Re: Installer support to fetch/verify bsd.rd for release upgrade

2018-06-03 Thread Robert Peichaer
On Sun, Oct 08, 2017 at 09:56:15AM +, Robert Peichaer wrote: > Up to now, the upgrade procedure from one to the next release meant > that you had to manually download and verify the new ramdisk kernel. > > What about if you just needed to boot into the existing bsd.rd and > i

Re: Allow disks to be specifid by duid in install.sub

2018-06-02 Thread Robert Peichaer
On Fri, May 18, 2018 at 12:14:36PM +0200, Theo Buehler wrote: > On Thu, May 17, 2018 at 06:42:15PM -0600, Aaron Bieber wrote: > > On Thu, May 17, 2018 at 06:37:56PM -0600, Aaron Bieber wrote: > > > On Fri, Mar 02, 2018 at 07:32:04AM -0700, Aaron Bieber wrote: > > > > Hi, > > > > > > > > Currently

Re: ksh.kshrc: Fix quoting in {add,pre,del}_path() to work with spaces

2018-02-18 Thread Robert Peichaer
On Sun, Feb 18, 2018 at 12:36:43PM +0100, Klemens Nanni wrote: > On Tue, Nov 21, 2017 at 08:30:25PM +0100, Klemens Nanni wrote: > > On Sun, Nov 12, 2017 at 10:43:46PM +0100, Klemens Nanni wrote: > > > On Sun, Nov 12, 2017 at 09:04:22PM +0000, Robert Peichaer wrote:

Re: [patch] upon install of new operating system version, do not set root password to empty string

2017-12-03 Thread Robert Peichaer
On Wed, Nov 29, 2017 at 08:06:39AM +0100, Otto Moerbeek wrote: > On Tue, Nov 28, 2017 at 06:59:06PM -0500, Ian Sutton wrote: > > > This is a highly theoretical and experimental mitigation which stops the > > root password on newly upgraded/installed systems from being an empty > > string. The

Re: ksh.kshrc: Fix quoting in {add,pre,del}_path() to work with spaces

2017-11-12 Thread Robert Peichaer
On Sun, Nov 12, 2017 at 12:22:27AM +0100, Klemens Nanni wrote: > On Sat, Nov 11, 2017 at 08:03:36PM +0000, Robert Peichaer wrote: > > On Sat, Nov 11, 2017 at 08:11:25PM +0100, Klemens Nanni wrote: > > > pre_path()ing directories with spaces is broken due to bad quoting. >

Re: ksh.kshrc: Fix quoting in {add,pre,del}_path() to work with spaces

2017-11-11 Thread Robert Peichaer
On Sat, Nov 11, 2017 at 08:11:25PM +0100, Klemens Nanni wrote: > pre_path()ing directories with spaces is broken due to bad quoting. > > This diff takes care of that by properly passing double quotes through > eval and quoting the arguments for no_path() individually. > > Feedback? What is

Re: armv7: newfs efi-partition in when choosing manual-fdisk mbr

2017-11-10 Thread Robert Peichaer
On Fri, Nov 10, 2017 at 10:27:36AM +0200, Artturi Alm wrote: > Hi, > > currently, just editing the mbr to give more room for u-boot env growth, > will result in unbootable system, as the installer will fail to mount it, > and naturally things won't work beyond u-boot after reboot either. > > i'm

Re: /etc/netstart diff

2017-11-09 Thread Robert Peichaer
On Wed, Nov 08, 2017 at 10:47:43PM +0100, Holger Mikolon wrote: > The veriable $HN_DIR is set in /etc/netstart on line 166 but used only > once (line 78). The diff below makes use of $HN_DIR in the other cases > where netstart cares of ip address configuration. > > With below change I can

Re: Installer support to fetch/verify bsd.rd for release upgrade

2017-10-09 Thread Robert Peichaer
On Sun, Oct 08, 2017 at 09:56:15AM +, Robert Peichaer wrote: > Up to now, the upgrade procedure from one to the next release meant > that you had to manually download and verify the new ramdisk kernel. > > What about if you just needed to boot into the existing bsd.rd and > i

Installer support to fetch/verify bsd.rd for release upgrade

2017-10-08 Thread Robert Peichaer
Up to now, the upgrade procedure from one to the next release meant that you had to manually download and verify the new ramdisk kernel. What about if you just needed to boot into the existing bsd.rd and it would support downloading and verifying the bsd.rd of the next release? This diff changes

