Re: NEW: comms/gnuradio
On Fri, Sep 9, 2016 at 7:53 AM, Aaron Poffenbergerwrote: > Hello ports@, > > Here is a new port : comms/gnuradio > > Tested on: amd64. > > From DESCR: > > GNU Radio is a software development toolkit that provides signal processing > blocks to implement software radios. It can be used with readily-available > low-cost external RF hardware to create software-defined radios, or > without hardware in a simulation-like environment. It is widely used in > hobbyist, academic and commercial environments to support both wireless > communications research and real-world radio systems. > > > > This port is based on commits to openbsd-wip by sthen@, bentley@ and > Aaron Bieber. > > I've updated the port to the latest from gnuradio (3.7.10.1). > > This port of gnuradio is first in a series of ports and updates to get > the key SDR projects working on OpenBSD. I have an update for rtl-sdr > I'll send shortly. gr-osmosdr is almost ready. I'll follow that with > gqrx. > > If anyone is already working on those, please let me know. > > N.B., SDR on OpenBSD may require more work to be fully functional. > sthen@ pointed out to me that our libusb doesn't support async yet. > Still, having the software and drivers available may help in that > regard. > > Cheers, > Aaron > Very excited to see this. Thank you.
NEW: comms/dump1090
Hello. Recently got my hands on an RTL-SDR dongle and I've been using dump1090 to track aircrafts flying nearby. DESCR: dump1090 is an ADS-B Mode S decoder specifically designed for RTLSDR devices. Currently detected aircrafts can be displayed on the terminal or on Google Maps using an embedded HTTP server. Raw data can be sent to and received from other clients. OK to import? Comments? dump1090.tar.gz Description: application/tar-gz
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: pas...@cvs.openbsd.org 2016/09/09 14:51:03 Modified files: lang/gcc/6 : Makefile lang/gcc/6/patches: patch-gcc_config_arm_openbsd_h patch-gcc_config_gcc patch-libgcc_config_host lang/gcc/6/pkg : PFRAG.arm-main PLIST-java PLIST-main Added files: lang/gcc/6/patches: patch-gcc_common_config_arm_arm-common_c patch-gcc_config_arm_openbsd1_h patch-libgcc_config_arm_bpabi_S patch-libgcc_config_arm_ieee754-df_S patch-libgcc_config_arm_t-openbsd patch-libgcc_config_arm_unwind-arm_h Log message: ONLY_FOR_ARCHS+=arm
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2016/09/09 14:35:19 Modified files: x11/gtk+2 : Makefile distinfo x11/gtk+2/patches: patch-gtk_Makefile_in x11/gtk+2/pkg : PLIST-main Log message: Update to gtk+2-2.24.31. - drop the gettext MODULE
Re: UPDATE: comms/rtl-sdr
On 2016/09/09 10:19, Aaron Poffenberger wrote: > Hello ports@, > > Here is an upate to: comms/rtl-sdr > > Tested on: amd64 and bog-standard rtl-sdr device. > > > > To build gr-osmosdr we need the newer version of rtl-sdr (mostly > definitions for newer devices). Upstream have not released a new > version since 2014. I've changed the Makefile to pull from a specific > github commit. > > Cheers, > Aaron > > Index: Makefile > === > RCS file: /cvs/ports/comms/rtl-sdr/Makefile,v > retrieving revision 1.4 > diff -u -p -u -r1.4 Makefile > --- Makefile 4 Mar 2016 10:11:21 - 1.4 > +++ Makefile 17 Aug 2016 19:11:39 - > @@ -2,8 +2,12 @@ > > COMMENT= software to turn RTL2832U into an SDR > > -DISTNAME=rtl-sdr-0.20130412 > -REVISION=1 > +DISTNAME=rtl-sdr-0.20150516 > +REVISION=0 Remove REVISION > +GH_ACCOUNT = steve-m > +GH_PROJECT = librtlsdr > +GH_COMMIT = 8b4d755ba1b889510fba30f627ee08736203070d > > SHARED_LIBS= rtlsdr 0.0 Check if ABI changed and decide whether to bump minor, major or none - http://www.openbsd.org/faq/ports/specialtopics.html#SharedLibs > @@ -17,9 +21,6 @@ MAINTAINER= Stuart HendersonPERMIT_PACKAGE_CDROM=Yes > > WANTLIB += c m pthread usb-1.0 > - > -# http://cgit.osmocom.org/rtl-sdr > -MASTER_SITES=http://spacehopper.org/mirrors/ > > MODULES= devel/cmake > LIB_DEPENDS= devel/libusb1 > Index: distinfo > === > RCS file: /cvs/ports/comms/rtl-sdr/distinfo,v > retrieving revision 1.1.1.1 > diff -u -p -u -r1.1.1.1 distinfo > --- distinfo 21 Apr 2013 11:45:08 - 1.1.1.1 > +++ distinfo 17 Aug 2016 18:11:42 - > @@ -1,2 +1,2 @@ > -SHA256 (rtl-sdr-0.20130412.tar.gz) = > yziYeP445KTe5VWGCLV2QSRNjTryKrgk/qvSJyCdGKU= > -SIZE (rtl-sdr-0.20130412.tar.gz) = 112343 > +SHA256 (rtl-sdr-0.20150516.tar.gz) = > mwtz0Gn5ogxsS+tIB0xVvdFRuR7/c8vHcPMVfqlFxt4= > +SIZE (rtl-sdr-0.20150516.tar.gz) = 118734 > Index: patches/patch-src_CMakeLists_txt > === > RCS file: /cvs/ports/comms/rtl-sdr/patches/patch-src_CMakeLists_txt,v > retrieving revision 1.1.1.1 > diff -u -p -u -r1.1.1.1 patch-src_CMakeLists_txt > --- patches/patch-src_CMakeLists_txt 21 Apr 2013 11:45:08 - 1.1.1.1 > +++ patches/patch-src_CMakeLists_txt 17 Aug 2016 19:08:36 - > @@ -1,16 +1,15 @@ > -$OpenBSD: patch-src_CMakeLists_txt,v 1.1.1.1 2013/04/21 11:45:08 sthen Exp $ > src/CMakeLists.txt.orig Fri Apr 12 21:51:14 2013 > -+++ src/CMakeLists.txt Sun Apr 21 12:17:27 2013 > -@@ -101,12 +101,17 @@ target_link_libraries(rtl_adsb rtlsdr_shared > - if(UNIX) > +$OpenBSD$ > +--- src/CMakeLists.txt.orig Fri May 15 17:48:37 2015 > src/CMakeLists.txt Wed