Re: Too much SUID/SGID files!
On Tuesday 06 January 2015, whoami toask wrote:
Hello,
isn't there too much SUID/SGID files on a default OpenBSD install?
Can this number be reduced?
Of course it can!
$ find / -perm -4000 -o -perm -2000 -exec chmod 0 {} \;
Example: why does wall, write, modstat need an SGID?
# uname -a
OpenBSD notebook.lan 5.6 GENERIC.MP#333 amd64
# find / -perm -4000 -o -perm -2000 -ls -print
78047 5856 -rwxr-sr-x1 root auth 2970920 Aug 6 21:45
/usr/X11R6/bin/xlock/usr/X11R6/bin/xlock 78068 1216 -rwxr-sr-x1 root
utmp 592056 Aug 6 22:09 /usr/X11R6/bin/xterm/usr/X11R6/bin/xterm
1147497 60 -r-xr-sr-x1 root kmem30200 Jul 31 11:50
/usr/local/bin/libgtop_server2/usr/local/bin/libgtop_server2 78031 32
-r-xr-sr-x1 root utmp15864 Jul 31 09:57
/usr/local/libexec/gnome-pty-helper/usr/local/libexec/gnome-pty-helper
155910 84 -r-xr-sr-x4 root crontab 41752 Aug 8 08:06
/usr/bin/at/usr/bin/at 155910 84 -r-xr-sr-x4 root crontab
41752 Aug 8 08:06 /usr/bin/atq/usr/bin/atq 155910 84 -r-xr-sr-x4
root crontab 41752 Aug 8 08:06 /usr/bin/atrm/usr/bin/atrm 155910
84 -r-xr-sr-x4 root crontab 41752 Aug 8 08:06
/usr/bin/batch/usr/bin/batch 155943 72 -r-xr-sr-x1 root crontab
36504 Aug 8 08:06 /usr/bin/crontab/usr/bin/crontab 156014 24
-r-xr-sr-x1 root auth11672 Aug 8 08:06
/usr/bin/lock/usr/bin/lock 156019 60 -r-xr-sr-x1 root daemon
28952 Aug 8 08:06 /usr/bin/lpq/usr/bin/lpq 156033 20 -r-xr-sr-x1
root _lkm 8952 Aug 8 08:06 /usr/bin/modstat/usr/bin/modstat
156035 292 -r-xr-sr-x1 root kmem 148216 Aug 8 08:06
/usr/bin/netstat/usr/bin/netstat 156093 24 -r-xr-sr-x1 root auth
11544 Aug 8 08:06 /usr/bin/skeyaudit/usr/bin/skeyaudit 156094 16
-r-xr-sr-x1 root auth 8184 Aug 8 08:06
/usr/bin/skeyinfo/usr/bin/skeyinfo 156095 44 -r-xr-sr-x1 root
auth20632 Aug 8 08:06 /usr/bin/skeyinit/usr/bin/skeyinit 156105
704 -r-xr-sr-x1 root _sshagnt 333656 Aug 8 08:07
/usr/bin/ssh-agent/usr/bin/ssh-agent 156112 284 -r-xr-sr-x1 root
kmem 144568 Aug 8 08:06 /usr/bin/systat/usr/bin/systat 156146 32
-r-xr-sr-x1 root tty 15928 Aug 8 08:06
/usr/bin/wall/usr/bin/wall 156152 28 -r-xr-sr-x1 root tty
13080 Aug 8 08:06 /usr/bin/write/usr/bin/write 103939 40 -r-xr-sr-x4
root _token 20344 Aug 8 08:06
/usr/libexec/auth/login_activ/usr/libexec/auth/login_activ 103939 40
-r-xr-sr-x4 root _token 20344 Aug 8 08:06
/usr/libexec/auth/login_crypto/usr/libexec/auth/login_crypto 103943 40
-r-xr-sr-x1 root _radius 19928 Aug 8 08:06
/usr/libexec/auth/login_radius/usr/libexec/auth/login_radius 103945 24
-r-xr-sr-x1 root auth11608 Aug 8 08:06
/usr/libexec/auth/login_skey/usr/libexec/auth/login_skey 103939 40
-r-xr-sr-x4 root _token 20344 Aug 8 08:06
/usr/libexec/auth/login_snk/usr/libexec/auth/login_snk 103939 40
-r-xr-sr-x4 root _token 20344 Aug 8 08:06
/usr/libexec/auth/login_token/usr/libexec/auth/login_token 103947 40
-r-xr-sr-x1 root auth20408 Aug 8 08:06
/usr/libexec/auth/login_yubikey/usr/libexec/auth/login_yubikey 103987 1568
-r-xr-sr-x1 root smmsp 783576 Aug 8 08:08
/usr/libexec/sendmail/sendmail/usr/libexec/sendmail/sendmail 52023 80
-r-xr-sr-x1 root daemon 39736 Aug 8 08:06
/usr/sbin/lpc/usr/sbin/lpc 52024 160 -r-xr-s---1 root daemon
80952 Aug 8 08:06 /usr/sbin/lpd/usr/sbin/lpd 52073 52 -r-xr-sr-x1
root kmem24664 Aug 8 08:06 /usr/sbin/pstat/usr/sbin/pstat
5196804 drwxrws---2 root wheel 512 Aug 8 08:05
/var/audit/var/audit # find / -perm -4000 -o -perm -2000 -ls -print | wc -l
32
Thanks,
have a secure day!
--
Action without study is fatal. Study without action is futile.
-- Mary Ritter Beard
Re: Too much SUID/SGID files!
