Re: Historical Reasons For Default NAT Source Port Modification

2022-05-16 Thread Theo de Raadt
Elias Carter wrote: > I have found that preserving the source port if possible works better > out of the box when hosting publicly accessable UDP applications > within a private network. Preserving the source port also works better for attacking services... I don't see anything strange in what

Re: Wireguard IP packets fragmentation issue

2022-05-15 Thread Theo de Raadt
.Bd -literal -offset indent -inet 0.0.0.0 255.255.255.255 NONE \e +inet 0.0.0.0 255.255.255.255 0.0.0.1 \e pppoedev em0 authproto pap \e authname 'testcaller' authkey 'donttell' up -dest 0.0.0.1 inet6 eui64 I don't think this is the right way to go. Yes, on p2p links the

Re: Cron running at 99% CPU for seemingly no reason

2022-05-15 Thread Theo de Raadt
This is a bug in a diff I put into snapshots.

Re: hw.perfpolicy behavior on desktop/server

2022-05-12 Thread Theo de Raadt
f.holop wrote: > Theo de Raadt - Wed, 11 May 2022 at 18:08:53 > > f.holop wrote: > > > > > Stuart Henderson - Mon, 09 May 2022 at 17:17:57 > > > > Currently, you can either set it manually to low speed > > > > (hw.perfpolicy=manual, hw.setperf=0

Re: why does resolvd sort nameserver rules

2022-05-11 Thread Theo de Raadt
William Ahern wrote: > On Wed, May 11, 2022 at 04:54:02PM +0100, james palmer wrote: > > i have a local dhcp server running which gives out three nameservers: > > > > - 192.168.0.2 (resolves some local machine names) > > - 9.9.9.9 > > - 149.112.112.112 > > > > on linux, android, and windows

Re: hw.perfpolicy behavior on desktop/server

2022-05-11 Thread Theo de Raadt
f.holop wrote: > Stuart Henderson - Mon, 09 May 2022 at 17:17:57 > > Currently, you can either set it manually to low speed > > (hw.perfpolicy=manual, hw.setperf=0), modify the kernel (e.g. with the > > diff below), or use obsdfreqd from packages. The latter is only in > > -current packages not

Re: OpenBSD ports require xbase set - still true?

2022-05-09 Thread Theo de Raadt
undertaken by the ports developers. In short, Steffen, you need to shut up. Steffen Nurpmeso wrote: > Theo de Raadt wrote in > <36104.1652132...@cvs.openbsd.org>: > |The people who do the work make the decisions. > > Ok i will at least look what i was talking about.

Re: OpenBSD ports require xbase set - still true?

2022-05-09 Thread Theo de Raadt
The people who do the work make the decisions. Steffen Nurpmeso wrote: > Hello. > > Just a rant, not for ports@. > I am installing OpenBSD 7.1 right now; this is only a VM, and > i want to create / manage ports there. > Until now whenever i wanted to do this i had to install xbase, > otherwise

Re: HP T430 "Thin Client": Won't sysupgrade without HDMI monitor attached.

2022-05-06 Thread Theo de Raadt
Florian Obser wrote: > So, if you end up with a /bsd.upgrade on the running system that is > still mode 0700, your bootloader is on the fritz. > > If you have a /bsd.upgrade that's 0600 your bootloader found the kernel > and tried to boot it, but the installer didn't get very far. > > If there

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-05-04 Thread Theo de Raadt
Marc Espie wrote: > All the horrors stories I've seen in this discussion are related > to people trusting it blindly/automatically. But why wouldn't people trust it? All the documentation claims it produces a list of files that is obsolete. It says those files are obsolete & unused -- with

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-05-04 Thread Theo de Raadt
Sebastien Marie wrote: > a package could use old libraries, and such libraries will not be listed by > sysclean. the sysclean manual page claims that it correctly identifies "obsolete filenames". Obsolete, adj. 1.no longer produced or used; out of date. But this is innaccurate. By your

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-05-04 Thread Theo de Raadt
Sebastien Marie wrote: > semarie@ spoke about integrating some elements inside the installer when he > was > about "clean _other things_". It isn't about "stepping back". Even if the > installer would clean all it is possible to remove safely, I would still use > a > program to list

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-05-04 Thread Theo de Raadt
Harald Dunkel wrote: > Hi folks, > > I think the main problem is pretty easy to describe: OpenBSD loses track > about what it had installed and cannot clean up its own files on a system > upgrade. No, that is incorrect. Users are capable of creating linking against older lib*.so.* files. Such

