Re: alc0 watchdog timeout

2019-06-22 Thread Todd Mortimer 
On Sat, Jun 22, 2019 at 12:25:30PM +0200, Stephane HUC "PengouinBSD" wrote:
> HI
> 
> On 6.5-current:
> 
> As I wrote @ 1:46 AM, it seems OK!
> 
> But, I experiment some troubles on my connexion:
> 
> - unwanted SSH disconnections
> 
> - on X, with Firefox, tabs crashed always in same time.
> 
> Perhaps, for Firefox, it's a problem with pledge?
> 
> I see thoses messages in /var/log/messages - egual on 'dmesg':
> 
> Jun 22 11:21:21 ptb-z /bsd: firefox[1]: pledge "flock", syscall 92
> Jun 22 11:21:21 ptb-z /bsd: firefox[17962]: pledge "flock", syscall 92
> Jun 22 11:21:22 ptb-z /bsd: firefox[47501]: pledge "flock", syscall 92
> 
> (...)
> 
> firefox[68021]: pledge "flock", syscall 92
> firefox[22469]: pledge "flock", syscall 92
> firefox[41244]: pledge "flock", syscall 92
> 
> ???

This happens sometimes when firefox is calling into some library that
hits these syscalls, and those syscalls are not in the firefox pledge.
In my experience this is often some uncommon code path through X,
usually related to which graphics driver you are using, but it could be
anything. When I have this happen to me, it is always on specific
websites that trigger some rendering codepath through X that uses some
unusual way to allocate memory or something. In your case, it could also
be some extension you have loaded.

You can pretty easily see what is going wrong:

When a firefox tab crashes you should have a firefox.core file lying
around (usually in your $HOME, but it will be wherever you launched
firefox from). Run gdb on /usr/local/bin/firefox, and then load up the
core file. It will drop you into the spot where firefox was killed, and
you can check the backtrace to see what code path took you to the system
call that hasn't been pledged.

In this instance, firefox is calling fcntl, which is covered by the
"flock" pledge. You can add "flock" to the
security.sandbox.pledge.content line in about:config and see if that
makes it work for you. If you have at all modified the firefox content
or main pledges from their defaults, you should check to see if
reverting to their defaults helps ("flock" is in the main pledge by
default, but not in the content pledge).

Hope this helps.

Re: Trace/BPT trap with casperjs on 6.4

2018-10-27 Thread Todd Mortimer 
On Sat, Oct 27, 2018 at 08:35:45AM -0400, Jeff wrote:
> After upgrading to 6.4 casperjs seems to be broken.
>
>% casperjs sample.js
>Trace/BPT trap
>
> This used to work fine with 6.3.  Am I missing something obvious?

This looks an incompatibility between the older webkit engine used in
phantomjs and the retguard security feature introduced in clang in 6.4.
We disabled retguard in the x11/qt5/qtwebkit port for the same reason,
but it looks like nobody noticed that phantomjs was also affected. I am
a bit surprised - retguard was in 6.4-current since last June.

Building the www/phantomjs port with the diff below (generated against
the 6.4-stable ports branch) yields a working phanotmjs (and therefore a
working casper). I imagine the maintainer will have a nicer way to do
it, but this worked for me to get a working phantomjs.


Index: Makefile
===
RCS file: /cvs/ports/www/phantomjs/Makefile,v
retrieving revision 1.22
diff -u -p -u -r1.22 Makefile
--- Makefile15 Jul 2018 08:36:39 -  1.22
+++ Makefile27 Oct 2018 23:09:25 -
@@ -101,7 +101,7 @@ post-patch:
${WRKSRC}/src/qt/qtbase/mkspecs/openbsd-g++/qmake.conf

 MAKE_ENV += OSTYPE=openbsd \
-   CC=cc CXX=c++ LINK_C=cc LINK=c++ \
+   CC=cc CXX=c++ LINK_C=cc LINK=c++ CXXFLAGS="${CXXFLAGS} 
-fno-ret-protector" \
PYTHON=${MODPY_BIN} RUBY=${RUBY} \
MAKE=make \
MAKEFLAGS="-j ${MAKE_JOBS} PYTHON=${MODPY_BIN} RUBY=${RUBY}" \

Re: touchpad input driver: testing needed

2017-08-02 Thread Todd Mortimer 
Lenovo T430 here, everything seems to be in order. I didn't have to make
any changes to the defaults, and didn't have any synaptics config
before. It seems to behave the same, so I don't see any difference.

