Re: acme-client(1): backup certs
On Sun, Jan 03, 2021 at 11:16:00AM +, Stuart Henderson wrote: > What are you thinking would be stolen? The certificates themselves > are public knowledge anyway - they are sent in full whenever someone > connects to your TLS-based service and are available from Certificate > Transparency log servers (https://crt.sh etc) - but they are useless > without the private key. That's exactly what concerns me. I rent servers. Physical access always breaks security if someone really wants to. If it wasn't so insane in the Big Tech companies right now, I would only place my paranoia with some bad guy in the server room. But I have two sites that just have copies of the US and Texas Declarations of Independence, The US Constitution, Hammarabi's legal code and just stuff like that. Nothing with any opinions. I also walk past small shops permanently out of business every day, so I find it tough not to be a little paranoid. I do keep all my sites with DNSSEC. Except this one. As I tried to move it, I found all kinds of restrictions on sites with endings like .us IMO, really stupid, but oh well. Going to try to move it again next couple of days. I really don't maintain bennettconstruction.us, it's just sentimental value for me and what was. Chris > > > Especially since DNS servers can take up to 48 hours to propagate changes > > So getting rid of www.domain.xxx might not show up quickly enough. > > And if I change IP addresses and they don't get propagated soon enough, > > wouldn't someone be able to briefly spoof my site? > > letsencrypt (and I think probably all CAs) do uncached lookups from the > authoritative servers for the domain, following the chain from the root > servers, the usual problem with DNS servers returning outdated records > is with bad recursive servers. > > If you have problems getting the authoritative servers giving out current > information then that needs fixing, and isn't really a problem specific > to CA validation. >
Re: acme-client(1): backup certs
On Sat, Jan 02, 2021 at 05:23:11PM +0100, Florian Obser wrote: > > Create .1 backup files when acme-client is going to overwrite a > certificate file. > > This files are not terribly big and it's convenient to keep one > previous file around for example if one adds or removes domains to the > certificate and then wants to revoke the previous one. > > (Note that it's kinda difficult to revoke the old certificate with > acme-client currently. The whole revoke machinery needs to be > overhauled. I have ideas...) > > Comments, OKs? > Wait, I can have multiple, active certificates? One's that are in fact different, such as domain.xxx and then add www.domain.xxx in another certificate? If that's the case, then couldn't someone steal the old or new one and use that to cause problems? Especially since DNS servers can take up to 48 hours to propagate changes So getting rid of www.domain.xxx might not show up quickly enough. And if I change IP addresses and they don't get propagated soon enough, wouldn't someone be able to briefly spoof my site? DNS servers in some places I have been to, do in fact have failures. If I understand this correctly (perhaps not), this seems like a major security problem with DNS. Especially if my spoofed site sends people to another site that they then bookmark. Chris Bennett
fix examples/acme-client.conf
Hi,
after spending several hours trying to find out what the problem was
with getting SSL to work properly again in Apache, I finally found the
problem.
The -current and src versions are the same in /etc/examples, but
acme-client has changed. I looked in both places to see if I missed a
change. Turns out the man page mentioned it, but nothing in example.
Not sure if I picked good names, but I would really like to get this
little addition. RTFM still applies, but if there is an examples file,
it ought to represent new changes, IMHO.
Chris Bennett
Index: acme-client.conf
===
RCS file: /cvs/src/etc/examples/acme-client.conf,v
retrieving revision 1.4
diff -u -p -u -p -r1.4 acme-client.conf
--- acme-client.conf17 Sep 2020 09:13:06 - 1.4
+++ acme-client.conf30 Dec 2020 23:35:03 -
@@ -26,6 +26,7 @@ authority buypass-test {
domain example.com {
alternative names { secure.example.com }
domain key "/etc/ssl/private/example.com.key"
+ domain chain certificate "/etc/ssl/example.com.chain.pem"
domain full chain certificate "/etc/ssl/example.com.fullchain.pem"
sign with letsencrypt
}
Re: [diff] src/usr.sbin/smtpd: add a forward-file option
On Sun, Dec 20, 2020 at 09:51:35AM +0100, Gilles CHEHADE wrote: > > > > On 20 Dec 2020, at 07:13, Sebastien Marie wrote: > > > > On Sat, Dec 19, 2020 at 10:36:32PM +, gil...@poolp.org wrote: > >> Hello, > >> > >> Whenever a rule with a local action (mbox, maildir, lmtp or mda) is > >> matched, smtpd will > >> attempt to search for a ~/.forward file in the recipient directory and > >> process it. This > >> may be convenient for some setups but it is an implicit behavior that's > >> not overridable > >> and not always wanted. > >> > >> This diff changes this behavior by requiring the admins to explicitly > >> allow the forward > >> files processing in the actions when desired: > >> > >>action "local_users" maildir forward-file > >> > >> > >> With this diff, if forward-file is not specified, code to request parent > >> process for an > >> fd is bypassed and the expansion layer just pretends parent couldn't find > >> one. This let > >> the code fallback in an already existing code path with the proper > >> behavior and is very > >> uninvasive. > >> > > > > if I could understood the direction (which is fine as it makes the > > daemon less behaviour dependant on a user settings), the default seems > > wrong to me (at least for now, and for OpenBSD base specifically). > > > > Currently, root@ mail delivery is based on /root/.forward file: > > install is writing this file to redirect root@ mail to user (if user > > was created at install-time). It is done this way since 2011 (see > > distrib/miniroot/install.sh rev 1.218). So I assume that all installs > > which were done with a user configured, since 2011, could use it. > > Yes, the default would need to be changed as follows: > > mini$ diff -uNp smtpd.conf smtpd.conf.new > > > > --- smtpd.confMon Dec 14 22:13:04 2020 > +++ smtpd.conf.newSun Dec 20 09:43:22 2020 > @@ -11,7 +11,7 @@ listen on socket > # > listen on all hostname debug.poolp.org > > -action "local_mail" maildir alias > +action "local_mail" maildir alias forward-file > action "outbound" relay > My src tree still has mbox as the default. There was talk of changing from mbox to maildir as default. Is this now going forward also? While mbox is simple, once I moved to Dovecot for IMAP, changing mbox to maildir was easy, but needed, amongst some other non-mbox choices. I think new users will be much happier learning maildir and skipping the whole mbox thing. My 2 cents. :^) Chris Bennett
Re: Double entry in /usr/src/lib/libcurses/curs_util.3
On Mon, Dec 14, 2020 at 09:06:21PM +, Stuart Henderson wrote: > This is present in the latest release upstream, could you report it > there please? > https://invisible-island.net/ncurses/announce.html#h2-development > > SEE ALSO are usually in (at least roughly) alphabetical order so it's > probably the first one that wants removing. Here they seem to list curses > before curs_ in all files, which is out of strict order but seems like > it's intentional. > Upstream incorporated this and other changes. Chris Bennett
Re: Double entry in /usr/src/lib/libcurses/curs_util.3
On Mon, Dec 14, 2020 at 09:06:21PM +, Stuart Henderson wrote: > > This is present in the latest release upstream, could you report it > there please? > https://invisible-island.net/ncurses/announce.html#h2-development > > SEE ALSO are usually in (at least roughly) alphabetical order so it's > probably the first one that wants removing. Here they seem to list curses > before curs_ in all files, which is out of strict order but seems like > it's intentional. > OK, sent upstream with first entry deleted. Chris Bennett
Double entry in /usr/src/lib/libcurses/curs_util.3
See also has a double entry. Chris Bennett Index: curs_util.3 === RCS file: /cvs/src/lib/libcurses/curs_util.3,v retrieving revision 1.6 diff -u -p -u -p -r1.6 curs_util.3 --- curs_util.3 12 Jan 2010 23:21:59 - 1.6 +++ curs_util.3 14 Dec 2020 20:41:51 - @@ -250,8 +250,7 @@ be conditioned using NCURSES_VERSION. \fBcurses\fR(3), \fBcurs_initscr\fR(3), \fBcurs_kernel\fR(3), -\fBcurs_scr_dump\fR(3), -\fBlegacy_coding\fR(3). +\fBcurs_scr_dump\fR(3). .\"# .\"# The following sets edit modes for GNU EMACS .\"# Local Variables:
Re: mixerctl names
On Sat, Oct 17, 2020 at 08:26:01PM +0200, Jan Stary wrote: > I balieve this is the purpose of outputs.master - it sets the volume > for multiple widgets; outputs.master.slaves says which. See azalia(4). > > > Now I just manually changed each inputs.dac alone. > > You are not supposed to tweak these controls directly; > that's mixerctl does, and it requires root privileges. > Try to set your controls with sndioctl as a regular user. > My laptop has amdgpu death syndrome. It will never leave 6.6-stable. It was cheap. You get what you pay for. Chris Bennett
Re: mixerctl names