Re: Maximum size of mfs in i386

2022-05-03 Thread Theo de Raadt
> What could be the cause? Is there any way to increase the MAXDSIZ to > nearly 3GB? No. Our i386 architecture is a bit special. Since older machines don't have a NX bit, we invented a "line-in-the-sand" scheme using segment limits. In a userland process, this places code below 512MB, and data

Re: clang 13 space issues with KARL

2022-04-28 Thread Theo de Raadt
>On Thu, Apr 28, 2022 at 10:44:09AM -0600, Theo de Raadt wrote: >> If people built properly sized machines there would be no problem. > >That's a little condescending don't you think? Not at all. If you don't use a tool as it was intended, you bear the consequences. *WE* built

Re: clang 13 space issues with KARL

2022-04-28 Thread Theo de Raadt
>On 2022-04-27, Nick Holland wrote: >>> What can I do to make KARL reorder_kernel use less memory without buying >>> more >>> RAM? I've turned KARL off for now but that's not a real solution and I hate >>> it. >>> >>> Is there no option in the clang 13.0.0 linker to store what it would >>>

Re: Sprurios errors from syspatch -c

2022-04-22 Thread Theo de Raadt
Richard Narron wrote: > On Fri, 22 Apr 2022, Lyndon Nerenberg (VE7TFX/VE6BBM) wrote: > > > After the 7.1 update syspatch -c started throwing errors due to a > > missing signatures file: > > > > Patch check: > > syspatch: Error retrieving > >

Re: Howto do "a detailed cleanup with the aid of the sysclean package"?

2022-04-21 Thread Theo de Raadt
Stuart Henderson wrote: > > Btw. there is another school of thought that says old cruft doesn't need > > to be removed, it's not causing any harm. If you need a clean system > > just reinstall and restore config and data from backups. It's a good > > excercise to check that your backups are

OpenBSD 7.1 released, April 21, 2022

2022-04-21 Thread Theo de Raadt
- OpenBSD 7.1 RELEASED - April 21, 2022. We are pleased to announce the official release of OpenBSD 7.1. This is our 52nd release. We remain proud of OpenBSD's record of

Re: Auto layout for disk partitions - a new user's perspective

2022-04-18 Thread Theo de Raadt
the installer creates partition layouts for a variety of _regular_ usage patterns. Both of these situations you describe are not the normal pattern. We don't want to over-allocate space to specific purposes like that. Other systems do one giant root partition and then avoid these space issues.

Re: Github/Bitbucket free alternative

2022-04-03 Thread Theo de Raadt
Tito Mari Francis Escaño wrote: > Hi everyone, > I'm trying to develop web apps on OpenBSD but Github and even Bitbucket > seems to think that only Windows and/or Linux are the platforms so I feel > forced to use VS Code that runs only on those systems. > Can somebody please point me to

Re: user cannot login on -current amd64: ulimit related?

2022-03-23 Thread Theo de Raadt
There was a bug related to rlimits around March 15. It has been fixed since. I think it is a big weird when people using snapshots reports a bug against week-old code. Do you think we do nothing for that week? Mare Dedeu wrote: > Hi, > > I am running -current on a thinkpad X270. After an

Re: 12-hour vs. 24-hour clock format

2022-02-23 Thread Theo de Raadt
s which do 24-hour clock by default, meaning it cannot force them do 12-hour clock when requested, so the proposal feels like a one-way road. Anyways, it is like you didn't read my reply, I was saying: I don't think we want to do your proposal. Svyatoslav Mishyn wrote: > (Wed, 23 Feb 09:13)

Re: Updating mrouted in Base

2022-02-23 Thread Theo de Raadt
Stuart Henderson wrote: > On 2022/02/23 09:16, Theo de Raadt wrote: > > Stuart Henderson wrote: > > > > > On 2022-02-21, Trace the Route wrote: > > > > Is it possible to include a newer version of mrouted in the base > > > > installation o

Re: Updating mrouted in Base

2022-02-23 Thread Theo de Raadt
Stuart Henderson wrote: > On 2022-02-21, Trace the Route wrote: > > Is it possible to include a newer version of mrouted in the base > > installation of OpenBSD? The existing version of mrouted (v3.8) is > > obviously quite old and lacks functionality found in newer versions. > > > > For

Re: 12-hour vs. 24-hour clock format

2022-02-23 Thread Theo de Raadt
Svyatoslav Mishyn wrote: > just wondering why are some programs using 12-hour/24-hour clock format > by default? > > For instance, 12-hour clock format: > w(1)/uptime(1) > Should it be fixed? We do not have a firm rule that all programs must use 24-hour clock, and I don't think we should