Re: [PATCH] run security(8) on first boot

2017-07-30 Thread Robert Peichaer
On Sat, Jul 29, 2017 at 05:25:51PM -0400, Joe Gidi wrote: > I did a couple of fresh installs the other day, which reminded me of a > minor irritation and prompted me to think about a possible solution. > > The first run of security(8) on a fresh install is not terribly helpful. > It produces a

Move {install,upgrade}.site script to the end of installs/upgrades (again)

2017-07-18 Thread Robert Peichaer
Originally, the installer executed the {install,upgrade}.site script at the end of installs and upgrades. Over time, code was after this step and now a list of things happen AFTER this script is executed. - make underlying device nodes for softraid devices - install the boot-block on disk -

Re: rc: Use IFS when looking for carp interfaces

2017-07-17 Thread Robert Peichaer
On Mon, Jul 17, 2017 at 03:39:29PM +0200, Klemens Nanni wrote: > The Internal Field Seperator is meant for this so use it instead of > reading and stripping ':' again. > > Feedback? Comments? > > Index: rc > === > RCS file:

Re: rc: reorder_libs: [1/2] Drop unused _l, exit early on failure

2017-07-17 Thread Robert Peichaer
On Mon, Jul 17, 2017 at 03:00:34PM +0200, Klemens Nanni wrote: > On Sun, Jul 16, 2017 at 09:09:44AM +0000, Robert Peichaer wrote: > > The rationale to picking the library versions before remounting was > > to keep the time window having rw /usr as small as possible. > > If

Re: rc: Use here document for temporary pf rule set

2017-07-16 Thread Robert Peichaer
On Sun, Jul 16, 2017 at 03:24:19PM +0200, Klemens Nanni wrote: > On Sun, Jul 16, 2017 at 12:41:09PM +0000, Robert Peichaer wrote: > > On Sun, Jul 16, 2017 at 02:28:59PM +0200, Klemens Nanni wrote: > > > On Sun, Jul 16, 2017 at 12:11:55PM +0000, Robert Peichaer wrote: > >

Re: rc: Use here document for temporary pf rule set

2017-07-16 Thread Robert Peichaer
On Sun, Jul 16, 2017 at 02:28:59PM +0200, Klemens Nanni wrote: > On Sun, Jul 16, 2017 at 12:11:55PM +0000, Robert Peichaer wrote: > > On Sun, Jul 16, 2017 at 01:37:56PM +0200, Klemens Nanni wrote: > > > This removes on level of indent, avoids the ugly RULES="$RULES ..."

Re: rc: Use here document for temporary pf rule set

2017-07-16 Thread Robert Peichaer
On Sun, Jul 16, 2017 at 01:37:56PM +0200, Klemens Nanni wrote: > This removes on level of indent, avoids the ugly RULES="$RULES ..." > repitition and spares a print. > > We could do a 'pfctl -ef -' right away but I kept changing and enabling > clearly seperated. Regarding the leading newlines and

Re: rc: reorder_libs: [2/2] Pick archive versions more efficiently

2017-07-16 Thread Robert Peichaer
On Sun, Jul 16, 2017 at 01:55:02PM +0200, Klemens Nanni wrote: > On Sun, Jul 16, 2017 at 10:26:25AM +0000, Robert Peichaer wrote: > > But I'd like to stay strict matching the filenames. > > > > + for _liba in /usr/lib/lib{c,crypto}; do > > + _libas=&qu

Re: rc: reorder_libs: [2/2] Pick archive versions more efficiently

2017-07-16 Thread Robert Peichaer
On Sun, Jul 16, 2017 at 01:23:00PM +0200, Klemens Nanni wrote: > On Sun, Jul 16, 2017 at 10:26:25AM +0000, Robert Peichaer wrote: > > On Sun, Jul 16, 2017 at 03:37:15AM +0200, Klemens Nanni wrote: > > > Why looping over all existing archives, picking the latest version of > &g

Re: rc: reorder_libs: [2/2] Pick archive versions more efficiently

2017-07-16 Thread Robert Peichaer
On Sun, Jul 16, 2017 at 03:37:15AM +0200, Klemens Nanni wrote: > Why looping over all existing archives, picking the latest version of > the current archive, skipping it in case it's already in our list of > selected latest versions or adding it otherwise? > > The current code runs ls|sort|tail