On Sat, Oct 17, 2020 at 05:52:58PM +0200, Jan Stary wrote: > Currently, mixerctl.conf(5) says > > Most devices have a number of digital to analogue converters > (DACs), used for sound playback, and each DAC has a corresponding > output mixer. The mixers are labelled “mix” or “sel”. > > That doesn't seem to be the case, at least not universaly > as the wording seems to imply. For example, this is > mixerctl output on a Thinkpad T400: > > inputs.dac-0:1=222,222 > inputs.dac-2:3=222,222 > inputs.beep=0 > record.adc-2:3_source=mic2 > record.adc-2:3=219,219 > record.adc-0:1_source=mic > record.adc-0:1=219,219 > outputs.hp_source=dac-0:1 > outputs.hp_boost=on > inputs.mic=189,189 > outputs.mic_dir=input-vr80 > outputs.spkr_source=dac-2:3 > outputs.spkr_eapd=on > inputs.mic2=189,189 > outputs.hp_sense=unplugged > outputs.mic_sense=unplugged > outputs.master=240,240 > outputs.master.mute=off > outputs.master.slaves= > record.volume=240,240 > record.volume.mute=off > record.volume.slaves= > record.enable=sysctl > > Apparently, it has two DACS (for the speakers and the headphones). > The current wording might confuse the user into thinking he has > no output mixer, but the > > inputs.dac-0:1=222,222 > inputs.dac-2:3=222,222 > > do control the respective volumes, > while no "mix" or "sel" exists. > > Similarly for recording via the two ADCs. > > > Jan Thank you! +1 I had no idea what was going on and had basically given up on having the speakers off. changing outputs.master moves BOTH inputs.dac. Which is superbly confusing! Now I just manually changed each inputs.dac alone. Headphones plugged in -> speakers are off and headphones work. Unplug headphones -> speakers now turn on instead. I couldn't be happier. 8-} Chris Bennett
Re: RFC: kern.video.record
On Sat, Sep 19, 2020 at 10:14:55AM +0100, Laurence Tratt wrote: > > I agree that it would simplify the code. The reason that I didn't merge them > is because I know that sometimes people want to record audio but not video (I > doubt that many people record video without audio). Now, admittedly, this > isn't necessarily a super-common use case, so it might not be worth having > two knobs for it, but it might be worth considering. Personally I'm > completely comfortable with whatever the general consensus is for > merging/not-merging! There are legal reasons for recording video only. Depends on local laws. I forget the exact details, but Texas laws regarding informing others if they are being recorded are more permissive than other states as far as needing to inform. I've only been following this thread lightly, but it seems relevant to at least throw that information in. Chris Bennett
Re: [PATCH] sysupgrade
On Sun, May 03, 2020 at 04:40:44AM +0200, Stéphane Aulery wrote: > > a) Removing sets selection from the installer > b) Supporting an upgrade of the sets already installed. > The FAQ already describes exactly how to upgrade with whatever sets one wants to. I have used that method many, many times successfully. I can't see any reason whatsoever to turn an addon tool into anything more than what it is. If someone can't even bother to read the FAQ, why should they even be using OpenBSD at all? No intention to sound rude, but everything is already spelled out in detail on the website. Chris Bennett
Re: Audio over hdmi
On Fri, May 01, 2020 at 02:17:56PM +0200, Alexandre Ratchov wrote: > On Fri, May 01, 2020 at 01:11:16PM +0200, Damien Couderc wrote: > > > > Speaking of the hdmi-only devices that were disabled in 2009: does the > > project still stand on this position in 2020? I made a quick search and it > > seems that more than half of the screens are audio capable now. I understand > > the defaults back in 2009, but now is it still true? > > There's nothing wrong with hdmi-only devices. As long as audio works > by default with no tweaks, nobody will object to re-enabling > them. AFAIK, this was the only reason to disable them. > > > About the multi-codec devices, how do you see it ? Keeping all the codecs > > and adding a knob to switch between analog and digital to select the codec ? > > This seems to make sense. > I would deeply appreciate it if HDMI with audio could be activated. My laptop has a hideous screen and the audio cannot turn off the speakers when I only want to use the headphones. My eyes are not so good anymore, so a bigger screen, 2nd screen would be great. OTH, something is broken in the hardware or -current for a long time, so I'm stuck at 6.6-stable. Still have the same vision problem, though. Chris Bennett
Re: mandoc -T html default style
I just have to say that that I agree with Ingo 100%. There are just so many ways that html could be used besides just typical static manpage styles. inlining could be a good case, but only for a limited set of uses. I would really cringe at having to strip out inline CSS. Anyone who just prefers HTML versus a terminal or PDF style wouldn't care, but there are so many other possible uses that just don't match up with inline. I just don't see the harm in avoiding it. Striping out inline for 100 man pages is a really annoying task that can be so easily avoided. HTML is being evolved forward, for good or ill. I find it irritating, but that's what's happening anyway. Give us a better option and I'll support it. I just don't see one myself. It sucks, but we can't stop the horrors that are being pudhed upon us by others. Chris Bennett
Re: user land system spinning time
Slipped by me last night. My clock is also affected by this. I need to update the time constantly to keep my clock correct. During a day's use, the clock may end up 10 minutes wrong or more. This is irrelevant to setting the timer to acpihpet0 or not. Just reading my email has my clock wrong by about 3 minutes. I set it to the correct time in the BIOS right before booting. Since I mentioned the BIOS just now, I need to check to see if there is a newer one. It's possible that there is not a flaw in OpenBSD, but a flaw in the current BIOS version I have. I have found it a little puzzling why no one else is complaining about this problem. Thanks, Chris Bennett
Re: user land system spinning time
On Mon, Oct 08, 2018 at 09:44:35PM +0200, Alexander Bluhm wrote: > Hi, > > On May 14 we did split kernel spinning time from system time. Goal > was to see what the kernel is doing. > > I just realized that user land time accounting has also changed. > The commit changed system time of a process that is spinning. But > the user land process still uses CPU time in the kernel that should > be accounted to the user. The user does not care if kernel is > spinning or working for him. time(1) only shows real, user, sys. > > So I would like to restore the original behavior for user land > processes. > > ok? > Forgive me if this message comes out a little corrupted. Did this change make it into 6.4 release? I have had timer problems for a good while. Started out a while back as getting multiple characters and excessive deletions on command lines. This was fixed by changing from tsc->acpihpet0. Now I have had the following problem in spectrwm which was under -current and continues under release. There are 10 screens, within which windows to applications may be opened and moved/resized, etc. I cannot avoid getting the xterms from randomly freezing up which can be remedied by changing screens and returning back. This also happens with vim, firefox, etc. Everything functions, problem is with the display only, as far as I can tell. Thanks, Chris Bennett OpenBSD 6.4 (GENERIC.MP) #364: Thu Oct 11 13:30:23 MDT 2018 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 3774021632 (3599MB) avail mem = 3650367488 (3481MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.0 @ 0xea8c0 (45 entries) bios0: vendor LENOVO version "5PCN20WW" date 01/15/2018 bios0: LENOVO 80XV acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP UEFI HPET APIC MCFG SBST SSDT MSDM BATB SSDT SSDT IVRS CRAT SSDT FPDT SSDT BGRT UEFI acpi0: wakeup devices GPP0(S4) GPP1(S4) GPP2(S4) GPP3(S4) GPP4(S4) GFX0(S4) GFX1(S4) GFX2(S4) GFX3(S4) GFX4(S4) XHC0(S3) EHC1(S3) SBAZ(S4) acpitimer0 at acpi0: 3579545 Hz, 32 bits acpihpet0 at acpi0: 14318180 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 16 (boot processor) cpu0: AMD A9-9420 RADEON R5, 5 COMPUTE CORES 2C+3G, 2994.82 MHz, 15-70-00 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,FMA3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,XOP,SKINIT,WDT,FMA4,TCE,NODEID,TBM,CPCTR,DBKP,PERFTSC,MWAITX,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,XSAVEOPT cpu0: 96KB 64b/line 3-way I-cache, 32KB 64b/line 8-way D-cache, 1MB 64b/line 16-way L2 cache cpu0: ITLB 48 4KB entries fully associative, 24 4MB entries fully associative cpu0: DTLB 64 4KB entries fully associative, 64 4MB entries fully associative cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, IBE cpu1 at mainbus0: apid 17 (application processor) cpu1: AMD A9-9420 RADEON R5, 5 COMPUTE CORES 2C+3G, 2994.38 MHz, 15-70-00 cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,MWAIT,SSSE3,FMA3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,EAPICSP,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,IBS,XOP,SKINIT,WDT,FMA4,TCE,NODEID,TBM,CPCTR,DBKP,PERFTSC,MWAITX,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,XSAVEOPT cpu1: 96KB 64b/line 3-way I-cache, 32KB 64b/line 8-way D-cache, 1MB 64b/line 16-way L2 cache cpu1: ITLB 48 4KB entries fully associative, 24 4MB entries fully associative cpu1: DTLB 64 4KB entries fully associative, 64 4MB entries fully associative cpu1: smt 1, core 0, package 0 ioapic0 at mainbus0: apid 4 pa 0xfec0, version 21, 24 pins, remapped ioapic1 at mainbus0: apid 5 pa 0xfec01000, version 21, 32 pins, remapped acpimcfg0 at acpi0 acpimcfg0: addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (GPP0) acpiprt2 at acpi0: bus -1 (GPP1) acpiprt3 at acpi0: bus 1 (GPP2) acpiprt4 at acpi0: bus 2 (GPP3) acpiprt5 at acpi0: bus -1 (GPP4) acpiprt6 at acpi0: bus -1 (GFX0) acpiprt7 at acpi0: bus -1 (GFX1) acpiprt8 at acpi0: bus -1 (GFX2) acpiprt9 at acpi0: bus -1 (GFX3) acpiprt10 at acpi0: bus -1 (GFX4) acpiec0 at acpi0 acpicpu0 at acpi0: C2(0@400 io@0x814), C1(@1 halt!), PSS acpicpu1 at acpi0: C2(0@400 io@0x814), C1(@1 halt!), PSS acpipwrres0 at acpi0: P0U3, resource for XHC0 acpipwrres1 at acpi0: P3U3, resource for XHC0 acpipwrres2 at acpi0: P0U2, resource for EHC1 acpipwrres3 at acpi0: P3U2, resource for EHC1 acpipwrres4 at acpi0: P0SD acpipwrres5 at acpi0: P3SD acpipwrres6 at acpi0: P0ST, resource for SATA acpipwrres7 at acpi0: P3ST, resource