Aug 17 14:07:14 2016 > +@@ -125,11 +125,16 @@ if(UNIX) > target_link_libraries(rtl_fm m) > target_link_libraries(rtl_adsb m) > + target_link_libraries(rtl_power m) > -if(APPLE) > -target_link_libraries(rtl_test m) > -else() > -target_link_libraries(rtl_test m rt) > -endif() > --endif() > + > +include(CheckFunctionExists) > +check_function_exists(clock_gettime LIBRT_LIBC_HAS_CLOCK_GETTIME) > @@ -21,7 +20,6 @@ $OpenBSD: patch-src_CMakeLists_txt,v 1.1 > +endif(LIBRT_LIBC_HAS_CLOCK_GETTIME) > + > +target_link_libraries(rtl_test m ${LIBRT_LIBRARIES}) > -+endif(UNIX) > + endif() > > if(WIN32) > - target_link_libraries(rtl_sdr libgetopt_static) > Index: patches/patch-src_librtlsdr_c > === > RCS file: /cvs/ports/comms/rtl-sdr/patches/patch-src_librtlsdr_c,v > retrieving revision 1.1.1.1 > diff -u -p -u -r1.1.1.1 patch-src_librtlsdr_c > --- patches/patch-src_librtlsdr_c 21 Apr 2013 11:45:08 - 1.1.1.1 > +++ patches/patch-src_librtlsdr_c 17 Aug 2016 19:07:45 - > @@ -1,7 +1,7 @@ > -$OpenBSD: patch-src_librtlsdr_c,v 1.1.1.1 2013/04/21 11:45:08 sthen Exp $ > src/librtlsdr.c.orig Sat Apr 13 15:00:44 2013 > -+++ src/librtlsdr.c Sat Apr 13 15:00:50 2013 > -@@ -1340,10 +1340,12 @@ int rtlsdr_open(rtlsdr_dev_t **out_dev, uint32_t > index > +$OpenBSD$ > +--- src/librtlsdr.c.orig Fri May 15 17:48:37 2015 > src/librtlsdr.c Wed Aug 17 13:11:47 2016 > +@@ -1476,10 +1476,12 @@ int rtlsdr_open(rtlsdr_dev_t **out_dev, uint32_t > index > r = libusb_open(device, >devh); > if (r < 0) { > libusb_free_device_list(list, 1); > Index: pkg/PLIST > === > RCS file: /cvs/ports/comms/rtl-sdr/pkg/PLIST,v > retrieving revision 1.3 > diff -u -p -u -r1.3 PLIST > --- pkg/PLIST 22 May 2015 11:31:11 - 1.3 > +++ pkg/PLIST 17 Aug 2016 19:08:59 - > @@ -1,6 +1,7 @@ > @comment $OpenBSD: PLIST,v 1.3 2015/05/22 11:31:11 ajacoutot Exp $ > @bin bin/rtl_eeprom > @bin bin/rtl_fm > +@bin bin/rtl_power
Re: Samba as DC on OpenBSD 6.0 is unusable :(
Jeremie Courreges-Anglaswrites: > Ian McWilliam writes: > >> Revision 1.219 / (download) - annotate - [select for diffs], Tue Apr 12 >> 17:42:09 2016 UTC (4 months, 3 weeks ago) by jca >> >> Update to samba-4.3.6 >> >> i386 build by danj@, ok sthen@ >> >> The changelog between 4.1.23 and 4.3.6 is too big to be described here. >> The point of updating now is that 4.1.x won't receive updates for the >> freshly published security advisories. samba-4.3.8 will follow. > > This is indeed the commit that introduced the regression. > >> >> --without-acl-support \ >> >> Was introduced in the 4.3.6 update just before the big Samba security update >> for >> >> CVE-2015-5370 (Multiple errors in DCE-RPC code) >> CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) >> CVE-2016-2111 (NETLOGON Spoofing Vulnerability) >> CVE-2016-2112 (LDAP client and server don't enforce integrity) >> CVE-2016-2113 (Missing TLS certificate validation) >> CVE-2016-2114 ("server signing = mandatory" not enforced) >> CVE-2016-2115 (SMB IPC traffic is not integrity protected) >> CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) >> >> Now to work out the implications of re-enabling it. > > It's not directly related to ACLs. The root cause if that I stopped > telling the build system to build ntvfs support, by > removing --enable-selftest. The ntvfs code was supposedly disabled by > default last year for production builds. The funny thing is that it > doesn't show obvious problems at runtime, only at provisioning time. > > The fix below makes samba.is_ntvfs_fileserver_built() return True, and > makes --use-ntvfs visible again in samba-tool domain provision. There > are other problems later. So this enables provisioning. But then, if you try to start samba_ad_dc with the produced smb.conf, samba fails to start the 'smb' process, since it is not registered. Which means that source4/smb_server/service_smb.c is not baked in, even after adding --with-ntvfs-fileserver. Now, what happens if we just use the default "server services" and "dcerpc endpoint servers"? Just comment those lines in the config, and samba_ad_dc will start. testparm -s says: # Global parameters [global] realm = [redacted] workgroup = [redacted] dns forwarder = [redacted] passdb backend = samba_dsdb server role = active directory domain controller rpc_server:tcpip = no rpc_daemon:spoolssd = embedded rpc_server:spoolss = embedded rpc_server:winreg = embedded rpc_server:ntsvcs = embedded rpc_server:eventlog = embedded rpc_server:srvsvc = embedded rpc_server:svcctl = embedded rpc_server:default = external winbindd:use external pipes = true posix:eadb = /var/samba/private/eadb.tdb idmap config * : backend = tdb map archive = No map readonly = no store dos attributes = Yes vfs objects = dfs_samba4 acl_xattr posix_eadb So samba automatically falls back to the appropriate vfs objects: ACLs stored as extended attributes and extended attributes stored in tdb. Which is pretty much what I discussed with upstream last year. Wheee. $ pstree -p 93971 -+= 1 root /sbin/init \-+= 93971 root /usr/local/sbin/samba -D |-+- 50774 root samba: task[s3fs_parent] (samba) | \-+= 47005 root /usr/local/sbin/smbd -D --option=server role check:inhibit=yes --foreground | |--- 