 Type of problem: gnutls -- possible overflow/Denial of service vulnerabilities. Reference: http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html 2 problem(s) in your installed packages found. -- ;s =; pgp7BKEh337D3.pgp Description: PGP signature
Re: security/gnutls update when...
On Sat, Mar 24, 2012 at 01:52:45PM -0400, Ryan Steinmetz wrote: On (03/24/12 13:29), Jason Hellenthal wrote: Apparently this port has fell two versions behind. Is there anything that is going to happen to update it to the current stable version ? These advisories have been out for a week now. And the current version is 2.12.18. Database created: Sat Mar 24 13:15:03 EDT 2012 Affected package: gnutls-2.12.16 Type of problem: libtasn1 -- ASN.1 length decoding vulnerability. Reference: http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html Affected package: gnutls-2.12.16 Type of problem: gnutls -- possible overflow/Denial of service vulnerabilities. Reference: http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html 2 problem(s) in your installed packages found. -- ;s =; Jason, There is an update in progress (ports/166307). There is a shared library version bump that is part of the gnutls update and this requires a little extra scrutiny. This, combined with the upcoming 8.3 RELEASE is what is contributing to the delay. Thanks Ryan. Not to sound hasty I realize the release is coming and thought that to be most of the reason as well the shared bump, but I have already had to deal with a few ramifications from rand(lusers); I appreciate the feedback, it gives me at least something to work with. Thanks again. -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/gnutls update when...
On Sat, Mar 24, 2012 at 10:54:32AM -0700, Kevin Oberman wrote:
On Sat, Mar 24, 2012 at 10:29 AM, Jason Hellenthal
jhellent...@dataix.net wrote:
Apparently this port has fell two versions behind. Is there anything
that is going to happen to update it to the current stable version ?
These advisories have been out for a week now. And the current version
is 2.12.18.
Database created: Sat Mar 24 13:15:03 EDT 2012
Affected package: gnutls-2.12.16
Type of problem: libtasn1 -- ASN.1 length decoding vulnerability.
Reference:
http://portaudit.FreeBSD.org/2e7e9072-73a0-11e1-a883-001cc0a36e12.html
Affected package: gnutls-2.12.16
Type of problem: gnutls -- possible overflow/Denial of service
vulnerabilities.
Reference:
http://portaudit.FreeBSD.org/aecee357-739e-11e1-a883-001cc0a36e12.html
2 problem(s) in your installed packages found.
--
;s =;
Note that one of these problems is with libtasn1 and is not a gnutls
problems at all. So updating libtasn1actually fixes this one, although
the other does require an update to a version of gnutls that has yet
to be ported.
Only if it was installed or implied...
.if (defined(WITH_LIBTASN1) || exists(${LOCALBASE}/lib/libtasn1.so.4))
!defined(WITHOUT_LIBTASN1)
LIB_DEPENDS+= tasn1.4:${PORTSDIR}/security/libtasn1
.else
CONFIGURE_ARGS+=--with-included-libtasn1
.endif
--
;s =;
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: named/bind98... rather ports usage and base interaction.
On Sat, Mar 24, 2012 at 02:46:36PM -0700, Doug Barton wrote: On 3/23/2012 8:41 AM, Jason Hellenthal wrote: Hey Doug, Do you know of anything we could do to stop the following from happening ? Yes, see below. If you set world to build without BIND and it is your intention to use bind from ports... upon running (make delete-old) I don't like the delete-old stuff, and make no efforts to support it. That said, the solution to your problem is to not use WITHOUT_BIND, but to use the various other WITHOUT_BIND_* knobs, except for WITHOUT_BIND_ETC. Yes, this is clunky; no, I have no plans to change it. Jeeze that was simpler than I thought it was going to be... Thanks! Doug hth, Doug -- This .signature sanitized for your protection -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: named/bind98... rather ports usage and base interaction.