Re: manpage text width
On Thu, Mar 29, 2018 at 11:57:43PM +, Ingo Schwarze wrote: > I *could* maybe teach man(1) to honour $COLUMN by default when > starting up in interactive mode, but i did not do so for the following > reasons: > > * Many people are using terminals wider than 80 columns, but >texts get hard to read when much wider than that. Very long >lines become hard to follow. (That's why newspapers usually >have columns of even less than 80 characters, but they don't >have as much indentation as manual pages either.) This is very important. Our brains just are not good at working with long lines. This is hard-wired. If anyone doesn't believe me, try setting your browser window to a narrower width or use reader mode. We read by mapping things out on the line. If it's too long, our brains get "confused" and information is lost. This is a problem with textbooks. The wide pages are needed for pictures and diagrams, but the text should be written in narrower columns. It's interestng that older hardware caused us to use narrow widths, but that turns out to be best anyway. Could anybody really follow code written at 200 columns width? Chris Bennett
Re: Patch to add 2 words to share/dict/web2
On Tue, Mar 06, 2018 at 03:49:49PM +, Theo de Raadt wrote: > >On Mon, Mar 05, 2018 at 08:07:53PM -0700, Theo de Raadt wrote: > > > >> If we added the complete english language, /usr would be full. > > > >> (Already a few people having trouble with multiple upgrades + the > >> new kernel/library link kits) > > > >If we had definitions, I might agree with you that it might fill /usr. > >The file is 2.4M though, and even if we got super-studious and doubled > >its size, we'd be less than 5M. It's also not like a library where we > >keep the old version around. > > > >That said, this isn't a hill to die on. It bothered me how much we (tech > >industry in general) will spend so much space on stupid crap but we have > >spellcheckers that only carry a subset of words in use. I bitched about > >it online and someone pointed out I could help do something about it. > >So, (eventually) I did. > > The swahili dictionary is too sparse also. > I have to agree. vim-spell-es is missing a ton of common words. I just ignore it. Chris Bennett
Re: Fix kbd -l
On Thu, Sep 29, 2016 at 04:53:12PM +0200, Mark Kettenis wrote: > Now if you log in through xdm, you will in all likelyhood get an empty > list. But X has its own idea about keyboard mappings anyway. It only > initializes its settings based on the wscons settings. But it never > changes the wscons settings if you manipulate the X mappings. > Yes, you can ignore my comments since it involved working under X, not the console. Chris Bennett
Re: Fix kbd -l
Lucky day. I brought the USB drive that I was running current amd64 on. setxkbmap -layout "us,ru,latam" -option caps:none -option grp:shifts_toggle -option grp_led:scroll plus .xinitrc /usr/X11R6/bin/xset b /usr/X11R6/bin/xset fp+ /usr/local/share/fonts/terminus /usr/X11R6/bin/xset fp+ /usr/local/share/fonts/ptsans/ Chris Bennett
Re: Fix kbd -l
When I return to Mexico shortly, I found that during the steps I took to setup a keyboard to be switchable between english-spanish-russian, there was a problem with one program outputting 'en' but kbd -l giving 'us'. Since I only have that set-up back there, I can't show you the file that worked. pretty sure I used dual shift keys to switch keyboard encodings. I'll look up the thread on misc@ that I asked about all this right now. See if I can reproduce here. Chris Bennett
Re: Licensing into base using multiple languages, C and Perl
On Sat, Aug 27, 2016 at 08:31:02PM +0200, Ingo Schwarze wrote: > Hi Chris, > > i'm not sure that i understand all your questions, but i'm trying > to answer as best i can. > > Chris Bennett wrote on Sat, Aug 27, 2016 at 12:00:29PM -0500: > > > I'd like some help understanding how the policy works with actually > > having something acceptable to being included into base vs. needing to > > be a port. > > Some code essentially has only one way to write it and I see it all over > > the place. Calling a variable with another name doesn't seem at all like > > original code to me. > > Copyright doesn't apply to single lines, even less to single words. > It applies to "works". > > https://en.wikipedia.org/wiki/Copyright#Eligible_works > > So, if you somehow get to look at some proprietary software and > like some variable name, you are free to use the same name in your > own software from the Copyright point of view (of course, if the > code belongs to your employer, your working contract might forbid > that you use information obtained at work privately, but that has > nothing to do with Copyright). > > > There is code in base written in Perl that is new code. > > Base Perl changes adds and removes modules over time, like CGI being > > removed. > > For example, using a base Perl module might be a problem if it is > > updated and removed to CPAN with a license change. Bang! Problem. > > OpenBSD base includes many modules that are from CPAN and not > from Perl base. When these are updated, we check that the license > is still OK. In practice, that's hardly ever a problem because > most stuff in CPAN is published under the Perl Artistic license, > which allows inclusion into OpenBSD. > > > Also, there is existing code that I never ever look at, but I write > > essentially the same code myself independently. How does that effect > > things? > > Doesn't matter: > > https://en.wikipedia.org/wiki/Copyright#Originality > > "Two authors may own copyright on two substantially identical >works, if it is determined that the duplication was coincidental, >and neither was copied from the other." > > In practice, that's rare, because Copyright applies to works, not > to lines or words, and chances that a complete work (e.g. software > program) is identically written by two people independent of each > other are very low. There is a famous story, though, where in early > UNIX development, even though Ken Thompson and Dennis Richie usually > knew where each other was working and kept their areas of work > separate, both did write exactly the same program. It was such a > rare event that people still marvel at it. > > > There are also many modules on CPAN that use the same license as Perl > > itself. Can I bring the code itself only into the project, not the > > module so that only that version is used? > > Yes. The Perl Artistic license allows creation of derivative works. > So you can take parts from programs and modules and create and > distribute modified versions, as long as you keep the original > Copyright notice and license, make it clear what you changed, > and distribute the changed files as free software - for details, > see the file "Artistic". > > > There are also bits of code that are very restrictively licensed. > > Do I even dare look at it for ideas? > > Doesn't matter at all. Ideas are never subject to Copyright, > only the *expression* of an idea in a particular form is. > So there is no problem if you carefully study the source code > of a program, then write your own program doing exactly the same, > as long as you don't copy code in the process. > > Of course, the Copyright holder of the program might sue you, > claiming that you *did* copy stuff, and if that person or company > is rich, such a lawsuit might be very inconvenient. For that > reason, people who are exceptionally prudent sometimes use > > https://en.wikipedia.org/wiki/Clean_room_design > > in particular when dealing with commercial code coming from > corporations who are notorious for sueing. > Thanks, this is very helpful. Having a third party write a specification to work toward is not a step I was aware of as being helpful legally. Suing seems to be very popular these days. I don't want either myself or OpenBSD to have any problems of this kind. Despite having seen it mentioned with the big companies suing over patents, I didn't even think of that pitfall. I have so far made sure to not look at any code (except in some books about programming) which did not have a suitable license for derivative use. > I'm not a lawyer, this is merel
Licensing into base using multiple languages, C and Perl
I'd like some help understanding how the policy works with actually having something acceptable to being included into base vs. needing to be a port. Some code essentially has only one way to write it and I see it all over the place. Calling a variable with another name doesn't seem at all like original code to me. There is code in base written in Perl that is new code. Base Perl changes adds and removes modules over time, like CGI being removed. For example, using a base Perl module might be a problem if it is updated and removed to CPAN with a license change. Bang! Problem. Also, there is existing code that I never ever look at, but I write essentially the same code myself independently. How does that effect things? There are also many modules on CPAN that use the same license as Perl itself. Can I bring the code itself only into the project, not the module so that only that version is used? There are also bits of code that are very restrictively licensed. Do I even dare look at it for ideas? Thanks, Chris Bennett
Re: Is loss of read-only /usr permanent?