2015-01-06 8:27 GMT+01:00 whoami toask whoamito...@safe-mail.net: Hello, isn't there too much SUID/SGID files on a default OpenBSD install? No. I think you don't understand how SGID works. A small example: 155910 84 -r-xr-sr-x4 root crontab 41752 Aug 8 08:06 /usr/bin/at/usr/bin/at If you run 'at' as a non-root user, then you do it as a user + crontab group, so the 'at' isn't executed with _root_ privileges. Can this number be reduced? No. # find / -perm -4000 -o -perm -2000 -ls -print | wc -l 32 Ok, now clean the list from non-root SGID and give the result. btw. please don't cross-post (misc+tech). Thanks, have a secure day! You too, Daniel
smtpd domain append fix
hi, a couple people have reported that they had a bug with their cron mails, the domain appending code failed to locate the insert point correctly if the header was ending with a comment, resulting in: From: root (Charlie)@domain the following diff fixes the issue correctly resulting in: From: root@domain (Charlie) I have had several confirmations that it fixes the issue, I've done some testing of my own with various formats, but I would really appreciate if you could run with this and confirm after a while that you have not seen any broken From / To / Cc header. Index: smtp_session.c === RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v retrieving revision 1.221 diff -u -p -r1.221 smtp_session.c --- smtp_session.c 17 Dec 2014 15:49:23 - 1.221 +++ smtp_session.c 5 Jan 2015 22:36:55 - @@ -315,7 +315,9 @@ header_append_domain_buffer(char *buffer has_domain = 1; if (buffer[i] == ':' !escape !comment !quote) has_group = 1; - if (! isspace(buffer[i])) + + /* update insert point if not in comment and not on a whitespace */ + if (!comment buffer[i] != ')' !isspace((int)buffer[i])) pos_component = i; } -- Gilles Chehade https://www.poolp.org @poolpOrg
Re: sendsyslog failure logging
On Mon, Jan 05, 2015 at 07:02:47PM +0100, Alexander Bluhm wrote: On Sun, Jan 04, 2015 at 07:16:19PM -0700, Theo de Raadt wrote: On Sat, Jan 3, 2015 at 8:38 AM, Alexander Bluhm alexander.bl...@gmx.net wrote: My goal is to make logging via syslog reliable. At least I want to see when a message gets lost. So my idea is to write a kernel log message if sendsyslog(2) cannot deliver a message. Then you see the problem on the console and in the dmesg buffer. If syslogd comes back later, you will also get the error into the log files via /dev/klog. comments? ok? Idea makes sense, but I wonder whether rate limiting is the best way to handle logging of the failures. My first instinct would be to log the first failure, and then just count failures until a success occurs, at which point the count of the intervening failures should be reported. Yes, that sounds better than rate limiting. Updated diff. I think rate limiting still makes sense. For example in the case where sosend() is returning ENOBUFS which, when the pressure is high enough, could happen frequently but only for a few calls at a time. I had a discussion with Alexander where I expressed concern about the syncronous nature of console output, and that rate limiting may not be enough. On slow console devices, this can have significant performance effects even with the rate limiting. Would it reduce your concerns when I change it to something that logs only to dmesg buffer and not to console? I have to admit, that you may get this log line also on reboot. To me this code block fundamentally feels like it is using the dmesg buffer as a debug scaffold, because the idea is that syslogd should not fail. I know what he wants, but I am wary of the kernel having this heavy cost to a system call which was designed to be so simple and clean. I do not use it as a debugging aid. We have the security requirement that no log message may get lost unnoticed. The syslogd process may die, in that case you get a line in dmesg buffer from the kernel. That can be checked later. I still think this is kind of silly. Before sendsyslog() it wasn't even possible to propose a diff like this!