Re: rc: reorder_libs: [1/2] Drop unused _l, exit early on failure

2017-07-16 Thread Robert Peichaer
On Sun, Jul 16, 2017 at 07:18:00AM +0200, Theo Buehler wrote: > On Sun, Jul 16, 2017 at 03:34:07AM +0200, Klemens Nanni wrote: > > $_l is not used and picking the latest archive versions is of no use > > if /usr/lib cannot be written to. > > > > This patch applies cleanly before my next one but

Re: RFC 7217: /etc/{rc,netstart} [4/8]

2017-07-15 Thread Robert Peichaer
On Sat, Jul 15, 2017 at 05:09:43PM +, Florian Obser wrote: > netstart & simplification suggested by naddy > > OK? > > diff --git etc/netstart etc/netstart > index 71890bc7a5b..047eef1ab83 100644 > --- etc/netstart > +++ etc/netstart > @@ -190,6 +190,8 @@ if $PRINT_ONLY && (($# == 0)); then >

Re: RFC 7217: installer support [8/8]

2017-07-15 Thread Robert Peichaer
On Sat, Jul 15, 2017 at 05:16:04PM +, Florian Obser wrote: > OK? > > diff --git distrib/miniroot/install.sub distrib/miniroot/install.sub > index 26cecd81cbc..52360686b38 100644 > --- distrib/miniroot/install.sub > +++ distrib/miniroot/install.sub > @@ -2988,6 +2988,9 @@ do_upgrade() { >

Re: RFC 7217 installer bits

2017-07-14 Thread Robert Peichaer
On Fri, Jul 14, 2017 at 03:43:52PM +, Florian Obser wrote: > diff --git distrib/miniroot/install.sub distrib/miniroot/install.sub > index 26cecd81cbc..bf6c562c882 100644 > --- distrib/miniroot/install.sub > +++ distrib/miniroot/install.sub > @@ -2988,6 +2988,9 @@ do_upgrade() { >

Re: RFC 7217: random but stable addresses (take 3)

2017-07-14 Thread Robert Peichaer
On Fri, Jul 14, 2017 at 11:56:02AM +, Florian Obser wrote: > next try > - sha512 > - fixed key size > - /etc/soii.key > - man page tweaks from sthen & jmc and rewording by me to get rid of 48 bits > - link local address is updated when soii flag is toggled > > If this is the final version I

Re: install.sub: Fix scrambled address list in v6_defroute()

2017-07-10 Thread Robert Peichaer
On Sun, Jul 09, 2017 at 09:42:32AM +0200, Klemens Nanni wrote: > On Wed, Jun 14, 2017 at 03:00:11AM +0200, Klemens Nanni wrote: > > Installing -current the other day showed a broken list when picking > > the IPv6 default route just like reported on bugs@ five days ago[1]. > 1:

Re: [PATCH] etc/ksh.kshrc - unify command substitution

2017-07-10 Thread Robert Peichaer
On Fri, Jul 07, 2017 at 05:47:46AM +0100, Raf Czlonka wrote: > Hi all, > > I've noticed that etc/ksh.kshrc uses both types of command substitution > `command` and $(command). The below diff unifies it and uses > $(command) notation consistently. > > While there: > > - remove ':' (null utility)

Re: install.sub: Typo/whitespace nit

2017-07-07 Thread Robert Peichaer
On Tue, Jul 04, 2017 at 02:14:58AM +0200, Klemens Nanni wrote: > Remove duplicate full stop and add space after function name. > > Feedback/OK? > > Index: install.sub > === > RCS file: /cvs/src/distrib/miniroot/install.sub,v >

Re: install.sub: Clean v[46]_info() ouput

2017-07-03 Thread Robert Peichaer
On Wed, Jun 14, 2017 at 05:37:07PM +0200, Klemens Nanni wrote: > With this patch, v[46]_info() both output exactly what their description > says. > > As of now, these functions are only used through > set -- $(v4_info $_if) > which gracefully handles any constellation of whitespaces in the

Re: install.sub: ieee80211_{scan,config}: Allow quoted SSIDs

2017-07-02 Thread Robert Peichaer
On Thu, Jun 15, 2017 at 12:09:20AM +0200, Klemens Nanni wrote: > Instead of ignoring SSIDs containing whitespaces, slightly adjust the > commands to take everything in between 'nwid ' and ' chan' as SSID; if > it has double quotes at start *and* end, simply remove those. > > This enables users to