On Sat, Mar 24, 2012 at 02:46:36PM -0700, Doug Barton wrote: On 3/23/2012 8:41 AM, Jason Hellenthal wrote: Hey Doug, Do you know of anything we could do to stop the following from happening ? Yes, see below. If you set world to build without BIND and it is your intention to use bind from ports... upon running (make delete-old) I don't like the delete-old stuff, and make no efforts to support it. That said, the solution to your problem is to not use WITHOUT_BIND, but to use the various other WITHOUT_BIND_* knobs, except for WITHOUT_BIND_ETC. Yes, this is clunky; no, I have no plans to change it. Just to followup and say thanks again... This is what I was looking for. I ended up with just these to accomplish what I wanted on stable/8 machines: /etc/src.conf WITHOUT_BIND_DNSSEC=YES WITHOUT_BIND_LIBS_LWRES=YES WITHOUT_BIND_NAMED=YES WITHOUT_BIND_UTILS=YES And did not use: WITHOUT_BIND_ETC WITHOUT_BIND_MTREE Works as expected. Thanks again Doug. -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
named/bind98... rather ports usage and base interaction.
Hey Doug, Do you know of anything we could do to stop the following from happening ? If you set world to build without BIND and it is your intention to use bind from ports... upon running (make delete-old) from source it attempts to remove empty directories from /etc/named/*. When doing this it can only remove empty directories and since master slave usually will have something in it on most systems dynamic gets removed but left to be re-created from /etc/rc.d/named on the next boot. Do you think it would be possible to for say create a USING_BIND_FROM_PORTS make.conf var that could be compared during the (make delete-old) stage so it does not attempt to do anything with /etc/named/* ? but yet still allow it to operate on the rest of the stale files. Thanks. -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: named/bind98... rather ports usage and base interaction.
On Fri, Mar 23, 2012 at 04:52:48PM +, Chris Rees wrote: On 23 Mar 2012 15:41, Jason Hellenthal jhellent...@dataix.net wrote: Hey Doug, Do you know of anything we could do to stop the following from happening ? If you set world to build without BIND and it is your intention to use bind from ports... upon running (make delete-old) from source it attempts to remove empty directories from /etc/named/*. When doing this it can only remove empty directories and since master slave usually will have something in it on most systems dynamic gets removed but left to be re-created from /etc/rc.d/named on the next boot. Do you think it would be possible to for say create a USING_BIND_FROM_PORTS make.conf var that could be compared during the (make delete-old) stage so it does not attempt to do anything with /etc/named/* ? but yet still allow it to operate on the rest of the stale files. Would it be too hackish to have a file .keepme in the dynamic directory? I think that would be fine. But there are other cases too like if named.conf is still in its generic form then it would be removed as well as some other files that still may be of use for bind from ports. I think a more proper way would be to ignore neccesary base system files like /etc/named /var/named. This would make it easier for someone that was using base bind for a while to make an easy transition over ports bind without having to worry about the effects of delete-old. -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
net/asterisk sqlite* usage...
Attempting to understand why asterisk needs two versions of sqlite and
why even if sqlite3 is found sqlite2 is installed anyway...
This behavior does not seem to be quite correct and seems there should
be some (if) statements here to determine whether sqlite3 is installed
and then fallback and check to see if sqlite2 is installed and if none
are then inform the user and fall back to one or the other as the
default.
:...Makefile...:
.if !defined(WITH_SQLITE)
PLIST_SUB+= WITH_SQLITE=@comment
CONFIGURE_ARGS+= --without-sqlite \
--with-sqlite3=no
.else
PLIST_SUB+= WITH_SQLITE=
CONFIGURE_ARGS+= --with-sqlite
LIB_DEPENDS+= sqlite:${PORTSDIR}/databases/sqlite2 \
sqlite3:${PORTSDIR}/databases/sqlite3
.endif
--
;s =;
pgpUdDZh35jNr.pgp
Description: PGP signature
Re: net/asterisk sqlite* usage...
