Re: Deprecating base system ftpd?
On Mon, Apr 05, 2021 at 06:57:31PM +0300, Lev Serebryakov wrote: > On 05.04.2021 17:44, Cy Schubert wrote: > > > - remove ftp:// and http:// from libfetch. This is 2021 and we should all > > use https://. > Please, explain how to setup simple sever which allows upload and on-server > file management with https ;-) > > I know letters "WebDAV", but I don't know any ftp-like client for it. And > server is apache24, which is much more huge security target than simple ftpd. WebDAV is not simple, is not straight forward to use, and is not a FTP like setup for HTTP. I'd agree that libfetch requires ftp: and http: methods in it. The server set somebody runs may allow only modern stuff in it, but my network has items in it that only support the old stuff that can't be upgraded short of a forklift upgrade. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: possibly silly question regarding freebsd-update
On Tue, Mar 30, 2021 at 05:54:03PM +0100, tech-lists wrote: > it just threw me that the thing-that-was-updated didn't update its > version information when queried. Absent sources, how can I tell it > was updated (apart from freebsd-version -u) ? Comparing what the SA patch says it is doing at https://security.freebsd.org/patches/SA-21:07/openssl-12.patch appears to be only update the libcrypto library and not the openssl wrapper itself, you can verify that after the 12.2-p5 patch was installed that the file /lib/libcrypto.so.111 has been touched and is a newer date than what was on the machine prior to the patch. Yes, this takes some knowledge of the specific patch, and what parts contribute to what it is doing. I don't know the specific decisions on when RELEASE backports security patches vs. upgrading whole source trees. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: possibly silly question regarding freebsd-update
Like the patch referenced in the SA. https://security.FreeBSD.org/patches/SA-21:07/openssl-12.patch Again, it seems like confusion over what happens in RELEASE, STABLE and CURRENT.. On Tue, Mar 30, 2021 at 04:05:32PM +0200, Ruben via freebsd-stable wrote: > Hi, > > Did you mean 12.1-p5 or 12.2-p5 ? I'm asking because you refer to both > 12.1-p5 and 12.2-p5 (typo?). > > If you meant 12.2-p5: Perhaps the FreeBSD security team did not bump the > version, but "only" backported the patches to version 1.1.1h ? > > Regards, > > Ruben > > > On 3/30/21 3:35 PM, tech-lists wrote: > > Hi, > > > > Recently there was > > https://lists.freebsd.org/pipermail/freebsd-security/2021-March/010380.html > > about openssl. Upgraded to 12.2-p5 with freebsd-update and rebooted. > > > > What I'm unsure about is the openssl version. > > Up-to-date 12.1-p5 instances report OpenSSL 1.1.1h-freebsd 22 Sep 2020 > > > > Up-to-date stable/13-n245043-7590d7800c4 reports OpenSSL 1.1.1k-freebsd > > 25 Mar 2021 > > > > shouldn't the 12.2-p5 be reporting openssl 1.1.1k-freebsd as well? > > > > thanks, > ___ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Getting a new shell to work for the 'toor' user
On Mon, Jul 06, 2020 at 12:10:08PM -0700, Don Wilde wrote: > It works as an available shell in 'adduser', but when I tried to use it as a > recovery shell (see attached .odt), I ran into a problem. My fist pass was > to add /bin/stbash to the end of the toor line in master.passwd, but that > didn't change it even after a reboot. Did you run pwd_mkdb after you added it to master.passwd? ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Is it me or does FreeBSD (12.1 amd64) hang when I manually snapshot it in VSphere 6.7?
On Fri, May 22, 2020 at 12:31:29AM +0200, rai...@ultra-secure.de wrote: > subject says it all, basically. > > The system becomes totally unresponsive and has to be power-cycled. Not just you. Specificly, the behavior I see comes about only when Snapshot with a copy of the virtual machine's memory is done. With this box unchecked, there are no problems. I suspect some interaction with the kernel and the openvm-tool set. open-vm-tools-nox11-11.0.1_3,2 I'll upgrade to the latest open-vm-tools-nox11-11.1.0,2 and see if it does it. No change with that version (after a reboot). $ freebsd-version -kru 12.1-RELEASE-p5 12.1-RELEASE-p5 12.1-RELEASE-p5 vCenter server = 6.7U3g I think I'm a little behind on the hypervisor VMware ESXi, 6.7.0, 15160138 So, workaround I guess is to not snapshot the memory, just the disk snap. But still, it shouldn't do that. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: 11.3->12.1 upgrade, pwd db not rehashed after adding ntpd user?
On Wed, Dec 11, 2019 at 05:44:27PM -0800, Mel Pilgrim wrote: > I used freebsd-update to upgrade several 11.3-p5 systems to 12.1-p1. > The etc update process added the ntpd/ntpd user/group. It showed the > line changes in the plaintext passwd/group files, but the process > appears to omit the pwd_mkdb step. > > After the upgrade, ntpd fails to start: > > # service ntpd start > Starting ntpd. > su: unknown login: ntpd > /etc/rc.d/ntpd: WARNING: failed to start ntpd > > Running the usual pwd_mkdb command fixes the issue. I've had varied results with the same thing from 11.2 to 12.1. Sometimes it works, oftentimes it does not. pwd_mkdb does fix it up, but would be nice to not have to do that. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Crontab Question
No. Your CWD can't be copied to a PATH variable. For cronjobs, assume nothing. Hard code all path names. Assume the only things in the PATH are /bin:/usr/bin, otherwise give full path names to the programs you want to run. Assume no environmental variables are set, assume you are on the most basic setup possible (because you are). On Wed, Apr 10, 2019 at 04:34:49PM -0500, Software Info wrote: > I see. I had however copied the output of env to the etc/crontab PATH line. > Wouldn’t that care for an environment issue though? > > > Regards > SI > > Sent from Mail for Windows 10 > > From: Jonathan Chen > Sent: Wednesday, April 10, 2019 4:23 PM > To: Software Info > Cc: freebsd-stable@freebsd.org > Subject: Re: Crontab Question > > On Thu, 11 Apr 2019 at 09:14, Software Info wrote: > > > > OK. So although the script is located in my home directory, it doesn’t > > start there? > > Correct. You cannot make any assumptions about the environment. > -- > Jonathan Chen > > ___ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org" ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
