Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Patrick Kristiansen
On Fri, Jan 31, 2020, at 09:29, Janne Johansson wrote: > Den tors 30 jan. 2020 kl 21:08 skrev Patrick Kristiansen > : > > > Properly starting up a daemon process requires several steps, > > > often involving unveil(2), pledge(2), chroot(2), prviledge > > > dropping, sometimes fork+exec for

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Kevin Chadwick
On 2020-01-31 12:16, KatolaZ wrote: > For instance, golang has had native support > for pledge(2) and unveil(2) for a while now. The semantics are a little different to C unveil but it certainly works and bundled by default in the golang.org/x. Not sure the documentation is great. It's a little

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Janne Johansson
Den fre 31 jan. 2020 kl 11:48 skrev Andrew Easton : > On Fri, Jan 31, 2020 at 10:47:17AM +0100, Patrick Kristiansen wrote: > > On Fri, Jan 31, 2020, at 09:29, Janne Johansson wrote: > > > Den tors 30 jan. 2020 kl 21:08 skrev Patrick Kristiansen < > patr...@tamstrup.dk>: > > > > > Properly

Re: Low throughput with 1 GigE interface

2020-01-31 Thread Nenhum_de_Nos
On Thu, January 30, 2020 11:43, livio wrote: > Dear all, > > I am unable to achieve decent throughput with a 1 GigE interface > (Intel I210) on OpenBSD 6.6. When running iperf3 I get around 145Mbit/s. > > The config/setup is: APU2c4, Win10 notebook, no switch, Cat.6a cable, > MTU 1500,

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Andrew Easton
On Fri, Jan 31, 2020 at 10:47:17AM +0100, Patrick Kristiansen wrote: > On Fri, Jan 31, 2020, at 09:29, Janne Johansson wrote: > > Den tors 30 jan. 2020 kl 21:08 skrev Patrick Kristiansen > > : > > > > Properly starting up a daemon process requires several steps, > > > > often involving

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread KatolaZ
On Fri, Jan 31, 2020 at 10:47:17AM +0100, Patrick Kristiansen wrote: [cut] > > I would like to get more information about doing application programming > for an OS like OpenBSD. I understand that if you program your > applications in C, you have readily available pledge/unveil, etc. But > many

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Janne Johansson
Den tors 30 jan. 2020 kl 21:08 skrev Patrick Kristiansen < patr...@tamstrup.dk>: > > Properly starting up a daemon process requires several steps, often > > involving unveil(2), pledge(2), chroot(2), prviledge dropping, > > sometimes fork+exec for privilege separation, and so on > > The process I

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Patrick Kristiansen
On Thu, Jan 30, 2020, at 23:32, Ingo Schwarze wrote: > In general, size and complexity tend to hurt security, but i know > too little about Java to say how relevant that general rule of thumb > is to the question of running a daemon using a Java Virtual Machine. > For example, Perl 5 is also a

ssh: probable minor bug in ssh -current

2020-01-31 Thread Aham Brahmasmi
Namaste misc, Overview: In update_known_hosts function in file src/usr.bin/ssh/clientloop.c [1], the message strings used in debug and error functions may need to be changed. Bug: In src/usr.bin/ssh/clientloop.c, ... static void update_known_hosts(struct hostkeys_update_ctx *ctx) { ... if (errno

syspatch(8) return values?

2020-01-31 Thread Adam Thompson
There's no mention of what syspatch(8) returns, in the manpage. I can prove quickly enough that it exits(0) when there's nothing to do, but I'm more interested in knowing (for automation purposes) what the return values are in other circumstances, and all my systems are already up to date.

ssh: switch UpdateHostKeys default back to "no" in ssh -current

2020-01-31 Thread Aham Brahmasmi
Namaste misc, Could I request the ssh volks to please switch the default for UpdateHostKeys back to "no"? The default for UpdateHostKeys has been very recently switched to "ask" from the earlier default of "no" in rev 1.323 of the file src/usr.bin/ssh/readconf.c [1]. This default has been

ssh: probable bug in ssh -current

2020-01-31 Thread Aham Brahmasmi
Namaste misc, Overview: In -current (#625), the ssh client is asking the user to accept updated server host keys after every successful connection. No host keys have actually been updated at the server side. Setup: Consider a server (-current #625) which uses host certificates. The server's

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Luke Call
The list might not like this but: Under your circumstances, I would collect the various ideas in this thread (including scripting possibly with nohup and/or bash's disown), the "pgrep || " idea somebody wrote, and whatever else is useful from the thread, and just make it work with careful testing

Open BSD 6.6 Gnome 3.3

2020-01-31 Thread Michael G Workman
Shout out to Theo DeRaadt and the OpenBSD Developers for making a great operating system. I have OpenBSD 6.6 Current with Gnome 3.3 running on a Dell Vostro Laptop with an SSD drive, and it runs great. However, every time I run Chromium web browser, I get prompted UNLOCK using a password. Very

Recovering corrupted encrypted partition

2020-01-31 Thread Xavier
Hello, Recently my 6.6-stable machine lost power while on, which aparently corrupted a softraid crypto partition (not a boot partition) that was mounted. Trying to decrypt it with the same bioctl command i usually use fails with the error: softraid0: invalid metadata format I tried bioctl's

Re: How did it happen?