I think you are totally missing the point that Theo just made. Marking partitions as read-only is useful, when and only when appropriate. I have: /var/www/var /home /home/user1 /home/user2 /usr/local all marked as read-only. Why, because when the power fails, no data is lost and I'm quickly back up with minimal fsck'ing. When user1 or user2 logs in, There is a big message telling them to mount their partition rw and right before logging out or shutting down, to mark as ro. When the lights start to flicker, Ctrl-Alt-Backspace slams you out of X and ro alias slams that partition safe much faster than shutdown. This has saved my ass twice now. Backup your data and re-install that snapshot if you lose /usr, etc. Works great for me. Many times. You are backing up etc and root, right? Chris
Re: SSLv3 and Internet Printing Protocol requirements problem
On Fri, Mar 18, 2016 at 08:31:36AM -0600, Bob Beck wrote: > > But it officially requires support for IPP version 1.0, which used > > SSLv3. > > I assume that there are printers, perhaps many were sold, which did use > > version 1.0. That version used SSLv3 for encrypted communication. Which > > is now gone. > > Almost certainly. > > > > > How should we deal with this problem? > > Here's a nickel kid - buy a better printer? > That makes sense. Any big operation is going to be replacing printers regularly due to hwavy use. Any small operation probably won't have much in the way of security needs. I don't know much about OpenSSL, "nice" to know that crap is still buildable for those "special" needs. Chris > Seriously. we just won't be conformant. These protocols are designed > by industry consortiums who want to sell product at lowest cost, not > care about security. If you seriously must have insecure stuff, > well, that's why OpenSSL still exists, you can always build with that.
SSLv3 and Internet Printing Protocol requirements problem
Apologies for my disappearance for a while but I have been brutally sick. Fine now. IPP is now using version 1.1 and new products also. But it officially requires support for IPP version 1.0, which used SSLv3. I assume that there are printers, perhaps many were sold, which did use version 1.0. That version used SSLv3 for encrypted communication. Which is now gone. How should we deal with this problem? Chris Bennett
Re: missing privsep in ckqueue function
On Mon, Feb 29, 2016 at 10:05:03AM -0700, Todd C. Miller wrote: > On Mon, 29 Feb 2016 09:55:45 -0700, "Todd C. Miller" wrote: > > > Most of the PRIV_START / PRIV_END should be removed. There are a > > few instances where we need to drop setgid when opening files, > > however. Removing those calls needs to be done very carefully. > > It is also worth rethinking whether lpr/lprm really need to be > setuid at all now or whether we can simply rely on being setgid > daemon. I was concerned about having non daemon-owned files in the > spool dirs. That may not really be an issue, though. > > - todd > Would it then be appropriate to remove PRIV_START /PRIV_END from getq? It's only getting a list of sorted filenames for the queue. Later, opening those files seems to need care. Chris
missing privsep in ckqueue function
I have a diff out there right now on these files but I noticed the
following:
/*
* Scan the current directory and make a list of daemon files sorted by
* creation time.
* Return the number of entries and a pointer to the list.
*/
int
getq(struct queue ***namelist)
{
struct dirent *d;
struct queue *q, **queue = NULL;
size_t nitems = 0, arraysz;
struct stat stbuf;
DIR *dirp;
PRIV_START;
dirp = opendir(SD);
PRIV_END;
yet in ckqueue
if (cgetstr(cap, "sd", ) >= 0) {
dirp = opendir(spooldir);
free(spooldir);
} else
dirp = opendir(_PATH_DEFSPOOL);
there is no privsep for same action of opendir.
This should also be added here, right?
Chris
Re: move ckqueue function to common.c - tweaked and proper diff
Index: usr.sbin/lpr/common_source/common.c
===
RCS file: /cvs/src/usr.sbin/lpr/common_source/common.c,v
retrieving revision 1.40
diff -u -p -r1.40 common.c
--- usr.sbin/lpr/common_source/common.c 12 Jan 2016 23:35:13 - 1.40
+++ usr.sbin/lpr/common_source/common.c 28 Feb 2016 20:11:18 -
@@ -453,3 +453,32 @@ safe_open(const char *path, int flags, m
(void)fchmod(fd, mode);
return (fd);
}
+
+/*
+ * Make sure there's some work to do before forking off a child - lpd
+ * Check to see if anything in queue - lpq
+ */
+int
+ckqueue(char *cap)
+{
+ struct dirent *d;
+ DIR *dirp;
+ char *spooldir;
+
+ if (cgetstr(cap, "sd", ) >= 0) {
+ dirp = opendir(spooldir);
+ free(spooldir);
+ } else
+ dirp = opendir(_PATH_DEFSPOOL);
+
+ if (dirp == NULL)
+ return (-1);
+ while ((d = readdir(dirp)) != NULL) {
+ if (d->d_name[0] == 'c' && d->d_name[1] == 'f') {
+ closedir(dirp);
+ return (1); /* found a cf file */
+ }
+ }
+ closedir(dirp);
+ return (0);
+}
Index: usr.sbin/lpr/common_source/lp.h
===
RCS file: /cvs/src/usr.sbin/lpr/common_source/lp.h,v
retrieving revision 1.20
diff -u -p -r1.20 lp.h
--- usr.sbin/lpr/common_source/lp.h 12 Jan 2016 23:35:13 - 1.20
+++ usr.sbin/lpr/common_source/lp.h 28 Feb 2016 20:11:19 -
@@ -120,6 +120,7 @@ struct dirent;
/* common.c */
char *checkremote(void);
+int ckqueue(char *);
voidfatal(const char *, ...)
__attribute__((__noreturn__,__format__(__printf__, 1, 2)));
int get_line(FILE *);
Index: usr.sbin/lpr/lpd/lpd.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpd/lpd.c,v
retrieving revision 1.63
diff -u -p -r1.63 lpd.c
--- usr.sbin/lpr/lpd/lpd.c 19 Dec 2015 19:59:07 - 1.63
+++ usr.sbin/lpr/lpd/lpd.c 28 Feb 2016 20:11:20 -
@@ -107,7 +107,6 @@ static void mcleanup(int);
static voiddoit(void);
static voidstartup(void);
static voidchkhost(struct sockaddr *);
-static int ckqueue(char *);
static __dead void usage(void);
static int *socksetup(int, int, const char *);
@@ -593,35 +592,6 @@ startup(void)
free(buf);
}
}
-}
-
-/*
- * Make sure there's some work to do before forking off a child
- * XXX - could be common w/ lpq
- */
-static int
-ckqueue(char *cap)
-{
- struct dirent *d;
- DIR *dirp;
- char *spooldir;
-
- if (cgetstr(cap, "sd", ) >= 0) {
- dirp = opendir(spooldir);
- free(spooldir);
- } else
- dirp = opendir(_PATH_DEFSPOOL);
-
- if (dirp == NULL)
- return (-1);
- while ((d = readdir(dirp)) != NULL) {
- if (d->d_name[0] == 'c' && d->d_name[1] == 'f') {
- closedir(dirp);
- return (1); /* found a cf file */
- }
- }
- closedir(dirp);
- return (0);
}
/*
Index: usr.sbin/lpr/lpq/lpq.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpq/lpq.c,v
retrieving revision 1.22
diff -u -p -r1.22 lpq.c
--- usr.sbin/lpr/lpq/lpq.c 9 Feb 2015 23:00:14 - 1.22
+++ usr.sbin/lpr/lpq/lpq.c 28 Feb 2016 20:11:22 -
@@ -64,7 +64,6 @@ intusers; /* # of users in user arra
volatile sig_atomic_t gotintr;
-static int ckqueue(char *);
static __dead void usage(void);
int
@@ -146,32 +145,6 @@ main(int argc, char **argv)
} else
displayq(lflag);
exit(0);
-}
-
-/* XXX - could be common w/ lpd */
-static int
-ckqueue(char *cap)
-{
- struct dirent *d;
- DIR *dirp;
- char *spooldir;
-
- if (cgetstr(cap, "sd", ) >= 0) {
- dirp = opendir(spooldir);
- free(spooldir);
- } else
- dirp = opendir(_PATH_DEFSPOOL);
-
- if (dirp == NULL)
- return (-1);
- while ((d = readdir(dirp)) != NULL) {
- if (d->d_name[0] != 'c' || d->d_name[1] != 'f')
- continue; /* daemon control files only */
- closedir(dirp);
- return (1); /* found something */
- }
- closedir(dirp);
- return (0);
}
static __dead void
move ckqueue function to common.c
This moves essentially identical ckqueue functions out of lpd.c and
lpq.c into common_source/common.c.