mouse.type=synaptics
mouse.rawmode=0
mouse.scale=1472,5470,1408,4498,0,60,85
mouse.tp.tapping=0
mouse.tp.scaling=0.182
mouse.tp.swapsides=0
mouse.tp.disable=0
mouse1.type=ps2

OpenBSD 6.1-current (GENERIC.MP) #34: Tue Aug  1 18:56:18 MDT 2017
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8256528384 (7874MB)
avail mem = 738560 (7629MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdae9c000 (68 entries)
bios0: vendor LENOVO version "G1ETB1WW (2.71 )" date 08/08/2016
bios0: LENOVO 2347H76
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP SLIC TCPA SSDT SSDT SSDT HPET APIC MCFG ECDT FPDT ASF! 
UEFI UEFI POAT SSDT SSDT DMAR UEFI DBG2
acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP3(S4) XHCI(S3) EHC1(S3) 
EHC2(S3) HDEF(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.55 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,ES
T,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: TSC frequency 2594554920 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1.2, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.12 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,ES
T,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
cpu2 at mainbus0: apid 2 (application processor)
cpu2: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.12 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,ES
T,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 1, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz, 2594.12 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 24 pins
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpiec0 at acpi0
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG_)
acpiprt2 at acpi0: bus 2 (EXP1)
acpiprt3 at acpi0: bus 3 (EXP2)
acpiprt4 at acpi0: bus 4 (EXP3)
acpicpu0 at acpi0: C3(200@87 mwait.1@0x30), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpicpu1 at acpi0: C3(200@87 mwait.1@0x30), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpicpu2 at acpi0: C3(200@87 mwait.1@0x30), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpicpu3 at acpi0: C3(200@87 mwait.1@0x30), C2(500@59 mwait.1@0x10), C1(1000@1 
mwait.1), PSS
acpipwrres0 at acpi0: PUBS, resource for XHCI, EHC1, EHC2
acpitz0 at acpi0: critical temperature is 200 degC
acpibtn0 at acpi0: LID_
acpibtn1 at acpi0: SLPB
"LEN0071" at acpi0 not configured
"LEN0015" at acpi0 not configured
"SMO1200" at acpi0 not configured
acpibat0 at acpi0: BAT0 model "45N1011" serial 49124 type LION oem "LGC"
acpiac0 at acpi0: AC unit offline
"LEN0078" at acpi0 not configured
acpithinkpad0 at acpi0
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
"PNP0C14" at acpi0 not configured
acpivideo0 at acpi0: VID_
acpivout at acpivideo0 not configured
acpivideo1 at acpi0: VID_
cpu0: Enhanced SpeedStep 2594 MHz: speeds: 2601, 2600, 2500, 2400, 2300, 2200, 
2100, 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 3G Host" rev 0x09
inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics 4000" rev 0x09
drm0 at inteldrm0
inteldrm0: msi
inteldrm0:

Re: FastCGI sent in stderr: "PHP message: PHP Warning: Unknown: Unable to create temporary file, Check permissions in temporary files directory.

2017-07-25 Thread Todd Mortimer 
Hi Stephane,

Are you sure that the env[TMP], env[TMPDIR] and env[TEMP] variables are
supposed to be relative to the real system root, or relative to the
chroot? If I were to guess, I would bet that php is trying to create a
file after chrooting itself, and inside the chroot, /var/www/tmp doesn't
exist. Try setting those env vars to /tmp and see if that works. 

