On 2022-05-05, Ted Unangst wrote:
> On 2022-05-05, Theo Buehler wrote:
> > On Thu, May 05, 2022 at 10:59:45AM +0200, Hiltjo Posthuma wrote:
> > > Is this option currently enabled and working? I haven't been able to see
> > > session resumption being used when testing use
On 2022-05-05, Theo Buehler wrote:
> On Thu, May 05, 2022 at 10:59:45AM +0200, Hiltjo Posthuma wrote:
> > Is this option currently enabled and working? I haven't been able to see
> > session resumption being used when testing uses OpenBSD ftp.
>
> Yes, it works, but only with TLSv1.2. For TLSv1.3
On 2022-02-25, Robert Nagy wrote:
> Maybe we need a default vmd class? What do you guys think?
Regardless of what the limit is, this seems like a daemon where people
will bump into the limit. Perhaps a reminder is in order too?
Index: vm.c
On 2020-05-09, Bob Beck wrote:
> > oolong$ man -k Xr=tls_peer_cert_hash
> > nc(1) - arbitrary TCP and UDP connections and listens
> >
> > That's far from ideal IMO, but I don't know where, of the many tls_*
> > manpages, would I reference it.
>
> man tls_peer_cert_hash
>
> happily brings up
dmthomp...@gmx.com wrote:
> So I tried doas with this "permit nopass me as root cmd mount_ext2fs"
> but still no luck.
>
> So I was hoping for a hand from you kind souls.
>
> Oh and when I try to mount at command line using doas I get 'syntax error at
> line
> 7'
there's nothing wrong with
Claus Assmann wrote:
> The functional tests for sendmail use ldns-testns as DNS server
> which provides specific test data and error behaviours.
> It runs on a port > 1024 to avoid requiring root access.
you can use a combination of pf.conf rdr-to and 127.0.0.2 etc.
i.e., bind to port 5353, have
Duncan Patton a Campbell wrote:
> > The change time (c_time in struct stat) cannot be explicitly set by
> > any API and is maintained by the kernel.
>
> man touch ?
does not set ctime except as a side effect.
Jan Stary wrote:
> Installing base66.tgz 100% |**| 99116 MB - 07:12edT-
> Installing comp66.tgz 83% |* | 45312 KB -
> stalledT-syncing disks... done
> rebooting...
>
> Why does it reboot here? The SD card is slow, and is being both read
> and
Thomas wrote:
> Hi,
>
> I need to do this redirect with httpd:
>
> from:
> http://my.old.site/#info
> to:
> https://my.new.site/products/product.html
browsers don't send #fragments to the server. so short answer: impossible.
Brennan Vincent wrote:
>
> On 11/13/19 1:56 AM, Ted Unangst wrote:
> > Brennan Vincent wrote:
> >> Hello,
> >>
> >> I have a Wi-Fi USB adapter. urtwn(4) normally works fine, but it's a bit
> >> flaky...
> >> I don't think this is a hardwar
Brennan Vincent wrote:
> Hello,
>
> I have a Wi-Fi USB adapter. urtwn(4) normally works fine, but it's a bit
> flaky...
> I don't think this is a hardware issue because the device is
> working fine on Ubuntu.
I think this is and isn't a hardware issue? I had the same problem with an
edimax a
Tero Koskinen wrote:
> Eventually I pinned the problem down to April 14/15:
>
> FAULTY 091f8f6587f dlg Mon Apr 15 02:59:41 2019 + the myx_cmd
> FAULTY 1bbcb699ab8 dlg Mon Apr 15 00:28:29 2019 + there's a bunch
> PROBLEM! 7f4dd37977d jsg Sun Apr 14 10:14:50 2019 + Update shared
Guild Navigator wrote:
> But what would be the OpenBSD correct way to
> write such simple print-from-the-array-of-strings program?
printf
freda_bundc...@nym.hush.com wrote:
> Description:
> man starttls says one can link a new certificate to cert.pem with
> ln -s /etc/ssl/mail.example.com.crt /etc/ssl/cert.pem if one does not
> intend
That entire section seems dumb and outdated. I would prefer we simply not give
any
Theo de Raadt wrote:
> How does sync() fix this? Please explain this. Look at the source
> code.
