using dpb for chroot builds
-current work, again. Doing chroot on distant hosts involves chroot, obviously... This doesn't work too well with sudo (the processes tends to be hard to kill, so if you've got to interrupt dpb, ouch). There are no exact instructions for using dpb in chroot settings. Obviously, you need a fairly complete chroot install (duh, including devices (so get rid of nosuid,nodev on that partition). For local host, put everything in the chroot, do the chroot manually, THEN build. For distant hosts, it's slightly simpler to connect as root, because then dpb can do chroot -u user /build *without* needing sudo, and hence resulting in distant makes that are trivial to ^Z/^C if the need arises... (-current gained changes to support that: initing a core runs whoami, thus it knows whether you're root on the distant machine, and if so, chroot runs directly without sudo).
Re: lock(1) timeout message deduplication
Hi Jean-Philippe,
Jean-Philippe Ouellet wrote on Wed, Mar 12, 2014 at 07:11:05PM -0400:
On Wed, Mar 12, 2014 at 11:09:14PM +0100, Ingo Schwarze wrote:
I don't really like the warnx(3) call from the bye() ALRM handler
either, but that's a separate matter.
Me neither.
Maybe something like this instead?
Your second try is incorrect, see below.
I prefer to not attempt to produce one big patch fixing everything
at once, but get things done in steps.
Your first patch (just fixing the double message and changing hi()
to not be a signal handler) was correct and solved a real issue.
Any OKs for that?
Yours,
Ingo
P.S.
Here are some more thoughts and suggestions regarding this program:
Index: lock.c
===
RCS file: /cvs/src/usr.bin/lock/lock.c,v
retrieving revision 1.27
diff -u -p -r1.27 lock.c
--- lock.c22 Aug 2013 04:43:40 - 1.27
+++ lock.c12 Mar 2014 23:02:36 -
@@ -61,13 +61,14 @@
#define TIMEOUT 15
-void bye(int);
-void hi(int);
+void time_remaining(void);
+void do_timeout(int);
struct timeval timeout;
struct timeval zerotime;
time_t nexttime; /* keep the timeout time */
int no_timeout; /* lock terminal forever */
+sig_atomic_t done;
According to the sigaction(3) manual, volatile sig_atomic_t would
be better. If i understand correctly, overzealous compilers might
otherwise optimize checks away.
extern char *__progname;
@@ -162,10 +163,10 @@ main(int argc, char *argv[])
}
/* set signal handlers */
- (void)signal(SIGINT, hi);
- (void)signal(SIGQUIT, hi);
- (void)signal(SIGTSTP, hi);
- (void)signal(SIGALRM, bye);
+ (void)signal(SIGINT, SIG_IGN);
+ (void)signal(SIGQUIT, SIG_IGN);
+ (void)signal(SIGTSTP, SIG_IGN);
+ (void)signal(SIGALRM, do_timeout);
ntimer.it_interval = zerotime;
ntimer.it_value = timeout;
@@ -183,10 +184,15 @@ main(int argc, char *argv[])
__progname, ttynam, hostname, sectimeout, date);
}
- for (cnt = 0;;) {
+ for (cnt = 0, done = 0;;) {
+ if (done) {
+ if (!no_timeout)
That condition is always true.
+ warnx(timeout);
+ _exit(1);
+ }
As we are no longer in a signal handler, the whole test can be
simplified to:
if (done)
errx(1, timeout);
However, either way is incorrect. There is a race condition.
The ALRM signal may arrive after the if(done), but before the
call to readpassphrase(). Yes, that's narrow, but still.
In that case, the lock utility will sit at the Key: prompt
for good, even though a timeout was requested.
Then you just hit enter at the Key: prompt, and bang,
it says timeout and gives you the shell. Ouch.
if (!readpassphrase(Key: , s, sizeof(s), RPP_ECHO_OFF) ||
*s == '\0') {
[...]
That said, i consider having a lock(1) utility time out stupid
in the first place. It is conceptually insecure. Would anybody
be opposed to either of the following changes?
1) On timeout and before exiting, send a -HUP signal to the
process group [i.e. kill(0, SIGHUP)]. That way, you get the
terminal back on timeout, but without the login shell still
open.