64933 root /usr/local/sbin/smbd -D --option=server role check:inhibit=yes --foreground | |--- 73574 root /usr/local/sbin/smbd -D --option=server role check:inhibit=yes --foreground | \--- 39362 root /usr/local/sbin/smbd -D --option=server role check:inhibit=yes --foreground |--- 42408 root samba: task[dcesrv] (samba) |--- 45857 root samba: task wrepl server_id[45857] (samba) |--- 05959 root samba: task[nbtd] (samba) |--- 88699 root samba: task[ldapsrv] (samba) |--- 83860 root samba: task[cldapd] (samba) |--- 72241 root samba: task[kdc] (samba) |--- 75053 root samba: task[dreplsrv] (samba) |-+- 31725 root samba: task[winbindd_parent] (samba) | \-+= 46653 root /usr/local/sbin/winbindd -D --option=server role check:inhibit=yes --foreground | \--- 85593 root /usr/local/sbin/winbindd -D --option=server role check:inhibit=yes --foreground |--- 37747 root samba: task[ntp_signd] (samba) |--- 70158 root samba: task[kccsrv] (samba) |--- 50086 root samba: task[dns] (samba) \--- 63568 root samba: task[dnsupdate] (samba) I have no windows machine at hand, so AD setup reports welcome. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
UPDATE: comms/rtl-sdr
Hello ports@, Here is an upate to: comms/rtl-sdr Tested on: amd64 and bog-standard rtl-sdr device. To build gr-osmosdr we need the newer version of rtl-sdr (mostly definitions for newer devices). Upstream have not released a new version since 2014. I've changed the Makefile to pull from a specific github commit. Cheers, Aaron Index: Makefile === RCS file: /cvs/ports/comms/rtl-sdr/Makefile,v retrieving revision 1.4 diff -u -p -u -r1.4 Makefile --- Makefile4 Mar 2016 10:11:21 - 1.4 +++ Makefile17 Aug 2016 19:11:39 - @@ -2,8 +2,12 @@ COMMENT= software to turn RTL2832U into an SDR -DISTNAME= rtl-sdr-0.20130412 -REVISION= 1 +DISTNAME= rtl-sdr-0.20150516 +REVISION= 0 + +GH_ACCOUNT = steve-m +GH_PROJECT = librtlsdr +GH_COMMIT =8b4d755ba1b889510fba30f627ee08736203070d SHARED_LIBS= rtlsdr 0.0 @@ -17,9 +21,6 @@ MAINTAINER= Stuart Hendersondevh); if (r < 0) { libusb_free_device_list(list, 1); Index: pkg/PLIST === RCS file: /cvs/ports/comms/rtl-sdr/pkg/PLIST,v retrieving revision 1.3 diff -u -p -u -r1.3 PLIST --- pkg/PLIST 22 May 2015 11:31:11 - 1.3 +++ pkg/PLIST 17 Aug 2016 19:08:59 - @@ -1,6 +1,7 @@ @comment $OpenBSD: PLIST,v 1.3 2015/05/22 11:31:11 ajacoutot Exp $ @bin bin/rtl_eeprom @bin bin/rtl_fm +@bin bin/rtl_power @bin bin/rtl_sdr @bin bin/rtl_test include/rtl-sdr.h
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: dco...@cvs.openbsd.org 2016/09/09 08:57:33 Modified files: security/opensc: Makefile security/opensc/patches: patch-src_tools_pkcs15-tool_c Log message: Make pkcs15-tool --dump object formatting consistent (upstream git commit 678f2bb1a65e5848dffc995f63e81d1f8092352f)
NEW: comms/gnuradio
Hello ports@, Here is a new port : comms/gnuradio Tested on: amd64. >From DESCR: GNU Radio is a software development toolkit that provides signal processing blocks to implement software radios. It can be used with readily-available low-cost external RF hardware to create software-defined radios, or without hardware in a simulation-like environment. It is widely used in hobbyist, academic and commercial environments to support both wireless communications research and real-world radio systems. This port is based on commits to openbsd-wip by sthen@, bentley@ and Aaron Bieber. I've updated the port to the latest from gnuradio (3.7.10.1). This port of gnuradio is first in a series of ports and updates to get the key SDR projects working on OpenBSD. I have an update for rtl-sdr I'll send shortly. gr-osmosdr is almost ready. I'll follow that with gqrx. If anyone is already working on those, please let me know. N.B., SDR on OpenBSD may require more work to be fully functional. sthen@ pointed out to me that our libusb doesn't support async yet. Still, having the software and drivers available may help in that regard. Cheers, Aaron gnuradio-3.7.10.1.tgz Description: application/tar-gz
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: jas...@cvs.openbsd.org 2016/09/09 06:24:45 Modified files: devel/ctftools : Makefile Log message: force LDEP on the fixed libdwarf
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: jas...@cvs.openbsd.org 2016/09/09 06:25:07 Modified files: devel/libdwarf : Makefile Log message: might as well take maintainership
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: jas...@cvs.openbsd.org 2016/09/09 06:20:14 Modified files: devel/libdwarf : Makefile Added files: devel/libdwarf/patches: patch-libdwarf_configure patch-libdwarf_dwarf_elf_access_c Log message: fix some subtle breakage which manifested itself in a various ways of ctfconvert (libdwarf) being unable to determine the relocation size and not recognizing Elf64. this also unbreaks dwarfdump. the 6th stage of debugging is strong with this one
Re: openvpn-2.3.11 segfaults, error "Too many levels of symbolic links"