On Tue, Mar 20, 2012 at 03:58:23PM +0100, Florian Smeets wrote: On 20.03.2012 15:38, Jason Hellenthal wrote: Attempting to understand why asterisk needs two versions of sqlite and why even if sqlite3 is found sqlite2 is installed anyway... This behavior does not seem to be quite correct and seems there should be some (if) statements here to determine whether sqlite3 is installed and then fallback and check to see if sqlite2 is installed and if none are then inform the user and fall back to one or the other as the default. There are modules that require sqlite2 (res_config_sqlite, cdr_sqlite) and others that require sqlite3 (cdr_sqlite3, cel_sqlite3). BTW, in asterisk 10 sqlite3 is mandatory as they use it instead of BDB now. Sweet! good news. I have not been keeping up on this near as much as I should. Thanks for the feedback. Florian -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
net-mgmt/ettercap re-rolled
It seems this port has been re-rolled. This is what I currently have for the information on the port. SHA256 (ettercap-0.7.4.tar.gz) = 9b5abd2dad2b6df91658086ceed6962a6b985ac25de8fa38f0195d68639ba55b SIZE (ettercap-0.7.4.tar.gz) = 2718877 Please update. -- ;s =; pgp6tGLH43fIb.pgp Description: PGP signature
Re: net-mgmt/ettercap re-rolled
On Thu, Feb 09, 2012 at 06:23:22PM +, Chris Rees wrote: On 9 February 2012 16:09, Jason Hellenthal jh...@dataix.net wrote: It seems this port has been re-rolled. This is what I currently have for the information on the port. Have you a diff between old and new sources? I'm sure sunpoet will too, but if you could yell at upstream as well for fiddling tarballs that'd be great ;) No I did not have the original tar ball before it was re-rolled. I would suspect someone out there should have it though or at least the changes should be documented in the ettercap repo. Ill leave the yelling for sunpoet though. This is his ball. Chris SHA256 (ettercap-0.7.4.tar.gz) = 9b5abd2dad2b6df91658086ceed6962a6b985ac25de8fa38f0195d68639ba55b SIZE (ettercap-0.7.4.tar.gz) = 2718877 Please update. -- ;s =; -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: i386/164629: OpenSIPS package is not avaible
On Tue, Jan 31, 2012 at 11:06:05AM +, Matthew Seaman wrote: On 31/01/2012 11:01, Matthew Seaman wrote: In fact, this whole subject would be more appropriate for the freebsd-ports@freebsd.org list. Try asking again there. Oh dear me. How embarrassing... LoL I hate it when I do that ;) -- ;s =; pgp2E8y1xVoFJ.pgp Description: PGP signature
[joernc...@phenoelit.de: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability]
Please update this port.
- Forwarded message from joernchen of Phenoelit joernc...@phenoelit.de
-
Date: Mon, 30 Jan 2012 14:56:26 +0100
From: joernchen of Phenoelit joernc...@phenoelit.de
To: full-disclos...@lists.grok.org.uk, bugt...@securityfocus.com
Subject: [Full-disclosure] Advisory: sudo 1.8 Format String Vulnerability
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:9.0) Gecko/20111224
Thunderbird/9.0.1
Hi,
FYI, see attached.
cheers,
joernchen
--
joernchen ~ Phenoelit
joernc...@phenoelit.de ~ C776 3F67 7B95 03BF 5344
http://www.phenoelit.de ~ A46A 7199 8B7B 756A F5AC
Phenoelit Advisory wir-haben-auch-mal-was-gefunden #0815 +--++
[ Authors ]
joernchen joernchen () phenoelit de
Phenoelit Group (http://www.phenoelit.de)
[ Affected Products ]
sudo 1.8.0 - 1.8.3p1 (http://sudo.ws)
[ Vendor communication ]
2012-01-24 Send vulnerability details to sudo maintainer
2012-01-24 Maintainer is embarrased
2012-01-27 Asking maintainer how the fixing goes
2012-01-27 Maintainer responds with a patch and a release date
of 2012-01-30 for the patched sudo and advisory
2012-01-30 Release of this advisory
[ Description ]
Observe src/sudo.c:
void
sudo_debug(int level, const char *fmt, ...)