OR (i guess i'd even prefer that, the above seems slightly fragile):
2) Make -n the default and silently ignore the -t option.
The lock(1) utility still won't become a model of robustness and
security, but at least a bit safer. Right now, it is horribly
insecure by default. Imagine an operator being called away from
the terminal, quickly typing lock. How easy is it to forget -n?
Now if the attacker manages to distract the operator for 15 minutes,
he gets the shell for free.
Well, lock(1) is part of the 2BSD legacy, one of the few tools
remaining from that time. But i think we shouldn't be awestruck
but still ensure a minimum level of sanity.
I certainly don't feel like setting up the usual pipe(2) to self
and a select(2) or poll(2) loop merely to correctly implement a
feature that's an awful idea in the first place...
Yours,
Ingo
Re: Simple static testcgi.c
On Sat, Mar 01, 2014 at 02:27:44PM -0500, James Turner wrote: So I wanted to test out nginx and slowcgi. I started everything up and hit up localhost/cgi-bin/test-cgi. Whoops forgot to move /bin/sh into the chroot. Try again, shit forgot to chmod 555 test-cgi. heh, been there, done that :) I was complaining on IRC and tbert suggested I write a simple statically linked testcgi.c so people can easily verify cgi is up and working. That is what is attached. It just prints out the environment like test-cgi and printenv but is statically linked and doesn't require anything to be copied into the chroot. Also it's 555 by default so it just works. Is this so bad? yes, it's bad. The BINDIR is set since I have no idea where in /usr/src this should live or if this is even anything we want in source but here it is for those who don't want to mess around with moving things into the www chroot and just want to verify cgi (slowcgi in my case) is working. I would put it somewhere in a directory under usr.sbin/nginx/ and add a SUBDIR to Makefile.bsd-wrapper. So with httpd gone test-cgi is gone, too. I was thinking, cool, let's get this static C cgi program in. However, turns out we already have one in base, it's called bgplg. So to test if slowcgi is working chmod 555 /var/www/cgi-bin/bgplg and point your browser to http://localhost/cgi-bin/bgplg. It works perfectly fine for this scenario without a bgpd running. Make sure to chmod 000 it afterwards. -- I'm not entirely sure you are real.
Stop abusing rcvif pointer to pass wireless nodes
Diff below adds a new pointer to struct pkthdr to explicitly pass
some wireless nodes to the pointer without abusing the interface
pointer that I'd like to kill.
I kept and updated the comments saying that this way of passing the
corresponding node is a hack since using a dedicated pointer does
not change the design. Somebody will certainly dig into this at
some point :)
ok?
Index: dev/usb/if_athn_usb.c
===
RCS file: /home/ncvs/src/sys/dev/usb/if_athn_usb.c,v
retrieving revision 1.18
diff -u -p -r1.18 if_athn_usb.c
--- dev/usb/if_athn_usb.c 7 Aug 2013 01:06:41 - 1.18
+++ dev/usb/if_athn_usb.c 14 Mar 2014 11:49:43 -
@@ -2009,7 +2009,7 @@ athn_usb_start(struct ifnet *ifp)
/* Send pending management frames first. */
IF_DEQUEUE(ic-ic_mgtq, m);
if (m != NULL) {
- ni = (void *)m-m_pkthdr.rcvif;
+ ni = (struct ieee80211_node *)m-m_pkthdr.ni;
goto sendit;
}
if (ic-ic_state != IEEE80211_S_RUN)
Index: dev/usb/if_atu.c
===
RCS file: /home/ncvs/src/sys/dev/usb/if_atu.c,v
retrieving revision 1.105
diff -u -p -r1.105 if_atu.c
--- dev/usb/if_atu.c7 Mar 2014 18:39:02 - 1.105
+++ dev/usb/if_atu.c14 Mar 2014 11:49:43 -
@@ -2015,15 +2015,14 @@ atu_start(struct ifnet *ifp)
/*
* Hack! The referenced node pointer is in the
-* rcvif field of the packet header. This is
+* `ni' field of the packet header. This is
* placed there by ieee80211_mgmt_output because
* we need to hold the reference with the frame
* and there's no other way (other than packet
* tags which we consider too expensive to use)
* to pass it along.
