Re: reverse USB driver - is it possible?
Have a look at: sys/dev/usb/storage/ustorage_fs.c Currently just implements a RAM disk. Patches are welcome. many answers - contradicting itself. others says hardware is unable to do so, you say it is done. then - how to use it? any docs? :) ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
Re: detailed map of WIRED memory under FreeBSD 9
thank you On Mon, 4 Jun 2012, Peter Jeremy wrote: On 2012-Jun-01 10:19:37 +0200, Wojciech Puchar wrote: what tool and how can be used to display detailed map what exactly wired memory on my system as it is far way too much (1.5GB out of 4GB RAM). The procfs "map" pseudo-file should give you this information on a per-process level. Unfortunately, the only documentation appears to be the source (sys/fs/procfs/procfs_map.c) -- Peter Jeremy ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
Re: nvidia-driver-295.49 is highly unstable
On Sun, 27 May 2012 20:50:59 -0300 Mario Lobo wrote: > On Sunday 27 May 2012 14:05:16 Yuri wrote: > > On 05/27/2012 10:01, David Wolfskill wrote: > > > So, at least in my case, I respectfully disagree with the > > > assessment in the Subject. > > > > i386 is one difference (I use amd64) > > FX 770M is another difference (I use 9400GT) > > I also have everything updated with the similar portmaster command. > > > > Yuri > > I use 8-STABLE amd64 with 295.40/9800GT and been using it since I can > remember. Except for some quircks with early VirtualBox versions, I > have NEVER had a problem with ANY version of the driver I've used. > FWIW uname -a FreeBSD udns 8.3-STABLE FreeBSD 8.3-STABLE #2: Sun May 20 22:25:10 PDT 2012 root@udns:/usr/obj/usr/src/sys/AMD64 amd64 Xorg.0.log NVIDIA GPU GeForce 7800 GT (G70) PCI:*(0:1:0:0) 10de:0092:3842:c518 NVIDIA Corporation G70 [GeForce 7800 GT] rev 161 NVIDIA dlloader X Driver 295.40 Thu Apr 5 21:27:46 PDT 2012 Has always worked w/o any issues -- ever. ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
[RFC] last(1) with security.bsd.see_other_uids support
Hi,
I've written up a patch to add some privacy to last(1) while still
giving non-privileged users access to their own login history.
This is still a work in progress. I am reaching out to make sure my
approach is proper and to get some input on code sharing. My goal is to
add this support to w(1) and who(1) as well. FWIW I have been running a
similar patch on my own shared-hosting systems (pre-utmpx) for a few years.
Changes:
* Added utmp group
* All utmpx files are 660 root:utmp
* last(1) runs setgid(utmp) and drops this as soon as the utmpx files
are opened.
* Users in the wheel or utmp group can see all entries
* IFF security.bsd.see_other_uids=0: users only see their own entries,
as well as shutdown/boot/init times.
* If security.bsd.see_other_uids=1, all entries are always shown, as it
does now.
Justifications:
Why the changes? This makes sense for shared hosting environments where
jails are not practical. A user should be able to see their own login
history, to see if someone has been accessing their account, but not to
see the IPs of other users. The intention is *not* to disallow them to
see that other users of the system. Obviously they can just cat
/etc/passwd. This is just about IP privacy.
Why the setgid? Allow reading the entries, but disallow directly opening
the utx files. I've seen some shared hosts incorrectly chmod 0
/usr/bin/last, but still leave the utmp files wide open for reading!
Why the utmp group? It's consistent with other systems (OpenBSD, Linux),
and allows giving a user access to see all entries, without granting
them wheel or allowing a non-privileged user to run as setgid(wheel). It
also helps mitigates security concerns by using a specific group only
having extra privilege to utmpx files.
I originally had not planned for security.bsd.see_other_uids, but
considering POLA and consistency, it makes sense.
Questions:
To add this support to w(1) and who(1), I want to share the
is_user_restricted() function among all 3 binaries. I don't think this
really belongs in libc/libutil, but maybe it does. I could just add a
shared file into usr.bin/last/ and link it in with all 3, but I don't
really like this approach as then usr.bin/{w,who} would depend on
usr.bin/last.
The libc fchown() changes to pututxline.c may not be needed. I am open
to removing this.
On the other hand, perhaps most of my changes belong in utx functions in
libc. Thus all utx readers would benefit and solve my sharing problem.
The readers/clients would still need to be setgid(utmp) though to open
the utx files.
I still need to update the relevant man pages for these changes as well.