Re: Sending route messages for local routes or cloning routes
On 23/12/14(Tue) 14:43, Florian Riehm wrote:
On 12/23/14 11:59, Martin Pieuchot wrote:
Would it make sense to remove the loop in rt_newaddrmsg which generates
the two
route messages? Instead of this rt_newaddrmsg sends only the RTM_NEWADDR
/
RTM_DELADDR message and the other message gets send after
creating/deleting the
cloning route.
I think it does make sense. It would restore the RTM_ADD for
RTF_CLONING routes and keep one RTM_NEWADDR for RTF_LOCAL routes.
Apart from your scenario with ospfd/ospf6d, dhclient should be happy
with this change and I can think of a third case. If you configure
two addresses of the same subnet you should see 2 RTM_NEWADDR but only
one RTM_ADD since only the first address will get a cloning route.
By the way if rt_newaddrmsg() sends RTM_NEWADDR and RTM_DELADDR we should
rename it to rt_addrmsg().
If you remove the loop and generate only one message, I think that you can
simply use rt_sendmsg() and kill rt_newaddrmsg().
ok, thanks for your advice. I will try it and let you know if it works.
Here's a diff that should generate a RTM_ADD message for every CLONING
route added while keeping the existing RTM_NEWADDR/RTM_DELADDR logic.
dhclient(8) is happy with this change, does it fix your use case too?
Index: net/route.c
===
RCS file: /home/ncvs/src/sys/net/route.c,v
retrieving revision 1.196
diff -u -p -r1.196 route.c
--- net/route.c 29 Dec 2014 11:53:58 - 1.196
+++ net/route.c 6 Jan 2015 12:15:04 -
@@ -382,11 +382,13 @@ void
rt_sendmsg(struct rtentry *rt, int cmd, u_int rtableid)
{
struct rt_addrinfo info;
+ struct sockaddr_rtlabel sa_rl;
- bzero(info, sizeof(info));
+ memset(info, 0, sizeof(info));
info.rti_info[RTAX_DST] = rt_key(rt);
info.rti_info[RTAX_GATEWAY] = rt-rt_gateway;
info.rti_info[RTAX_NETMASK] = rt_mask(rt);
+ info.rti_info[RTAX_LABEL] = rtlabel_id2sa(rt-rt_labelid, sa_rl);
if (rt-rt_ifp != NULL) {
info.rti_info[RTAX_IFP] =(struct sockaddr *)rt-rt_ifp-if_sadl;
info.rti_info[RTAX_IFA] = rt-rt_ifa-ifa_addr;
@@ -1098,7 +1100,9 @@ rt_ifa_add(struct ifaddr *ifa, int flags
* userland that a new address has been added.