{
va_list ap;
char *fmt2;
if (level debug_level)
return;
/* Backet fmt with program name and a newline to make it a single
write */
easprintf(fmt2, %s: %s\n, getprogname(), fmt);
va_start(ap, fmt);
vfprintf(stderr, fmt2, ap);
va_end(ap);
efree(fmt2);
}
Here getprogname() is argv[0] and by this user controlled. So
argv[0] goes to fmt2 which then gets vfprintf()ed to stderr. The
result is a Format String vulnerability.
[ Example ]
/tmp $ ln -s /usr/bin/sudo %n
/tmp $ ./%n -D9
*** %n in writable segment detected ***
Aborted
/tmp $
A note regarding exploitability: The above example shows the result
of FORTIFY_SOURCE which makes explotitation painful but not
impossible (see [0]). Without FORTIFY_SOURCE the exploit is straight
forward:
1. Use formatstring to overwrite the setuid() call with setgid()
2. Trigger with formatstring -D9
3. Make use of SUDO_ASKPASS and have shellcode in askpass script
4. As askpass will be called after the formatstring has
overwritten setuid() the askepass script will run with uid 0
5. Enjoy the rootshell
[ Solution ]
Update to version 1.8.3.p2
[ References ]
[0] http://www.phrack.org/issues.html?issue=67id=9
[ end of file ]
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- End forwarded message -
--
;s =;
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
security/ipsec-tools files/patch8-utmp.diff
The subject listed port attempts to apply the patch via its $CWD but if $CWD is
not in not within the $MASTERDIR then the patch fails to apply. Please adjust
the following...
.if ${OSVERSION} 97
EXTRA_PATCHES=files/patch8-utmp.diff
.endif
To:
.if ${OSVERSION} 97
EXTRA_PATCHES=${MASTERDIR}/files/patch8-utmp.diff
.endif
Or:
.if ${OSVERSION} 97
EXTRA_PATCHES=${.CURDIR}/files/patch8-utmp.diff
.endif
Thanks
--
;s =;
pgpc7xhLW8dc8.pgp
Description: PGP signature
Re: xcb-util
On Wed, Jan 18, 2012 at 05:46:07PM -0600, ajtiM wrote: On Wednesday 18 January 2012 08:28:38 Volodymyr Kostyrko wrote: Subbsd wrote: I found two broken rebuild after upgrade xcb: pkg_libchk from sysutils/bsdadminscripts would point you to all ports that should be rebuilt. I ran pkg_libchk and I got: diablo-jdk-16 misses libz.so.4 Unrelated to the issue... FYI the above package provides what the below package is utilized for. diablo-jre-16 misses libz.so.4 and both misses liodbcinst.so ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
FW: p0f3 release candidate
Ports maintainers and other ideals might be interested in the following. It purely needs more eyes at this point. - Forwarded message from Michal Zalewski lcam...@coredump.cx - Date: Tue, 10 Jan 2012 01:23:08 -0800 From: Michal Zalewski lcam...@coredump.cx To: bugtraq bugt...@securityfocus.com, full-disclosure full-disclos...@lists.grok.org.uk Subject: [Full-disclosure] p0f3 release candidate Hi folks, I wanted to share the news of p0f v3, a complete rewrite and redesign of my passive fingerprinting tool. == Synopsis == P0f is a tool that utilizes an array of sophisticated, purely passive traffic fingerprinting mechanisms to identify the players behind any incidental TCP/IP communications (often as little as a single normal SYN) without interfering in any way. Some of its capabilities include: - Scalable and fast identification of the operating system and software on both endpoints of a vanilla TCP connection - especially in settings where NMap probes are blocked, too slow, unreliable, or would simply set off alarms. - Measurement of system uptime and network hookup, distance (including topology behind NAT or packet filters), user language preferences, and so on. - Automated detection of connection sharing / NAT, load balancing, and application-level proxying setups, - Detection of dishonest clients / servers that forge declarative statements such as X-Mailer or User-Agent. The tool can be operated in the foreground or as a daemon, and offers a simple real-time API for third-party components that wish to obtain additional information about the actors they are talking to. Common uses for p0f include reconnaissance during penetration tests; routine network monitoring; detection of unauthorized network interconnects in corporate environments; providing signals for abuse prevention tools; and miscellaneous forensics. == What's new == Version 3 is a complete rewrite, bringing you much improved SYN and SYN+ACK fingerprinting capabilities, auto-calibrated uptime measurements, completely redone databases and signatures, new API design, IPv6 support (who knows, maybe it even works?), stateful traffic inspection with thorough cross-correlation of collected data, application-level fingerprinting modules (for HTTP now, more to come), and a lot more. == Download / demo == Please visit: http://lcamtuf.coredump.cx/p0f3/ This is a release candidate, and my hope is to get folks to contribute signatures and help squash bugs. If all goes according to plan, this should progress to a final release in a week or two. Some issues are expected, so please report problems off-the-list. /mz ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ - End forwarded message - -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: www/firefox - firefox-9.0.1,1 crashes during start up with invalid system call
