On Sat, Aug 04, 2018 at 11:11:28PM +0100, Jason McIntyre wrote:
> On Sat, Aug 04, 2018 at 04:05:44PM -0500, Kris Katterjohn wrote:
> > On Sat, Aug 04, 2018 at 09:05:36PM +0100, Jason McIntyre wrote:
> > > fair enough. could you submit an updated diff, please?
> >
> > Sure. New diff below.
> >
>
On Sat, Aug 04, 2018 at 12:18:45PM +0100, Ricardo Mestre wrote:
> Hi,
>
> Here's another one for switchd(8) which removes cpath promise from pledge(2)
>
> OK?
This makes sense to me, and my usual tests worked without any issues.
ok akoshibe@
>
> Index: control.c
> ==
On Sat, Aug 04, 2018 at 11:11:28PM +0100, Jason McIntyre wrote:
> hi. i think this is better. i'd be tempted to remove "i.e.\&" from the
> diff too, but that's academic.
I think this is better too. Thanks for your comments.
I have no strong feelings about the "i.e.\&". Whatever you (or anyone
e
On Sat, Aug 04, 2018 at 04:05:44PM -0500, Kris Katterjohn wrote:
> On Sat, Aug 04, 2018 at 09:05:36PM +0100, Jason McIntyre wrote:
> > fair enough. could you submit an updated diff, please?
>
> Sure. New diff below.
>
> I used the same style that appears in the description of the restricted
> sh
sorry, forgot to mention that its on top of my ifconfig join diff
that adds the size_t len;
Klemens Nanni(k...@openbsd.org) on 2018.08.04 22:30:39 +0200:
> On Sat, Aug 04, 2018 at 09:19:46PM +0200, Sebastian Benoit wrote:
> > in the SIOCG80211ALLNODES ioctl case,
> > the proper type for i should b
On Sat, Aug 04, 2018 at 09:05:36PM +0100, Jason McIntyre wrote:
> fair enough. could you submit an updated diff, please?
Sure. New diff below.
I used the same style that appears in the description of the restricted
shell in the ksh man page.
Cheers,
Kris Katterjohn
Index: cu.1
The original version from Bruce Holloway in 1986-03-06 [0] did only one
signal(SIGINT), but the call was probably duplicated after code cleanup by ESR
somewhere between 1986 and 1993.
Please, confirm there is no hidden reason to call the same signal() twice.
I am unsure.
[0] https://groups.google
On Sat, Aug 04, 2018 at 10:26:41PM +0200, Klemens Nanni wrote:
> On Sat, Aug 04, 2018 at 09:03:16PM +0100, Jason McIntyre wrote:
> > this is what the man page says we already do (not that i've tested it).
> > i'm sure peter told me that's what running it without an argument does.
> ifconfig(8) says
On Sat, Aug 04, 2018 at 09:19:46PM +0200, Sebastian Benoit wrote:
> in the SIOCG80211ALLNODES ioctl case,
> the proper type for i should be size_t,
> also give it a nicer name and remove a tab.
I like the idea but your diff does not apply.
> (benno_net80211_use_sizet_in_ioctl.diff)
> diff --git sy
On Sat, Aug 04, 2018 at 09:03:16PM +0100, Jason McIntyre wrote:
> this is what the man page says we already do (not that i've tested it).
> i'm sure peter told me that's what running it without an argument does.
ifconfig(8) says so, but it's not working:
$ doas fgrep -c join /etc/hostname.
On Sat, Aug 04, 2018 at 02:09:31PM -0500, Kris Katterjohn wrote:
> On Sat, Aug 04, 2018 at 07:46:08AM +0100, Jason McIntyre wrote:
> > would it make more sense to just list under -r which commands are not
> > allowed, rather than repeating the text everywhere?
> >
> > currently -r says
> >
> >
On Sat, Aug 04, 2018 at 09:12:27PM +0200, Sebastian Benoit wrote:
> Hi,
>
> with this diff,
>
> ifconfig join
>
> will print the list of networks that are configured for autojoin.
>
> $ ifconfig iwm0 join
> iwm0: flags=208843 mtu 1500
> lladdr a4:7f:da:a4:d7:c1
> index 1 pri
in the SIOCG80211ALLNODES ioctl case,
the proper type for i should be size_t,
also give it a nicer name and remove a tab.
ok?