*/
if (flags RTF_LOCAL)
- rt_newaddrmsg(RTM_ADD, ifa, error, nrt);
+ rt_sendaddrmsg(nrt, RTM_NEWADDR);
+ if (flags (RTF_LOCAL|RTF_CLONING))
+ rt_sendmsg(nrt, RTM_ADD, rtableid);
}
return (error);
}
@@ -1153,7 +1157,9 @@ rt_ifa_del(struct ifaddr *ifa, int flags
error = rtrequest1(RTM_DELETE, info, prio, nrt, rtableid);
if (error == 0 (rt = nrt) != NULL) {
if (flags RTF_LOCAL)
- rt_newaddrmsg(RTM_DELETE, ifa, error, nrt);
+ rt_sendaddrmsg(nrt, RTM_DELADDR);
+ if (flags (RTF_LOCAL|RTF_CLONING))
+ rt_sendmsg(nrt, RTM_DELETE, rtableid);
if (rt-rt_refcnt = 0) {
rt-rt_refcnt++;
rtfree(rt);
Index: net/route.h
===
RCS file: /home/ncvs/src/sys/net/route.h,v
retrieving revision 1.101
diff -u -p -r1.101 route.h
--- net/route.h 24 Nov 2014 12:43:54 - 1.101
+++ net/route.h 6 Jan 2015 12:15:04 -
@@ -355,9 +355,9 @@ void rt_ifannouncemsg(struct ifnet *, i
voidrt_maskedcopy(struct sockaddr *,
struct sockaddr *, struct sockaddr *);
voidrt_sendmsg(struct rtentry *, int, u_int);
+voidrt_sendaddrmsg(struct rtentry *, int);
voidrt_missmsg(int, struct rt_addrinfo *, int, struct ifnet *, int,
u_int);
-voidrt_newaddrmsg(int, struct ifaddr *, int, struct rtentry *);
int rt_setgate(struct rtentry *, struct sockaddr *,
struct sockaddr *, u_int);
voidrt_setmetrics(u_long, struct rt_metrics *, struct rt_kmetrics *);
Index: net/rtsock.c
===
RCS file: /home/ncvs/src/sys/net/rtsock.c,v
retrieving revision 1.155
diff -u -p -r1.155 rtsock.c
--- net/rtsock.c19 Dec 2014 18:57:17 - 1.155
+++ net/rtsock.c6 Jan 2015 12:15:04 -
@@ -1137,70 +1137,36 @@ rt_ifmsg(struct ifnet *ifp)
* copies of it.
*/
void
-rt_newaddrmsg(int cmd, struct ifaddr *ifa, int error, struct rtentry *rt)
+rt_sendaddrmsg(struct rtentry *rt, int cmd)
{
- struct rt_addrinfo info;
- struct sockaddr *sa = NULL;
- int pass;
- struct mbuf *m = NULL;
+ struct ifaddr *ifa = rt-rt_ifa;
struct ifnet*ifp = ifa-ifa_ifp;
+ struct mbuf *m = NULL;
+ struct rt_addrinfo info;
+ struct ifa_msghdr
Kill IPv4 list of addresses
Diff below remove the last use of the global IPv4 list of addresses.
The code using it is a hack to move the unique cloning route of a
subnet from one ifa to another. I know a proper fix would be to use
multipath for that, but this is not possible feasible right now
because we cannot select multipath route entries based on a different
ifa.
In the meantime this allow us to simplify in_ifinit() which still needs
better error handling.
ok?
Index: netinet/in.c
===
RCS file: /home/ncvs/src/sys/netinet/in.c,v
retrieving revision 1.114
diff -u -p -r1.114 in.c
--- netinet/in.c5 Jan 2015 10:21:58 - 1.114
+++ netinet/in.c6 Jan 2015 11:36:28 -
@@ -607,9 +607,6 @@ in_ifinit(struct ifnet *ifp, struct in_i
splsoftassert(IPL_SOFTNET);
- if (newaddr)
- TAILQ_INSERT_TAIL(in_ifaddr, ia, ia_list);
-
/*
* Always remove the address from the tree to make sure its
* position gets updated in case the key changes.
@@ -629,9 +626,18 @@ in_ifinit(struct ifnet *ifp, struct in_i
if (ifp-if_ioctl
(error = (*ifp-if_ioctl)(ifp, SIOCSIFADDR, (caddr_t)ia))) {
ia-ia_addr = oldaddr;
- goto out;
}
+ /*
+* Add the address to the local list and the global tree. If an
+* error occured, put back the original address.