>
> sync() is an asyncronous call requesting syncronization, and once
> it has marked the blocks that should be pushed, it returns before
> the work has been done.
Ah, indeed.
> > 2. cp could do
Mogens Jensen wrote:
> Even after many tries, I have not yet been able to corrupt the
> filesystem so fsck cannot repair it without manual intervention.
> However, if power is removed while the 'reorder_kernel' script runs,
> the system will become completely unbootable. I could do this multiple
Kevin Chadwick wrote:
> Does anyone debug golang on OpenBSD and can advise on llvm/gcc or provide any
> other insight?
I just use log.
Jeremy O'Brien wrote:
> I've snagged the 6.5 xenocara.tar.gz, patched it with just that above fix,
> and installed it on my system which has made X rock-stable for me. This is
> totally fine for me personally, but I was curious if other people have run
> into this issue on their 6.5 installs,
Kent Watsen wrote:
> But when using sysctl(8) or /etc/sysctl.conf, a couple variables need an
> extra 'm':
>
> semni --> semmni
> semnu --> semmnu
>
> Is this intentional?
The extra letters are intentional. I've fixed the man page. Thanks.
Jason A. Donenfeld wrote:
> I'm using signify(1) for update signatures in the upcoming WireGuard for
> Windows (there'll be OpenBSD news soon in that department, I hope!). Not
> wanting to store keys on my laptop or something, I managed to get a YubiHSM
> to produce valid signify(1) signatures. I
Nick Holland wrote:
> > In a shell script invoked by doas, is it possible to find which user
> > invoke the script? my search a the moment has come up empty.
>
> most likely place would be an environment variable, right?
>
> # echo "I started out as $LOGNAME"
> I started out as nick
Boris Epstein wrote:
> Thanks. It makes sense to be able to select login methods under some
> circumstances - but do I have an option of forcing the user to log in using
> a predetermined set of methods (for instance, password and then a secure
> key, or password and Yubkey, or password and SSL
ropers wrote:
> I personally agree with Sijmen. OpenBSD has always prioritised
> correctness over legacy compatibility and standards compliance.
> Instinctively, leaving a slightly "buggy" thing in base on the theory
> that anyone who doesn't like it should just install larger and less
>
I think the answer is, you want traditional vi, you get traditional vi. If you
want something else, try ports.
Diana Eichert wrote:
> If so, is there a good way to dump existing factory firmware from emmc
> before I install OpenBSD? At some point I may have to restore to
> factory.
Assuming you netboot bsd.rd, there's dd on the ramdisk. Alas, no netcat, but
it does have the nfs client, so you can save
Claus Assmann wrote:
> Any suggestion how I can debug that program? (it's huge and written
> in C++ with which I am not familiar anyway :-(
You want egdb from ports, especially for anything c++. (pkg_add gdb)
Ingo Schwarze wrote:
> Hi Ted,
>
> Ted Unangst wrote on Wed, Feb 06, 2019 at 02:25:40PM -0500:
>
> > We are missing a man page for timespeccmp (and related macro functions).
> > should be pretty easy to grab a page from freesd, adapt it a bit, and
> > make
We are missing a man page for timespeccmp (and related macro functions). It
should be pretty easy to grab a page from freesd, adapt it a bit, and make a
patch if anybody is looking for something to do.
John Ankarström wrote:
> Hi,
>
> I just got OpenBSD installed on my new laptop, and so far, it works great.
> But since I applied the latest X11 patch, I can no longer use startx to
> launch X11, unless I do it as root, which probably isn’t a good idea. Seems
> like I have to use xenodm.
>
>
Ted Unangst wrote:
> Dariusz Sendkowski wrote:
> > Yes, it does.
> >
> > I extracted 'unveilcommands' function from doas.c and put it into a
> > standalone program to run it.
