Re: add lld manual page

2018-02-28 Thread Jason McIntyre
On Thu, Mar 01, 2018 at 06:15:59PM +1100, Jonathan Gray wrote: > From lld svn rev 324739 with -z muldefs and -z retpolineplt text removed > to match lld 5.0.1. > morning. this will replace the ld page for archs building llvm, right? haven;t the stomach to read it yet, but no objections. you

add lld manual page

2018-02-28 Thread Jonathan Gray
>From lld svn rev 324739 with -z muldefs and -z retpolineplt text removed to match lld 5.0.1. Index: usr.bin/clang/lld/Makefile === RCS file: /cvs/src/gnu/usr.bin/clang/lld/Makefile,v retrieving revision 1.11 diff -u -p -r1.11

Re: disable efi watchdog

2018-02-28 Thread Jonathan Gray
On Sun, Feb 11, 2018 at 04:38:18PM +1100, Jonathan Gray wrote: > The UEFI specification states a watchdog should be armed for 5 minutes. > Stop this from resetting a system when in efiboot. Anyone? It is annoying to have the system reset itself when trying to do something in boot or purposefully

Re: More useful: something like doasedit

2018-02-28 Thread Emille Blanc
On 28.02.2018 15:10, Ingo Schwarze wrote: Hi, Felix Maschek wrote on Wed, Feb 28, 2018 at 08:24:19PM +0100: How would you prevent that something like 'doas vi /etc/fstab' (which will run as root) doesn't offer the user to enter a root shell within vi (by typing '.sh')? The sudo(8) utility

A patch that fixes /usr/games/hack

2018-02-28 Thread tonypony76
The game /usr/games/hack is currently broken. http://marc.info/?l=openbsd-cvs=147343518631317 A patch that fixes /usr/games/hack is included below. The patch moves the hackdir from /var/games to a user-specified directory. Procedures for specifying the directory (either on the command line,

Re: More useful: something like doasedit

2018-02-28 Thread Ingo Schwarze
Hi, Felix Maschek wrote on Wed, Feb 28, 2018 at 08:24:19PM +0100: > How would you prevent that something like 'doas vi /etc/fstab' (which > will run as root) doesn't offer the user to enter a root shell within vi > (by typing '.sh')? The sudo(8) utility has become able, over the decades, to

Re: openssl.1 diff

2018-02-28 Thread Ingo Schwarze
Hi, Holger Mikolon wrote on Tue, Feb 27, 2018 at 11:04:10PM +0100: > jmc@ wrote: >> i wonder whether we could more simply just use the date format [YY]YY, >> explain the 2050 cutoff, and forget about mentioning asn.1 time >> structures. >> >> or do you think there is a practical reason why the

axen invalid buffer printf

2018-02-28 Thread Jan Schreiber
I connect to a lot of different networks with an axen(4) driven USB network dongle. I often get spammed with "invalid buffer..." messages in my dmesg. This mail thread on bugs@ happened a while back but no patch was submitted: https://marc.info/?l=openbsd-bugs=149138214725080=2 I now changed the

[OT] VISUAL vs. EDITOR vs. vi [Was: Re: Utility to safely edit doas.conf]

2018-02-28 Thread Raf Czlonka
On Wed, Feb 28, 2018 at 06:08:42PM GMT, Tom Davis wrote: > Additionally, as Martin Schröder pointed out, all editor calls > should use $EDITOR, but in case a user doesn't have that > defined, use > > ${EDITOR:-vi} > ${VISUAL:-${EDITOR:-vi}} ... and everyone's happy :^) Raf

Re: [PATCH] src - fix IPsec capitalisation

2018-02-28 Thread Jason McIntyre
On Mon, Feb 26, 2018 at 12:15:28PM +, Raf Czlonka wrote: > Hi all, > > Fix capitalisation of IPsec as per the RFC[0] - obviously, only > where this makes sense. > > The remaining one in cert.pem[1] will get fixed automatically once > the file is regenerated, after the object identifiers'

Re: openssl.1 diff

2018-02-28 Thread Jason McIntyre
On Wed, Feb 28, 2018 at 08:43:34PM +0100, Holger Mikolon wrote: > > > > Index: openssl.1 > > > > === > > > > RCS file: /cvs/src/usr.bin/openssl/openssl.1,v > > > > retrieving revision 1.87 > > > > diff -u -r1.87 openssl.1 > > > > ---