(benno_net80211_use_sizet_in_ioctl.diff)
diff --git sys/net80211/ieee80211_ioctl.c sys/net80211/ieee80211_ioctl.c
index b41b4fe09d8..6aebb432522 100644
--- sys/net80211/ie
> Some examples that will need consideration for unveil(2):
> - mount(2)
> - unmount(2)
> - quotactl(2)
> - chroot(2)
> - getfh(2)
> - acct(2)
> - coredump()
> - loadfirmware() - I think ifconfig(1) could make the kernel loading a
> firmware for some network card
>
> so having ni_unveil separa
> On Sat, Aug 04, 2018 at 10:40:11AM -0600, Bob Beck wrote:
> > On Fri, Aug 03, 2018 at 06:31:00AM +0200, Sebastien Marie wrote:
> > > On Thu, Aug 02, 2018 at 03:42:03PM +0200, Sebastien Marie wrote:
> > > > On Mon, Jul 30, 2018 at 07:55:35AM -0600, Bob Beck wrote:
> > > > > yeah the latter will
Hi,
with this diff,
ifconfig join
will print the list of networks that are configured for autojoin.
$ ifconfig iwm0 join
iwm0: flags=208843 mtu 1500
lladdr a4:7f:da:a4:d7:c1
index 1 priority 4 llprio 3
groups: wlan egress
media: IEEE802.11 autoselect (HT-MCS1
On Sat, Aug 04, 2018 at 07:46:08AM +0100, Jason McIntyre wrote:
> would it make more sense to just list under -r which commands are not
> allowed, rather than repeating the text everywhere?
>
> currently -r says
>
> This prevents all local filesystem operations and command
> execution
> > + nd.ni_unveil = 0; /* XXX No flags == allow it */
>
> see my comment about ni_unveil != 0.
>
> as you still have check on (ni_pledge & PLEDGE_STAT), it should be still
> ok.
>
It doesn't actually do this yt.. this comment was a reminder for me
and should have had allow it? for my deali
On Sat, Aug 04, 2018 at 10:40:11AM -0600, Bob Beck wrote:
> On Fri, Aug 03, 2018 at 06:31:00AM +0200, Sebastien Marie wrote:
> > On Thu, Aug 02, 2018 at 03:42:03PM +0200, Sebastien Marie wrote:
> > > On Mon, Jul 30, 2018 at 07:55:35AM -0600, Bob Beck wrote:
> > > > yeah the latter will be the way t
On Sat, Aug 04, 2018 at 01:15:14AM -0700, Jeremy Evans wrote:
> On 08/03 09:28, Jeremy Evans wrote:
> > The ssh-keygen -o flag wasn't listed in the synopsis, and -a was only
> > listed with -T (where it specifies the number of primality tests), not
> > for specifying the number of KDF rounds of new
On Fri, Aug 03, 2018 at 06:31:00AM +0200, Sebastien Marie wrote:
> On Thu, Aug 02, 2018 at 03:42:03PM +0200, Sebastien Marie wrote:
> > On Mon, Jul 30, 2018 at 07:55:35AM -0600, Bob Beck wrote:
> > > yeah the latter will be the way to go
> > >
> >
> > new diff with direct lookup using an indirec
Hi Lauri,
Lauri Tirkkonen wrote on Tue, Jul 17, 2018 at 09:14:29PM +0300:
> In the same vein as my previous diff for join(1), make paste(1)
> use getline instead of fgetln.
Committed with my tweks.
Thanks for your patch,
Ingo
Hi,
And here's another one that also removes cpath promise from vmd(8)
OK?
Index: control.c
===
RCS file: /cvs/src/usr.sbin/vmd/control.c,v
retrieving revision 1.28
diff -u -p -u -r1.28 control.c
--- control.c 13 Jul 2018 08:42:49
Hi,
Here's another one for switchd(8) which removes cpath promise from pledge(2)
OK?
Index: control.c
===
RCS file: /cvs/src/usr.sbin/switchd/control.c,v
retrieving revision 1.8
diff -u -p -u -r1.8 control.c
--- control.c 17 Jan 2
Hi,
As we discussed, here's a diff to revert back my previous commit on
eigrpd(8) and remove cpath promise entirely since if the socket is not
deleted at shutdown it won't cause any harm.
OK?
Index: control.c
===
RCS file: /cvs/src/
On 08/03 09:28, Jeremy Evans wrote:
> The ssh-keygen -o flag wasn't listed in the synopsis, and -a was only
> listed with -T (where it specifies the number of primality tests), not
> for specifying the number of KDF rounds of new-format private key files.
>
> I only tested creating a new private k
26 matches
Mail list logo