> > It turned out the result was the same as in doas command. When I disab
Dariusz Sendkowski wrote:
> Yes, it does.
>
> I extracted 'unveilcommands' function from doas.c and put it into a
> standalone program to run it.
> It turned out the result was the same as in doas command. When I disable
> unveil, then it works fine.
This diff should fix the problem.
Index:
Dariusz Sendkowski wrote:
> I investigated the problem a little more and found, that when there is a
> non-existent directory entry in my PATH, the problem occurs. If all of the
> directories from my PATH exist, then it works fine.
To help isolate the problem, if you disable unveil, does it work?
Paul Swanson wrote:
> $ wsconsctl display.brightness=5
> display.brightness -> 5.00%
>
> This laptop is essentially all Intel Skylake under the hood some I'm wondering
> why it's not playing nice like on the Lenovo / ThinkPads.
>
> Below is my dmesg and also Xorg.0.log.
> "DELLABC6" at acpi0 not
Paul Swanson wrote:
> I'd like to chase this up a bit further and see if there's anything I can do
> to
> improve support on this model; Ubuntu has great support so I can perhaps look
> for there for ideas and inspiration.
>
> Ted, do you have any suggestions for what parts of OpenBSD I should
Paul Swanson wrote:
> This laptop is essentially all Intel Skylake under the hood some I'm wondering
> why it's not playing nice like on the Lenovo / ThinkPads.
There's no guarantee that the screen backlight is actually wired to the
graphics chip and not just some acpi buttons. :(
> I'd really
Adam Steen wrote:
> 'log(DEBUG, "Solo5: clock_init(): freq=%lu\n", freq);'
>
> but am getting the following error
>
> '
> error: format specifies type 'unsigned long' but the argument has type
> 'uint64_t' (aka 'unsigned long long') [-Werror,-Wformat]
> freq);
> ^~~~
> 1
Sebastian Benoit wrote:
> > > or what should it show? Only sockets that are bound
> > > but not connected (local port != 0 but remote addr/port = 0)?
> >
> > see my other mail for that diff.
>
> here. Ok for one or the other?
as a non expert, this matches my expectation of what "listening"
Claudio Jeker wrote:
> On Fri, Dec 14, 2018 at 01:26:25PM -0500, Ted Unangst wrote:
> > Philip Guenther wrote:
> > > And, perhaps more directly, how would I block this in pf.conf?
> > > >
> > >
> > > Excellent choice, blocking dhclient from receivin
Ted Unangst wrote:
> Philip Guenther wrote:
> > And, perhaps more directly, how would I block this in pf.conf?
> > >
> >
> > Excellent choice, blocking dhclient from receiving the leases that it
> > requests.
> > "What problem are you trying to sol
Philip Guenther wrote:
> And, perhaps more directly, how would I block this in pf.conf?
> >
>
> Excellent choice, blocking dhclient from receiving the leases that it
> requests.
> "What problem are you trying to solve?"
Well, this may be something of a lost cause, but I would prefer that chrome
netstat -an tells me I am listening to all the udp.
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address(state)
udp 0 0 *.**.*
udp 0 0 127.0.0.1.53 *.*
Theodore Wynnychenko wrote:
> Does this mean that getty is only allowed to access "/usr/bin/login," and that
> my custom script is not in an allowed location after unveil "locks down"
> getty?
yes.
> Obviously, my script is named autologin.sh and lives in /local; and it does
> exist with
Simon Ser wrote:
> Sometimes the two processes don't trust each other, for instance in the
> case of Wayland. Bad clients may try to crash the compositor.
>
> One way to crash the compositor is to send a shared memory file descriptor
> and then shrink the file. When the compositor tries to read
Simon Ser wrote:
> Hi all> I'd like to know if there are plans to add a feature similar to file
> sealing [2] in OpenBSD.
I don't think so. You explained a possible use, but didn't actually explain if
code using file sealing already exists.
tomr wrote:
> I'm a bit confused here. I have some cwm keybindings that `doas rcctl`
> things, which now aren't working as they used to - which isn't
> necessarily a problem - but I'm surprised at the behaviour below:
>
> # this doesn't work anymore..
