Re: Here we go again: mplayer 1.0 rc2, please test
Hi Pav, On 27/10/2007, Pav Lucistnik <[EMAIL PROTECTED]> wrote: > It have troubles compiling assembly on amd64 in h264.c: Could you do me a favour and have a quick look into this? I do not have an amd64 machine running FreeBSD currently. There were a few postings to ffmpeg mailing list in August with this exact problem, but nobody came up with a solution: http://lists.mplayerhq.hu/pipermail/ffmpeg-user/2007-August/010874.html http://lists.mplayerhq.hu/pipermail/ffmpeg-user/2007-August/011084.html However, since the ffmpeg mailing list is not filling up with messages like this right now, maybe a more recent version compiles. I'd suggest to replace h264.c and/or the included headers by up-to-date versions from svn. Thanks in advance, Riggs ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: suggestions for ports screening
On Sat, Nov 10, 2007 at 10:36:45PM -0500, Chuck Robey wrote: > An example? If a programmer asks you if you want the blotz program (I > make up great fake names, don't I?) hows the user going to know the the > blotz program is a particular sound program, when they have no sound card? When I search for a certain program with some capabilities, I go through the INDEX file (/usr/ports/INDEX) or I go to freshmeat or freshports and do a search there. If I don't see "blotz" there, I'm not interested in it. > OK, My suggestion is for a two level system (yes, some of you are going > to recognize some of this from other OSes. G'wan, brag about it). The > first part is a small list of keywords (well, not terribly small, maybe > 100-200 of them, but most user's personal lists would be far shorter). > These words are descriptive of the sort of machine environment the user > wants, like, they might have the words SOUND, FMRADIO and TELEVISION to > show that they care to have those sort of dependencies built. All ports > would be required to export a list of words that they check for, before > they build. If a browser sees no SOUND word, it requires to sound > dependencies be built. Let me repeat this to get it clearly: the words > are used to qualify the dependcency lists, but if a particular port is > chosen, then it gets built, period. If a user asks for that sound > program explicitly, then it gets built, SOUND word or no SOUND word. > It's the dependency lists that have to check and modify themselves. This sounds like the ports-tag project started by tobez@ a long time ago: http://www.tobez.org/port-tags/. Not sure what the current status is. Edwin -- Edwin Groothuis |Personal website: http://www.mavetju.org [EMAIL PROTECTED]| Weblog: http://www.mavetju.org/weblog/ ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
suggestions for ports screening
May as well get all my bright ideas out and over with, all at once. You see, I've spent the last few years exploring other OSes, and finally decided I was right, way bakc when I was running FreeBSD to begin with. BUT I have to admit that I saw several good ideas while I was out and about. I have never seen a better package system (at least, in my own opinion, you understand) than FreeBSD ports, BUT the methodology for qualifying dependencies isn't as good as some I've seen, so I wanted to open a discussion about this. If, at the end of this, no one agrees, all I ever ask is that folks give a listen, NOT that anyone actually agrees, so I will happily fold up my tent and slink away. Anyhow, here's the suggestion. The system we have, currently, is basically dependent on people who write ports instrumenting options to include or not include various options. A very large portion of those options are written up in such a way as to make it nearly impossible for a non-expert to figure out if a particular option is good for their use of not. An example? If a programmer asks you if you want the blotz program (I make up great fake names, don't I?) hows the user going to know the the blotz program is a particular sound program, when they have no sound card? There are ways to fix this, you know. Read on. OK, My suggestion is for a two level system (yes, some of you are going to recognize some of this from other OSes. G'wan, brag about it). The first part is a small list of keywords (well, not terribly small, maybe 100-200 of them, but most user's personal lists would be far shorter). These words are descriptive of the sort of machine environment the user wants, like, they might have the words SOUND, FMRADIO and TELEVISION to show that they care to have those sort of dependencies built. All ports would be required to export a list of words that they check for, before they build. If a browser sees no SOUND word, it requires to sound dependencies be built. Let me repeat this to get it clearly: the words are used to qualify the dependcency lists, but if a particular port is chosen, then it gets built, period. If a user asks for that sound program explicitly, then it gets built, SOUND word or no SOUND word. It's the dependency lists that have to check and modify themselves. These dependencies can show up on the list in the form of KEYWORD=VALUE, where value can be used to point towards a user's preference. A user might set BROWSER=www/seamonkey,www/mozilla in the list, so this gives a port all the info it would need to match dependencies nicely, without having to get interactive about it. OK, this is only the first part ... the second part is a list of the names of ports. This REJECT list serves as a rejection filter: if a port finds it's way upon that list, it can't get put on any dependency list at all. I, personally, never like any Samba ports, so I could stick all the Samba ports on the REJECT list, or I could just fail to put SAMBA as a keyword. My choice, although if I stuck a particular set of ports on that list, I'd have to watch new ports, so new Samba port didn't sneak past me. Still, it would allow a user to really have all the control anyone could ask for. or they could ignore it and still not face disaster as long as they maintained the KEYWORD list. 3 stale to the first programmer who notices where I stole the idea from, and a used mousetrap to him (or her?) who knows the correct name of the KEYWORD list. If you hate the idea, just say so, believe me I will be catching all responses, and I will report your overwhelming acceptance or rejection, as the case may be. It shouldn't take a master's degree to guess my own opinion. ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 4203:31337 (possible exploit?)