Regards,
Bryan Drewery
Patch available at: http://www.shatow.net/freebsd/last-privacy.txt
diff --git a/etc/group b/etc/group
index 54d5c59..211ff32 100644
--- a/etc/group
+++ b/etc/group
@@ -17,6 +17,7 @@ sshd:*:22:
smmsp:*:25:
mailnull:*:26:
guest:*:31:
+utmp:*:45:
bind:*:53:
proxy:*:62:
authpf:*:63:
diff --git a/etc/newsyslog.conf b/etc/newsyslog.conf
index 44aff12..1466939 100644
--- a/etc/newsyslog.conf
+++ b/etc/newsyslog.conf
@@ -34,6 +34,6 @@
/var/log/ppp.log root:network640 3 100 * JC
/var/log/security 600 10100 * JC
/var/log/sendmail.st 640 10*168 B
-/var/log/utx.log 644 3 *@01T05 B
+/var/log/utx.log root:utmp 660 3 *@01T05 B
/var/log/weekly.log640 5 1$W6D0 JN
/var/log/xferlog 600 7 100 * JC
diff --git a/etc/rc.d/var b/etc/rc.d/var
index 2b41219..7aa9063 100755
--- a/etc/rc.d/var
+++ b/etc/rc.d/var
@@ -101,9 +101,11 @@ esac
# Make sure we have /var/log/utx.lastlogin and /var/log/utx.log files
if [ ! -f /var/log/utx.lastlogin ]; then
cp /dev/null /var/log/utx.lastlogin
- chmod 644 /var/log/utx.lastlogin
+ chmod 660 /var/log/utx.lastlogin
+ chown root:utmp /var/log/utx.lastlogin
fi
if [ ! -f /var/log/utx.log ]; then
cp /dev/null /var/log/utx.log
- chmod 644 /var/log/utx.log
+ chmod 660 /var/log/utx.log
+ chown root:utmp /var/log/utx.log
fi
diff --git a/lib/libc/gen/pututxline.c b/lib/libc/gen/pututxline.c
index 98addee..c1f7199 100644
--- a/lib/libc/gen/pututxline.c
+++ b/lib/libc/gen/pututxline.c
@@ -179,10 +179,13 @@
int fd;
/* Initialize utx.active with a single BOOT_TIME record. */
- fd = _open(_PATH_UTX_ACTIVE, O_CREAT|O_RDWR|O_TRUNC, 0644);
+ fd = _open(_PATH_UTX_ACTIVE, O_CREAT|O_RDWR|O_TRUNC, 0660);
if (fd < 0)
return;
- _write(fd, fu, sizeof(*fu));
+ if (fchown(fd, 0, _UTMP_GID) < 0)
+ warnx("Unable to set root:utmp on " _PATH_UTX_ACTIVE);
+ else
+ _write(fd, fu, sizeof(*fu));
_close(fd);
}
@@ -269,13 +272,18 @@
vec[1].iov_len = l;
l = htobe16(l);
- fd = _open(_PATH_UTX_LOG, O_CREAT|O_WRONLY|O_APPEND, 0644);
+ fd
Re: detailed map of WIRED memory under FreeBSD 9
On 2012-Jun-01 10:19:37 +0200, Wojciech Puchar wrote: >what tool and how can be used to display detailed map what exactly wired >memory on my system as it is far way too much (1.5GB out of 4GB RAM). The procfs "map" pseudo-file should give you this information on a per-process level. Unfortunately, the only documentation appears to be the source (sys/fs/procfs/procfs_map.c) -- Peter Jeremy pgpPIwypWnWVm.pgp Description: PGP signature
Re: reverse USB driver - is it possible?
On 3 June 2012 01:27, Poul-Henning Kamp wrote: > In message , > Wojci > ech Puchar writes: > >>is it the same possible with USB? >>i mean if i can make my laptop to simulate say USB CDROM. > > No, the hardware is not up to it. Well, the embedded controller in the Atheros SoCs can act as a USB device and USB host, so it's certainly possible. I don't know if we have driver support in the tree for being a USB device though. Adrian ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
Re: reverse USB driver - is it possible?
On 3 June 2012 09:25, Wojciech Puchar wrote: > for SCSI/SAS/FC there is targ(4) driver allows you to become SCSI target. > > is it the same possible with USB? > i mean if i can make my laptop to simulate say USB CDROM. > > Yes there are no driver line targ(4) for USB, but it is technically possible > hardware-wise? with any USB controler or special one? USB is not peer-to-peer. Try Firewire/1394. Chris ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
Re: [Hash function Ipv4]
On (02/06/2012 20:14), enrico d'urso wrote: > > Hi, > I'm looking for an Hash function for Ipv4 addresses. > > What are good ones? Have you tried good general purpose hash functions like murmur3 or cityhash? Another option is to use "hash" function that is bijection on integers and exploit this fact in data structure, e.g. by using hash array mapped trie or another prefix tree. The easiest way to build such function is Feistel network on top of general purpose hash function as round function. Li and Ri will be most and less significant 16 bits of ipv4 address accordingly. At least 3 Fiestel rounds required. Play with function to achieve better performance/distribution. https://en.wikipedia.org/wiki/Feistel_cipher Reduced round and block size RC5 also looks very attractive, but it's patented :( Thanks, Gleb. ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
Re: reverse USB driver - is it possible?
In message , Wojci ech Puchar writes: >is it the same possible with USB? >i mean if i can make my laptop to simulate say USB CDROM. No, the hardware is not up to it. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
Re: reverse USB driver - is it possible?
On Sunday 03 June 2012 10:25:21 Wojciech Puchar wrote: > for SCSI/SAS/FC there is targ(4) driver allows you to become SCSI target. > > is it the same possible with USB? > i mean if i can make my laptop to simulate say USB CDROM. > > Yes there are no driver line targ(4) for USB, but it is technically > possible hardware-wise? with any USB controler or special one? Yes, this is possible. Have a look at: sys/dev/usb/storage/ustorage_fs.c Currently just implements a RAM disk. Patches are welcome. --HPS ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
reverse USB driver - is it possible?
for SCSI/SAS/FC there is targ(4) driver allows you to become SCSI target. is it the same possible with USB? i mean if i can make my laptop to simulate say USB CDROM. Yes there are no driver line targ(4) for USB, but it is technically possible hardware-wise? with any USB controler or special one? ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
Re: geli conversion
that simple :) i user setkey to change password but wasn't aware i can switch from keyfile based volume. On Sat, 2 Jun 2012, Fabian Keil wrote: Wojciech Puchar wrote: is it possible to convert geli encrypted device using keyfile to password only? possibly i miss something in manual. thanks. The geli(8) action you are looking for is called setkey. Fabian ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