+*/
+ ifa_add(ifp, ia-ia_ifa);
+ rt_ifa_addlocal(ia-ia_ifa);
+
+ if (error)
+ goto out;
+
if (ia-ia_netmask == 0) {
if (IN_CLASSA(i))
ia-ia_netmask = IN_CLASSA_NET;
@@ -678,18 +684,6 @@ in_ifinit(struct ifnet *ifp, struct in_i
}
out:
- /*
-* Add the address to the local list and the global tree
-* even if an error occured to make sure the various
-* global structures are consistent.
-*
-* XXX This is necessary because we added the address
-* to the global list in the first place because of
-* carp(4).
-*/
- ifa_add(ifp, ia-ia_ifa);
- rt_ifa_addlocal(ia-ia_ifa);
-
if (error newaddr)
in_purgeaddr(ia-ia_ifa);
@@ -709,7 +703,6 @@ in_purgeaddr(struct ifaddr *ifa)
rt_ifa_dellocal(ia-ia_ifa);
ifa_del(ifp, ia-ia_ifa);
- TAILQ_REMOVE(in_ifaddr, ia, ia_list);
if (ia-ia_allhosts != NULL) {
in_delmulti(ia-ia_allhosts);
ia-ia_allhosts = NULL;
@@ -775,6 +768,8 @@ in_remove_prefix(struct in_ifaddr *ia)
int
in_addprefix(struct in_ifaddr *ia0)
{
+ struct ifnet *ifp;
+ struct ifaddr *ifa;
struct in_ifaddr *ia;
struct in_addr prefix, mask, p, m;
@@ -782,36 +777,44 @@ in_addprefix(struct in_ifaddr *ia0)
mask = ia0-ia_sockmask.sin_addr;
prefix.s_addr = mask.s_addr;
- TAILQ_FOREACH(ia, in_ifaddr, ia_list) {
- if (ia-ia_ifp-if_rdomain != ia0-ia_ifp-if_rdomain)
- continue;
-
- if ((ia-ia_ifp-if_flags (IFF_LOOPBACK | IFF_POINTOPOINT)))
+ TAILQ_FOREACH(ifp, ifnet, if_list) {
+ if (ifp-if_flags (IFF_LOOPBACK|IFF_POINTOPOINT))
continue;
- if ((ia-ia_flags IFA_ROUTE) == 0)
+ if (ifp-if_rdomain != ia0-ia_ifp-if_rdomain)
continue;
- p = ia-ia_addr.sin_addr;
- m = ia-ia_sockmask.sin_addr;
- p.s_addr = m.s_addr;
-
- if (prefix.s_addr != p.s_addr || mask.s_addr != m.s_addr)
- continue;
+ TAILQ_FOREACH(ifa, ifp-if_addrlist, ifa_list) {
+ if (ifa-ifa_addr-sa_family != AF_INET)
+ continue;
+
+ ia = ifatoia(ifa);
+
+ if ((ia-ia_flags IFA_ROUTE) == 0)
+ continue;
+
+ p = ia-ia_addr.sin_addr;
+ m = ia-ia_sockmask.sin_addr;
+ p.s_addr = m.s_addr;
+
+ if (prefix.s_addr != p.s_addr ||
+ mask.s_addr != m.s_addr)
+ continue;
#if NCARP 0
- /* move to a real interface instead of carp interface */
- if (ia-ia_ifp-if_type == IFT_CARP
- ia0-ia_ifp-if_type != IFT_CARP) {
- in_remove_prefix(ia);
- break;
- }
+ /* move to a real interface instead of carp interface */
+ if (ia-ia_ifp-if_type == IFT_CARP
+ ia0-ia_ifp-if_type != IFT_CARP) {
+ in_remove_prefix(ia);
+ break;
+ }
#endif
- /*
-* if we got a matching prefix route inserted
Secure Secure Shell
https://stribika.github.io/2015/01/04/secure-secure-shell.html Is the default config for SSHD enough secure? Or the different distros modifications are the ones that make it not the best regarding security? Thanks.