Re: openssl.1 diff

2018-02-28 Thread Holger Mikolon
> > > Index: openssl.1 > > > === > > > RCS file: /cvs/src/usr.bin/openssl/openssl.1,v > > > retrieving revision 1.87 > > > diff -u -r1.87 openssl.1 > > > --- openssl.1 18 Feb 2018 07:43:55 - 1.87 > > > +++ openssl.1

Re: More useful: something like doasedit (was: Utility to safely edit doas.conf)

2018-02-28 Thread Felix Maschek
Hi, possibly there is only some missing enlightenment for me. How would you prevent that something like 'doas vi /etc/fstab' (which will run as root) doesn't offer the user to enter a root shell within vi (by typing '.sh')? You may direct me to appropriate man pages. Thank you! Kind

Re: dhcp-options(5) diff

2018-02-28 Thread Kenneth R Westerback
On Wed, Feb 28, 2018 at 05:27:41PM +0100, Matthieu Herrb wrote: > On Wed, Feb 28, 2018 at 05:24:20PM +0100, Matthieu Herrb wrote: > > Hi, > > > > I've started using the classless-static-route option in dhcpd(8). This > > was not as painless as possible because I missed some important > >

Marvel Yukon Ultra II NIC badly supported by msk driver

2018-02-28 Thread Damien Boureille
Hi, I'm trying to install OpenBSD 6.2 on a Netgear RNDU2000 NAS. The Marvel Yukon Ultra II NIC is supposedly supported by the msk driver, but this particular NIC has troubles receiving packets. Log from the serial console (install initrd):

Re: More useful: something like doasedit (was: Utility to safely edit doas.conf)

2018-02-28 Thread Michael Price
Perhaps I am just dense, but what problem does sudoedit solve that is not easily solved with groups and chmod? Michael On Wed, Feb 28, 2018 at 12:57 PM Felix Maschek wrote: > Hi, > > to prevent privilege escalation by allowing 'sudo vi' (simple by > invoking a shell from

Re: Utility to safely edit doas.conf

2018-02-28 Thread Tom Davis
In the line > +tempfile=$(mktemp -t doas. || exit 1) the "|| exit 1" doesn't actually do anything. In order to exit the script the or bit must occur outside the subshell created by the parenthesis. So tempfile=$(mktemp -t doas.) || exit 1 This will work with simple

More useful: something like doasedit (was: Utility to safely edit doas.conf)

2018-02-28 Thread Felix Maschek
Hi, to prevent privilege escalation by allowing 'sudo vi' (simple by invoking a shell from within vi) there is a special command 'sudoedit'. So far I can see this is missing currently if I use doas instead of sudo. So adding a similar command is more helpful to secure a system than special

Re: Utility to safely edit doas.conf

2018-02-28 Thread Frans Haarman
I've wondered about the usefulness of something like 'rcctl edit bgpd'and a bgpd_conf=/etc/bgpd.conf in rc.conf. Together with a 'rcctl clone' creating rc.d/bgpd symlink and rc.conf.local flags. Might make it easier running multiple of the same daemons? Add more cool stuff later like 'rcctl

Re: Utility to safely edit doas.conf

2018-02-28 Thread Stuart Henderson
On 2018/02/28 16:16, Anthony Perkins wrote: > The following is a shell script to safely edit /etc/doas.conf so that you > avoid locking yourself out with a bad config. I managed to do this myself, so > thought it might be useful to a wider audience. You can still lock yourself out with a bad

Re: Utility to safely edit doas.conf

2018-02-28 Thread Martin Schröder
2018-02-28 17:16 GMT+01:00 Anthony Perkins : > +vi $tempfile Use $EDITOR, don't call vi directly. Best Martin

Re: armv7 really isn't a strict-alignment architecture

2018-02-28 Thread Brandon Bergren
> > > > Date: Tue, 27 Feb 2018 22:30:43 +0100 (CET) > > > > From: Mark Kettenis > > > > ... > > > > The stack needs 8-byte alignment, so .align 3. In a "bad" kernel I > > > > have lying around the stack is properly aligned though. But esym > > > > isn't because .data

Re: times(3): return monotonically increasing values

2018-02-28 Thread Todd C. Miller
On Wed, 28 Feb 2018 10:23:24 -0600, Scott Cheloha wrote: > I know it's not customary to put extra details in RETURN VALUES, but > times(3) is a bit unwieldy. How does the attached read? OK by me. - todd