On Tue, Jan 03, 2012 at 03:41:05AM -1000, parv wrote: ++DOCSHELL 0x2d7cf800 == 1 ++DOMWINDOW == 3 (0x2d140708) [serial = 3] [outer = 0x0] zsh: invalid system call firefox Does this repeat if you change your shell to /bin/sh ? -- ;s =; ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
lang/gcc46
Hi Gerald, As a request once again similiar to one I have made in the past... Would it be possible yet to slow down the update process for the gcc46 port ? This is turning out to be quite the pain in the U-Know-What with version flapping and rebuilding because a port depends on it. If I am correct it is updated weekly. I caught the tail end of the previous update and the day after it was bumped to the next snapshot version by the time both of those were finished the port had once again been bumped to _1. Is there anything that could be done to stabalize this ... ? At this point I am left for the manual intervention of using +IGNOREME files or excluding by whatever means neccesary as weekly updates seem completely unneccesary now that alot of ports are shifting to depend on gcc46. Can a gcc46-devel port be branched for those that absolutely need the weekly updates ? Thanks, -- ;s =; pgp1rKoc41J2J.pgp Description: PGP signature
Re: again, ports that stop daemons
On Fri, Dec 09, 2011 at 01:25:25PM -0800, Doug Barton wrote: On 12/09/2011 13:18, Baptiste Daroussin wrote: On Sat, Dec 03, 2011 at 01:09:09AM +0200, Andriy Gapon wrote: on 02/12/2011 21:55 Baptiste Daroussin said the following: On Fri, Dec 02, 2011 at 08:38:05PM +0100, Torfinn Ingolfsen wrote: On Fri, Dec 2, 2011 at 1:13 PM, Andriy Gapon a...@freebsd.org wrote: Or that they simply quit doing that and instead print a message like Port X is deinstalled but it may have some processes running, please do Y and/or Z to find them and/or stop them. I prefer this suggestion. I also would prefer this. BTW, this part of my suggestion was inspired by the following: http://en.opensuse.org/SDB:Zypper_usage_11.3#Check_processes Not sure how that feature is implemented though. FYI, since a few minutes, pkgng handle rc scripts, disabled by default because I still consider this feature dangerous. to activate it is: HANDLE_RC_SCRIPTS=yes in pkg.conf I previously described what I thought was a pretty good way to handle this question that addressed the needs expressed by all of the posters on the previous thread, but my suggestion didn't get any responses. Since this has come up again, it would be helpful (to me at least) if people would think about my idea, and if nothing else tell me why I'm wrong. :) Quoting: Speaking only for myself I hate the idea of stopping/starting services automatically. However this feature is often requested, and is something that is provided by many other package systems. If we have people who are willing to do the work I think it's worth discussing how to do it properly. The way that I envision it working would be a 3-knob system. One knob to always restart the services, one to never do it; and then asking on a per-port basis, which should be the default. I can imagine portmaster detecting this option in the pre-build phase similarly to how it detects and warns about IS_INTERACTIVE now, and giving the user a menu of options for how to handle it. I'm happy to add more details if people are interested. Where this actually becomes interesting is not in the ports build/install process, which is pretty easy to deal with, but with package installs/deinstalls. I definitely think it's doable, what we probably want to do is put a knob for this in the port's Makefile, and handle the stop/start for both the port and the package with a little script that can be included in the package, and run with @exec and @unexec. Personally I think this is a little overboard... not your idea but the fact of trying to determine a function of restarting services for the user. If end-user is upgrading a package they should be prepared to take any neccesary action to start the services again after final actions are complete. Desperate services could have a periodic script that could handle the checks for these services and I strongly advise against taking any action whatsoever on starting or restarting or reloading. Stop the service if need be but never assume anything about starting a service without strict user interaction. If at all likelyness that this happens then I have one request... One simple knob that defaults to ``NO'' for restarting or starting or reloading. I think this is at least reasonable. pgpJw7e8whopf.pgp Description: PGP signature
dconf gconf wtfconf ?