Re: Updating mrouted in Base

2022-02-21 Thread Theo de Raadt
Trace the Route wrote: > Is it possible to include a newer version of mrouted in the base > installation of OpenBSD? The existing version of mrouted (v3.8) is > obviously quite old and lacks functionality found in newer versions. > > For example, the existing version of mrouted is not able to

Re: No sound on ThinkPad X220 using current snapshot

2022-02-14 Thread Theo de Raadt
Josh Grosse wrote: > On Mon, Feb 14, 2022 at 05:58:37PM +0100, Dirk-Wilhelm Peters wrote: > > "Theo de Raadt" wrote: > > > > > > OpenBSD 7.0-current (GENERIC.MP) #325: Thu Feb 10 12:26:12 MST 2022 > > > > > > Your subject says "cu

Re: No sound on ThinkPad X220 using current snapshot

2022-02-14 Thread Theo de Raadt
Dirk-Wilhelm Peters wrote: > "Theo de Raadt" wrote: > > > > OpenBSD 7.0-current (GENERIC.MP) #325: Thu Feb 10 12:26:12 MST 2022 > > > > Your subject says "current snapshot". But then you show a 4-day old > > kernel. > > > &

Re: No sound on ThinkPad X220 using current snapshot

2022-02-14 Thread Theo de Raadt
> OpenBSD 7.0-current (GENERIC.MP) #325: Thu Feb 10 12:26:12 MST 2022 Your subject says "current snapshot". But then you show a 4-day old kernel. You can do better.

Re: Fsck_ffs seems to have trashed /usr/local

2022-02-11 Thread Theo de Raadt
Otto Moerbeek wrote: > On Fri, Feb 11, 2022 at 10:09:25PM +0100, Konrad Sowula wrote: > > > Hello, > > to keep things short, rebooting my vps using 'Server restart' in vultr > > control panel trashed my /usr/local directory (or at least i suppose > > that's all that has been damaged, haven't

Re: What happened to www/art on CVSWeb? Why is it empty?

2022-02-10 Thread Theo de Raadt
It is empty because we have other more important things to take care of. Our sincere apologies for the inconvenience. Kacper Wilgus wrote: > I tried to download some artwork from these pages: > > https://www.openbsd.org/art1.html > https://www.openbsd.org/art2.html >

Re: SSL write error: certificate verification failed: certificate has expired

2022-02-02 Thread Theo de Raadt
Your machine's time is wrong. Yogendra Kumar Chaudhary wrote: > Good morning, > > I am facing the following error while using pkg_add on OpenBSD 6.2. > > FTP: SSL write error: certificate verification failed: certificate has > expired > > 1. I have tried with multiple mirrors sites but the

Re: awk doesn't build on armv7

2022-02-02 Thread Theo de Raadt
Builds fine for me. Jan Stary wrote: > This is current/armv7 on a Beagle Bone Black (dmesg below). > make build just failed in usr.bin/awk with > > ===> usr.bin/awk > yacc -o awkgram.tab.c -d /usr/src/usr.bin/awk/awkgram.y > /usr/src/usr.bin/awk/awkgram.y: yacc finds 62 shift/reduce conflicts

Re: Potential mirror sync issue with snapshot packages

2022-01-24 Thread Theo de Raadt
Ricky Cintron wrote: > Before upgrading my -current system Saturday evening (Jan. 22), I noticed that > the snapshot packages for amd64 were partially synced. The first half are from > the 21st, while the second half are from the 20th. I checked the Fastly cdn, > the > Cloudflare cdn, and

Re: ttyflags hangs on Dell PowerEdge R200

2022-01-15 Thread Theo de Raadt
I think the bug is that com_acpi_match() should call ic/com.c comprobe1(), which verifies that an actual chip exists, rather than simply trusting the ACPI tables. If attach succeeds, open and ioctl become callable, and at that point if real hardware isn't present, the driver reacts very poorly.

Re: pkg_add -u fails with "failed to open CA file '/etc/ssl/cert.pem': Permission denied"

2022-01-14 Thread Theo de Raadt
OpenBSD default is for /etc/ssl/ to be root:wheel u+w,a+rx Harold, you broke your own machine. Stuart Henderson wrote: > On 2022-01-14, Harald Dunkel wrote: > > On 2022-01-14 10:42:56, Harald Dunkel wrote: > >> > >> Hi folks, > >> > >> trying to upgrade the installed packages I get > >> >

Re: Error on xenocara.tar.gz extraction

2022-01-13 Thread Theo de Raadt
It is just a warning, you can ignore it. I am not going to change my processes to ship a tar file without "." Rob Whitlock wrote: > Attempting to extract xenocara.tar.gz while avoiding root proviliges as > described here https://www.openbsd.org/faq/faq5.html#wsrc, I ran into an > error, shown

Re: auto_upgrade.conf ignored?

