Re: doas: improve error message

2020-10-08 Thread Jordan Geoghegan
On 2020-10-08 16:39, Klemens Nanni wrote: On Thu, Oct 08, 2020 at 04:23:53PM -0700, Jordan Geoghegan wrote: This improved error message would have been useful a few months ago where I had a number of end-users of one of my scripts get confused due to the cryptic error messages spit out by

Re: doas: improve error message

2020-10-08 Thread Ted Unangst
On 2020-10-09, Klemens Nanni wrote: > In case `cmd' and `args' in doas.conf(5) do not match, the generated > log message is unclear and might be read as if the command executed but > failed, i.e. returned non-zero: > > # cat /etc/doas.conf > permit nopass kn cmd echo args foo >

Re: doas: improve error message

2020-10-08 Thread Theo de Raadt
Klemens Nanni wrote: > The diff does not change behaviour or output for end-users on the > command line; instead it changes syslog messages which by default are > only readable by root. ^ That's the key detail for me, as it means no additional information is being

Re: doas: improve error message

2020-10-08 Thread Klemens Nanni
On Thu, Oct 08, 2020 at 04:23:53PM -0700, Jordan Geoghegan wrote: > This improved error message would have been useful a few months ago where I > had a number of end-users of one of my scripts get confused due to the > cryptic error messages spit out by doas. The diff does not change behaviour or

Re: doas: improve error message

2020-10-08 Thread Jordan Geoghegan
Hi Klemens, I'm not a dev, so I can't give you an OK, but I just wanted to say that I certainly support this change. This improved error message would have been useful a few months ago where I had a number of end-users of one of my scripts get confused due to the cryptic error messages spit

doas: improve error message

2020-10-08 Thread Klemens Nanni
In case `cmd' and `args' in doas.conf(5) do not match, the generated log message is unclear and might be read as if the command executed but failed, i.e. returned non-zero: # cat /etc/doas.conf permit nopass kn cmd echo args foo $ doas echo foo foo $ doas

Re: ssh-keygen: generate ed25519 keys by default

2020-10-08 Thread Stuart Henderson
On 2020/10/08 15:40, Christian Weisgerber wrote: > At this point, I don't know how many SSH servers are still out there > that don't handle Ed25519. I still have an ECDSA key somewhere > that I use to log into a machine that still runs... "OpenSSH_6.0p1 > Debian-4+deb7u7, OpenSSL 1.0.1t 3 May

Lenovo X1 gen 8 touchpad interrupt: pchgpio(4)

2020-10-08 Thread Mark Kettenis
Diff below adds a driver for the GPIO controller found on the Intel 400 Series PCH as found on (for example) the Lenovo X1 gen 8 laptop. Since I don't have such hardware, I'd appreciate some tests on laptops that current show: "INT34BB" at acpi0 not configured in their dmesg. To test, apply the

Re: ssh-keygen: generate ed25519 keys by default

2020-10-08 Thread Christian Weisgerber
On 2020-10-08, Eldritch wrote: > With the recent change to prefer ed25519 keys on the server side [1] > (unless I misunderstood what the change does), I think generating This only changed the client's order of preference for the various server key types. If a server doesn't offer an Ed25519

Re: /etc/daily: use find -delete

2020-10-08 Thread Denis Fondras
On Thu, Oct 08, 2020 at 05:32:15AM -0600, Todd C. Miller wrote: > We can use find's built-in -delete primary to remove old /tmp files > and directories. This is somewhat less error-prone than execing > rm or rmdir. > OK denis@ > - todd > > Index: etc/daily >

/etc/daily: use find -delete

2020-10-08 Thread Todd C . Miller
We can use find's built-in -delete primary to remove old /tmp files and directories. This is somewhat less error-prone than execing rm or rmdir. - todd Index: etc/daily === RCS file: /cvs/src/etc/daily,v retrieving revision 1.93

ssh-keygen: generate ed25519 keys by default

2020-10-08 Thread Eldritch
With the recent change to prefer ed25519 keys on the server side [1] (unless I misunderstood what the change does), I think generating ed25519 keys by default with ssh-keygen makes sense at this point. Many users prefer the algorithm for its speed, small key size, lack of trust in OpenSSL or RSA,