Builds without errors on i386. lpq and lpd work afterwards
Index: lpq.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpq/lpq.c,v
retrieving revision 1.22
diff -u -p -r1.22 lpq.c
--- lpq.c 9 Feb 2015 23:00:14 - 1.22
+++ lpq.c 28 Feb 2016 15:30:21 -
@@ -64,7 +64,6 @@ intusers; /* # of users in user arra
volatile sig_atomic_t gotintr;
-static int ckqueue(char *);
static __dead void usage(void);
int
@@ -146,32 +145,6 @@ main(int argc, char **argv)
} else
displayq(lflag);
exit(0);
-}
-
-/* XXX - could be common w/ lpd */
-static int
-ckqueue(char *cap)
-{
- struct dirent *d;
- DIR *dirp;
- char *spooldir;
-
- if (cgetstr(cap, "sd", ) >= 0) {
- dirp = opendir(spooldir);
- free(spooldir);
- } else
- dirp = opendir(_PATH_DEFSPOOL);
-
- if (dirp == NULL)
- return (-1);
- while ((d = readdir(dirp)) != NULL) {
- if (d->d_name[0] != 'c' || d->d_name[1] != 'f')
- continue; /* daemon control files only */
- closedir(dirp);
- return (1); /* found something */
- }
- closedir(dirp);
- return (0);
}
static __dead void
Index: common.c
===
RCS file: /cvs/src/usr.sbin/lpr/common_source/common.c,v
retrieving revision 1.40
diff -u -p -r1.40 common.c
--- common.c12 Jan 2016 23:35:13 - 1.40
+++ common.c28 Feb 2016 15:31:14 -
@@ -453,3 +453,32 @@ safe_open(const char *path, int flags, m
(void)fchmod(fd, mode);
return (fd);
}
+
+/*
+ * Make sure there's some work to do before forking off a child - lpd
+ * Check to see if anything in queue - lpq
+ */
+int
+ckqueue(char *cap)
+{
+ struct dirent *d;
+ DIR *dirp;
+ char *spooldir;
+
+ if (cgetstr(cap, "sd", ) >= 0) {
+ dirp = opendir(spooldir);
+ free(spooldir);
+ } else
+ dirp = opendir(_PATH_DEFSPOOL);
+
+ if (dirp == NULL)
+ return (-1);
+ while ((d = readdir(dirp)) != NULL) {
+ if (d->d_name[0] == 'c' && d->d_name[1] == 'f') {
+ closedir(dirp);
+ return (1); /* found a cf file */
+ }
+ }
+ closedir(dirp);
+ return (0);
+}
Index: lpd.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpd/lpd.c,v
retrieving revision 1.63
diff -u -p -r1.63 lpd.c
--- lpd.c 19 Dec 2015 19:59:07 - 1.63
+++ lpd.c 28 Feb 2016 15:29:16 -
@@ -107,7 +107,6 @@ static void mcleanup(int);
static voiddoit(void);
static voidstartup(void);
static voidchkhost(struct sockaddr *);
-static int ckqueue(char *);
static __dead void usage(void);
static int *socksetup(int, int, const char *);
@@ -593,35 +592,6 @@ startup(void)
free(buf);
}
}
-}
-
-/*
- * Make sure there's some work to do before forking off a child
- * XXX - could be common w/ lpq
- */
-static int
-ckqueue(char *cap)
-{
- struct dirent *d;
- DIR *dirp;
- char *spooldir;
-
- if (cgetstr(cap, "sd", ) >= 0) {
- dirp = opendir(spooldir);
- free(spooldir);
- } else
- dirp = opendir(_PATH_DEFSPOOL);
-
- if (dirp == NULL)
- return (-1);
- while ((d = readdir(dirp)) != NULL) {
- if (d->d_name[0] == 'c' && d->d_name[1] == 'f') {
- closedir(dirp);
- return (1); /* found a cf file */
- }
- }
- closedir(dirp);
- return (0);
}
/*
Index: lp.h
===
RCS file: /cvs/src/usr.sbin/lpr/common_source/lp.h,v
retrieving revision 1.20
diff -u -p -r1.20 lp.h
--- lp.h12 Jan 2016 23:35:13 - 1.20
+++ lp.h28 Feb 2016 15:33:44 -
@@ -126,6 +126,7 @@ int get_line(FILE *);
int getport(char *, int);
int getq(struct queue ***);
int safe_open(const char *, int, mode_t);
+int ckqueue(char *);
/* displayq.c */
voiddisplayq(int);
ckqueue functions in lpq and lpd
I am having trouble seeing how these two functions are accomplshinig the
same thing, checking for control files in the spool.
These files always start with cf.
in lpd.c
makes sense to me.
/*
* Make sure there's some work to do before forking off a child
* XXX - could be common w/ lpq
*/
static int
ckqueue(char *cap)
{
struct dirent *d;
DIR *dirp;
char *spooldir;
if (cgetstr(cap, "sd", ) >= 0) {
dirp = opendir(spooldir);
free(spooldir);
} else
dirp = opendir(_PATH_DEFSPOOL);
if (dirp == NULL)
return (-1);
while ((d = readdir(dirp)) != NULL) {
if (d->d_name[0] == 'c' && d->d_name[1] == 'f') {
closedir(dirp);
return (1); /* found a cf file */
}
}
closedir(dirp);
return (0);
}
in lpq.c
does not make sense to me
/* XXX - could be common w/ lpd */
static int
ckqueue(char *cap)
{
struct dirent *d;
DIR *dirp;
char *spooldir;
if (cgetstr(cap, "sd", ) >= 0) {
dirp = opendir(spooldir);
free(spooldir);
} else
dirp = opendir(_PATH_DEFSPOOL);
if (dirp == NULL)
return (-1);
while ((d = readdir(dirp)) != NULL) {
if (d->d_name[0] != 'c' || d->d_name[1] != 'f')
continue; /* daemon control files only */
closedir(dirp);
return (1); /* found something */
}
closedir(dirp);
return (0);
}
the line:
if (d->d_name[0] != 'c' || d->d_name[1] != 'f')
is excluding files that start with cf, yet then has the comment that daemon
controls files are found.
They both acccomplish the same thing of returning if there are files in the
spool.
Thanks,
Chris
Re: diff to /etc/examples/printcap and sysmerge
On Thu, Feb 25, 2016 at 07:56:54PM -0700, Theo de Raadt wrote: > Chris, you continue to amaze me. > > Upon running sysmerge, that will break everyone's setup. > > Like, can you try stuff before you send it out? > > I'm done. > > > /etc/examples/printcap doesn't match > > #define _PATH_DEFSPOOL "/var/spool/output/lpd" > > > > Which seems sensible to keep lpd jobs out of output directory > > > > Index: printcap > > === > > RCS file: /cvs/src/etc/examples/printcap,v > > retrieving revision 1.1 > > diff -u -p -r1.1 printcap > > --- printcap12 Jul 2014 03:52:39 - 1.1 > > +++ printcap25 Feb 2016 20:53:56 - > > @@ -1,7 +1,7 @@ > > # $OpenBSD: printcap,v 1.1 2014/07/12 03:52:39 deraadt Exp $ > > > > #lp|local line printer:\ > > -# :lp=/dev/lp:sd=/var/spool/output:lf=/var/log/lpd-errs: > > +# :lp=/dev/lp:sd=/var/spool/output/lpd:lf=/var/log/lpd-errs: > > > > #rp|remote line printer:\ > > -# :lp=:rm=printhost:rp=lp:sd=/var/spool/output:lf=/var/log/lpd-errs: > > +# :lp=:rm=printhost:rp=lp:sd=/var/spool/output/lpd:lf=/var/log/lpd-errs: > > > > OK? > > > > Chris > > > I did not realize that sysmerge did a checksum on the files in /etc/examples. What else needs to be changed to make my change acceptable? I base my change both on the different directories in the lpd/lpr code and the fact that some packages, such as apsfilter create an lpd subdirectory also with another subdirectory for each printer to keep the print queue files destinations clear rather than all bunched together. Another option is to change the lpd/lpr code to match the /etc/examples/printcap file. The last option I see is to do nothing and leave things as-is. Thanks, Chris
Re: match /etc/examples/printcap with spool directory in lpr/common_source/pathnames.h
On Thu, Feb 25, 2016 at 07:56:54PM -0700, Theo de Raadt wrote: > Chris, you continue to amaze me. > > Upon running sysmerge, that will break everyone's setup. > > Like, can you try stuff before you send it out? > > I'm done. > Sorry. It was my misunderstanding that files in /etc/examples were optional and did not receive the same treatment as mandatory files such as /etc/hosts. I did not think that this was an item that needed to be tested, since this was merely an example of how a configuration file could be started and details found in the manual pages. I will just have to make more mistakes and be corrected until I get it right. I will look deeper into sysmerge, hopefully with some help to properly resolve this problem. Chris
match /etc/examples/printcap with spool directory in lpr/common_source/pathnames.h
/etc/examples/printcap doesn't match #define _PATH_DEFSPOOL "/var/spool/output/lpd" Which seems sensible to keep lpd jobs out of output directory Index: printcap === RCS file: /cvs/src/etc/examples/printcap,v retrieving revision 1.1 diff -u -p -r1.1 printcap --- printcap12 Jul 2014 03:52:39 - 1.1 +++ printcap25 Feb 2016 20:53:56 - @@ -1,7 +1,7 @@ # $OpenBSD: printcap,v 1.1 2014/07/12 03:52:39 deraadt Exp $ #lp|local line printer:\ -# :lp=/dev/lp:sd=/var/spool/output:lf=/var/log/lpd-errs: +# :lp=/dev/lp:sd=/var/spool/output/lpd:lf=/var/log/lpd-errs: #rp|remote line printer:\ -# :lp=:rm=printhost:rp=lp:sd=/var/spool/output:lf=/var/log/lpd-errs: +# :lp=:rm=printhost:rp=lp:sd=/var/spool/output/lpd:lf=/var/log/lpd-errs: OK? Chris
Re: Removal of troff, ditroff and dvi/tex variables, etc
I forgot to put in a diff. Sorry. Index: pathnames.h === RCS file: /cvs/src/usr.sbin/lpr/common_source/pathnames.h,v retrieving revision 1.6 diff -u -p -r1.6 pathnames.h --- pathnames.h 28 Oct 2015 13:25:55 - 1.6 +++ pathnames.h 23 Feb 2016 04:29:04 - @@ -40,8 +40,3 @@ #define_PATH_PR"/usr/bin/pr" #define_PATH_PRINTCAP "/etc/printcap" #define_PATH_SOCKETNAME"/var/run/printer" -#define_PATH_VFONT "/usr/libdata/vfont/" -#define_PATH_VFONTB"/usr/libdata/vfont/B" -#define_PATH_VFONTI"/usr/libdata/vfont/I" -#define_PATH_VFONTR"/usr/libdata/vfont/R" -#define_PATH_VFONTS"/usr/libdata/vfont/S"
Removal of troff, ditroff and dvi/tex variables, etc
These should be correct diff's this time. My vim was too perl oriented,
not now.