On Fri, Sep 09, 2016 at 04:17:37AM -0400, Jiri B wrote: > Hi, > > I use same openvpn config for long time but it seems recent updates (base, > packages) > caused openvpn to segfault after a route add error. > > Any help would be appreciated. > Recent changes to libcrypto were responsible for some fallout. The offending changes were backed out and this should be fixed with r1.35 of http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcrypto/evp/evp_enc.c CVSROOT:/cvs Module name:src Changes by: bc...@cvs.openbsd.org 2016/09/08 18:03:22 Modified files: lib/libcrypto/evp: evp_enc.c Log message: back out calls to EVP_CIPHER_CTX_cleanup() in EVP_Cipher/Encrypt/DecryptFinal Software that refers to ctx after calling Final breaks with these changes. revert parts of 1.31 and 1.32
Re: Samba as DC on OpenBSD 6.0 is unusable :(
Ian McWilliamwrites: > Revision 1.219 / (download) - annotate - [select for diffs], Tue Apr 12 > 17:42:09 2016 UTC (4 months, 3 weeks ago) by jca > > Update to samba-4.3.6 > > i386 build by danj@, ok sthen@ > > The changelog between 4.1.23 and 4.3.6 is too big to be described here. > The point of updating now is that 4.1.x won't receive updates for the > freshly published security advisories. samba-4.3.8 will follow. This is indeed the commit that introduced the regression. > > --without-acl-support \ > > Was introduced in the 4.3.6 update just before the big Samba security update > for > > CVE-2015-5370 (Multiple errors in DCE-RPC code) > CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) > CVE-2016-2111 (NETLOGON Spoofing Vulnerability) > CVE-2016-2112 (LDAP client and server don't enforce integrity) > CVE-2016-2113 (Missing TLS certificate validation) > CVE-2016-2114 ("server signing = mandatory" not enforced) > CVE-2016-2115 (SMB IPC traffic is not integrity protected) > CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) > > Now to work out the implications of re-enabling it. It's not directly related to ACLs. The root cause if that I stopped telling the build system to build ntvfs support, by removing --enable-selftest. The ntvfs code was supposedly disabled by default last year for production builds. The funny thing is that it doesn't show obvious problems at runtime, only at provisioning time. The fix below makes samba.is_ntvfs_fileserver_built() return True, and makes --use-ntvfs visible again in samba-tool domain provision. There are other problems later. Index: Makefile === RCS file: /cvs/ports/net/samba/Makefile,v retrieving revision 1.227 diff -u -p -r1.227 Makefile --- Makefile8 Jul 2016 18:39:50 - 1.227 +++ Makefile9 Sep 2016 07:09:17 - @@ -15,6 +15,7 @@ PKGNAME-tevent = tevent-${TEVENT_V} PKGNAME-util = samba-util-${VERSION} PKGNAME-docs = samba-docs-${VERSION} +REVISION-main =0 REVISION-ldb = 0 REVISION-tevent = 0 @@ -159,7 +160,8 @@ CONFIGURE_ARGS =--enable-fhs \ --without-regedit \ --without-acl-support \ --without-libarchive \ - --disable-rpath + --disable-rpath \ + --with-ntvfs-fileserver # XXX Remember to remove --enable-developer, it prints passwords in logs. #CONFIGURE_ARGS += --enable-developer -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Samba as DC on OpenBSD 6.0 is unusable :(
Jiri Bwrites: > On Fri, Sep 09, 2016 at 08:53:20AM +0300, kasak wrote: > >> I think, if Theo says that we don't need acl, than we don't need acl. He >> knows better. Keeping things simple is very secure and this is good! >> I am very thankful to you for maintaining samba on OpenBSD! Undoubtedly , >> OpenBSD is now best of all OS, and fresh port of samba is what we really >> need! > > But missing extattr/xattr supports is not only about ACLs, extended filesystem > attributes are used also for other things. For example both Ceph FS and > glusterfs keep their metadata in extended attributes, thus without this you > cannot port such filesystems to OpenBSD :/ If the samba project can store extended attributes and ACLs "out of band" (in tdb databases) then surely other projects can do the same. Sadly, even with samba, this is not what people run in production on other OSes. We're alone here (well, afaik). -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:46:15 Modified files: sysutils/ruby-r10k: Makefile distinfo sysutils/ruby-r10k/pkg: PLIST Log message: Update to 2.4.3, now with gettext/locale support. OK jasper@
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:44:18 Modified files: devel/ruby-semantic_puppet: Makefile distinfo devel/ruby-semantic_puppet/pkg: PLIST Log message: Update to 0.1.4 now needs the freshly installed ruby-gettext-setup OK jasper@
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:43:21 Modified files: devel/ruby-puppet_forge: Makefile distinfo devel/ruby-puppet_forge/pkg: PLIST Log message: Update to 2.2.2 now needs to freshly imported ruby-gettext-setup OK jasper@
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:42:13 Modified files: devel/ruby-safe_yaml: Makefile distinfo devel/ruby-safe_yaml/pkg: PLIST Log message: Update to 1.0.4 soon be used by r10k OK jasper@
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:40:41 Modified files: devel : Makefile Log message: + ruby-fast_gettext + ruby-gettext-setup
