Re: HEADS UP: FreeBSD src repo transitioning to git this weekend

2020-12-23 Thread Michael Grimm
Renato Botelho wrote: > If you want to switch to a different already existing branch, as svn switch > does, you should look at git-checkout. > > It can be a bit expensive due to the size of src repository so if you do work > on multiple branches too often you can improve it using

Re: HEADS UP: FreeBSD src repo transitioning to git this weekend

2020-12-23 Thread Michael Grimm
Warner Losh wrote: > On Wed, Dec 23, 2020 at 7:32 AM Michael Grimm wrote: >> With svn I used: >>svn switch svn://svn.freebsd.org/base/stable/NEW /usr/src >> >> For git I found: >>git branch -m stable/OLD stable/NEW >>or >&g

Re: HEADS UP: FreeBSD src repo transitioning to git this weekend

2020-12-23 Thread Michael Grimm
Hi, Warner Losh wrote: > The FreeBSD project will be moving it's source repo from subversion to git > starting this this weekend. First of all I'd like to thank all those involved in this for their efforts. Following https://github.com/bsdimp/freebsd-git-docs/blob/main/mini-primer.md form

Re: git-lite sufficient for following STABLE sources

2020-12-05 Thread Michael Grimm
Ryan Moeller wrote: > > On 12/5/20 7:16 AM, Michael Grimm wrote: >> Is git-lite flavour of the git package sufficient in order to follow STABLE >> sources for compiling STABLE sources? > > git-lite will do. Thanks, Michael __

git-lite sufficient for following STABLE sources

2020-12-05 Thread Michael Grimm
Hi, I am preparing for the upcoming migration from svn to git. Is git-lite flavour of the git package sufficient in order to follow STABLE sources for compiling STABLE sources? Or does one need a full blown git? Thanks and regards, Michael ___

[SOLVED] 12.2-STABLE: Commit 367740 breaks IMAP/SMTP server authentication

2020-12-01 Thread Michael Grimm
to understand it. Anyway, I just wanted to let you know. Regards, Michael > On 22. Nov 2020, at 14:37, Michael Grimm wrote: > > Hi, > > I am running 12.2-STABLE and VNET jails, one of which host a recent Dovecot > IMAP and a recent postfix SMTP server. Authentication is forced via T

Re: 12.2-STABLE: Commit 367740 breaks IMAP/SMTP server authentication

2020-11-22 Thread Michael Grimm
Hi - Michael Grimm wrote: > Well, now I am able to omit this commit, but I would love to know what is > going on, and why this commit may break 'authentication/certificate > exchange/what so ever' of IMAP and SMTP/submission clients running in a VNET > jail ... It just cam

Re: 12.2-STABLE: Commit 367740 breaks IMAP/SMTP server authentication

2020-11-22 Thread Michael Grimm
Ronald Klop wrote: > On Sun, 22 Nov 2020 14:37:33 +0100, Michael Grimm wrote: >> P.S. How may I update a local svn copy and simultaneously omit commit 367740 >> from being applied, or how may I revert commit 367740, only? > > > From the top of my head you can do somet

12.2-STABLE: Commit 367740 breaks IMAP/SMTP server authentication

2020-11-22 Thread Michael Grimm
Hi, I am running 12.2-STABLE and VNET jails, one of which host a recent Dovecot IMAP and a recent postfix SMTP server. Authentication is forced via TLS/SSL for both services (ports 587 and 993). Setup is as follows: extIF0/pf/NAT <—> epairXa (bridge0) epairXb <-> jail A recent upgrade

Re: Buildworld and buildkernel with very slow compilation, recently

2020-06-22 Thread Michael Grimm
Dimitry Andric wrote: > > On 21 Jun 2020, at 14:36, Chris Nehren wrote: >> On Sunday, June 21, 2020 8:11:15 AM EDT Michael Grimm wrote: >>> Hi, >>> >>> I am following FreeBSD 12.1-STABLE. >>> >>> Clang has been upgraded to versi

Buildworld and buildkernel with very slow compilation, recently

2020-06-21 Thread Michael Grimm
Hi, I am following FreeBSD 12.1-STABLE. Clang has been upgraded to version 10.0.0 on May, 1st, and ever since that time, I do observe a dramatic increase in compilation times of building world, kernel and ports. I didn't benchmark the exact times, but compilation times are at least increased

Re: py-fail2ban turned silent after syslogd rollout (r335059, stable/11)

2018-06-22 Thread Michael Grimm
On 22. Jun 2018, at 22:28, Ed Schouten wrote: > 2018-06-22 22:06 GMT+02:00 Michael Grimm : >> After applying your patch: >>Jun 22 21:22:01 HOSTNAME [31033]: NOTICE [JAILNAME] >> Unban x.x.x.x >> >> Watch: 'fail2ban.actions' -the service- is missing. &