2022-01-07 Thread Theo de Raadt
Jan Stary wrote: > > 1) If you edit that file yourself, > > Is there any other way this file is supposed to come to existence > (except the one containing the default answers, which sysupgrade > writes itself) beside editing it by hand? sysupgrade creates it, exactly as it wants it to be. If

Re: auto_upgrade.conf ignored?

2022-01-07 Thread Theo de Raadt
Jan Stary wrote: > On Jan 07 10:52:51, dera...@openbsd.org wrote: > > Set name(s) = -x* > > Set name(s) = done > > > > By giving two seperate answers to the same question, you are making a > > gigantic assumption. > > Yes, that's probably wrong. > But the same happens with just > >

Re: auto_upgrade.conf ignored?

2022-01-07 Thread Theo de Raadt
Set name(s) = -x* Set name(s) = done By giving two seperate answers to the same question, you are making a gigantic assumption.

Re: Can OpenBSD use more than one fdisk partition?

2022-01-06 Thread Theo de Raadt
Marek Kozlowski wrote: > *Normally* only one fdisk partition. How about *abnormally*? I mean: > is it technically possible to place (and use!) more than one OpenBSD > partition for a drive? No.

Re: Can OpenBSD use more than one fdisk partition?

2022-01-06 Thread Theo de Raadt
Crystal Kolipe wrote: > On Thu, Jan 06, 2022 at 01:27:25PM +, Stuart Henderson wrote: > > On 2022/01/06 09:56, Crystal Kolipe wrote: > > > On Thu, Jan 06, 2022 at 11:11:30AM -, Stuart Henderson wrote: > > > > You can create more than one "fdisk partition" but there's not much > > > >

Re: Doku Wiki femail?

2022-01-03 Thread Theo de Raadt
Mihai Popescu wrote: > > It is an old less-secure practice ... > > I use to think about security as secure / insecure (not secure). Is it ok > to use grades like less secure, more secure, etc.? Let me provide a better answer. When you use fewer simple ingredients, you can judge the

Re: Doku Wiki femail?

2022-01-03 Thread Theo de Raadt
Mihai Popescu wrote: > > It is an old less-secure practice ... > > I use to think about security as secure / insecure (not secure). Is it ok > to use grades like less secure, more secure, etc.? chroot is used to create a really crappy privsep. Worse than duct tape in the sun.

Re: Doku Wiki femail?

2022-01-03 Thread Theo de Raadt
Thomas Bohl wrote: > Hello, > > > After several tries, i think the problem is the interpretation, in > > Universal Language; usually used in OBSD, it could be: > > Write this > > Do this > > But, in this case; there are not commands! > > Please, let me ask you, How to add /bin/sh to

Re: acpibat confusion

2021-12-25 Thread Theo de Raadt
In acpibat_notify(), if acpibat_getbst() or acpibat_getbix() return some sort of silent failure, such an error will be ignored and the acpibat_refresh() will reprocess the same data to export to sensors. In mosts cases replaying the same data will result in the same sensors, but maybe some

Re: how to reload date from ntpd

2021-12-25 Thread Theo de Raadt
ntpd is started early because there are services that work better with accurate time. In most cases, ntpd will very quickly build accurate clock, and those services run better. In some cases, people build situations which challenge ntpd's fast startup. Especially broken networks. Because this

Re: Is fw_update documentation outdated?

2021-12-25 Thread Theo de Raadt
fw_update is being replaced with a new program, and this is being tested in snapshots to ensure we have coverage all all circumstances. The new program is capable of updating firmwares while in the bsd.rd install/upgrade phase. This means some firmwares (specially *drm firmwares) will get

Re: Disk partition not recognized

2021-12-23 Thread Theo de Raadt
Rob Whitlock wrote: > On Thu, Dec 23, 2021 at 1:15 AM Theo de Raadt wrote: > > > > Crystal Kolipe wrote: > > > > > On Tue, Dec 21, 2021 at 06:04:28PM -0500, Rob Whitlock wrote: > > > > A problem seems to be that there is no disklabel entry for th

Re: Disk partition not recognized

2021-12-22 Thread Theo de Raadt
Crystal Kolipe wrote: > On Tue, Dec 21, 2021 at 06:04:28PM -0500, Rob Whitlock wrote: > > A problem seems to be that there is no disklabel entry for the ExFAT > > partition. > > You probably wrote a BSD disklabel to the disk before creating the ExFAT > partition. > > If there is no on-disk

Re: Disk partition not recognized

2021-12-22 Thread Theo de Raadt
James Cook wrote: > I thought the disklabel lives at the start of the OpenBSD partition. That is incorrect.

Re: Profiling ifconfig

2021-12-16 Thread Theo de Raadt
Claudio Jeker wrote: > On Thu, Dec 16, 2021 at 03:55:43PM +0800, Vladimir Nikishkin wrote: > > Hello, everyone > > > > Recently I had a problem: my system is losing network connectivity, > > although the interface (vio0 on KVM) seemed up. Restarting the > > connection with `ifconfig vio0 down`

Re: Missing action list in lesskey man page

2021-12-06 Thread Theo de Raadt
Ingo Schwarze wrote: > >> I'd much prefer to have > >> the actions explained in the lesskey(1) man page. > > No way. Copying half of the less(1) manual to the lesskey(1) manual > would result in a maintenance nightmare. I agree. This is not the first time one has to read two related pages to

Re: Memory protection and the push instruction (amd64)

2021-12-06 Thread Theo de Raadt
Theo de Raadt wrote: > Upon every system call entry, both the PC and SP are range-checked > against the object they point to, vaguely providing an addition kind of > MMU flag bit. This check hinders a variety of ROP pivot methods. I want to add one more comment. I believe th

Re: Memory protection and the push instruction (amd64)

2021-12-06 Thread Theo de Raadt
Otto Moerbeek wrote: > On Mon, Dec 06, 2021 at 05:59:41AM +, slembcke wrote: > > > So this is a fairly esoteric question, and I expect the answer might > > be just as esoteric. > > > > I have a little toy fiber/stackless coroutine library that I made a > > few years ago and have been using

Re: cd*.iso reboot loop (vultr, Skylake AVX MDS)

2021-12-04 Thread Theo de Raadt
Mike Larkin wrote: > On Sat, Dec 04, 2021 at 06:18:55PM +, Claus Assmann wrote: > > Just in case someone is wondering: vultr moved the VM to a different > > server, the system is up and running again. > > BTW: I guess I can ignore this: > > fd0 at fdc0 drive 1: density unknown > > > > > >

Re: cd*.iso reboot loop (vultr, Skylake AVX MDS)

2021-12-04 Thread Theo de Raadt
Philip Guenther wrote: > They have your virtualization guest configured in a way that doesn't match > any real hardware: it has a family-model-stepping combination that matches > the Skylake line, real hardware of which all have the cflushopt extension, > but the host is making the guest trap

Re: Problems with a fresh install not finding SSD drive over floppy img HTML5/KVM

2021-11-30 Thread Theo de Raadt
I am dissapointed to see "long answers" to "short spurious claims". Nick, your long mail didn't help anything. Chris, your report sucks. Use sendbug and file a bug report with no details missing. Not one user has reported a drive missing on a ahci controller before you, and suddenly you say

Re: Problems with a fresh install not finding SSD drive over floppy img HTML5/KVM

2021-11-30 Thread Theo de Raadt
Chris Bennett wrote: > After looking over the list, it looks like many SSD's have compatibility > problems, so I'm just going to switch over to a spinning drive. That is news to us.

Re: libdmx removal incomplete?

2021-11-28 Thread Theo de Raadt
>These files are still part of xshare70 set, and should not be >removed. There are part of xorgproto (xenocara/proto/xorgproto). > >> Lastly: From your emails it seems to me that the use of sysclean after >> upgrading is very much encouraged if not necessary. Then why is it not >> included in base

Re: isc-bind doesn't start...

2021-11-28 Thread Theo de Raadt
Christer Solskogen wrote: > on the recent snapshot (OpenBSD 7.0-current (GENERIC.MP) #126: Sun Nov 28 > 00:04:30 MST 2021) > > tugs# /usr/local/sbin/named -t /var/named -u _bind -U 4 > named:/usr/local/lib/libisc-9.16.23.so: undefined symbol > '__emutls_get_address' > ld.so: named: lazy binding

Re: Put non-NULL pledge abort in the man page

2021-11-24 Thread Theo de Raadt
Sebastien Marie wrote: > If the code you are using is restricted and can't be showed, please at > least show a ktrace output of the program run. At this point I am > still unsure that it is execve(2) which is causing pledge violation. actually I want to know where garbage code like this runs to

Re: Put non-NULL pledge abort in the man page

2021-11-24 Thread Theo de Raadt
ist. Luke Small wrote: > It works great, up until the time that pledge() ITSELF gets shot in the head, > which > seems would be impossible! It’s supposed to only throw errors! Or did I miss > the memo > that there’s a “pledge” pledge? > > On Wed, Nov 24, 2021 at 8:19 PM Theo de

Re: Put non-NULL pledge abort in the man page

2021-11-24 Thread Theo de Raadt
You have a secret program and you want people on the internet to help you debug what you have done wrong in this secret program. You obviously don't know what you are doing, and I think you don't deserve help. Luke Small wrote: > I have a program which runs fork() a couple times with pledges:

Re: lm(4) temperature

2021-11-20 Thread Theo de Raadt
Jan Stary wrote: > This is current/i386 on an ALIX.1E (dmesg below). > I am trying to monitor the CPU temperature with > > wbsio0 at isa0 port 0x2e/2: W83627HF rev 0x41 > lm1 at wbsio0 port 0x290/8: W83627HF > > $ sysctl hw.sensors.lm1 > hw.sensors.lm1.temp0=69.00 degC >

Re: boundend less than total sectors — amd64, install70.iso, new HDD

2021-11-17 Thread Theo de Raadt
Stuart Henderson wrote: > > If that's the case, you have to reinstall on GPT. > > But that isn't, if the disk is just used for OpenBSD and boot is close enough > to the start of the disk (i.e. root partition isn't too far in) then setting > the full disk with 'b' is enough, OpenBSD uses its own

Re: type checking/signalling shell and utilities?

2021-11-17 Thread Theo de Raadt
Reuben ua Bríġ wrote: > > Date: Wed, 17 Nov 2021 09:34:21 -0700 > > From: "Theo de Raadt" > > > > Oh you want magic > > > > you'll find it next to the ponies. > > This is not magic. It is syntax. Or is C also "magic"? > >

Re: type checking/signalling shell and utilities?

2021-11-17 Thread Theo de Raadt
Reuben ua Bríġ wrote: > I felt a more elegant solution would be a shell that can pass an array > of strings as an argument, just as C can, and knows when to do so, > rather than having each string as an argument. I wanted to know if > there is already a shell that accomplishes that.--No need to

Re: cron sh script fork

2021-11-15 Thread Theo de Raadt
Todd C. Miller wrote: > On Mon, 15 Nov 2021 20:13:01 +0300, misc@abrakadabra.systems wrote: > > > [/opt/bin]$ cat check.sh > > #!/bin/sh > > > > _ret=$(ps aux | grep sleeploop.sh | grep -v grep | awk '{print $2}') > > test -z ${_ret} && /opt/bin/sleeploop.sh & > > By default, ps uses 80

Re: cron sh script fork

2021-11-15 Thread Theo de Raadt
Your "ps" pipeline could identify other processes. If I was on your machine, I would start a long-running process with sleeploop.sh as an argument, your script sees it, and misbehaves. Don't do this. man 5 crontab A method to do this safer was -s command Only a single

Re: Some Thoughts on resolv.conf.tail Deprecation

2021-11-11 Thread Theo de Raadt
beebeet...@posteo.de wrote: > > I am not sure about what problem you are trying to solve. Won't the > > lines added by resolvd be overwritten anyway the first time you use the > > backed up file? > > What I'm trying to solve is that static part of the configuration being > mixed up with

Re: Some Thoughts on resolv.conf.tail Deprecation

2021-11-11 Thread Theo de Raadt
No, we will not do what you propose because resolvd so far is working for the majority of people, better than we expected. Luckily we provide all the parts including source, and you can do whatever you want with it. beebeet...@posteo.de wrote: > Hi all, > > I was reading the manual page of

Re: clang performance bug is worse on openbsd than freebsd

2021-11-08 Thread Theo de Raadt
Stuart Henderson wrote: > On 2021-11-08, Otto Moerbeek wrote: > > On Sun, Nov 07, 2021 at 08:13:36PM -0600, Luke Small wrote: > > > >> https://bugs.llvm.org/show_bug.cgi?id=50026 > >> > >> I reported it to the llvm people. it is two slightly different quicksort > >> algorithms which perform

Re: mmap with the arguments PROT_NONE and MAP_STACK

2021-11-04 Thread Theo de Raadt
overcq wrote: > >> However, I need to know how much of the stack is currently allocated > >> and how much remains only reserved. > > > Why? > > To be able to release reservations from the beginning of the stacks > when new in-program tasks are created. So that you can create any number > of

Re: mmap with the arguments PROT_NONE and MAP_STACK

2021-11-04 Thread Theo de Raadt
overcq wrote: > However, I need to know how much of the stack is currently allocated > and how much remains only reserved. Why?

Re: mmap with the arguments PROT_NONE and MAP_STACK

2021-11-03 Thread Theo de Raadt
overcq wrote: > Theo de Raadt wrote: > > > There would need to be justification for why that program wants to do > > that, before changing this. The restriction for stacks is a bit like > > a safety belt. > > I don't know how much stack each task will need, and

Re: mmap with the arguments PROT_NONE and MAP_STACK

2021-11-03 Thread Theo de Raadt
overcq wrote: > Hello, > > I am trying to run a program I wrote that was ported from Linux. > It allows you to run in-program tasks as C functions. Each such task > is set up with its own allocated stack. > > However, in OpenBSD I cannot allocate the stack with mmap > with the PROT_NONE flag,

Re: Mouse scrolling issues for anyone else?

2021-11-03 Thread Theo de Raadt
Ricky Cintron wrote: > I'm a bit confused as to why the snapshot from Oct. 30 included a > commit from Oct. 31, but everything else seems clear now. Diffs under review often land in snapshots.

Re: iwm stopped working on 7.0 after installing patches 001,002,003

2021-11-03 Thread Theo de Raadt
I do not think it is the errata, because they are completely unrelated to 802.11 drivers or stack. You can look at the errata closer and realize it has nothing to do with wifi. I suspect your firmware was updated. Or you changed something else. Doros Eracledes wrote: > Thanks Stefan, I did

Re: make: don't know how to make /usr/lib/crt0.o (prerequisite of: httpd)

2021-10-31 Thread Theo de Raadt
>From the script make obj && make && make install Which uses the whole toolchain. You need comp. You don't have a choice. Kent Watsen wrote: > The “httpd-plus” [1] patch installs just find when a fresh 7.0 install > selects packages "base", "bsd", "bsd.rd", "bsd.mp", “comp”, and

Re: pf and tap interfaces

2021-10-31 Thread Theo de Raadt
tech-lists wrote: > On Sun, Oct 31, 2021 at 09:33:54AM -0600, Theo de Raadt wrote: > >tech-lists wrote: > > > >> I'm asking this here because I'm trying to do this with FreeBSD but > >> their pf has diverged a lot from OpenBSD's > > > >that is in

Re: pf and tap interfaces

2021-10-31 Thread Theo de Raadt
tech-lists wrote: > I'm asking this here because I'm trying to do this with FreeBSD but > their pf has diverged a lot from OpenBSD's that is incorrect history. It is hard to see how 'absolutely minimal maintainance' can result in divergence. At some point, pf's state table data structures

Re: use pfctl to reread /etc/mail/spamd-white table

2021-10-28 Thread Theo de Raadt
>> I don't know how atomic that is: is the table either empty >> or does it contain all the addresses in the file? I would >> guess the addresses are added as they are read, just like >> when you add them manually. >> > >That is a wrong guess. pf tries to do things atomically when it makes >sense

Re: How does bsd.upgrade work?

2021-10-24 Thread Theo de Raadt
If you don't use all the interlocked openbsd pieces together, and replace some of them with your own, then you take on responsibility for the problems we didn't need to solve because they don't exist in our complete solution. I think that is pretty simple. I hope you understand. As such, I have

Re: Unable to log in with Pubkey after upgrade to 7.0

2021-10-22 Thread Theo de Raadt
Ares wrote: > On Fri, Oct 22, 2021 at 08:56:13AM -0600, Theo de Raadt wrote: > >Emiel Kollof wrote: > > > >> Ivo Chutkin schreef op vr 22-10-2021 om 15:23 [+0300]: > >> > Hello all, > >> > > >> > I am unable to log in with Pubk

Re: Unable to log in with Pubkey after upgrade to 7.0

2021-10-22 Thread Theo de Raadt
Emiel Kollof wrote: > Ivo Chutkin schreef op vr 22-10-2021 om 15:23 [+0300]: > > Hello all, > > > > I am unable to log in with Pubkey after upgrade to 7.0 > > > > I can log in with user/password. > > > > What i get in the log is: > > > > Oct 22 15:10:01 sklad sshd[88986]: userauth_pubkey:

Re: Ifconfig error - SIOCSETPFLOW

2021-10-21 Thread Theo de Raadt
It is 'working for you' until we remove dhclient in a future release. ... Antonino Sidoti wrote: > HI, > > I added ‘!dhclient \$if’ to the /etc/hostname.em0 and removed ‘dhcp’. It is > working now with no errors on startup and the interface ‘pflow0’ now working > properly. > > pf enabled >

Re: How BSD Authentication Works

2021-10-21 Thread Theo de Raadt
Dante Catalfamo wrote: > Hello friends, > > I just published a blog post about the BSD Authentication framework > and I'm very excited to share it with you! > > I'm not an OpenBSD developer but I tried my best to understand the > system and how it works. Please let me know if I got anything

Re: How does bsd.upgrade work?

2021-10-21 Thread Theo de Raadt
tetrahe...@danwin1210.me wrote: > On Mon, Oct 18, 2021 at 07:41:57PM -, Stuart Henderson wrote: > >> I resolved the problem. The solution was to run `sysupgrade -n` to > >> download all the upgrade files, and leave the `bsd.upgrade` kernel in > >> place, next to the `bsd` kernel I usually

Re: How does bsd.upgrade work?

2021-10-21 Thread Theo de Raadt
tetrahe...@danwin1210.me wrote: > On Mon, Oct 18, 2021 at 05:41:26PM +0200, Florian Obser wrote: > >I wouldn't call this "resolved". You are missing the point that > >bsd.upgrade should run automatically. *shrug* > > My setup is not standard, so it's normal that bsd.upgrade not run >

OpenBSD 7.0 released, Oct 14

2021-10-14 Thread Theo de Raadt
- OpenBSD 7.0 RELEASED - October 14, 2021. We are pleased to announce the official release of OpenBSD 7.0. This is our 51st release. We remain proud of OpenBSD's record of

Re: BGPD and source interface

2021-10-01 Thread Theo de Raadt
route [-T rtable] sourceaddr [-inet|-inet6] [address] route [-T rtable] sourceaddr [-inet|-inet6] -ifp interface Set the preferred source address. If address is the word "default", 0.0.0.0 or ::, source address will be chosen by the

Re: Sierra Wireless MC7455 umsm to umb

2021-10-01 Thread Theo de Raadt
This class of devices can be in multiple configurations. the OpenBSD driver doesn't have a way of changing the mode of the device, either permanently or temporarily, and we also lack a way of updating the firmware, which can also be desirable. I've heard there is some Windows tooling that can do

Re: 6.9/amd64 runaway acpi process on Thinkpad T580

2021-09-29 Thread Theo de Raadt
Mike Larkin wrote: > On Wed, Sep 29, 2021 at 08:44:54PM -0400, David Anthony wrote: > > After enabling "BIOS Thunderbolt Assist", I experience consistent machine > > slowdown on my T480. Previously, I experienced slowdown after power cycling > > my machine occasionally. Currently, with this BIOS

Re: SOLVED Re: 6.9/amd64 runaway acpi process on Thinkpad T580

2021-09-29 Thread Theo de Raadt
Jonathan Thornburg wrote: > On 2021-09-28 14>18>49, Daniel Wilkins wrote > > All you have to do is go into your bios' settings and turn on > > "BIOS Thunderbolt Assist" then everything will work 100% fine. > > > > Thanks to jcs on IRC for pointing me at that (dunno what his > > email is.) > >

Re: 6.9/amd64 runaway acpi process on Thinkpad T580

2021-09-28 Thread Theo de Raadt
> bios0: vendor LENOVO version "N27ET43W (1.29 )" date 08/13/2021 > bios0: LENOVO 20L9001GUS > acpi0 at bios0: ACPI 5.0 > acpi0: sleep states S0 S3 S4 S5 On the other hand, your BIOS is very new. So new that it has S0. These days Microsoft is only testing S0. Lenovo and some other vendors are

Re: 6.9/amd64 runaway acpi process on Thinkpad T580

2021-09-28 Thread Theo de Raadt
BTW, BIOS update has fixed interrupts issues like this in a surprising number of cases. No promises, tho. Jonathan Thornburg wrote: > After more experimentation, I find that the runaway ACPI process occurs > every time I suspend/resume (Fn-backspace). (The system resumes fine > apart from the

Re: 6.9/amd64 runaway acpi process on Thinkpad T580

2021-09-28 Thread Theo de Raadt
the term "runaway ACPI" is not the best. What is probably happening is a stuck interrupt. We continue to fight these. Some of them are BIOS bugs, some are undocumented behaviours, sometimes AML parse errors in setting things up, and potentially a few are due to incorrect resume sequencing.

Re: Mellanox driver support details https://man.openbsd.org/mcx.4

2021-09-28 Thread Theo de Raadt
We tend to keep our driver manual pages without detailed promises. They do ethernet, they do it best effort, etc. What you want to know can be found by reading the source, or the commit logs. Since this is a locally written driver, the code is surprisingly approachable. Andrew Lemin wrote: >

  1   2   3   4   5   6   7   8   9   10   >