Re: smtpd domain append fix
On 01/06/2015 12:11 PM, Gilles Chehade wrote: Index: smtp_session.c === RCS file: /cvs/src/usr.sbin/smtpd/smtp_session.c,v retrieving revision 1.221 diff -u -p -r1.221 smtp_session.c --- smtp_session.c17 Dec 2014 15:49:23 - 1.221 +++ smtp_session.c5 Jan 2015 22:36:55 - @@ -315,7 +315,9 @@ header_append_domain_buffer(char *buffer has_domain = 1; if (buffer[i] == ':' !escape !comment !quote) has_group = 1; - if (! isspace(buffer[i])) + + /* update insert point if not in comment and not on a whitespace */ + if (!comment buffer[i] != ')' !isspace((int)buffer[i])) This isspace call looks wrong, and looking at the source, so does nearby isspace calls. The argument to isspace() must be EOF or representable as an unsigned char; otherwise, the result is undefined. However, char is signed on some platforms, and buffer is a char pointer here, meaning out-of-range values might be passed. Casting to an int just sign extends the potential negative values, rather than mapping them to the high unsigned char values. The callers should be changed to the pattern isspace((unsigned char)buffer[i]) instead. pos_component = i; }
Re: Flag to set from address in mail(1)
Sorry, my fault. Try the diff below. Nathanael Yup, this works! Now I can filter by sender in smptd to use the right SMTP server. Thanks. Tim.
Re: Flag to set from address in mail(1)
On Mon, 05 Jan 2015 22:26:03 -0500, trondd wrote:
I like this better. But I still want the set from=XXX in .mailrc and
of course the manpage.
I would like to have this option. The diff doesn't work, however. If
you reply to a message, it messes up the header and replyall will crash.
set from=tro...@gmail.com
set
...
fromtro...@gmail.com
...
r 294
From: Replyall
To: ...@x.xxx
Subject: Re: Hi
~x
R 294
Bus error (core dumped)
Sorry, my fault. Try the diff below.
Nathanael
Index: cmd3.c
===
RCS file: /cvs/src/usr.bin/mail/cmd3.c,v
retrieving revision 1.25
diff -u -p -r1.25 cmd3.c
--- cmd3.c 6 Apr 2011 11:36:26 - 1.25
+++ cmd3.c 6 Jan 2015 17:49:11 -
@@ -230,6 +230,7 @@ _respond(msgvec)
if ((head.h_subject = hfield(subject, mp)) == NULL)
head.h_subject = hfield(subj, mp);
head.h_subject = reedit(head.h_subject);
+ head.h_from = NULL;
if (replyto == NULL (cp = skin(hfield(cc, mp))) != NULL) {
np = elide(extract(cp, GCC));
np = delname(np, myname);
@@ -619,6 +620,7 @@ _Respond(int *msgvec)
if ((head.h_subject = hfield(subject, mp)) == NULL)
head.h_subject = hfield(subj, mp);
head.h_subject = reedit(head.h_subject);
+ head.h_from = NULL;
head.h_cc = NULL;
head.h_bcc = NULL;
head.h_smopts = NULL;
Index: def.h
===
RCS file: /cvs/src/usr.bin/mail/def.h,v
retrieving revision 1.13
diff -u -p -r1.13 def.h
--- def.h 25 Jun 2003 15:13:32 - 1.13
+++ def.h 6 Jan 2015 17:49:11 -
@@ -173,6 +173,7 @@ struct headline {
struct header {
struct name *h_to; /* Dynamic To: string */
char *h_subject;/* Subject string */
+ char *h_from; /* Sender */
struct name *h_cc; /* Carbon copies string */
struct name *h_bcc; /* Blind carbon copies */
struct name *h_smopts; /* Sendmail options */
Index: extern.h
===
RCS file: /cvs/src/usr.bin/mail/extern.h,v
retrieving revision 1.27
diff -u -p -r1.27 extern.h
--- extern.h28 Jul 2009 16:05:04 - 1.27
+++ extern.h6 Jan 2015 17:49:11 -
@@ -164,7 +164,7 @@ void load(char *);
struct var *
lookup(char *);
int mail (struct name *, struct name *, struct name *, struct name *,
- char *);
+ char *, char *);
voidmail1(struct header *, int);
voidmakemessage(FILE *, int);
voidmark(int);
Index: mail.1
===
RCS file: /cvs/src/usr.bin/mail/mail.1,v
retrieving revision 1.70
diff -u -p -r1.70 mail.1
--- mail.1 16 Dec 2014 18:37:17 - 1.70
+++ mail.1 6 Jan 2015 17:49:11 -
@@ -42,6 +42,7 @@
.Bk -words
.Op Fl dEIinv
.Op Fl b Ar list
+.Op Fl F Ar from
.Op Fl c Ar list
.Op Fl s Ar subject
.Ar to-addr ...