Re: kernel relinking at install/upgrade time

2017-06-30 Thread Robert Peichaer
On Mon, Jun 26, 2017 at 02:35:55PM -0600, Theo de Raadt wrote: > There is a diff in snapshots which does kernel relinking during > install or upgrade. > > Really amazing... This is now committed to the tree. -- -=[rpe]=-

Re: Update list of invalid users in install.sub

2017-05-06 Thread Robert Peichaer
On Fri, May 05, 2017 at 07:04:55PM +, Callum R. Davies wrote: > Hi tech@, was looking through the tree for the providence of the > amusing "No really..." message in the installer and saw that the list > of invalid users needed updating. Names are in the order found in > passwd, with the

Re: Xorg stipple

2017-02-26 Thread Robert Peichaer
On Sun, Feb 26, 2017 at 10:43:50AM +0100, Landry Breuil wrote: > On Wed, Mar 09, 2016 at 05:09:13PM -0600, joshua stein wrote: > > Is anyone seriously finding video/Xorg bugs through the default X > > stipple pattern anymore? Xorg changed the default to draw a black > > background a while ago

Re: add empty /root/.ssh/authorized_keys to mtree/sets ?

2017-02-05 Thread Robert Peichaer
On Sun, Feb 05, 2017 at 10:46:41AM +0100, Landry Breuil wrote: > Hi, > > when installing 'throwaway' VMs (manually, not always using autoinstall for > $REASONS) i've often found myself having to do right after the install: > install -d -m 700 /root/.ssh > install -m 600 /dev/null

Re: clean up and modernize test calls in bsd.obj.mk

2017-01-23 Thread Robert Peichaer
On Tue, Jan 24, 2017 at 01:01:57PM +1000, Theo Buehler wrote: > We're currently using several idioms for conditionally executing code in > bsd.obj.mk. I'd like to unify them for the sake of readability and > consistency. This was done joint with rpe. OK rpe@ > Index: share/mk/bsd.obj.mk >

Re: Installer error

2017-01-11 Thread Robert Peichaer
On Wed, Jan 11, 2017 at 01:21:30PM +0100, Theo Buehler wrote: > On Wed, Jan 11, 2017 at 01:10:12PM +0100, Theo Buehler wrote: > > On Wed, Jan 11, 2017 at 11:52:02AM +, Pedro Caetano wrote: > > > Hi tech@ > > > > > > I was running an headless installation via serial using today's snapshot > >

Re: Improve error message in rcctl(8)

2016-09-06 Thread Robert Peichaer
> Hi tech@, > > Daemon names historically match Antoine's alphanumeric proposal, and I > think underscore is a bit too much, if it's present use minus instead. > The logic behind this? Match this to word termination symbols in ksh. > > Kind regards, > Anton $ find /usr/ports -name '*_*.rc'

Re: anti-ROP mechanism in libc

2016-04-25 Thread Robert Peichaer
On Mon, Apr 25, 2016 at 10:57:37AM -0400, Ted Unangst wrote: > Theo de Raadt wrote: > > + cp -p /usr/lib/$_lib /usr/lib/$_tmplib > > + install -o root -g bin -m 0444 $_lib /usr/lib/$_lib && > > + rm -f /usr/lib/$_tmplib || > > +

Re: [PATCH] make 'set +o' useful and POSIX compatible

2016-03-06 Thread Robert Peichaer
On Sun, Mar 06, 2016 at 10:56:45AM +0100, Martin Natano wrote: > On Sun, Mar 06, 2016 at 05:32:16AM +0100, Martijn Dekker wrote: > > The command 'set -o' shows the current shell options in an unspecified > > format. Less well-known is the variant 'set +o', which should output the > > current shell

Re: netstart: only call ifautoconf is rtsolif is populated

2015-09-13 Thread Robert Peichaer
On Sun, Sep 13, 2015 at 01:35:02PM +0100, Stuart Henderson wrote: > On 2015/09/13 13:19, Stuart Henderson wrote: > > Avoid printing "IPv6 autoconf:" if you have no v6 rtsol interfaces. > > OK? > > As suggested by rpe, just do the check once in ifautoconf. > (I was trying to avoid the indent, but