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:37:00 Log message: import ruby-gettext-setup A Ruby gem that configures gettext for internationalization. soon needed by r10k update. OK jasper@ Status: Vendor Tag: sebastia Release Tags: sebastia_20160909 N ports/devel/ruby-gettext-setup/distinfo N ports/devel/ruby-gettext-setup/Makefile N ports/devel/ruby-gettext-setup/pkg/PLIST N ports/devel/ruby-gettext-setup/pkg/DESCR No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:35:50 Log message: import ruby-fast_gettext A simple, fast, memory-efficient and threadsafe implementation of GetText. soon needed by r10k update OK jasper@ Status: Vendor Tag: sebastia Release Tags: sebastia_20160909 N ports/devel/ruby-fast_gettext/distinfo N ports/devel/ruby-fast_gettext/Makefile N ports/devel/ruby-fast_gettext/pkg/PLIST N ports/devel/ruby-fast_gettext/pkg/DESCR No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:32:40 Modified files: devel/ruby-gettext: Makefile distinfo devel/ruby-gettext/pkg: PLIST Log message: Update to 3.2.2, soon be needed by r10k update OK jasper@
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:31:50 Modified files: textproc : Makefile Log message: + ruby-text
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:30:20 Log message: Import ruby-text: A collection of text algorithms: Levenshtein, Soundex, Metaphone, Double Metaphone, Porter Stemming. needed by the ruby-gettext update. OK jasper@ Status: Vendor Tag: sebastia Release Tags: sebastia_20160909 N ports/textproc/ruby-text/Makefile N ports/textproc/ruby-text/distinfo N ports/textproc/ruby-text/pkg/DESCR N ports/textproc/ruby-text/pkg/PLIST No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: sebas...@cvs.openbsd.org2016/09/09 04:27:46 Modified files: devel/ruby-locale: Makefile distinfo devel/ruby-locale/pkg: DESCR PLIST Log message: Update to 2.1.2, soon be needed by r10k update OK jasper@
Re: openvpn-2.3.11 segfaults, error "Too many levels of symbolic links"
~~~ #0 0x193e5bfa2973 in EVP_CIPHER_CTX_iv_length (ctx=0x193e57d3c800) at /usr/src/lib/libcrypto/evp/evp_lib.c:244 No locals. #1 0x193c57809f58 in cipher_ctx_iv_length (ctx=0x193e57d3c800) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/crypto_openssl.c:606 No locals. #2 0x193c57804fa6 in openvpn_encrypt (buf=0x7f7e26c0, work={capacity = 1504, offset = 0, len = 0, data = 0x193ea7808000 ""}, opt=0x7f7e25e0, frame=0x7f7e2458) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/crypto.c:102 iv_buf = "\001\000\000\000\b\000\000\000��S��\233� " iv_size = 6462 cipher_kt = (const cipher_kt_t *) 0x193ea78064f8 outlen = -1484758720 ctx = (struct key_ctx *) 0x193ea7806548 gc = {list = 0x0} #3 0x193c5780e692 in encrypt_sign (c=0x7f7e1c20, comp_frag=true) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/forward.c:475 b = (struct context_buffers *) 0x193e8b961200 orig_buf = (const uint8_t *) 0x193ea780b800 "" #4 0x193c5785840b in check_ping_send_dowork (c=0x7f7e1c20) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/ping.c:94 No locals. #5 0x193c5780ee9d in check_ping_send (c=0x7f7e1c20) at ping-inline.h:56 No locals. #6 0x193c5780e9f2 in process_coarse_timers (c=0x7f7e1c20) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/forward.c:565 No locals. #7 0x193c5780eeec in check_coarse_timers_dowork (c=0x7f7e1c20) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/forward.c:574 save = {tv_sec = 604800, tv_usec = 0} #8 0x193c578117b1 in check_coarse_timers (c=0x7f7e1c20) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/forward.c:589 local_now = 1473413910 #9 0x193c57811723 in pre_select (c=0x7f7e1c20) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/forward.c:1327 No locals. #10 0x193c5783a644 in tunnel_point_to_point (c=0x7f7e1c20) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/openvpn.c:80 No locals. #11 0x193c5783aa8b in openvpn_main (argc=3, argv=0x7f7e2938) at /home/jirib/openbsd/pobj/openvpn-2.3.11/openvpn-2.3.11/src/openvpn/openvpn.c:270 c = {options = {gc = {list = 0x193e71e75440}, gc_owned = true, config = 0x7f7e2a49 "/etc/openvpn/ovpn-brq-udp-x86_64.conf", mode = 0, forward_compatible = false, ignore_unknown_option = 0x0, persist_config = false, persist_mode = 0, key_pass_file = 0x0, show_ciphers = false, show_digests = false, show_engines = false, show_tls_ciphers = false, genkey = false, ce = {proto = 1, local_port = 0, local_port_defined = false, remote_port = 443, local = 0x0, remote = 0x193e680499c8 "", remote_float = false, bind_defined = false, bind_local = false, connect_retry_seconds = 5, connect_retry_defined = false, connect_retry_max = 0, connect_timeout = 10, connect_timeout_defined = false, http_proxy_options = 0x0, socks_proxy_server = 0x0, socks_proxy_port = 0, socks_proxy_authfile = 0x0, socks_proxy_retry = false, tun_mtu = 1360, tun_mtu_defined = true, tun_mtu_extra = 0, tun_mtu_extra_defined = false, link_mtu = 1500, link_mtu_defined = false, mtu_discover_type = -1, fragment = 0, mssfix = 1450, mssfix_default = false, explicit_exit_notification = 3, flags = 0}, remote_ip_hint = 0x0, connection_list = 0x0, remote_list = 0x193f07133808, force_connection_list = false, http_proxy_override = 0x0, rh_store = 0x0, remote_random = false, ipchange = 0x0, dev = 0x193f459ab1e8 "tun", dev_type = 0x0, dev_node = 0x0, lladdr = 0x0, topology = 3, ifconfig_local = 0x193ef49038c8 "10.40.204.156", ifconfig_remote_netmask = 0x193e71e75448 "255.255.252.0", ifconfig_ipv6_local = 0x0, ifconfig_ipv6_netbits = 0, ifconfig_ipv6_remote = 0x0, ifconfig_noexec = false, ifconfig_nowarn = false, shaper = 0, proto_force = -1, mtu_test = false, mlock = false, keepalive_ping = 0, keepalive_timeout = 0, inactivity_timeout = 0, inactivity_minimum_bytes = 0, ping_send_timeout = 30, ping_rec_timeout = 600, ping_timer_remote = false, tun_ipv6 = false, ping_rec_timeout_action = 1, persist_tun = true, persist_local_ip = false, persist_remote_ip = false, persist_key = true, passtos = false, resolve_retry_seconds = 10, tuntap_options = {dummy = 0}, username = 0x193e68049be8 "_openvpn", groupname = 0x193e68049c08 "_openvpn", chroot_dir = 0x0, cd_dir = 0x193edecc2ee8 "/etc/openvpn", writepid = 0x0, up_script = 0x193e7cd25188 "/etc/openvpn/ovpn-brq-udp-client.up", down_script = 0x0, user_script_used = true, down_pre = false, up_delay = false, up_restart = false, daemon = false, remap_sigusr1 = 0, inetd = 0, log = false, suppress_timestamps = false, nice = 0, verbosity = 3, mute = 0, gremlin = 0, status_file = 0x193f08d54548 "/tmp/ovpn-brq-upd.status", status_file_version = 3, status_file_update_freq = 60,
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: dco...@cvs.openbsd.org 2016/09/09 03:47:43 Modified files: x11/kde-applications/gpgmepp: Makefile Log message: Add missing rdep on devel/boost to unbreak bulk builds. >From Caspar Schutijser
textproc/groff build system fix (maintainer patch)
Hi, it appears that sometimes, the textproc/groff build can fail during the fake stage because make(1) thinks that some directories it has to enter to install to the fake area are already "up to date", which of course makes no sense during fake. Jerome Ibanes has seen this on 6.0-release: ===> Faking installation for groff-1.22.3p2 [...] test -z "R I B BI DESC" || for f in ""R I B BI DESC; do rm -f /usr/ports/pobj/groff-1.22.3/fake-sparc64/usr/local/share/groff/1.22.3/font/devutf8/$f; if test - f $f; then /usr/ports/pobj/groff-1.22.3/bin/install -c -m 644 $f /usr/ports/pobj/groff-1.22.3/fake-sparc64/usr/local/share/groff/1.22.3/font/devutf8/$f; else /usr/ports/pobj/groff-1.22.3/bin/install -c -m 644 ./$f /usr/ports/pobj/groff-1.22.3/fake-sparc64/usr/local/share/groff/1.22.3/font/devutf8/$f; fi; done [...] `src/utils/afmtodit' is up to date. `font/devpdf' is up to date. [...] ===> Building package for groff-1.22.3p2 Create /usr/ports/packages/sparc64/all/groff-1.22.3p2.tgz [...] Error: /usr/ports/pobj/groff-1.22.3/fake-sparc64/usr/local/bin/afmtodit does not exist Error: /usr/ports/pobj/groff-1.22.3/fake-sparc64/usr/local/bin/chem does not exist [...] Even though i did not manage to reproduce, from code inspection, it is obvious that this may in principle happen: $(ALLDIRS) are marked .PHONY, but $(OTHERDIRS) are not. So i'd like to commit the following patch. Jerome confirmed that it resolves the issue for him. Where this patch is needed, the package did not build at all, and where it isn't, it doesn't change package content, so no bump is needed. The patch was regenerated with update-patches, so it contains some trivial changes, too. OK to commit? Reporting upstream is not needed because in the -current version, which will be the basis of the next upstream release, upstream completely changed the build system, switching to automake. Yours, Ingo Index: patches/patch-Makefile_in === RCS file: /cvs/ports/textproc/groff/patches/patch-Makefile_in,v retrieving revision 1.6 diff -u -p -r1.6 patch-Makefile_in --- patches/patch-Makefile_in 7 Nov 2014 17:10:36 - 1.6 +++ patches/patch-Makefile_in 9 Sep 2016 09:31:25 - @@ -1,8 +1,10 @@ $OpenBSD: patch-Makefile_in,v 1.6 2014/11/07 17:10:36 schwarze Exp $ chunk 1: Install preformatted manuals, not source pages (local change). -chunk 2: src/devices/gropdf depends on arch/misc (to be submitted upstream). +chunk 2: src/devices/gropdf depends on arch/misc. +chunk 3: avoid bogus "is up to date" during fake. +Regarding chunks 2 & 3, current upstream code is completely different now. --- Makefile.in.orig Tue Nov 4 09:38:35 2014 -+++ Makefile.inFri Nov 7 17:30:00 2014 Makefile.inThu Sep 8 22:27:19 2016 @@ -253,15 +253,15 @@ manroot=$(mandir) # `man1ext' is the man section for user commands. @@ -22,12 +24,21 @@ chunk 2: src/devices/gropdf depends on a # `dist' target is disallowed in some `configure' combinations. doc_dist_target_ok=@doc_dist_target_ok@ -@@ -895,6 +895,8 @@ $(GNULIBDIRS): FORCE - || eval $$srcdir/configure "$$args" --srcdir=$$srcdir; \ +@@ -896,6 +896,8 @@ $(GNULIBDIRS): FORCE $(MAKE) ACLOCAL=: AUTOCONF=: AUTOHEADER=: AUTOMAKE=: $(do) ;; \ esac -+ -+$(SHPROGDIRS): $(PROGDEPDIRS) ++$(SHPROGDIRS): $(PROGDEPDIRS) ++ $(OTHERDIRS): $(PROGDEPDIRS) $(CCPROGDIRS) $(CPROGDIRS) $(SHPROGDIRS) + $(INCDIRS) $(PROGDEPDIRS) $(SHPROGDIRS) $(OTHERDIRS): FORCE +@@ -964,7 +966,7 @@ dist: + # refer lookbib indxbib lkbib: libbib + # $(LIBDIRS) $(PROGDIRS): include + +-.PHONY: $(ALLDIRS) dot $(TARGETS) FORCE ++.PHONY: $(ALLDIRS) $(OTHERDIRS) dot $(TARGETS) FORCE + + # Create a Makefile in $(subdir). This is useful for development since it + # avoids running make recursively.