*/
- ni = (struct ieee80211_node *)m-m_pkthdr.rcvif;
- m-m_pkthdr.rcvif = NULL;
+ ni = (struct ieee80211_node *)m-m_pkthdr.ni;
wh = mtod(m, struct ieee80211_frame *);
/* sc-sc_stats.ast_tx_mgmt++; */
Index: dev/usb/if_otus.c
===
RCS file: /home/ncvs/src/sys/dev/usb/if_otus.c,v
retrieving revision 1.38
diff -u -p -r1.38 if_otus.c
--- dev/usb/if_otus.c 7 Mar 2014 18:39:02 - 1.38
+++ dev/usb/if_otus.c 14 Mar 2014 11:49:43 -
@@ -1438,7 +1438,7 @@ otus_start(struct ifnet *ifp)
/* Send pending management frames first. */
IF_DEQUEUE(ic-ic_mgtq, m);
if (m != NULL) {
- ni = (void *)m-m_pkthdr.rcvif;
+ ni = (struct ieee80211_node *)m-m_pkthdr.ni;
goto sendit;
}
if (ic-ic_state != IEEE80211_S_RUN)
Index: dev/usb/if_ral.c
===
RCS file: /home/ncvs/src/sys/dev/usb/if_ral.c,v
retrieving revision 1.125
diff -u -p -r1.125 if_ral.c
--- dev/usb/if_ral.c7 Mar 2014 18:39:02 - 1.125
+++ dev/usb/if_ral.c14 Mar 2014 11:49:43 -
@@ -1255,8 +1255,7 @@ ural_start(struct ifnet *ifp)
}
IF_DEQUEUE(ic-ic_mgtq, m0);
- ni = (struct ieee80211_node *)m0-m_pkthdr.rcvif;
- m0-m_pkthdr.rcvif = NULL;
+ ni = (struct ieee80211_node *)m0-m_pkthdr.ni;
#if NBPFILTER 0
if (ic-ic_rawbpf != NULL)
bpf_mtap(ic-ic_rawbpf, m0, BPF_DIRECTION_OUT);
Index: dev/usb/if_rum.c
===
RCS file: /home/ncvs/src/sys/dev/usb/if_rum.c,v
retrieving revision 1.102
diff -u -p -r1.102 if_rum.c
--- dev/usb/if_rum.c7 Mar 2014 18:39:02 - 1.102
+++ dev/usb/if_rum.c14 Mar 2014 11:49:43 -
@@ -1274,8 +1274,7 @@ rum_start(struct ifnet *ifp)
}
IF_DEQUEUE(ic-ic_mgtq, m0);
- ni = (struct ieee80211_node *)m0-m_pkthdr.rcvif;
- m0-m_pkthdr.rcvif = NULL;
+ ni = (struct ieee80211_node *)m0-m_pkthdr.ni;
#if NBPFILTER 0
if (ic-ic_rawbpf != NULL)
bpf_mtap(ic-ic_rawbpf, m0, BPF_DIRECTION_OUT);
Index: dev/usb/if_run.c
===
RCS file: /home/ncvs/src/sys/dev/usb/if_run.c,v
retrieving revision 1.96
diff -u -p -r1.96 if_run.c
--- dev/usb/if_run.c7 Mar 2014 18:39:02 - 1.96
+++ dev/usb/if_run.c14 Mar 2014 11:49:43
s/httpd/nginx in rc.d/syslogd
ok?
Index: rc.d/syslogd
===
RCS file: /cvs/src/etc/rc.d/syslogd,v
retrieving revision 1.1
diff -u -p -r1.1 syslogd
--- rc.d/syslogd6 Jul 2011 18:55:36 - 1.1
+++ rc.d/syslogd14 Mar 2014 23:22:37 -
@@ -9,7 +9,7 @@ daemon=/usr/sbin/syslogd
pexp=syslogd: \[priv\]
rc_pre() {
- [ X${httpd_flags} != X-u ] rm -f /var/www/dev/log \
+ [ X${nginx_flags} != X-u ] rm -f /var/www/dev/log \
daemon_flags=${daemon_flags} -a /var/www/dev/log
[ X${named_flags} != XNO ] rm -f /var/named/dev/log \
daemon_flags=${daemon_flags} -a /var/named/dev/log