@@ -62,6 +63,11 @@ with lines replaced by messages.
.Pp
The options are as follows:
.Bl -tag -width Ds
+.It Fl F Ar from
+Pass
+.Ar from
+to the mail delivery system as the from address.
+Overrides the from option below.
.It Fl b Ar list
Send blind carbon copies to
.Ar list .
@@ -965,6 +971,14 @@ Causes
.Nm mail
to expand message recipient addresses, as explained in the section
.Sx Recipient address specifications .
+.It Ar from
+Causes
+.Nm mail
+to pass a from address to the mail delivery system. If unset, no from
+address will be passed and the mail delivery system will use its default
+of user at host. This will be overriden if the
+.Fl F
+flag is set.
.It Ar hold
This option is used to hold messages in the system mailbox
by default.
Index: main.c
===
RCS file: /cvs/src/usr.bin/mail/main.c,v
retrieving revision 1.26
diff -u -p -r1.26 main.c
--- main.c 16 Dec 2014 18:37:17 - 1.26
+++ main.c 6 Jan 2015 17:49:11 -
@@ -50,6 +50,7 @@ main(int argc, char **argv)
int i;
struct name *to, *cc, *bcc, *smopts;
char *subject;
+ char *from;
char *ef;
char nosrc = 0;
char *rc;
@@ -78,7 +79,8 @@ main(int argc, char **argv)
bcc = NULL;
smopts = NULL;
subject = NULL;
- while ((i = getopt(argc, argv, EIN:b:c:dfins:u:v)) != -1) {
+ from = NULL;
+ while ((i = getopt(argc, argv, EF:IN:b:c:dfins:u:v)) != -1) {
switch (i) {
case 'u':
/*
@@ -100,6 +102,9 @@ main(int argc, char **argv)
case 'd':
debug++;
break;
+ case 'F':
+ from = optarg;
+ break;
case 's':
Add Medion Mobile S4222 to umsm(4)
A man page diff corresponding to the recent umsm commit by Martin Pieuchot. Best regards, Ingo Index: share/man/man4/umsm.4 === RCS file: /cvs/src/share/man/man4/umsm.4,v retrieving revision 1.89 diff -u -p -r1.89 umsm.4 --- share/man/man4/umsm.4 19 Mar 2014 22:56:44 - 1.89 +++ share/man/man4/umsm.4 6 Jan 2015 18:20:59 - @@ -81,6 +81,7 @@ driver: .It Li IIJMobile 120FU (ZTE OEM) Ta USB .It Li Kyocera KPC650 Ta CardBus .It Li Medion Mobile S4012 (Huawei E1550 OEM) Ta USB +.It Li Medion Mobile S4222 (MediaTek OEM) Ta USB .It Li Novatel Wireless ES620 Ta USB .It Li Novatel Wireless Ovation U727 Ta USB .It Li Novatel Wireless U760 Ta USB @@ -158,6 +159,8 @@ but only the first port can be used to m the second one is for management. The Option GlobeTrotter HSDPA/HSUPA modems have three serial ports, but only the last port can be used to make PPP connections. +The Medion Mobile S4222 has four serial ports, but only the first +port can be used to make connections. .Pp Some modems require multi-link PPP operation. For example, the Huawei E1550 has four serial ports.