Re: Samba as DC on OpenBSD 6.0 is unusable :(
On Fri, Sep 09, 2016 at 08:53:20AM +0300, kasak wrote: > I think, if Theo says that we don't need acl, than we don't need acl. He > knows better. Keeping things simple is very secure and this is good! > I am very thankful to you for maintaining samba on OpenBSD! Undoubtedly , > OpenBSD is now best of all OS, and fresh port of samba is what we really > need! But missing extattr/xattr supports is not only about ACLs, extended filesystem attributes are used also for other things. For example both Ceph FS and glusterfs keep their metadata in extended attributes, thus without this you cannot port such filesystems to OpenBSD :/ j.
openvpn-2.3.11 segfaults, error "Too many levels of symbolic links"
Hi, I use same openvpn config for long time but it seems recent updates (base, packages) caused openvpn to segfault after a route add error. Any help would be appreciated. j. openvpn-2.3.11 OpenBSD 6.0-current (GENERIC.MP) #2421: Mon Sep 5 07:50:28 MDT 2016 ~~~ # openvpn --config /etc/openvpn/ovpn-brq-udp-x86_64.conf Fri Sep 9 09:53:55 2016 OpenVPN 2.3.11 x86_64-unknown-openbsd6.0 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Sep 3 2016 Fri Sep 9 09:53:55 2016 library versions: LibreSSL 2.5.0, LZO 2.09 Enter Auth Username:jbelka Enter Auth Password: Fri Sep 9 09:54:09 2016 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. Fri Sep 9 09:54:09 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Fri Sep 9 09:54:09 2016 PLUGIN_INIT: POST /usr/local/lib/openvpn/plugins/openvpn-plugin-down-root.so '[/usr/local/lib/openvpn/plugins/openvpn-plugin-down-root.so] [/etc/openvpn/ovpn-brq-udp-client.down]' intercepted=PLUGIN_UP|PLUGIN_DOWN Fri Sep 9 09:54:09 2016 WARNING: normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1360) Fri Sep 9 09:54:09 2016 Socket Buffers: R=[41600->41600] S=[9216->9216] Fri Sep 9 09:54:09 2016 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Fri Sep 9 09:54:09 2016 UDPv4 link local: [undef] Fri Sep 9 09:54:09 2016 UDPv4 link remote: [AF_INET]:443 Fri Sep 9 09:54:09 2016 TLS: Initial packet from [AF_INET]:443, sid=75faf7af 81d7f0cc Fri Sep 9 09:54:13 2016 VERIFY OK: depth=1, C=US, ST=North Carolina, L=Raleigh, O=Example, Inc., OU=IS, CN=Example IS CA, emailAddress=sysadmin-...@example.com Fri Sep 9 09:54:13 2016 VERIFY OK: depth=0, C=US, ST=North Carolina, O=Example, Inc., OU=Information Technology, CN=ovpn-brq.example.com, emailAddress=serviced...@example.com Fri Sep 9 09:54:17 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Fri Sep 9 09:54:17 2016 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 9 09:54:17 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Fri Sep 9 09:54:17 2016 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Fri Sep 9 09:54:17 2016 Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA Fri Sep 9 09:54:17 2016 [ovpn-brq.example.com] Peer Connection Initiated with [AF_INET]:443 Fri Sep 9 09:54:19 2016 SENT CONTROL [ovpn-brq.example.com]: 'PUSH_REQUEST' (status=1) Fri Sep 9 09:54:19 2016 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.40.204.1,route 10.0.0.0 255.0.0.0,dhcp-option DNS 10.38.5.26,dhcp-option DNS 10.35.255.14,dhcp-option DOMAIN example.com,ping 30,ping-exit 600,explicit-exit-notify 3,topology subnet,ifconfig 10.40.204.138 255.255.252.0' Fri Sep 9 09:54:19 2016 OPTIONS IMPORT: timers and/or timeouts modified Fri Sep 9 09:54:19 2016 OPTIONS IMPORT: explicit notify parm(s) modified Fri Sep 9 09:54:19 2016 OPTIONS IMPORT: --ifconfig/up options modified Fri Sep 9 09:54:19 2016 OPTIONS IMPORT: route options modified Fri Sep 9 09:54:19 2016 OPTIONS IMPORT: route-related options modified Fri Sep 9 09:54:19 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Fri Sep 9 09:54:19 2016 ROUTE_GATEWAY 192.168.100.1 Fri Sep 9 09:54:19 2016 TUN/TAP device /dev/tun0 opened Fri Sep 9 09:54:19 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Fri Sep 9 09:54:19 2016 /sbin/ifconfig tun0 10.40.204.138 10.40.204.138 mtu 1360 netmask 255.255.252.0 up Fri Sep 9 09:54:20 2016 /sbin/route add -net 10.40.204.0 10.40.204.138 -netmask 255.255.252.0 add net 10.40.204.0: gateway 10.40.204.138 Fri Sep 9 09:54:20 2016 PLUGIN_CALL: POST /usr/local/lib/openvpn/plugins/openvpn-plugin-down-root.so/PLUGIN_UP status=0 Fri Sep 9 09:54:20 2016 /etc/openvpn/ovpn-brq-udp-client.up tun0 1360 1417 10.40.204.138 255.255.252.0 init OpenVPN run: Opening socket /var/pdnsd/pdnsd.status Succeeded Fri Sep 9 09:54:20 2016 /sbin/route add -net 10.0.0.0 10.40.204.1 -netmask 255.0.0.0 add net 10.0.0.0: gateway 10.40.204.1: Too many levels of symbolic links Fri Sep 9 09:54:20 2016 ERROR: OpenBSD/NetBSD route add command failed: external program exited with error status: 1 Fri Sep 9 09:54:20 2016 GID set to _openvpn Fri Sep 9 09:54:20 2016 UID set to _openvpn Fri Sep 9 09:54:20 2016 Initialization Sequence Completed Segmentation fault ~~~ dmesg ~~~ OpenBSD 6.0-current (GENERIC.MP) #2421: Mon Sep 5 07:50:28 MDT 2016 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 12540866560 (11959MB) avail mem = 12156301312 (11593MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdcd3d000 (62 entries) bios0: vendor LENOVO version "GJET79WW (2.29 )" date 09/03/2014
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2016/09/09 01:30:44 Modified files: sysutils/awscli: Makefile distinfo Log message: Update to awscli-1.10.63.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2016/09/09 01:30:28 Modified files: net/py-botocore: Makefile distinfo Log message: Update to py-botocore-1.4.53.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2016/09/09 01:25:51 Modified files: security/gnutls: Tag: OPENBSD_6_0 Makefile distinfo Log message: SECURITY update to gnutls-3.4.15. - GnuTLS-SA-2016-3 - http://lists.gnutls.org/pipermail/gnutls-devel/2016-September/008146.html
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2016/09/09 01:24:48 Modified files: security/gnutls: Makefile distinfo Log message: SECURITY update to gnutls-3.4.15. - GnuTLS-SA-2016-3 - http://lists.gnutls.org/pipermail/gnutls-devel/2016-September/008146.html
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: jas...@cvs.openbsd.org 2016/09/09 00:41:25 Modified files: misc/portroach : Makefile Added files: misc/portroach/patches: patch-Portroach_SiteHandler_GitHub_pm Log message: apply patch from upstream "try harder to make sense of github" reminded by juanfra@
Re: Samba as DC on OpenBSD 6.0 is unusable :(
Revision 1.219 / (download) - annotate - [select for diffs], Tue Apr 12 17:42:09 2016 UTC (4 months, 3 weeks ago) by jca Update to samba-4.3.6 i386 build by danj@, ok sthen@ The changelog between 4.1.23 and 4.3.6 is too big to be described here. The point of updating now is that 4.1.x won't receive updates for the freshly published security advisories. samba-4.3.8 will follow. --without-acl-support \ Was introduced in the 4.3.6 update just before the big Samba security update for CVE-2015-5370 (Multiple errors in DCE-RPC code) CVE-2016-2110 (Man in the middle attacks possible with NTLMSSP) CVE-2016-2111 (NETLOGON Spoofing Vulnerability) CVE-2016-2112 (LDAP client and server don't enforce integrity) CVE-2016-2113 (Missing TLS certificate validation) CVE-2016-2114 ("server signing = mandatory" not enforced) CVE-2016-2115 (SMB IPC traffic is not integrity protected) CVE-2016-2118 (SAMR and LSA man in the middle attacks possible) Now to work out the implications of re-enabling it. Ian McWilliam From: owner-po...@openbsd.org [owner-po...@openbsd.org] on behalf of kasak [ka...@kasakoff.net] Sent: Friday, 9 September 2016 3:54 PM Cc: ports@openbsd.org Subject: Re: Samba as DC on OpenBSD 6.0 is unusable :( 09.09.2016 02:48, Ian McWilliam пишет: > Have you tried > > vfs objects = xattr_tdb > > This will use a tdb database for storing extended attributes. > > > Ian McWilliam > > > From: owner-po...@openbsd.org [owner-po...@openbsd.org] on behalf of Jeremie > Courreges-Anglas [j...@wxcvbn.org] > Sent: Friday, 9 September 2016 7:01 AM > To: kasak > Cc: ports@openbsd.org > Subject: Re: Samba as DC on OpenBSD 6.0 is unusable :( > > samba port maintainer here, > > kasakwrites: > >> Maybe I am doing something wrong ? >> >> I have tried to provision domain and got error that samba was compiled >> without acl support. >> >> On some forums I found advice to use "--use-ntvfs" option when provisioning. >> >> But it appeared that samba-tool doesn't know about this option: >> >> $ doas samba-tool domain provision --use-ntvfs >> Usage: samba-tool domain provision [options] >> >> samba-tool domain provision: error: no such option: --use-ntvfs >> >> I think this option was deprecated in new versions of samba, but i was >> not able to find information about it. > No idea what went wrong in the last updates. IIUC it's just a matter of > fixing domain provisioning, which used to work fine. I'll take a look > at this soon(tm). > >> So, is it really possible to use OpenBSD as a DC? > Everything is possible, but our lack of ACLs and extended attributes > make OpenBSD a poor choice for samba, even if upstream supports backends > that don't suffer these limitations. From my POV, net/samba is here > first for simple file sharing and client libraries support. > > -- > jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE > It did not help