Can anyone explain the difference or need for both of these ? ports/devel/gconf -( Should'nt this be the only one needed ? ) ports/devel/dconf I just noticed dconf installed on my system. Both of these have the same WWW: of: http://www.gnome.org/projects/gconf/ ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: error upgrading to firefox 7.0.1_2,1
Your build failed due to the enabled PROFILED build you enabled through make config. Either give your build user access to a running X server or turn profiled build off. On Fri, Oct 21, 2011 at 09:02:10AM +0200, Barbara wrote: I'm receiving an error even upgrading to the rollbacked version. This time during the tests: localhost.my.domain - - [21/Oct/2011 08:52:25] GET /js-input/string-validate- input.html HTTP/1.1 200 - TEST-UNEXPECTED-FAIL | automation.py | Exited with code -4 during test run INFO | automation.py | Application ran for: 0:01:45.274818 INFO | automation.py | Reading PID log: /tmp/tmpEVEBFzpidlog gmake: *** [profiledbuild] Error 252 *** Error code 1 Stop in /usr/ports/www/firefox. *** Error code 1 Stop in /usr/ports/www/firefox. ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade20111021- 66241-w5nsb3-0 env UPGRADE_TOOL=portupgrade UPGRADE_PORT=firefox-7.0.1,1 UPGRADE_PORT_VER=7.0.1,1 make WITH_PGO=1 WITH_OPTIMIZED_CFLAGS=1 DEPENDS_TARGET=package ** Fix the problem and try again. ** Listing the failed packages (-:ignored / *:skipped / !:failed) ! www/firefox (firefox-7.0.1,1) (unknown build error) Barbara ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Testing Wacom usb tablet with webcamd svn (and mypaint)
On Tue, Oct 11, 2011 at 06:47:16PM +0200, Juergen Lock wrote: On Tue, Oct 11, 2011 at 06:23:41PM +0200, Juergen Lock wrote: Hi! My dad likes to paint a bit so I got him a Wacom tablet as a present (Bamboo Pen Touch), and I thought I could help getting it working on FreeBSD while I was at it... [...] I guess I should have said getting it working on 8.x and later, I suppose the input-wacom port currently in ports still can be made to work with the old usb stack in 7.x. I might be missing something but does this tablet have a webcam built into it ? this is me not understanding the use of webcamd. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Testing Wacom usb tablet with webcamd svn (and mypaint)
On Tue, Oct 11, 2011 at 09:57:07PM +0200, Juergen Lock wrote: On Tue, Oct 11, 2011 at 09:39:52PM +0200, Hans Petter Selasky wrote: On Tuesday 11 October 2011 21:31:02 Juergen Lock wrote: On Tue, Oct 11, 2011 at 08:35:49PM +0200, Michal Varga wrote: On Tue, 2011-10-11 at 20:21 +0200, Juergen Lock wrote: No. webcamd has become kind of a misnomer, it's in fact just a `wrapper' for several kinds of Linux usb kernel drivers to run them in FreeBSD userland. (We have now at least webcams, dvb tuners, IR transceivers, and usb tablets. :) Oh god, thank you for mentioning this. I've been personally keeping webcamd out of my installations as we don't need no stinkin webcams here, but this is something completely different based on what you say (especially the Wacom support). Was there any push to rename webcamd to something more meaningful yet? I'm not aware of anything like that... In my talk at EuroBSDcon I said that webcamd might be renamed in the future. Does anyone have any good suggestions? Hmm thats tricky... usbd-linux? Can't think of something really good... Juergen usbsd ? ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
[jh...@dataix.net: security/hydra 7.0 add include path.]