These three are intimately tied together, so I think they should be
completely removed. If one of these types of printing is done by
someone, it can be dealt with by some future filter.
tex or dvi are names used for the same items.
OK?
Chris
Index: printjob.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpd/printjob.c,v
retrieving revision 1.57
diff -u -p -r1.57 printjob.c
--- printjob.c 29 Jan 2016 21:23:11 - 1.57
+++ printjob.c 23 Feb 2016 03:14:23 -
@@ -317,16 +317,6 @@ again:
goto again;
}
-#defineFONTLEN 50
-char fonts[4][FONTLEN]; /* fonts for troff */
-
-char ifonts[4][40] = {
- _PATH_VFONTR,
- _PATH_VFONTI,
- _PATH_VFONTB,
- _PATH_VFONTS,
-};
-
/*
* The remaining part is the reading of the control file (cf)
* and performing the various actions.
@@ -348,14 +338,6 @@ printit(char *file)
(void)close(fd);
return(OK);
}
- /*
-* Reset troff fonts.
-*/
- for (i = 0; i < 4; i++)
- strlcpy(fonts[i], ifonts[i], FONTLEN);
- (void)snprintf([2], sizeof(width) - 2, "%ld", PW);
- indent[2] = '0';
- indent[3] = '\0';
/*
* read the control file for work to do
@@ -376,16 +358,9 @@ printit(char *file)
* f -- "file name" name of text file to print
* l -- "file name" text file with control chars
* p -- "file name" text file to print with pr(1)
-* t -- "file name" troff(1) file to print
-* n -- "file name" ditroff(1) file to print
-* d -- "file name" dvi file to print
* g -- "file name" plot(1G) file to print
* v -- "file name" plain raster file to print
* c -- "file name" cifplot file to print
-* 1 -- "R font file" for troff
-* 2 -- "I font file" for troff
-* 3 -- "B font file" for troff
-* 4 -- "S font file" for troff
* N -- "name" of file (used by lpq)
* U -- "unlink" name of file to remove
*(after we print it. (Pass 2 only)).
@@ -453,14 +428,6 @@ printit(char *file)
banner(line+1, jobname);
continue;
- case '1': /* troff fonts */
- case '2':
- case '3':
- case '4':
- if (line[1] != '\0')
- strlcpy(fonts[line[0]-'1'], line+1, FONTLEN);
- continue;
-
case 'W': /* page width */
strlcpy(width+2, line+1, sizeof(width) - 2);
continue;
@@ -524,7 +491,7 @@ pass2:
/*
* Print a file.
- * Set up the chain [ PR [ | {IF, OF} ] ] or {IF, RF, TF, NF, DF, CF, VF}.
+ * Set up the chain [ PR [ | {IF, OF} ] ] or {IF, RF, CF, VF}.
* Return -1 if a non-recoverable error occurred,
* 2 if the filter detected some errors (but printed the job anyway),
* 1 if we should try to reprint this job and
@@ -646,28 +613,6 @@ print(int format, char *file)
av[2] = length;
n = 3;
break;
- case 't': /* print troff output */
- case 'n': /* print ditroff output */
- case 'd': /* print tex output */
- (void)unlink(".railmag");
- if ((fo = open(".railmag", O_CREAT|O_WRONLY|O_EXCL, FILMOD)) <
0) {
- syslog(LOG_ERR, "%s: cannot create .railmag", printer);
- (void)unlink(".railmag");
- } else {
- for (n = 0; n < 4; n++) {
- if (fonts[n][0] != '/')
- (void)write(fo, _PATH_VFONT,
- sizeof(_PATH_VFONT) - 1);
- (void)write(fo, fonts[n], strlen(fonts[n]));
- (void)write(fo, "\n", 1);
- }
- (void)close(fo);
- }
- prog = (format == 't') ? TF : (format == 'n') ? NF : DF;
- av[1] = pxwidth;
- av[2] = pxlength;
- n = 3;
- break;
case 'c': /* print cifplot output */
prog = CF;
av[1] = pxwidth;
@@ -1327,9 +1272,6 @@ init(void)
cgetstr(bp, "of", );
cgetstr(bp, "if", );
cgetstr(bp, "rf", );
- cgetstr(bp, "tf", );
- cgetstr(bp, "nf", );
- cgetstr(bp, "df", );
cgetstr(bp, "gf", );
cgetstr(bp, "vf", );
cgetstr(bp, "cf", );
Index:
LPRng removed, how can I get a copy of last port before removal?
Last version from author was 3.8.35 done at end of 2010. Appears that many useful features are present, many other problems like Kerberos need removal. Author said that IPP would start at 4.x.x versions, which have never been done. Is using Artistic license. Has SSL support, which would need to be updated, by someone else. I'm a USA citizen. Documentation is moderately OK, but poorly organized and has a lot of sections which show some examples: "I haven't used but you can see what you get out of it." Fixing all the problems and then trying to get IPP support going might be a good answer to lpd problems. Chris Bennett
Apologies for messed up vim makeing a mess of white space & tabs
It was suggested to me, after getting some vim options that work well for style but "popped" the file to another format when I clicked on C syntax that most files were indeed following style, that I look at these files with vi. Behold! My vim and vi are in total disagreement! So I am going to have to move my .vim files aside and use ones just for C for editing src files and then vice-versa for my Perl work. So that explains why I had some wrong whitespace errors on some diff's. Looked good here in vim, just totally wrong! Chris
_PATH_SENDMAIL in lots of places outside of lpd stuff also
I found a subroutine in printjob.c called sendmail with uses _PATH_SENDMAIL.
I found it all over the place:
blue src # ack _PATH_SENDMAIL
include/paths.h
63:#define _PATH_SENDMAIL "/usr/sbin/sendmail"
usr.bin/calendar/io.c
410:execl(_PATH_SENDMAIL, "sendmail", "-i", "-t", "-F",
412:warn(_PATH_SENDMAIL);
usr.bin/mail/send.c
422:cp = _PATH_SENDMAIL;
usr.bin/rdist/docmd.c
137: _PATH_SENDMAIL);
140:error("notify: \"%s\" failed\n", _PATH_SENDMAIL);
usr.bin/sendbug/sendbug.c
339:execl(_PATH_SENDMAIL, "sendmail",
usr.bin/skeyaudit/skeyaudit.c
215:execl(_PATH_SENDMAIL, "sendmail", "-t", (char *)NULL);
216:warn("cannot run \"%s -t\"", _PATH_SENDMAIL);
usr.bin/vacation/vacation.c
475:execl(_PATH_SENDMAIL, "sendmail", "-f", myname, "--",
477:syslog(LOG_ERR, "can't exec %s: %m", _PATH_SENDMAIL);
usr.bin/vi/common/recover.c
826:if (_PATH_SENDMAIL[0] != '/' || stat(_PATH_SENDMAIL, ))
828:_PATH_SENDMAIL, "not sending email: %s");
838:"%s -t < %s", _PATH_SENDMAIL, fname);
usr.sbin/cron/config.h
40:#define MAILARG _PATH_SENDMAIL /*-*/
usr.sbin/lpr/lpd/printjob.c
1079: if ((cp = strrchr(_PATH_SENDMAIL, '/')) != NULL)
1082: cp = _PATH_SENDMAIL;
1083: execl(_PATH_SENDMAIL, cp, "-t", (char *)NULL);
Chris
Re: diff's to deal with troff/diftroff/tex Comments inline
Sorry, whitespace is all messed up. I use vim, mostly for Perl or PostgreSQL. Perl is best with 4 spaces substituted for a tab. I will see about fixing vim screwing things up and I should also read style before messing around with that part of files. Anyway, I will submit new diff's if all is OK. Chris
diff's to deal with troff/diftroff/text Comments inline
common.c-troff-diff
pathnames.h-troff-diff
printjob.c-troff-diff
I don't see any problems with this first one. I also moved "/usr/bin/pr"
over to line up with rest of items, since I was changing this one
anyway.