Mike -freebsd wrote: On Nov 10, 2007 5:28 PM, Kris Kennaway <[EMAIL PROTECTED]> wrote: Sounds like you may have a security problem (re: "31337" GID). If that's the case, I would strongly advocate formatting + reinstalling those machines. I asked because that is the uid/gid used on pointyhat ;) Kris Well, I've dug up all available backups and what I can tell is that those uid/gid propagated with the rest of the ports tree from a main box used here for builds, installations and updates to the whole network. Stupid me had weekly noid reports disabled on all of them, except the last one added recently that finally caught it. The problem was there present for at least three, possibly four months... BUT I'm 95% sure that the main ports three was never downloaded via anything else than c[v]sup + supfile with default host set to eiter ftp.freebsd.org, or one of the official mirrors, for a past few years. I wish I could tell you more, but I see nothing even remotely connected to pointyhat, as there is no point of using any other than official ports repo for productional machines. OTOH, you wont believe how glad I was to hear that those are pointyhat IDs.. The "31337" scared the shit ot of me :( Well the only possibility I can think of is if you installed from a ports.tar.gz downloaded from the FTP site, and extracted with the tar -p option that preserves ownership. Actually that doesn't make sense either because that tarball isn't sourced from pointyhat anyway. In case it jogs any memories, 4203 is the uid used for managing the sparc64 package builds (and gid 31337 is for portmgr ;-). Kris ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
port build order
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 How do I get a list of ports that need to be made before a port is made given the following: Note: Sorry for the *CAPS* stuff but I am using my standard specs formating 1. The list *MUST* be in build order with the first port either being the first or last line (make missing or pkg_info search=XXX display=bdeps,rdeps) 2. If the package is already installed it *MUST NOT* appear on the list The goal here is for any given port I want to be able to build each dependency one at a time (to do some testing) and I have found hand tracing through the dependency list on the web site to be extremely tedious - -- Aryeh M. Friedman Developer, not business, friendly http://www.flosoft-systems.com -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4 (FreeBSD) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHNfFUJ9+1V27SttsRAsvrAKCOeW/8amUokHwuNWzu3Q2uKjESMgCeL99Y GWjwSQWLjyJ1a8h/CZG7Wx0= =8OaW -END PGP SIGNATURE- ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 4203:31337 (possible exploit?)
On Nov 10, 2007 5:28 PM, Kris Kennaway <[EMAIL PROTECTED]> wrote: > > Sounds like you may have a security problem (re: "31337" GID). If > > that's the case, I would strongly advocate formatting + reinstalling > > those machines. > > I asked because that is the uid/gid used on pointyhat ;) > > Kris > > Well, I've dug up all available backups and what I can tell is that those uid/gid propagated with the rest of the ports tree from a main box used here for builds, installations and updates to the whole network. Stupid me had weekly noid reports disabled on all of them, except the last one added recently that finally caught it. The problem was there present for at least three, possibly four months... BUT I'm 95% sure that the main ports three was never downloaded via anything else than c[v]sup + supfile with default host set to eiter ftp.freebsd.org, or one of the official mirrors, for a past few years. I wish I could tell you more, but I see nothing even remotely connected to pointyhat, as there is no point of using any other than official ports repo for productional machines. OTOH, you wont believe how glad I was to hear that those are pointyhat IDs.. The "31337" scared the shit ot of me :( ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 4203:31337 (possible exploit?)
Jeremy Chadwick wrote: On Sat, Nov 10, 2007 at 03:25:57PM +0100, Mike -freebsd wrote: Guys, is anyone else seeing this? drwxr-xr-x 69 4203 31337 1536 Nov 9 13:59 ports I see this on three of four FreeBSD 7 boxes and only on /usr/ports/ (why...?). Anyone else? Four different boxes of ours: $ uname -r && ls -ld /usr/ports 6.2-STABLE drwxr-xr-x 69 root wheel 2048 10 Nov 02:14 /usr/ports/ $ uname -r && ls -ld /usr/ports 6.3-PRERELEASE drwxr-xr-x 69 root wheel 1536 10 Nov 02:12 /usr/ports/ $ uname -r && ls -ld /usr/ports 7.0-PRERELEASE drwxr-xr-x 69 root wheel 1536 7 Nov 02:24 /usr/ports/ $ uname -r && ls -ld /usr/ports 7.0-BETA2 drwxr-xr-x 69 root wheel 1536 10 Nov 02:19 /usr/ports/ Sounds like you may have a security problem (re: "31337" GID). If that's the case, I would strongly advocate formatting + reinstalling those machines. I asked because that is the uid/gid used on pointyhat ;) Kris ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 4203:31337 (possible exploit?)
On Sat, Nov 10, 2007 at 03:25:57PM +0100, Mike -freebsd wrote: > Guys, is anyone else seeing this? > drwxr-xr-x 69 4203 31337 1536 Nov 9 13:59 ports > > I see this on three of four FreeBSD 7 boxes and only on /usr/ports/ > (why...?). Anyone else? Four different boxes of ours: $ uname -r && ls -ld /usr/ports 6.2-STABLE drwxr-xr-x 69 root wheel 2048 10 Nov 02:14 /usr/ports/ $ uname -r && ls -ld /usr/ports 6.3-PRERELEASE drwxr-xr-x 69 root wheel 1536 10 Nov 02:12 /usr/ports/ $ uname -r && ls -ld /usr/ports 7.0-PRERELEASE drwxr-xr-x 69 root wheel 1536 7 Nov 02:24 /usr/ports/ $ uname -r && ls -ld /usr/ports 7.0-BETA2 drwxr-xr-x 69 root wheel 1536 10 Nov 02:19 /usr/ports/ Sounds like you may have a security problem (re: "31337" GID). If that's the case, I would strongly advocate formatting + reinstalling those machines. -- | Jeremy Chadwickjdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB | ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
4203:31337 (possible exploit?)
Guys, is anyone else seeing this? Check for files with an unknown user or group: /usr/ports /usr/ports/Mk /usr/ports/Mk/bsd.commands.mk /usr/ports/Mk/bsd.apache.mk [.whole ports tree.] # ls -al /usr/ total 48 drwxr-xr-x 14 root wheel 512 Jun 27 20:01 . drwxr-xr-x 23 root wheel 512 Nov 4 20:51 .. lrwxr-xr-x 1 root wheel10 Oct 14 14:45 X11R6 -> /usr/local drwxr-xr-x 2 root wheel 7168 Nov 7 05:04 bin drwxr-xr-x 2 root wheel 512 Oct 20 06:38 games drwxr-xr-x 47 root wheel 4608 Oct 20 06:39 include drwxr-xr-x 6 root wheel 8192 Oct 20 06:39 lib drwxr-xr-x 5 root wheel 512 Jan 27 2007 libdata drwxr-xr-x 5 root wheel 1536 Oct 20 06:39 libexec drwxr-xr-x 14 root wheel 512 Oct 17 16:55 local drwxr-xr-x 3 root wheel 512 Oct 20 14:13 obj drwxr-xr-x 69 4203 31337 1536 Nov 9 13:59 ports drwxr-xr-x 2 root wheel 4608 Oct 20 06:39 sbin drwxr-xr-x 26 root wheel 512 Jan 27 2007 share drwxr-xr-x 23 root wheel 1024 Oct 20 04:55 src I see this on three of four FreeBSD 7 boxes and only on /usr/ports/ (why...?). Anyone else? ___ freebsd-ports@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "[EMAIL PROTECTED]"