Re: dhcp-options(5) diff

2018-02-28 Thread Matthieu Herrb
On Wed, Feb 28, 2018 at 05:24:20PM +0100, Matthieu Herrb wrote: > Hi, > > I've started using the classless-static-route option in dhcpd(8). This > was not as painless as possible because I missed some important > information from the underlying RFC to understand how the option is > used by

dhcp-options(5) diff

2018-02-28 Thread Matthieu Herrb
Hi, I've started using the classless-static-route option in dhcpd(8). This was not as painless as possible because I missed some important information from the underlying RFC to understand how the option is used by clients and how it should be configured on the server. The patch below tries to

Re: times(3): return monotonically increasing values

2018-02-28 Thread Scott Cheloha
On Wed, Feb 28, 2018 at 08:58:41AM -0700, Todd C. Miller wrote: > On Wed, 28 Feb 2018 09:46:30 -0600, Scott Cheloha wrote: > > > I want to avoid giving the reader even the slightest impression that > > the return value from times(3) can be used for anything but real-time > > interval measurement.

Re: Utility to safely edit doas.conf

2018-02-28 Thread Theo de Raadt
Yeah. And I suppose we also need seperate programs for all the other files in /etc? Such as visysctl.conf, vivm.conf, vigroup, vishells, virc.conf.local, visshd, vissh, etc After all, someone could create unsafe configurations, and lots of handholding is needed everywhere, yes? I'm sorry, but

Utility to safely edit doas.conf

2018-02-28 Thread Anthony Perkins
The following is a shell script to safely edit /etc/doas.conf so that you avoid locking yourself out with a bad config. I managed to do this myself, so thought it might be useful to a wider audience. It is inspired by the 'visudo' tool: it copies doas.conf to a temporary directory then opens

Re: times(3): return monotonically increasing values

2018-02-28 Thread Jason McIntyre
On Wed, Feb 28, 2018 at 09:56:14AM -0600, Scott Cheloha wrote: > > One last thing: in ERRORS, the phrasing varies when we do a cross > reference. It's usually something like > > [...] may fail and set errno for any of the errors specified for [...] > > but then you have a mix of "library

Re: times(3): return monotonically increasing values

2018-02-28 Thread Todd C. Miller
On Wed, 28 Feb 2018 09:46:30 -0600, Scott Cheloha wrote: > I want to avoid giving the reader even the slightest impression that > the return value from times(3) can be used for anything but real-time > interval measurement. Mentioning that the value is relative to the > system start time seems

Re: times(3): return monotonically increasing values

2018-02-28 Thread Scott Cheloha
On Tue, Feb 27, 2018 at 07:15:03AM +, Jason McIntyre wrote: > On Mon, Feb 26, 2018 at 07:12:20PM -0600, Scott Cheloha wrote: > > [...] > > > [...] > > > > I don't have access to 1003.1-1988 [1] (the most recent standard > > cited in times.3). Has the description changed much? > > > > it

Re: times(3): return monotonically increasing values

2018-02-28 Thread Scott Cheloha
On Tue, Feb 27, 2018 at 11:38:07AM -0700, Todd C. Miller wrote: > On Mon, 26 Feb 2018 19:12:20 -0600, Scott Cheloha wrote: > > > Reading the latest POSIX description for times(3): > > > > > Upon successful completion, times() shall return the elapsed > > > real time, in clock ticks, since an

Re: unhandled firmware response in iwm

2018-02-28 Thread Jan Schreiber
On 02/28/18 15:35, Stefan Sperling wrote: > On Tue, Feb 27, 2018 at 10:55:05AM +0100, Jan Schreiber wrote: >> On 02/27/18 09:06, Stefan Sperling wrote: >>> On Mon, Feb 26, 2018 at 11:55:34PM +0100, j...@posteo.de wrote: When connecting to a wifi network messages like "iwm0: unhandled firmware

Re: unhandled firmware response in iwm

2018-02-28 Thread Stefan Sperling
On Tue, Feb 27, 2018 at 10:55:05AM +0100, Jan Schreiber wrote: > On 02/27/18 09:06, Stefan Sperling wrote: > > On Mon, Feb 26, 2018 at 11:55:34PM +0100, j...@posteo.de wrote: > >> When connecting to a wifi network messages like "iwm0: unhandled firmware > >> response 0xff/0xb810 rx ring"