Index: pathnames.h
===
RCS file: /cvs/src/usr.sbin/lpr/common_source/pathnames.h,v
retrieving revision 1.6
diff -u -p -u -r1.6 pathnames.h
--- pathnames.h 28 Oct 2015 13:25:55 - 1.6
+++ pathnames.h 29 Jan 2016 18:08:29 -
@@ -37,11 +37,6 @@
#define_PATH_DEFDEVLP "/dev/lp"
#define_PATH_DEFSPOOL "/var/spool/output/lpd"
#define_PATH_HOSTSLPD "/etc/hosts.lpd"
-#define_PATH_PR"/usr/bin/pr"
+#define_PATH_PR"/usr/bin/pr"
#define_PATH_PRINTCAP "/etc/printcap"
#define_PATH_SOCKETNAME"/var/run/printer"
-#define_PATH_VFONT "/usr/libdata/vfont/"
-#define_PATH_VFONTB"/usr/libdata/vfont/B"
-#define_PATH_VFONTI"/usr/libdata/vfont/I"
-#define_PATH_VFONTR"/usr/libdata/vfont/R"
-#define_PATH_VFONTS"/usr/libdata/vfont/S"
Here I am getting rid of variables that deal with ditroff, troff and
tex.
These three items run together in printjob.c
Index: common.c
===
RCS file: /cvs/src/usr.sbin/lpr/common_source/common.c,v
retrieving revision 1.40
diff -u -p -u -r1.40 common.c
--- common.c12 Jan 2016 23:35:13 - 1.40
+++ common.c29 Jan 2016 18:07:32 -
@@ -64,7 +64,6 @@
char *AF;/* accounting file */
longBR;/* baud rate if lp is a tty */
char *CF;/* name of cifplot filter (per job) */
-char *DF;/* name of tex filter (per job) */
longDU;/* daemon user-id */
char *FF;/* form feed string */
char *GF;/* name of graph(1G) filter (per job) */
@@ -76,7 +75,6 @@ char *LP;/* line printer device name *
longMC;/* maximum number of copies allowed */
char *MS;/* stty flags to set if lp is a tty */
longMX;/* maximum number of blocks to copy */
-char *NF;/* name of ditroff filter (per job) */
char *OF;/* name of output filter (created once) */
longPL;/* page length */
longPW;/* page width */
@@ -94,7 +92,6 @@ char *SD;/* spool directory */
longSF;/* suppress FF on each print job */
longSH;/* suppress header page */
char *ST;/* status file name */
-char *TF;/* name of troff filter (per job) */
char *TR;/* trailer string to be output when Q empties */
char *VF;/* name of vplot filter (per job) */
Index: printjob.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpd/printjob.c,v
retrieving revision 1.56
diff -u -p -u -r1.56 printjob.c
--- printjob.c 12 Jan 2016 23:35:13 - 1.56
+++ printjob.c 29 Jan 2016 18:06:06 -
@@ -317,16 +317,6 @@ again:
goto again;
}
-#defineFONTLEN 50
-char fonts[4][FONTLEN]; /* fonts for troff */
-
-char ifonts[4][40] = {
- _PATH_VFONTR,
- _PATH_VFONTI,
- _PATH_VFONTB,
- _PATH_VFONTS,
-};
-
Above make sense since comes from removal of troff fonts.
/*
* The remaining part is the reading of the control file (cf)
* and performing the various actions.
@@ -348,14 +338,6 @@ printit(char *file)
(void)close(fd);
return(OK);
}
- /*
-* Reset troff fonts.
-*/
- for (i = 0; i < 4; i++)
- strlcpy(fonts[i], ifonts[i], FONTLEN);
- (void)snprintf([2], sizeof(width) - 2, "%ld", PW);
- indent[2] = '0';
- indent[3] = '\0';
Removal of for ... and next line seem proper.
Removal of next three lines also appear OK, but I would like some
feedback to be sure about them. (And they are in same section, so they
must be part of it :) Ha Ha.)
/*
* read the control file for work to do
@@ -367,28 +349,22 @@ printit(char *file)
* S -- "stat info" for symbolic link protection
* J -- "job name" on banner page
* C -- "class name" on banner page
-* L -- "literal" user's name to print on banner
+* L -- "literal" user's name to print on banner
* T -- "title" for pr
* H -- "host name" of machine where lpr was done
-* P -- "person" user's login name
-* I -- "indent" amount to indent output
+* P -- "person" user's login name
+* I -- "indent" amount to indent output
Re: _PATH_SENDMAIL in lots of places outside of lpd stuff also
On Fri, Jan 29, 2016 at 09:18:14PM -0500, Michael McConville wrote: > Chris Bennett wrote: > > I found a subroutine in printjob.c called sendmail with uses > > _PATH_SENDMAIL. > > > > I found it all over the place: > > Are you implying that they should be replaced? IIUC, we create a > sendmail binary (or at least a link) even though we no longer > technically use sendmail. See usr.sbin/mailwrapper. > > That said, _PATH_SENDMAIL could be deprecated for other reasons. I'm > just guessing at what you meant. > Well, sendmail is no longer in base. But sendmail is installable from ports. There are also many programs out there that have modules written to use actual sendmail. I use a forum software OO Perl that has a sendmail module that is not playing nice with femail-chroot under Apache. Right now I am working on bringing the lpd system out of the 1970's and add features (at some point) to make it worthy of not needing to install something like CUPS (Have you read the license on that! Ugly!). So I am having to make big changes. Since I'm working at clearing off the dust and throwing out the old junk right now, I might be overly biased. Perhaps it is worth the effort to replace yet more "historic" bits once and for all. Maybe not. Maybe someone who wrote our nice new OpenSMPTD would have a more valuable opinion. In any case, my email was just meant to show I found a similar problem outside of my current work. Nothing more. Just trying to be helpful. Chris
Re: _PATH_SENDMAIL in lots of places outside of lpd stuff also
On Fri, Jan 29, 2016 at 08:46:56PM -0600, Chris Bennett wrote: > On Fri, Jan 29, 2016 at 09:18:14PM -0500, Michael McConville wrote: > > Chris Bennett wrote: > > > I found a subroutine in printjob.c called sendmail with uses > > > _PATH_SENDMAIL. > > > > > > I found it all over the place: > > > > Are you implying that they should be replaced? IIUC, we create a > > sendmail binary (or at least a link) even though we no longer > > technically use sendmail. See usr.sbin/mailwrapper. > > > > That said, _PATH_SENDMAIL could be deprecated for other reasons. I'm > > just guessing at what you meant. > > > > Well, sendmail is no longer in base. > But sendmail is installable from ports. > There are also many programs out there that have modules written to use > actual sendmail. I use a forum software OO Perl that has a sendmail > module that is not playing nice with femail-chroot under Apache. > > Right now I am working on bringing the lpd system out of the 1970's and > add features (at some point) to make it worthy of not needing to install > something like CUPS (Have you read the license on that! Ugly!). > So I am having to make big changes. > > Since I'm working at clearing off the dust and throwing out the old junk > right now, I might be overly biased. Perhaps it is worth the effort to > replace yet more "historic" bits once and for all. > Maybe not. > > Maybe someone who wrote our nice new OpenSMPTD would have a more > valuable opinion. > > In any case, my email was just meant to show I found a similar problem > outside of my current work. Nothing more. Just trying to be helpful. > > Chris > Sorry, I know better than to whine without sending a patch or looking things over better. I have seen enough of these stupid emails to make me sick. Hopefully no hard feelings caused. I'll shut up now and get my head back into what I'm actually working on. Chris
Re: troff first diff
First diff Index: pathnames.h === RCS file: /cvs/src/usr.sbin/lpr/common_source/pathnames.h,v retrieving revision 1.6 diff -u -p -r1.6 pathnames.h --- pathnames.h 28 Oct 2015 13:25:55 - 1.6 +++ pathnames.h 28 Jan 2016 18:57:21 - @@ -40,8 +40,3 @@ #define_PATH_PR"/usr/bin/pr" #define_PATH_PRINTCAP "/etc/printcap" #define_PATH_SOCKETNAME"/var/run/printer" -#define_PATH_VFONT "/usr/libdata/vfont/" -#define_PATH_VFONTB"/usr/libdata/vfont/B" -#define_PATH_VFONTI"/usr/libdata/vfont/I" -#define_PATH_VFONTR"/usr/libdata/vfont/R" -#define_PATH_VFONTS"/usr/libdata/vfont/S"
troff fonts and their path wrong
These paths do not exist. Locate vfont brings up nothing
What should be done here?
Fix it or remove it?
I know nothing about troff, so need help from someone who does.
Chris
In lpr/common_source/pathnames.h
#define _PATH_VFONT "/usr/libdata/vfont/"
#define _PATH_VFONTB"/usr/libdata/vfont/B"
#define _PATH_VFONTI"/usr/libdata/vfont/I"
#define _PATH_VFONTR"/usr/libdata/vfont/R"
#define _PATH_VFONTS"/usr/libdata/vfont/S"
---
for lpr/lpd/printjob.c
in sub printjob
#define FONTLEN 50
charfonts[4][FONTLEN]; /* fonts for troff */
char ifonts[4][40] = {
_PATH_VFONTR,
_PATH_VFONTI,
_PATH_VFONTB,
_PATH_VFONTS,
};
...
/*
* read the control file for work to do
*
* file format -- first character in the line is a command
* rest of the line is the argument.
* valid commands are:
...
