Hi.
On OpenBSD 7.3, I frequently receive the following lines in 'daemon' and
'messages' log files inside /var/log/ directory;
unwind[47246]: validation failure <181.219.85.209.in-addr.arpa. PTR IN>: No
DNSKEY record for key in-addr.arpa. while building chain of trust
unwind[72140]: validation
Sorry for the delay on this, it has been a busy month. I'm finding some
time to get to this.
I enabled UAUDIO_DEBUG and got some info. Here's what I got from
/var/log/messages when I started sndiod w/ debugging & started
running aucat
Jun 30 13:51:22 towerDefense /bsd: uaudio_set_params: rate
I have an old thinkpad - really old
On booting it stops when listing the acpi sleep states and does nothing
more. This is dmesg:
OpenBSD 7.3 (GENERIC) #660: Sat Mar 25 11:17:44 MDT 2023
dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC
real mem = 200753152 (191MB)
avail mem =
Justin Handville wrote:
> > pledge does not drop access to system calls. It blocks the *action*
> > of it, inside the kernel. You are muddling things together far too much.
>
> That's a matter of semantics. The point is that pledge reduces attack surface
> by
> reducing what a program is
Theo de Raadt wrote:
> going to use the other 95% of your text segment which, due to static-linking,
> you have placed at very convenient fixed-offset locations relative to whatever
> bug they find to exercise.
The static linking example is a bit of a red herring. Even if the program were
Justin Handville wrote:
> Theo de Raadt wrote:
>
> > > It's a cheap defense in depth protection that simplifies my use
> > > case.
>
> > But I don't see a real security benefit of what you are trying to do.
>
> There may not be. At this point, it's more idiomatic. Don't need code?
> Don't
Theo de Raadt wrote:
> > It's a cheap defense in depth protection that simplifies my use
> > case.
> But I don't see a real security benefit of what you are trying to do.
There may not be. At this point, it's more idiomatic. Don't need code?
Don't keep it. It's an experimental feature. I'm not
Justin Handville wrote:
> Dave Voutila wrote:
>
> > Have you considered a libexec approach instead? If the goal is to keep a
> > child process having only the executable pages it needs for operations,
> > why not split up the program design instead of mucking with ELF stuff?
> > That surely
Dave Voutila wrote:
> Have you considered a libexec approach instead? If the goal is to keep a
> child process having only the executable pages it needs for operations,
> why not split up the program design instead of mucking with ELF stuff?
> That surely has to be even more portable.
I have.
Justin Handville wrote:
> I'm assuming that misc@ is probably the best place for this e-mail,
> although it gets a bit in the tech@ weeds. I upgraded to 7.3 not so
> long ago, and I noticed that a daemon I had written was no longer
> working properly. For reasons that are probably too much to
Thanks NIck,
How do I exactly try to unlock the disk with bioctl command?
I do not have the appropriate disk to try to rebuild it.
I am trying it from openbsd 6.9 bootable usb. The encrypted hdd was 7.3.
Please.
Thanks in advance
On Sat, Jun 17, 2023 at 4:33 PM Nick Holland
wrote:
> On
Justin Handville writes:
> I'm assuming that misc@ is probably the best place for this e-mail,
> although it gets a bit in the tech@ weeds. I upgraded to 7.3 not so
> long ago, and I noticed that a daemon I had written was no longer
> working properly. For reasons that are probably too much
On 2023-06-29, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote:
> We are about to discover the joys of upstream BGP routing :-P The
> current plan is to use a pair of OpenBSD+bgpd hosts as the routers.
>
> Each host will require 4x10gig ports (SFP+). One of those links
> (to AWS) will be close to
29 Jun 2023, 23:57 by lyn...@orthanc.ca:
> We are about to discover the joys of upstream BGP routing :-P The
> current plan is to use a pair of OpenBSD+bgpd hosts as the routers.
>
> Each host will require 4x10gig ports (SFP+). One of those links
> (to AWS) will be close to saturated, along
I'm assuming that misc@ is probably the best place for this e-mail,
although it gets a bit in the tech@ weeds. I upgraded to 7.3 not so
long ago, and I noticed that a daemon I had written was no longer
working properly. For reasons that are probably too much to get into
here, I statically link
15 matches
Mail list logo