Re: Update afterboot(8) for new PermitRootLogin default

2015-08-01 Thread Robert Peichaer
On Sat, Aug 01, 2015 at 08:25:06AM +0100, Jason McIntyre wrote: On Fri, Jul 31, 2015 at 07:20:36PM -0400, Michael Reed wrote: Hi all, I noticed that the default for the sshd_config option PermitRootLogin changed from yes to no [1], but afterboot(8) still refers to it as if yes is the

Re: sed -i

2015-07-17 Thread Robert Peichaer
On Fri, Jul 17, 2015 at 06:10:46PM +0200, Jasper Lievisse Adriaanse wrote: Hi, Here's a diff to add the '-i' flag to sed to do inplace edits. It's mostly from FreeBSD with some adjustments to prevent a race with unlink() and fopen() during the tempfile creation. It's been tested in a full

Re: autoinstall(8) tweaks

2015-04-07 Thread Robert Peichaer
On Mon, Apr 06, 2015 at 09:01:51PM +0100, Robert Peichaer wrote: On Mon, Apr 06, 2015 at 09:48:58PM +0800, Nathanael Rensen wrote: A couple of autoinstall(8) tweaks that I find useful. I find it convenient to be able to specify a path to the response file. I also prefer to use the DHCP

Re: autoinstall(8) tweaks

2015-04-06 Thread Robert Peichaer
On Mon, Apr 06, 2015 at 09:48:58PM +0800, Nathanael Rensen wrote: A couple of autoinstall(8) tweaks that I find useful. I find it convenient to be able to specify a path to the response file. I also prefer to use the DHCP supplied hostname rather than the MAC address. Actually, these ideas

Re: Small ifconfig output tweak for inet6?

2015-03-27 Thread Robert Peichaer
On Thu, Mar 26, 2015 at 05:46:12PM +0100, Henning Brauer wrote: * Mike Belopuhov m...@belopuhov.com [2015-03-26 14:36]: On 26 March 2015 at 14:27, Stuart Henderson st...@openbsd.org wrote: seems reasonable. (I'd quite like that for v4 too, though it wouldn't cope with non-contiguous

Re: Do you need/prefer the non-DUID option in the installer?

2015-03-15 Thread Robert Peichaer
On Sun, Mar 15, 2015 at 09:03:45PM +0300, Vadim Zhukov wrote: 15 ?? 2015 ??. 20:50 Theo de Raadt dera...@cvs.openbsd.org ??: On Sun, Mar 15, 2015 at 11:24:32AM -0400, Kenneth Westerback wrote: Using DUIDs in the installed /etc/fstab has

Re: fuck you pkg.conf

2014-11-29 Thread Robert Peichaer
On Sat, Nov 29, 2014 at 04:32:20PM +0100, Mark Kettenis wrote: Date: Sat, 29 Nov 2014 09:27:51 -0500 From: Ted Unangst t...@tedunangst.com On Sat, Nov 29, 2014 at 14:02, Antoine Jacoutot wrote: But that said, why does your pkg.conf keep returning? I don't have one on my laptop at

Re: new rc.conf(8) manual

2014-08-19 Thread Robert Peichaer
On Tue, Aug 19, 2014 at 10:44:54PM +0200, Ingo Schwarze wrote: Hi, while working on rcctl(8), i noticed that the rc.conf(8) manual is of... err, how can i express it politely... somewhat doubtful quality. Here is a stab at it. As a first step, i moved all the examples from the

Re: autoinstall(8): remove System hostname from example

2014-04-26 Thread Robert Peichaer
On Sat, Apr 26, 2014 at 07:54:44AM -0400, Kenneth Westerback wrote: On 26 April 2014 07:45, Patrik Lundin patrik.lundin@gmail.com wrote: On Sat, Apr 26, 2014 at 07:21:28AM -0400, Kenneth Westerback wrote: Assuming you mean dhclient.conf and not dhcpd.conf, the hostname of the system

Re: typo in distrib/miniroot/install.sub

2014-02-02 Thread Robert Peichaer
On Sun, Feb 02, 2014 at 04:08:09PM +0100, Markus Lude wrote: Hello, I noticed a typo in distrib/miniroot/install.sub. Fix is attached below. Regards, Markus Index: install.sub === RCS file: