Re: rpcbind security

2022-06-16 Thread Theo de Raadt 
Gustavo Rios  wrote:

> Hi folks!
> 
> How does openbsd rpcbind prevent ordinary users to unset a given rpc port
> mapping registered by, for instance, the root user ?

Poorly.

It will only allow local root (who request upon a reserved port) to touch
ports which are reserved (< 1024), and 2049 is treated the same way.

If root wants safe RPC, it needs to use reserved ports.

Please don't bring up the argument that reserved ports are an outdated
concept, it is obvious right here they aren't.

It is difficult to improve the RPC ecosystem, it kind of is what it is,
and noone new services use it.

rpcbind security

2022-06-16 Thread Gustavo Rios 
Hi folks!

How does openbsd rpcbind prevent ordinary users to unset a given rpc port
mapping registered by, for instance, the root user ?

Thanks.

-- 
The lion and the tiger may be more powerful, but the wolves do not perform
in the circus

Re: White noise with audio over headphones

2022-06-16 Thread Alexandre Ratchov 
On Thu, Jun 16, 2022 at 09:46:18AM -0500, Rob Whitlock wrote:
> On Wed, Jun 15, 2022 at 11:27 PM Alexandre Ratchov  wrote:
> 
> On Wed, Jun 15, 2022 at 02:59:40PM -0500, Rob Whitlock wrote:
> > I have a Lenovo T450 that plays audio over the speakers and headphones
> but
> > when the headphones are used there is some white noise playing all the
> time
> > as well as the audio. This white noise is not there with Windows 10 or
> > Linux. OpenBSD recognizes the audio codec as a Realtek ALC292 but Linux
> and
> > the spec sheet for my laptop say it's a Realtek ALC3232. I suspect this
> > might be causing the error but I'm not sure how to fix it. There was no
> > mention of an ALC3232 in /usr/src/sys/dev/pci/azalia_codec.c while there
> > was for ALC292.
> >
> 
> Hi,
> 
> Could you try:
> 
>   mixerctl inputs.mix2_source=dac-0:1
> 
> and check if noise level changes?
> 
> 
> That did the trick. Thanks! What made you think of this suggestion?

from mixerctl output:

outputs.hp_source=mix2
inputs.mix2_source=dac-0:1,mix  { dac-0:1 mix }
inputs.mix_source=spkr3,mic2,beep  { spkr3 mic2 beep }

The signal for "hp" (the headphones) seems to be the mix of the DAC
(what plays audio samples) and the "mix" node. The "mix" node is the
mix of spkr3, mic2, beep

My guess was that one of the sources is not properly wired or
configured and generates noise.

Removing "mix" from the headphone sources, removes the possible source
of noise (one of spkr3, mic2, and beep)

Re: White noise with audio over headphones

2022-06-16 Thread Rob Whitlock 
On Wed, Jun 15, 2022 at 11:27 PM Alexandre Ratchov  wrote:

> On Wed, Jun 15, 2022 at 02:59:40PM -0500, Rob Whitlock wrote:
> > I have a Lenovo T450 that plays audio over the speakers and headphones
> but
> > when the headphones are used there is some white noise playing all the
> time
> > as well as the audio. This white noise is not there with Windows 10 or
> > Linux. OpenBSD recognizes the audio codec as a Realtek ALC292 but Linux
> and
> > the spec sheet for my laptop say it's a Realtek ALC3232. I suspect this
> > might be causing the error but I'm not sure how to fix it. There was no
> > mention of an ALC3232 in /usr/src/sys/dev/pci/azalia_codec.c while there
> > was for ALC292.
> >
>
> Hi,
>
> Could you try:
>
> mixerctl inputs.mix2_source=dac-0:1
>
> and check if noise level changes?
>

That did the trick. Thanks! What made you think of this suggestion?

Re: Upgrade from 6.6

2022-06-16 Thread flipchan 

Hey,

You need to change your remote package repo link.

Make sure you use a good packet mirror

On 6/16/22 13:05, Anne Wainwright wrote:

Hi,

Thanks for the various posts and effort involved with them.

I understand that we should really keep uptodate for all sorts of
reasons. Updating through multiple versions is perhaps not the best
idea.

In view of the fact that this is my first openbsd project (that overran
its schedule) I am going to reinstall so as to keep everything clean, I
have copied over the few files I created or changed to minimise the
work. At the bottom of the learning curve any help is appreciated.

bestest
Anne


On Wed, Jun 15, 2022 at 12:07:23PM +0100, Maurice McCarthy wrote:

You are better off backing up then installing 7.1 from scratch. It will be
faster.

On Wed, 15 Jun 2022, 11:53 Anne Wainwright, 
wrote:


Hi,

I am belatedly trying to update my 6.6 server.

# sysupgrade
ftp: Error retrieving file: 404 not found

Done all the preparatory steps, so should I presume this is no longer
possible?

best and thanks
Anne