Re: Project: Creating an "immutable" OpenBSD disk image with Packer and Ansible

On 03/31/16 03:55, Yann Hamon wrote: > Hi, > > I've been working for some time on a project to manage my router@home, > I'm sharing it here in the hope that it will be useful to someone else. > > Here it is: https://github.com/yannh/openbsd_immutable_router > > It contains a set of

lyrics.html omellete --> omelette

http://www.openbsd.org/lyrics.html s/omellete/omelette/g Or omelet in American English.

Re: W^X enforcement

On Thu, Mar 31, 2016 at 08:44:58AM -0600, Theo de Raadt wrote: [...] > I generally reject the addition of security knobs, and push towards > making the security choice mandatory, as early as possible. We are > not quite in the position of making this choice. (Maybe a ports > developer can list

Re: support new

Please add me to the support list or advice accordingly. I had made the same request on March 4th and this is a resend. Thank you for the early release of 5.9 ! Forever grateful for the treasure that OpenBSD is. regards, Kihaguru

Re: Socklog on OpenBSD -current

On 2016-03-30, Predrag Punosevac wrote: > On 3/29/16 5:42 PM, Stuart Henderson wrote: >> On 2016-03-29, Jeff Ross wrote: >>> Greetings all! >>> >>> I've been away from OpenBSD for a while and for sure I've missed more >>> than a few things. Just

Fwd: support new

-- Forwarded message -- From: Kihaguru Gathura Date: Fri, Mar 4, 2016 at 9:07 PM Subject: support new To: misc@openbsd.org 0 C Kenya P Nairobi T Nairobi Z P.O Box 51348-00200 O Consultant I Kihaguru Njenga A M kihaguru.nje...@gmail.com U B +254

Re: WAPBL?

Hi Predrag, 2016-03-28 22:42 GMT-03:00 Predrag Punosevac : > Walter Neto wrote: > >> >> Hi, >> >> I'm not working on it for a while. Sadly I am with no time, but trying >> to escape to return. :( >> > > This is most regrettable. I was following your work on porting WAPBL

Re: date not respect for 5.8 and 5.9

‎OpenBSD is based out of Canada. They run their power stations on renewable energy. This climate change is a big threat, though it worked in our favour this time. Climate change caused heavy winds, which made the wind turbines turn a bit faster, generating a lot of power.  Canadian power

Re: W^X enforcement

> In portable software, a grep for PROT_EXEC finds almost all the work > which still needs to be done... I am suggesting grep is enough because the four forms one will find in code are: mmap(... PROT_EXEC, ...) mprotect(... PROT_EXEC, ...) prot = PROT_EXEC ...

Re: date not respect for 5.8 and 5.9

On 3/31/16 4:58 AM, Max Power wrote: > Hi guys! > Why the release 5.8 and 5.9 did not comply with the canonical date > of the 1th November and of the 1th May? > > Thanks in advance for your reply. Because Buffy swim upstream with the salmons this year in the cold rivers of Canada and felt he

Re: W^X enforcement

> > because well.. firefox was asking for it until a few months ago... > > > > I believe chrome / v8 still requires WX memory. > > I guess webkits JIT that xombrero depends on requires WX still? The > performance, features and simplicity of xombrero made it a no brainer > but perhaps on OpenBSD

Re: W^X enforcement

> > Therefore, W^X has always been a policy for software to follow. Meaning, > > the libraries won't ask for WX, ld.so won't ask for WX, nothing will. > > If something wants to shoot itself in the foot, we could not stop it, > > because well.. firefox was asking for it until a few months ago... >

Re: W^X enforcement

> because well.. firefox was asking for it until a few months ago... > > I believe chrome / v8 still requires WX memory. I guess webkits JIT that xombrero depends on requires WX still? The performance, features and simplicity of xombrero made it a no brainer but perhaps on OpenBSD 6? (threaded

Re: W^X enforcement

On 03/31/2016 04:44 PM, Theo de Raadt wrote: > Therefore, W^X has always been a policy for software to follow. Meaning, > the libraries won't ask for WX, ld.so won't ask for WX, nothing will. > If something wants to shoot itself in the foot, we could not stop it, > because well.. firefox was

Re: smtpctl(97175): syscall 141 ""

> Fetching the lastest amd64-current snapshot or compiling with the latest ^^^ > sources results in the error message > smtpctl(97175): syscall 141 "" > > Any operation that requires root privileges via 'doas' or at startup > terminate with > Bad system

Re: W^X enforcement

> I generally reject the addition of security knobs, and push towards > making the security choice mandatory, as early as possible. We are > not quite in the position of making this choice. (Maybe a ports > developer can list some programs that require WX memory today) I should stress this

Re: ncurses and ncursesw share same header?