> $ doas rcctl
> doas: rcctl: command not
Ted Unangst wrote:
> Ted Unangst wrote:
> > Derek wrote:
> > > Adding a "#!/bin/sh" at the top of the scripts made them all work again.
> >
> > i don't believe this is a change; that's how it should always work.
>
> sorry, this appears wrong.
Ted Unangst wrote:
> Derek wrote:
> > Just upgraded from 6.3 to 6.4 and the doas behaviour seems to have changed.
> >
> > I finally solved it, but just posting here in case anyone has this problem.
> >
> > I had a few little shell scripts in /usr/local/sbin/
Derek wrote:
> Just upgraded from 6.3 to 6.4 and the doas behaviour seems to have changed.
>
> I finally solved it, but just posting here in case anyone has this problem.
>
> I had a few little shell scripts in /usr/local/sbin/ - intended to be run
> by doas : one-liners like bioctl mounting a
Joel Carnat wrote:
> Hi,
>
> I want net-snmpd to run a script via the extend directive.
> This script has to run a command using doas to get temporary root
> permission.
>
> The script is run on snmpcmd call but the doas command returns:
> doas: a tty is required
>
> Is there a way to run doas
Chris Wojo wrote:
> I feel like these two issues could be related; but I'm not aware of any way
> to diagnose why it won't accept my password or yubikey.
> The yubikey authentication works on login; just not on screen locks.
this depends on login.conf i believe, but for xlock you may have to
Andrew wrote:
> Just wondering if signify(1) is intended to exit 0 ONLY if the [file
> ...] is within the shell's pwd ?? By chance, I noticed that
> /path/to/file will fail on the same bsd.rd controlling for the working
> directory.
Mostly, yes. The filename is compared to the one in the
multiplex'd wrote:
> Hello all,
>
> I've been reading into the signify(1) program a little recently, and the
> manual page mentons the '-t' option, which is used to ensure the public
> key deduced from the signature comment "matches /etc/signify/*-keytype.pub",
> where 'keytype' is the argument
Jordan Geoghegan wrote:
> Is there any particular reason for the low sparc64 MAXDSIZ? Is there any
> way for this limit to be increased as I have some large data
> manipulation that needs to be done and I really would love to be able to
increasing the value can be done by changing the header
Jordan Geoghegan wrote:
> amd64 MAXDSIZ : ((paddr_t)32*1024*1024*1024)
> i386 MAXDSIZ : (3UL*1024*1024*1024)
> sparc64 MAXDSIZ : (8L*1024*1024*1024)
> mips64 MAXDSIZ : 16UL*1024*1024*1024
> hppa MAXDSIZ : 1*1024*1024*1024UL
> arm64 MAXDSIZ: ((paddr_t)16*1024*1024*1024)
>
> Could
Ted Unangst wrote:
> Otto Moerbeek wrote:
> > Sparc64 and powerpc also have speculative execution, branch
> > prediction and extensive caches. It is much wiser to assume they are
> > also affected by (similar) bugs/explots or whatever you call it.
>
> A lot of the comm
Otto Moerbeek wrote:
> Sparc64 and powerpc also have speculative execution, branch
> prediction and extensive caches. It is much wiser to assume they are
> also affected by (similar) bugs/explots or whatever you call it.
A lot of the commonly available sparc64 gear, T2 and USIII, are in order.
Kai Wetlesen wrote:
> Put bluntly, I was busy with completing my bachelors degree which was far
> more important. You would have waited six months regardless. Now that it’s
> done and out of the way I’ll happily take your advice.
No need to explain that other things come up. OpenBSD developers
Kai Wetlesen wrote:
> > > you don't have to announce your bug database the first day you set it up.
