Some diagnostics from crash(8) are below and in attachments.
crash> show all tstiles
PID LID COMMAND WAITING-FOR WAIT-CHANNEL
4999 4999 find 882851694480 88290bf87680
crash>
sleepq_block() at sleepq_block+0x13a
mtsleep() at mtsleep+0x146
lfs_check() at
Hi. I configured a pkgsrc bulk build on NetBSD-10 virtual machine and
selected LFS file system for temporary directory where object files are
created.
I know the status of LFS is "unknown" but this is not a production
machine. So, I just wanted to play with LFS a little bit.
Virtual machine was
On Thu, Dec 6, 2012 at 5:46 AM, matthew green m...@eterna.com.au wrote:
I've reread the whole thread but I don't understand how fch* and fexec*
differ.
As far as I can see all they cause the same sort of problems.
So, a solution should be the same for all of them.
AFAIK (i didn't write a
On Tue, Dec 4, 2012 at 7:42 PM, Robert Elz k...@munnari.oz.au wrote:
Even chroot isn't a problem, unless you're tempted to view it as some
kind of security mechanism. It really isn't
...
If true compartmentalisation is wanted for security purposes, we would
need something approaching true
On Wed, Dec 5, 2012 at 5:21 PM, Thor Lancelot Simon t...@panix.com wrote:
On Wed, Dec 05, 2012 at 05:17:25PM +0300, Aleksey Cheusov wrote:
On the other hand if we generalize improvements of fchdir(2) and fchroot(2)
(I mean EPERM if the current working directory is not at or under the new
On Sat, Oct 20, 2012 at 5:17 PM, Adrian Steinmann a...@netbsd.org wrote:
I have just delivered a presentation on pivot_root at EuroBSDcon
and have put up the most important slides, a patch including new files
against HEAD 20121017, and a custom ramdisk build I used to demonstrate
pivot_root
On Tue, Oct 23, 2012 at 11:31 AM, iMil i...@home.imil.net wrote:
Hi,
I planned to give a try to NetBSD 6.0 on our new HP DL ProLiant
360p G8 series, in order to set it up as our backbone firewalls
(from 1.2 to 2.4Gbps/s).
Installation went fine, but booting on machine's RAID fails with
the
On Tue, Oct 23, 2012 at 5:19 PM, Michael van Elst mlel...@serpens.de wrote:
On Tue, Oct 23, 2012 at 01:12:29PM +0200, iMil wrote:
Mostly says that our driver doesn't talk correctly to the hardware.
The panic in this place is of course pretty silly.
if (hb == sc-heartbeat)
On Sun, Mar 11, 2012 at 2:46 PM, Manuel Bouyer bou...@antioche.eu.org wrote:
On Sun, Mar 11, 2012 at 12:19:45PM +0300, Aleksey Cheusov wrote:
On Thu, Mar 8, 2012 at 2:31 PM, Manuel Bouyer bou...@antioche.eu.org wrote:
On Thu, Mar 08, 2012 at 02:04:49PM +0300, Aleksey Cheusov wrote:
On my
On Thu, Mar 8, 2012 at 2:31 PM, Manuel Bouyer bou...@antioche.eu.org wrote:
On Thu, Mar 08, 2012 at 02:04:49PM +0300, Aleksey Cheusov wrote:
On my system this crash is reproducible. At least it repeated three
times with xdm login. Does it make sense to send PR?
Does it always fail
way, or does the panic happen at random
places ?
I'll check it sunday.
--
Best regards, Aleksey Cheusov.
tests. It looks like a race condition causing memory corrution,
but this is hard to track down ...
On my system this crash is reproducible. At least it repeated three
times with xdm login. Does it make sense to send PR?
--
Best regards, Aleksey Cheusov.
I few minutes ago I updated the kernel and modules on my 6.0_BETA
to the latest netbsd-6 sources and enabled debugging kernel options.
optionsDEBUG # expensive debugging checks/support
makeoptionsDEBUG=-g # compile full symbol table
Userlevel was not updated.
On Fri, Mar 2, 2012 at 8:01 PM, Izumi Tsutsui tsut...@ceres.dti.ne.jp wrote:
For a number of reasons I decided to use ext2 filesystem on 60Gb memory
stick.
:
Unfortunately newfs_ext2fs works extreamly slowly
newfs_ext2fs(8) was intended to prepare boot partitions for
Linux based appliances
For a number of reasons I decided to use ext2 filesystem on 60Gb memory
stick.
umass0 at uhub7 port 1 configuration 1 interface 0
umass0: JetFlash Mass Storage Device, rev 2.00/1.00, addr 2
umass0: using SCSI over Bulk-Only
scsibus0 at umass0: 2 targets, 1 lun per target
sd0
for no benefits (unsharing credentials in
chroot(2) unconditionally cannot cause performance degradation). This is
why I think it's better and easier to unshare it in one place, that is
in chroot(2).
--
Best regards, Aleksey Cheusov.
to (different) problems.
I don't see any problem with (1)
--
Best regards, Aleksey Cheusov.
to implement things like securechroot(9) secmodel
described here
http://mail-index.netbsd.org/tech-kern/2011/07/09/msg010903.html
After commiting this patch I'll move the rest of securechroot(9)
to pkgsrc until it is ready to be integrated into the kernel.
Objections?
--
Best regards, Aleksey
, Aleksey Cheusov.
by fcntl outside of chroot
This needs additional checks and probably fixes.
I'd like to commit my initial version of securechroot and then
fix the rest problems one-by-one.
--
Best regards, Aleksey Cheusov.
;
if (new_rlimit-rlim_cur p-p_rlimit[which].rlim_cur ||
new_rlimit-rlim_max p-p_rlimit[which].rlim_max)
{
result = KAUTH_RESULT_DENY;
}
}
break;
--
Best regards, Aleksey Cheusov.
, Aleksey Cheusov.
)
· Modifying machine-dependent requests
· Access to kmem(4) files /dev/mem and /dev/kmem
SEE ALSO
chroot(2) kauth(9), secmodel(9)
AUTHORS
Aleksey Cheusov cheu...@netbsd.org
Elad Efrat e...@netbsd.org provided guidance and answered questions
about the kauth(9) framework
chroot
- exit from chroot
- modunload securechroot
What kind of details do uou need?
--
Best regards, Aleksey Cheusov.
.
· Modifying machine-dependent requests are not allowed.
· Access to kmem(4) files /dev/mem and /dev/kmem is not allowed.
SEE ALSO
chroot(2) kauth(9), secmodel(9)
AUTHORS
Aleksey Cheusov cheu...@netbsd.org
Elad Efrat e...@netbsd.org provided guidance and answered
a bcsp(4) device is not allowed.
· Adding and enabling a btuart(4) device is not allowed.
Can this be generalised to adding and enabling any kind of network
interface is not allowed?
I think yes. Thanks.
--
Best regards, Aleksey Cheusov.
26 matches
Mail list logo