Todd

On Tue, Jul 25, 2017 at 09:03:38AM +0200, Stephane HUC "PengouinBSD" wrote:
> Hi all.
> 
> I have this error on my,OpenBSD server (6.1) :
> 
> FastCGI sent in stderr: "PHP message: PHP Warning:  Unknown: Unable to
> create temporary file, Check permissions in temporary files directory.
> in Unknown on line 0
> 
> I use nginx+php70_fpm !
> 
> The php-fpm.conf for the instance:
> 
>  file ***
> [blog.stephane-huc.net]
> prefix = /var/www
> 
> user = user_blog
> group = www
> 
> listen.owner = www
> listen.group = www
> listen.mode = 0660
> 
> listen = run/php-fpm.$pool.sock
> listen.allowed_clients = 127.0.0.1
> 
> chroot = $prefix
> chdir = /
> 
> env[HOSTNAME] = $HOSTNAME
> ;env[PATH] = /usr/local/bin:/usr/bin:/bin
> env[TMP] = /var/www/tmp
> env[TMPDIR] = /var/www/tmp
> env[TEMP] = /var/www/tmp
> 
> php_admin_value[upload_tmp_dir] = /tmp
> php_admin_value[upload_max_filesize] = 8M
> *** EOF ***
> 
> Rights on /var/www/tmp:
> 
> $ ls -al /var/www/
> 
> 
> total 68
> drwxr-xr-x  17 root  daemon   512 Jul  5 04:59 ./
> drwxr-xr-x  25 root  wheel512 Jul  5 19:50 ../
> drwxr-xr-x  10 www   daemon   512 Jul  9 10:31 .ht/
> drwxr-xr-x  11 root  daemon   512 Jul  9 10:31 acme/
> drwxr-xr-x   2 root  daemon   512 Jun 25 13:51 bin/
> drwx-T  16 www   daemon   512 Jul  9 10:31 cache/
> drwxr-xr-x   2 root  daemon   512 Apr  1 21:38 cgi-bin/
> drwxr-xr-x  10 root  daemon   512 Jul  9 10:31 conf/
> drwxr-xr-x   3 root  daemon   512 Jun 25 13:48 etc/
> drwxr-xr-x  12 root  daemon   512 Jul  9 10:29 htdocs/
> drwxr-xr-x   2 root  daemon   512 Jun 24 22:59 html/
> drwxr-xr-x  11 root  daemon  1024 Jul 23 00:00 logs/
> drwxr-xr-x   2 root  daemon   512 Jun 28 18:11 modules/
> drwxr-xr-x  11 root  daemon  1024 Jul 25 08:39 run/
> drwxr-xr-x  10 www   www 2048 Jul  9 10:31 tmp/
> drwxr-xr-x   3 root  daemon   512 Jun 24 20:44 usr/
> drwxr-xr-x   3 root  daemon   512 Jun 24 21:17 var/
> 
> 
> where is the problem?
> 
> 
> -- 
> ~ " Fully Basic System Distinguish Life! " ~ " Libre as a BSD "   +=<<<
> 
> Stephane HUC as PengouinBSD or CIOTBSD
> b...@stephane-huc.net
>

cvs up permission denied?

2017-03-26 Thread Todd Mortimer 
Hello misc,

I noticed that my nightly cvs update job failed last night with the
error:

E can't create temporary directory /tmp/cvs-serv71983
error  Permission denied

I have tried both 

anon...@obsdacvs.cs.toronto.edu:/cvs
and 
anon...@anoncvs1.ca.openbsd.org:/cvs

I have tried updating both -stable 6.0 and -current with the same
result.

This looks like it is originating from the server side, but I could be
looking at it wrong. 

Is this just me? Or is anyone else having a similar problem?

Todd

Re: release and patch/errata info in (easily) machine readable format?

2015-12-06 Thread Todd Mortimer 
On Sat, Dec 05, 2015 at 11:20:41AM -0800, openbsd-m...@clark-communications.com 
wrote:
> One approach would be to scrape http://www.openbsd.org/errata.html
> , and figure out the release numbers, and
> then scrape the errata page of a particular release to obtain the patch
> numbers.

If you're just looking for a raw number that will increase for every
patch added, you shouldn't need to scrape the website. There is a
tarball containing all patches for a given release, eg:

http://ftp.openbsd.org/pub/OpenBSD/patches/5.8.tar.gz

It is updated once a day. If you retrieve this, you can get a crude
'patch level' by just counting the number of entries in this tarball:

$ tar -tzf 5.8.tar.gz | wc -l 
  10

If you want to remove the whitespace, you can pipe through tr:

$ tar -tzf 5.8.tar.gz | wc -l | tr -d '[:space:]' 
10$ 

But it sounds like you're using CVS, so I don't think you even need to
bother with the errata page. If you are updating CVS via cron, then 
add the -q flag to your cvs up command. If anything in the stable tree
is updated, then you'll get an email from cron listing the updated files
and then you can go build a new release using your usual method.
Everything that ends up on the errata page is also in CVS, so you won't
miss anything. 

If you do something like this, then the 'patch level' can be reduced to
just the day you did the build, and you can include this in your build
by creating a siteXX file:

http://www.openbsd.org/faq/faq4.html#site

Where your siteXX.tgz contains a file with the date you did the build
(say, /etc/builddate). Then you can easily see if your machines are
running the most recent build by comparing the contents of that file to
the date you did your most recent build. 

Anyway, I know this isn't quite what you were after (machine readable
version / patch level), but if you're just looking to know when to do a
new release build, then you should be able to get there by just tracking
CVS. If you're just looking to track errata, then the tarball can help
you without having to scrape the website, and if you'd prefer to not hit
the website unnecessarily, then tracking the www CVS repo can tell you
when the errata pages have changed, and then you can retrieve the patch
tarball without having to scrape out info about the actual patch
numbers. 

Todd