> > > in
> > > fact, it's better not to. but in a few months time, when somebody
> > > inevitably
> > > asks misc how do i contribute, where's the todo list, you'll have this
> > > handy
> > >
TimoMyyrä wrote:
> > But scan results see the 2.4Ghz network but not the 5Ghz network:
> >
> > $ doas ifconfig iwn0 scan | grep MyNet
> > nwid MyNet chan 11 bssid xx:xx:xx:xx:xx:xx -21dBm HT-MCS23
> > privacy,short_preamble,short_slottime,wpa2,wpa1
> >
> >
> > timo
>
> Actually,
TimoMyyrä wrote:
> I just got Linksys 1900ACS wireless router and it works great, except with
> OpenBSD. I've got Thinkpad T430s running -current and I can't get DHCP lease
> from the new
> router.
> I noticed lines: "dhclient[22294]: fatal in iwn0: yielding responsibility" in
> messages file
Ted Unangst wrote:
> Ingo Schwarze wrote:
> > > this could just be memcmp.
> >
> > I avoided that over quibbles about the argument type (off_t vs.
> > size_t), though i admit that database files larger than a Gigabyte
> > make no sense at all.
> >
&g
Ingo Schwarze wrote:
> > this could just be memcmp.
>
> I avoided that over quibbles about the argument type (off_t vs.
> size_t), though i admit that database files larger than a Gigabyte
> make no sense at all.
>
> If you consider that an improvement, i'm not opposed to using
> memcmp(3). But
Ingo Schwarze wrote:
> + if ((cp1 = mmap(NULL, sb1.st_size, PROT_READ, MAP_PRIVATE,
> + fd1, 0)) == NULL) {
> + say(MANDOC_DB, "");
> + goto err;
> + }
> + if ((cp2 = mmap(NULL, sb2.st_size, PROT_READ, MAP_PRIVATE,
> + fd2, 0)) == NULL) {
> +
Philippe Meunier wrote:
> - is the panic intended (well, known to the developers and considered
> normal; I hesitate to call it a feature) or is it an oversight?
no, nothing bioctl does should kill init like that.
> - I would have thought that, once the softraid volume has been created, its
>
tomr wrote:
> I've been struggling to get X to lock by calling xlock(1) from
> /etc/apm/{hibernate,resume,standby,suspend}
>
> Haven't seen a lot of useful debug output from xlock...
>
> # xlock -verbose ; echo $?
> 1
> # xlock -verbose -display :0.0 ; echo $?
> No protocol specified
> 1
> #
>
anyone using an x40? what have you set machdep.apmhalt to?
pipfsta...@openmailbox.org wrote:
> Hello,
>
> CVS is delivering me my daily dose of PITA (and I'm delivering a daily
> dose of whining to the list). I feel like I'm trying to use a wooden bicycle
> driven by jolts from the ground to make a tour from Washington, DC to
> Sacramento, California.
>
Bryan Vyhmeister wrote:
> On Mon, Jul 31, 2017 at 11:02:28PM +0200, Ulf Brosziewski wrote:
> > for you. As always, a dmesg would be appreciated. The output of
> > # wsconsctl | grep 'mouse'
> > could also be of interest here (you must run it as root).
>
> This report is from a MacBookAir7,2
Adam Steen wrote:
> Sorry, i sent that before i had finished.
>
> I am trying to find an equivalent of the following code for FreeBSD
we don't currently export this info, but we could add some sysctls. there's
some cpufeatures stuff there, but generally stuff isn't exported until
somebody finds
Ibrahim Khalifa wrote:
> Hi,
>
> If you run diff against two directories where you have file(s) and the only
> difference is that you have file(s) that only exists in one of the
> directories, diff will exit with 0. If you use -N och -P it will however exit
> with 1.
>
> Reading through the
Fabio Scotoni wrote:
> Is there any particular reason why things are being done this way? I
> could imagine that it's to stay compatible with upstream SUPERCOP, but
> mod_ed25519.c does not seem to have changed in CVS for over three years.
Yes, the idea is you should be able to diff the files
multiplex'd wrote:
> From an end-user standpoint, this means that if a user has run a
> priviledged command using sudo and then (within the timeout) runs a
> script which itself calls sudo, then they will not be prompted to
> enter a password as the script is running with the same foreground
>
Stephane HUC PengouinBSD wrote:
>
> $ signify -G -p Test.pub -s Test.sec
> passphrase:
> signify: please provide a password
> $ ls -al | egrep Test
> $
>
> If not entry password, key files are not created!
you can create keys without passphrases using -n.