Meant to CC ports.
- Forwarded message from Jason Hellenthal jh...@dataix.net -
Date: Mon, 26 Sep 2011 10:43:59 -0400
From: Jason Hellenthal jh...@dataix.net
To: cvs-...@yandex.ru
Subject: security/hydra 7.0 add include path.
When building the new hydra with options WITH_SSH you need to add
/usr/local/include to the to -I
This may be a temporary solution to work around line 34 of hydra.h but
it works.
.if defined(WITH_SSH)
LIB_DEPENDS+= ssh.4:${PORTSDIR}/security/libssh
CFLAGS+=-I/usr/local/include
.endif
- End forwarded message -
___
freebsd-ports@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
security/{nmap,zenmap} consolodation
Hi ohauer@ I was curious if you would be intnerested in consolidating security/zenmap into security/nmap with the options framework and deprecating security/zenmap since it continually falls pretty far behind newer versions of nmap in ports. I am fairly sure that within the next couple days I could come up with a prototype Makefile for this if you are interested or would like me to do so but I don't want to put any time into it if this will not happen. Let me know what you think. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/{nmap,zenmap} consolodation
On Mon, Jul 04, 2011 at 10:20:29PM +0100, Chris Rees wrote: On 4 Jul 2011 21:47, Eitan Adler li...@eitanadler.com wrote: On Mon, Jul 4, 2011 at 10:48 AM, Jason Hellenthal jh...@dataix.net wrote: Hi ohauer@ I was curious if you would be intnerested in consolidating security/zenmap into security/nmap with the options framework and deprecating security/zenmap since it continually falls pretty far behind newer versions of nmap in ports. Remember that with the OPTIONS framework only one package gets generated: whatever the default OPTION is. Not everyone wants the GUI and those who want the GUI may not want to build the port from source. Ok... so how about a master/slave port? That'd keep everything in sync. That would be perfect. I retract what I said about the options framework idea. That would take and awfulhack just to get around that and I personally would not like to see that happen. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: security/{nmap,zenmap} consolodation
On Mon, Jul 04, 2011 at 10:36:22PM +0200, Olli Hauer wrote: On 2011-07-04 16:48, Jason Hellenthal wrote: Hi ohauer@ I was curious if you would be intnerested in consolidating security/zenmap into security/nmap with the options framework and deprecating security/zenmap since it continually falls pretty far behind newer versions of nmap in ports. I am fairly sure that within the next couple days I could come up with a prototype Makefile for this if you are interested or would like me to do so but I don't want to put any time into it if this will not happen. Let me know what you think. I haven't touched zenmap because I don't use a gui on any of my FreeBSD machines (my gui replacement is parameter -oN / -oG and vi ;) Thats also the reason for me to keep the ports nmap/zenmap separate. Understandable. ;) If you have patches for zenmap or perhaps want to maintain zenmap I'm fine with it. Some people have mentioned a slave port. Would you mind if that happened ? ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
Re: Next commit... please correct UPDATING
ports, On Tue, Jun 07, 2011 at 03:06:28PM -0400, Jason Hellenthal wrote: Ports, etc... Would whomever checks in the next commit please fix the following entries in UPDATING 20110503 20110427 This was also supposed to say... by adding a ':' to the date sequence. -- Unity can only be manifested by the Binary. Unity itself and the idea of Unity are already two. -- Buddha Regards, (jhell) Jason Hellenthal ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to freebsd-ports-unsubscr...@freebsd.org