On 2016-03-31, Carsten Kunze wrote: > curses, ncurses and ncursesw library seem to be hard links to one > file. So that means that with the -l option I decide which functions > I use and always simply include ? It is all the same library and it uses the same header

Re: W^X enforcement

> This may be a bit of a silly question. There is talk about an upcoming > Common Criteria requirement that no memory may be executable and > writable at the same time. That comes a little late (meaning lots of software was written to require this, over the last decades), but also a little early

Re: Syntax error in pf rules

On another occasion when Master Foo gave public instruction, an end user, having heard tales of the Master's wisdom, came to him for guidance. He bowed three times to Master Foo. “I wish to learn the Great Way of Unix,” he said “but the command line confuses me.” Some of the onlooking neophytes

Re: Syntax error in pf rules

> On Mar 30, 2016, at 10:58 PM, Adam Smith wrote: > > Are you the owner of misc@openbsd.org? > >> --- dera...@cvs.openbsd.org wrote: >> >> From: Theo de Raadt >> To: ken...@dcemail.com >> >>> I know. Do you have proof that I hadn't put in my

Re: Project: Creating an "immutable" OpenBSD disk image with Packer and Ansible

On Thu, Mar 31, 2016 at 09:55:39AM +0200, Yann Hamon wrote: > Hi, > > I've been working for some time on a project to manage my router@home, I'm > sharing it here in the hope that it will be useful to someone else. > > Here it is: https://github.com/yannh/openbsd_immutable_router > > It

W^X enforcement

This may be a bit of a silly question. There is talk about an upcoming Common Criteria requirement that no memory may be executable and writable at the same time. OpenBSD is said to meet this requirement. However, I installed the amd64 variant of OpenBSD 5.9, and ran short test program which

Re: OpenBSD misc

> Hi Jubjub Jenkins, > > That's your name, isn't it? Or it's just a pseudonym behind which you hide > all your hatred towards humanity? > > If you're the person in charge of misc@openbsd.org, just ban me from posting > to it. > > Adam Arch linux started moderating, it is a bad idea. Hard

smtpctl(97175): syscall 141 ""

Hi there! Fetching the lastest amd64-current snapshot or compiling with the latest sources results in the error message smtpctl(97175): syscall 141 "" Any operation that requires root privileges via 'doas' or at startup terminate with Bad system call (core dumped) Is this an issue already known

Re: Supermicro X11SSL-F freezes probing USB 3

On Thu, Mar 31, 2016 at 2:14 AM, Paul B. Henson wrote: > Eeew. We've got some HP gear that requires an extra cost license to make > the remote kvm gui head work past the bootloader which is ridiculous > (but technically, I don't think remote kvm is part of the base IPMI >

ncursesw header not found

Hello, in /usr/lib there seems to be the ncursesw library but I don't find a ncursesw header file (expected as something like .../ncursesw/curses.h). I also don't find a curses package to install. Is there ncursesw support for OpenBSD? I found threads from 2010, but I'm not sure if they are

Re: ncursesw header not found

On Thu, Mar 31, 2016 at 10:22 AM, Carsten Kunze wrote: > Hello, > > in /usr/lib there seems to be the ncursesw library but I don't find a ncursesw header file (expected as something like .../ncursesw/curses.h). I also don't find a curses package to install. Is there

ncurses and ncursesw share same header?

curses, ncurses and ncursesw library seem to be hard links to one file. So that means that with the -l option I decide which functions I use and always simply include ? (At least this states the curses manpage.)

Re: date not respect for 5.8 and 5.9

Max Power schreef op 31 maart 2016 10:58:00 CEST: >Hi guys! >Why the release 5.8 and 5.9 did not comply with the canonical date >of the 1th November and of the 1th May? > >Thanks in advance for your reply. Because we are Time Lords? -Otto

date not respect for 5.8 and 5.9

Hi guys! Why the release 5.8 and 5.9 did not comply with the canonical date of the 1th November and of the 1th May? Thanks in advance for your reply.

new (again) support entries for BackWatcher, Inc.

Hello, After many years "in the wilderness," I'm hanging "the shingle" back up, as it were. Therefore, please re-add my "OpenBSD Support and Consulting" listing to both the USA and Canada sections as follows... USA... 0 C USA P Florida T Bradenton Z 34203-7305 O BackWatcher, Inc. I Kyle Amon A

Re: Mouse click problems with firefox and firefox-esr

It may be that your mouse it telling you it is dying. Try it on a text file, out of firefox of course. Maybe there you can see it misses the left click select or left click. It is a mechanical contact after all.

Project: Creating an "immutable" OpenBSD disk image with Packer and Ansible

Hi, I've been working for some time on a project to manage my router@home, I'm sharing it here in the hope that it will be useful to someone else. Here it is: https://github.com/yannh/openbsd_immutable_router It contains a set of configuration scripts for Packer and Ansible that make it

Re: Supermicro X11SSL-F freezes probing USB 3

On Wed, Mar 30, 2016 at 03:34:25PM -0400, Sonic wrote: > Ahha! Who would have thought... com0 was the ticket. Thanks much! Sweet, glad to hear you got it working. Usually the IPMI SOL comes after the physical serial ports, I've never seen it be the first one. But hey, it's Dell :). Maybe now

Re: Supermicro X11SSL-F freezes probing USB 3

On Tue, Mar 29, 2016 at 10:46:15PM -0400, Sonic wrote: > The IPMI is part of Dell's iDRAC stuff and the only thing I've found [...] > may be the iDRAC license level as well, anything above the "basic" > level, providing a limited feature set, requires purchasing a license Eeew. We've got some HP