Bryan C. Everly wrote:
> Thanks again to tedu and everyone else who put in the effort to get us
> working on this architecture. I can't imagine it was easy!
For the record, it wasn't me. Kettenis did some great work, though.
J Doe wrote:
> Ok, thank you for clarifying that for me. I will proceed with development in
> C. As an aside - do OpenBSD developers track with the latest standard (C11),
> or is another standard preferred ?
mostly c89. in particular, don't mix code and declarations.
Manuel Solis wrote:
> My question is:
> I know that i am missing some step to fulfill the shrinking process
> but in the FAQ there is only a way to grow fs and i didn’t find the shrinking
> fs, and in the book says that i should move the partition, well it does not
> say it but i figured out
Denis wrote:
> Looking for ifconfig '[[-]txpower dBm]' option which was present in
> OpenBSD 5.4 amd64. Try to find 'txpower' on 6.0 amd64 but seems it
> missed out.
>
> Actively using it to match power for 802.11 card and it's RF recipient
> (post amp). What mechanism of output power matching is
Donald Allen wrote:
> I am guessing, but do not know, that the trouble here is either in the
> ext2 support or perhaps in the usb driver. If ext2, I realize that it
It wouldn't surprise me that the USB stack can get wedged if it does lots of
IO. ext2fs probably has other bugs, but I wouldn't
Paul B. Henson wrote:
> After applying this and installing the resulting kernel, ipmi worked
> fine. I skipped 6.0, but just updated my boxes to 6.1, and see the same
> ipmi failures. It looks like this fix hasn't been applied, the code in
> head is still missing this line. I applied it again to
Kevin Chadwick wrote:
> On Fri, 23 Jun 2017 20:24:24 +0200
>
>
> > > > > I started by trying very high values with a simple password and
> > > > > expected to have to wait a long time but it was always around 7
> > > > > seconds?
> > > > very high as in -r 2000 ?
> > >
> > > Yeah,
Kevin Chadwick wrote:
> On Fri, 23 Jun 2017 18:13:20 +0200
>
>
> > > I started by trying very high values with a simple password and
> > > expected to have to wait a long time but it was always around 7
> > > seconds?
> > very high as in -r 2000 ?
>
> Yeah, 2048? Is there a MAX?
i do not
Jia-Ju Bai wrote:
> Hi,
>
> I am a freshman in developing OpenBSD drivers, and I have a question in
> lock usage in OpenBSD kernel code.
>
> I only find two kinds of locks which are often used in OpenBSD drivers,
> namely "mutex lock" and "rw lock". I want to know which lock can be held
> when
Kai Wetlesen wrote:
> What would a potential curator of a bug tracker need
> to do besides spin up a server, install, and maintain
> the chosen (or written) software?
not underestimate the effort involved.
so this has come up before, and the answer remains the same. anyone can setup
a bug
Maurice McCarthy wrote:
> Hi,
>
> $ xauth list
> ...
> advancedsearch.virginmedia.com:0 MIT-MAGIC-COOKIE-1
> f3aa08ed0926482c51f5cb386e28a0ea
>
>
> Virgin Media is my ISP. Is this an intrusion into my system please? I
> ran xauth remove ... just for the sake of it anyhow.
well, even if it
Darren Marshall wrote:
> Hi guys,
>
> I'm trying to create a policy whereby a user added to an OpenBSD 6.0 system
> automatically gets their password expiry set to 60 days.
>
> I did think that this could be accomplished by adding upwexpire="60d" to
> /etc/adduser.conf but subsequent adding of a
Allan Streib wrote:
> My /etc/login.conf file has "blowfish,a" as the value for localciper in
> the default class.