Re: py-fail2ban turned silent after syslogd rollout (r335059, stable/11)

2018-06-22 Thread Michael Grimm
On 22. Jun 2018, at 21:26, Michael Grimm wrote: > On 22. Jun 2018, at 21:11, Ed Schouten wrote: >> Michael, Marek, could you please give this patch a try? Thanks! > > Recompiled world (FreeBSD 11.2-STABLE r335532), substituted syslogd with the > re-compiled one, and: &g

Re: py-fail2ban turned silent after syslogd rollout (r335059, stable/11)

2018-06-22 Thread Michael Grimm
On 22. Jun 2018, at 21:11, Ed Schouten wrote: > Gleb, what are your thoughts on the attached patch? It alters syslogd > to let the 'legacy' RFC 3164 parser also accept messages without a > timestamp. The time on the syslogd server will be used instead. > > Michael, Marek, could you please give

Re: py-fail2ban turned silent after syslogd rollout (r335059, stable/11)

2018-06-22 Thread Michael Grimm
On 22. Jun 2018, at 17:59, Marek Zarychta wrote: > Could you please give any advice or workaround for this issue? I switched to a workaround for the time being which you might use as well in a similar way: #) configure fail2ban to use /var/log/faillog #) run something like that in the

Re: py-fail2ban turned silent after syslogd rollout (r335059, stable/11)

2018-06-22 Thread Michael Grimm
Marek Zarychta wrote: > On Fri, Jun 22, 2018 at 03:12:05PM +0200, Michael Grimm wrote: >> Hi, >> >> this is 11.2-STABLE (r335532), and I am referring to the recent MFC of >> syslogd modifications [1]. >> >> Because I cannot judge whether fail2ban la

py-fail2ban turned silent after syslogd rollout (r335059, stable/11)

2018-06-22 Thread Michael Grimm
Hi, this is 11.2-STABLE (r335532), and I am referring to the recent MFC of syslogd modifications [1]. Because I cannot judge whether fail2ban lacks support for the renewed syslogd or syslogd has an issue in receiving fail2ban messages I do crosspost this mail to ports and stable. I do have

Re: syslogd became silent between 11.2-PRERELEASE r334874 and r335282

2018-06-17 Thread Michael Grimm
Hi Ed -- > On 17. Jun 2018, at 19:27, Ed Schouten wrote: > > Hi Michael, > > 2018-06-17 17:52 GMT+02:00 Michael Grimm : >> I do believe that this commit might be the cause: >> https://svnweb.freebsd.org/base/stable/11/usr.sbin/syslogd/Makefile?revision=335

Re: syslogd became silent between 11.2-PRERELEASE r334874 and r335282

2018-06-17 Thread Michael Grimm
On 17. Jun 2018, at 18:06, Yasuhiro KIMURA wrote: > There was a large MFC about syslogd at r335059: > So how about take following steps? > > 1. svn update -r 335058 /usr/src > 2. Rebuild and reinstall /usr/sbin/syslogd and /usr/bin/wall on both > host and jail. > 3. Restart syslogd on both

Re: syslogd became silent between 11.2-PRERELEASE r334874 and r335282

2018-06-17 Thread Michael Grimm
On 17. Jun 2018, at 16:27, Michael Grimm wrote: > Hi, > > I am running service jails (VNET/bridge/epair) and a host at 11.2-PRERELEASE > r335282, upgraded from r334874 today. > > All syslog messages at each jail become forwarded to syslogd running at the > host. This s

Re: syslogd became silent between 11.2-PRERELEASE r334874 and r335282

2018-06-17 Thread Michael Grimm
On 17. Jun 2018, at 16:50, Gary Palmer wrote: > On Sun, Jun 17, 2018 at 04:27:33PM +0200, Michael Grimm wrote: >> Host's syslogd can be reached from inside every jail, e.g.: >> >> jtest> nc -4vuw 1 10.x.y.z 514 >> Connection to 10.x.y.z 514 port [u

syslogd became silent between 11.2-PRERELEASE r334874 and r335282

2018-06-17 Thread Michael Grimm
Hi, I am running service jails (VNET/bridge/epair) and a host at 11.2-PRERELEASE r335282, upgraded from r334874 today. All syslog messages at each jail become forwarded to syslogd running at the host. This setup worked for years. Today not a single syslog message becomes forwarded to the

Re: FreeBSD 11 : running blacklistd needed for 520.pfdenied?