2020-01-31 Thread gilles
January 30, 2020 4:44 PM, gil...@poolp.org wrote: > It depends on your configuration, not all setups are vulnerable. > > I think I recall your name from the comments on my tutorial and this is a > setup that would not be vulnerable for example. The bug still exists, but > it can't be used to

Re: How did it happen?

2020-01-31 Thread aisha
Really great article. Was very fun to read. And again thanks for your work on osmtpd, am actually sending from a server set up from your poolp post :D Sucks about the bug, but logic errors are the wurst. Take care. --- Aisha blog.aisha.cc On 2020-01-31 13:48, gil...@poolp.org wrote:

What are xxxterm users using today?

2020-01-31 Thread Allan Streib
I used to use xxxterm, then xombrero, and really liked the minimal approach and keyboard driven navigation. Any other former users of this browser, what are you using today to achieve any of this functionality in your browser? Allan

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Ingo Schwarze
Hi Andrew, Andrew Easton wrote on Fri, Jan 31, 2020 at 11:39:45AM +0100: > In the spirit of not demanding to much time from my contemporaries I > am especially greatful for pointers to conceptual documentation This is the closest thing, i guess: https://www.openbsd.org/events.html In

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread Ingo Schwarze
Hi Patrick, Patrick Kristiansen wrote on Fri, Jan 31, 2020 at 10:17:35AM +0100: > Trying to learn some valuable lessons from our interaction, could you > give some examples of what you mean by 'simpler approach' in this > context? Three examples: https://learnbchs.org/

Resource temporarily unavailable: have to recompile?

2020-01-31 Thread Luke A. Call
Hi misc. Am I running into a limit that will require recompiling the kernel (or changing my work style I suppose)? Which man pages should I read next, or should I be thinking about this differently? I am getting "Resource temporarily unavailable" in /var/log/authlog when I try to open too

bridge with unexpected ping forwarding

2020-01-31 Thread PJ
I have a router-to-be with 4 NICs, on which ip-forwarding is not yet enabled (and with OpenBSD 6.6). One IF has an IP on one network segment and the three other IFs are bridged together, with one of the three having an IP on another network segment. When I pinged the first IF, which should be

Re: Resource temporarily unavailable: have to recompile?

2020-01-31 Thread Luke A. Call
Cancel the cancellation. I am still seeing this problem, even after logging out/in and ulimit -u shows 712. Running "ps -U myusername|less" yields about 180 lines and the system becomes unable to start even another xterm, or in tmux on a console, unable to start another shell window (in both

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-31 Thread KatolaZ
On Fri, Jan 31, 2020 at 06:39:04PM +, Moisés Simón wrote: > Sorry to hijack, > > Do you know of any basic guide for this? > > I have done a syslog normalizer daemon which calls pledge(), unveil() and > redirects std{out,err} and forks to search and normalize the logs. > > I'm not

Re: Resource temporarily unavailable: have to recompile?

2020-01-31 Thread Luke A. Call
Sorry. It seems to have been just a ulimit and a login.conf value that I had not increased enough. On 01-31 13:20, Luke A. Call wrote: > [] > I am getting "Resource temporarily unavailable" in > /var/log/authlog when I try to open too many "ssh [-X] user@localhost" > connections, or even

Re: bridge with unexpected ping forwarding

2020-01-31 Thread Stuart Henderson
On 2020-01-31, PJ wrote: > I have a router-to-be with 4 NICs, on which ip-forwarding is not yet > enabled (and with OpenBSD 6.6). > > One IF has an IP on one network segment and the three other IFs are > bridged together, with one of the three having an IP on another network > segment. > > When I

Re: Support for ath10k QCA988x devices

2020-01-31 Thread Stuart Henderson
On 2020-01-28, Alexander Merritt wrote: > Hello, > > I am curious if there is any info on support for the wireless chipset > Qualcomm Atheros QCA988x in the ath10k drivers. These devices are sold by > PCEngines. Prior discussions I found on this list: > > On 2014-04-17 Thom Lauret wrote >>

Re: Recovering corrupted encrypted partition

2020-01-31 Thread Jan Stary
On Jan 31 18:25:45, int1...@airmail.cc wrote: > Hello, > Recently my 6.6-stable machine lost power while on, which aparently > corrupted a softraid crypto partition (not a boot partition) that was > mounted. Trying to decrypt it with the same bioctl command i usually > use fails with the error: >