>
> The login.conf(5) man page sys this about the "localcipher" capability:
>
> localcipherstring blowfish,aThe cipher to use for
>
sharon s. wrote:
> >
> >> softraid0: invalid metadata format
> > You filled the disk with random data, which is not a valid metadata
> > format...
> I followed the FAQ, http://www.openbsd.org/faq/faq14.html#softraidCrypto .
Sorry, I was hasty. You can also try creating smaller partitions. 16TB,
Choose a display name wrote:
> >As always, you can post your smtpd.config, dmesg and any errors
> >you're receiving. "it doesn't work" and "i have a problem" won't
> >get you much help on this list.
>
> I get no error, smtpd just hangs if network is up.
> It looks like this:
>
> # smtpctl show
myml...@gmx.com wrote:
> Steps to recreate:
>
> dd if=/dev/random of=/dev/rsd0c bs=1m (took over a week)
>
> fdisk -iy -g sd0 (I left off the "-b 960" because this is not a
> bootable partiton)
>
> disklabel -E sd0
>
> Label editor (enter '?' for help at any prompt)
> > a a
> offset: [64]
Jan Stary wrote:
> This is current current/i386 on a 2006 MacBook1,1 (model A1181).
> dmesg and sysctl hw below.
>
> OpenBSD 6.1-current (GENERIC.MP) #0: Wed May 10 23:42:09 CEST 2017
> h...@macbook.stare.cz:/usr/src/sys/arch/i386/compile/GENERIC.MP
> "ACPI0002" at acpi0 not configured
The
Andreas KusalanandaKähäri wrote:
> I'll try copying from an existing installation, and if that proves to be
> too problematic, I guess I just have to check out the OPENBSD_6_1 branch
> and build a new release (which I really had hoped I would not have to
> do).
There's nothing magic about the
Renaud Allard wrote:
> I did not reboot directly, I first tried a "ktrace dhcpd" which
> instantly lead to a kernel panic. After the mandatory reboot, everything
well that's somewhat disturbing.
Michael Hendricks wrote:
> I would like to have pledge on the command line so I can restrict an ad-hoc
> process during execution. For example:
>
> $ pledge "stdio" sed -e "s/foo/bar/g" output.txt
>
> I can't modify sed, for example, because I don't always want it pledged
> that tightly. Since
Christoph R. Murauer wrote:
> True but let me be a littlebit paranoid. Would it not be possible to create a
> new .fs / .iso with new keys in /etc/signify/* and new SHA256 / .sig files to
> place bad content and distribute it using a torrent ? I came across this idea
> as I readed long time ago
Christoph R. Murauer wrote:
> Let's say, you provide a torrent for the .fs and .iso files. Who trusts a
> SHA256.sig file from an unofficial torrent ?
The whole point of signing the SHA256 is you don't have to trust the person
who gives it to you.
Luke Small wrote:
> Would it be a good idea to make a pledge like call that limits a process
> from connecting to ports and/or hosts? Maybe it could be done in way that
> the kernel is made aware of the limitations like in a pledge call and while
> the process is alive, the kernel spawns pf rules
Robert Peichaer wrote:
> Parsing dmesg output always tends to be fragile, but what about this?
> Use whatever is enclosed in <> in the dmesg output for a disk and get
> the size from disklabel.
This looks insane. If somebody can tell us what output they want, we can
provide it in a more useful
LD wrote:
> I don't use the submission port on either server, just port 25, but 5.9
> sends a message-id and 6.0 does not. What does "/if necessary/" mean for the
> 5.9 server? What is the deciding factor to make the header necessary? I
> would like the v6.0 server to send a message-id too, how do
narvu...@tutanota.com wrote:
> Hello,
>
> Currently, there is no support for Skylake GPU, I just want to know if
> someone is working on it.
> If not, are there some technical difficulties to support this generation ? Or
> nobody is working on it ?
The technical difficulty is that upstream,
mitchell wodach wrote:
> I have not updated my -current box for about a week and a half so I
> don't know if that has something to with this. Should I update with a
> newer snapshot from the mirrors?
Yes.
1 - 100 of 1905 matches
Mail list logo