2016-10-13 Thread Michael Grimm
Hi - On 15.08.2016, at 19:01, Michael Grimm <trash...@ellael.org> wrote: > I recently upgraded from 10.3-STABLE to 11.0-PRERELEASE. Now, I am missing > those parts in my daily security report regarding pf, e.g.: > > example.private pf denied packets: > +blo

Re: mergemaster woes at STABLE

2016-01-16 Thread Michael Grimm
Chris H <bsd-li...@bsdforge.com> wrote: > > On Fri, 15 Jan 2016 17:38:05 +0100 Michael Grimm <trash...@odo.in-berlin.de> > wrote >> starting a couple of weeks ago, I do see mergemaster complaining after >> "mergemaster -iFU": >> >>s

mergemaster woes at STABLE

2016-01-15 Thread Michael Grimm
Hi, starting a couple of weeks ago, I do see mergemaster complaining after "mergemaster -iFU": stat: ./have: stat: No such file or directory /usr/sbin/mergemaster: arithmetic expression: expecting primary: " ~18 & 4095 & " install: invalid file mode: ./have

Re: Problem building world (amd64) this morning

2015-04-10 Thread Michael Grimm
Michael Grimm trash...@odo.in-berlin.de wrote: I'am seeing this too. Same error messages. Latest revision failing is: | Relative URL: ^/stable/10 | Revision: 281372 Latest revision compiling without any issue is: | Relative URL: ^/stable/10 | Revision: 281265 /etc/src.conf

Re: Problem building world (amd64) this morning

2015-04-10 Thread Michael Grimm
Dimitry Andric d...@freebsd.org wrote Michael Grimm trash...@odo.in-berlin.de wrote: Compilation at r281289 is on its way. I'll send you a link after completion. Thanks, but you can stop that compilation now. :) I was just about sending you my logfile :-) I finally managed to reproduce

Re: Bind in FreeBSD, security advisories

2013-07-30 Thread Michael Grimm
On 2013-07-30 16:04, Mark Felder wrote: Unbound/NSD are suitable replacements if we really need something in base, and they have been picked up by OpenBSD for a good reason -- clean, secure, readable, maintainable codebases and their use across the internet and on the ROOT servers is growing.

Re: ipv6_addrs_IF aliases in rc.conf(5)

2013-07-20 Thread Michael Grimm
On 20.07.2013, at 16:46, Hiroki Sato h...@freebsd.org wrote: Hiroki Sato h...@freebsd.org wrote in 20130718.123323.1730389945845032580@allbsd.org: hr Michael Grimm trash...@odo.in-berlin.de wrote hr in eb3c4472-02bf-4415-bb2d-b4929063d...@odo.in-berlin.de: hr hr tr On 12.07.2013

Re: ipv6_addrs_IF aliases in rc.conf(5)

2013-07-20 Thread Michael Grimm
On 20.07.2013, at 19:01, Hiroki Sato h...@freebsd.org wrote: Michael Grimm trash...@odo.in-berlin.de wrote in 5c2419e4-d5b7-4f1a-aed0-90ef73305...@odo.in-berlin.de: tr Now, a range definition and prefixlen 56 is recognized properly: Thank you. Well, actually, we do have to thank you

Re: ipv6_addrs_IF aliases in rc.conf(5)

2013-07-17 Thread Michael Grimm
On 12.07.2013, at 09:03, Hiroki Sato h...@freebsd.org wrote: Please let me know if the existing configurations and/or the new formats do not work. First of all: great work! It is that much easier to deal with aliases, now. There is only one minor issue, if at all: rc.conf: |

Re: ipv6_addrs_IF aliases in rc.conf(5)

2013-07-12 Thread Michael Grimm
On 2013-07-12 6:56, Hiroki Sato wrote: Kevin Oberman rkober...@gmail.com wrote in can6yy1srswemj2_bjx_drzmxgk4tf50_ode8o8i2d6wtrgw...@mail.gmail.com: rk On Wed, Jul 10, 2013 at 4:46 AM, Mark Felder f...@feld.me wrote: rk rk On Wed, 10 Jul 2013 06:44:12 -0500, Michael Grimm rk trash

Re: ipv6_addrs_IF aliases in rc.conf(5)

2013-07-10 Thread Michael Grimm
Hi -- [Upcoming code freeze in stable] On 2013-04-13 22:15, Michael Grimm wrote: On 13.04.2013, at 14:29, Kimmo Paasiala kpaas...@gmail.com wrote: [great deal of simplification by ipv6_addrs_IF] Sorry to resurrect this thread but since nothing has happened in about three months I have

Re: ipv6_addrs_IF aliases in rc.conf(5)

2013-04-13 Thread Michael Grimm
Hi -- On 13.04.2013, at 14:29, Kimmo Paasiala kpaas...@gmail.com wrote: [great deal of simplification by ipv6_addrs_IF] Sorry to resurrect this thread but since nothing has happened in about three months I have to ask: What can I do to have this commited to HEAD? +1 Nowadays -where IPv6