* 1 -- "R font file" for troff
* 2 -- "I font file" for troff
* 3 -- "B font file" for troff
* 4 -- "S font file" for troff
...
while (get_line(cfp))
switch (line[0]) {
...
case '1': /* troff fonts */
case '2':
case '3':
case '4':
if (line[1] != '\0')
strlcpy(fonts[line[0]-'1'], line+1, FONTLEN);
continue;
in sub print
switch (format) {
...
case 't': /* print troff output */
case 'n': /* print ditroff output */
case 'd': /* print tex output */
(void)unlink(".railmag");
if ((fo = open(".railmag", O_CREAT|O_WRONLY|O_EXCL, FILMOD)) <
0) {
syslog(LOG_ERR, "%s: cannot create .railmag", printer);
(void)unlink(".railmag");
} else {
for (n = 0; n < 4; n++) {
if (fonts[n][0] != '/')
(void)write(fo, _PATH_VFONT,
sizeof(_PATH_VFONT) - 1);
(void)write(fo, fonts[n], strlen(fonts[n]));
(void)write(fo, "\n", 1);
}
(void)close(fo);
}
prog = (format == 't') ? TF : (format == 'n') ? NF : DF;
av[1] = pxwidth;
av[2] = pxlength;
n = 3;
break;
-
printjob.c
No need for bauds structure, since handled by cfsetspeed
Chris
Index: printjob.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpd/printjob.c,v
retrieving revision 1.56
diff -u -p -r1.56 printjob.c
--- printjob.c 12 Jan 2016 23:35:13 - 1.56
+++ printjob.c 28 Jan 2016 16:29:44 -
@@ -1516,32 +1516,6 @@ alarmer(int s)
/* nothing */
}
-#if !defined(__NetBSD__) && !defined(__OpenBSD__)
-struct bauds {
- int baud;
- int speed;
-} bauds[] = {
- 50, B50,
- 75, B75,
- 110,B110,
- 134,B134,
- 150,B150,
- 200,B200,
- 300,B300,
- 600,B600,
- 1200, B1200,
- 1800, B1800,
- 2400, B2400,
- 4800, B4800,
- 9600, B9600,
- 19200, B19200,
- 38400, B38400,
- 57600, B57600,
- 115200, B115200,
- 0, 0
-};
-#endif
-
/*
* setup tty lines.
*/
@@ -1562,19 +1536,7 @@ setty(void)
exit(1);
}
if (BR > 0) {
-#if defined(__NetBSD__) || defined(__OpenBSD__)
cfsetspeed(, BR);
-#else
- struct bauds *bp;
- for (bp = bauds; bp->baud; bp++)
- if (BR == bp->baud)
- break;
- if (!bp->baud) {
- syslog(LOG_ERR, "%s: illegal baud rate %d", printer,
BR);
- exit(1);
- }
- cfsetspeed(, bp->speed);
-#endif
i.set = 1;
}
if (MS) {
lpd, etc race condition on lock file
Right now, lpr, lpc and lprm all have control of the spooling process, with the current job in the lock file. But this file can of course change while one of the other programs uses it to control the daemons and jobs to be printed or stopped/deleted. I'm far from an expert on this, but it seems to me that only one single program should be able to do these actions, with these three programs making a request to that program. Then these three programs could have lesser privileges than right now. Keeping them would be necessary to keep all the old scripts and uses working. Is this a good idea or is there a better solution? Chris Bennett
wrong comment which identifies characters for banner pages
This file forms a character set for banners that should work on almost
any printer.
Differs from banner program characters, they have an extra line above
for characters like %,},etc and vertical bar is split in banner program
but full here.
Index: lpdchar.c
===
RCS file: /cvs/src/usr.sbin/lpr/lpd/lpdchar.c,v
retrieving revision 1.6
diff -u -p -r1.6 lpdchar.c
--- lpdchar.c 27 Oct 2009 23:59:52 - 1.6
+++ lpdchar.c 27 Jan 2016 21:31:49 -
@@ -1017,7 +1017,7 @@ const char scnkey[][HEIGHT] = /* this is
c__1,
c__1,
c__1,
- c___11__ }, /* } */
+ c___11__ }, /* { */
{ c___1___,
c___1___,
Re: /usr/src/usr.sbin/lpr/common_source/rmjob.c diff
On Tue, Jan 26, 2016 at 07:24:05PM +0100, Theo Buehler wrote:
> On Tue, Jan 26, 2016 at 11:40:44AM -0600, Chris Bennett wrote:
> > I found this in several other files in lpr src directories.
> > Doesn't seem to get used in any lp* files or connect with anything
> > higher up.
> >
> > Am I looking at this correctly or way off?
>
> It is used. Read up on sigaction(2) and alarm(3).
>
> The high level explanation is in the first part of this commit message
> from NetBSD
> http://cvsweb.netbsd.org/bsdweb.cgi/src/usr.sbin/lpr/common_source/rmjob.c?rev=1.15=text/x-cvsweb-markup_with_tag=MAIN
>
> In fact, it's all visible in this code snippet you touched:
>
> } else {
> struct sigaction osa, nsa;
>
> // initialize new sigaction structure nsa
> // alarmer is the function to be executed
> memset(, 0, sizeof(nsa));
> nsa.sa_handler = alarmer;
> sigemptyset(_mask);
> nsa.sa_flags = 0;
>
> // install nsa to act on SIGALRM,
> // save old sigact structure osa
> (void)sigaction(SIGALRM, , );
>
> // raise sigalrm (execute alarmer, i.e., do nothing)
> // after wait time seconds.
> alarm(wait_time);
>
> // if first write fails, bail out and inform admin of
> // "Lost connection"
> i = strlen(buf);
> // try to write all of buf into rem
> if (write(rem, buf, i) != i)
> fatal("Lost connection");
>
> // read rem and write it to stdout.
> while ((i = read(rem, buf, sizeof(buf))) > 0)
> (void)fwrite(buf, 1, i, stdout);
>
> // turn current alarm off
> alarm(0);
> // re-install osa
> (void)sigaction(SIGALRM, , NULL);
>
> // close rem
> (void)close(rem);
> }
I actually started to think I was wrong after I posted diff. Was reading
man pages about signals just now. I didn't know there was an alarm man
page, thanks. It looks like I need to rewrite code to use setitimer
since alarm is now obsolete.
Chris
Re: fontconfig-user.html location wrong in man pages
On Tue, Jul 14, 2015 at 08:01:20AM +0200, Matthieu Herrb wrote: On Mon, Jul 13, 2015 at 07:59:00PM -0500, Chris Bennett wrote: After reading several man pages like fc-scan, etc. I found at the bottom: The fontconfig user's guide, in HTML format: /usr/share/doc/fontconfig/fontconfig-user.html. This is not the correct location, which is /usr/X11R6/share/doc/fontconfig/fontconfig-user.html OK? No. I prefer to avoid this kind of local changes. They are painful to maintain with CVS. Yes, you are right about that. That path may be changed again later. Either make that path configurable and let configure expand it, or do some substituions in the OpenBSD makefile wrapper. I have been trying to get my head around both of these options, but so far, I haven't been able to. I knew nothing about auto* and I am still slowly picking up more knowledge about it. I have found a few sites with decent documentation about auto*, but it will take me more time to get a reasonable understanding of it. I see why ports people complain about it so much. I need to learn this if I am going to be able to contribute more. I don't like just watching others work and not adding my own useful work. I DO NOT want anyone to give me the answers to this problem or to point me to anything that already fixes the same kind of problem. I am not ready for that yet. Still working, Chris Bennett
Re: doas failsafe
On Tue, Jul 21, 2015 at 05:42:54PM +0300, li...@wrant.com wrote: doas is extremely foul to type, compared to sudo or su stop inventing reasons not to make it right first time I don't know why you are sending so many foul messages to this list. I have gotten to the point of not wanting to read any message from li...@wrant.com. This is a serious mailing list. tech@openbsd.org and ports@openbsd are for important diffs and important questions. I don't like writing messages like this. I would like you to follow one of these four options: 1. Contribute something useful. It doesn't matter if your diff fails to meet approval. 2. Ask questions that actually contribute something to moving OpenBSD forward. Developers and others less capable like myself, are trying to contribute. Neither they nor I want to waste our time with your bullshit. 3. Just read this mailing list and be quiet. No messages sent. 4. Worst or best option: Go away. I hope you choose well. Chris Bennett
fontconfig-user.html location wrong in man pages
After reading several man pages like fc-scan, etc. I found at the bottom: The fontconfig user's guide, in HTML format: /usr/share/doc/fontconfig/fontconfig-user.html. This is not the correct location, which is /usr/X11R6/share/doc/fontconfig/fontconfig-user.html OK? Chris Index: fc-cache.1 === RCS file: /cvs/xenocara/dist/fontconfig/fc-cache/fc-cache.1,v retrieving revision 1.2 diff -u -p -r1.2 fc-cache.1 --- fc-cache.1 9 Mar 2013 13:58:47 - 1.2 +++ fc-cache.1 14 Jul 2015 00:42:03 - @@ -77,7 +77,7 @@ appropriate fonts. \fBfc-scan\fR(1) .PP The fontconfig user's guide, in HTML format: -\fI/usr/share/doc/fontconfig/fontconfig-user.html\fR\. +\fI/usr/X11R6/share/doc/fontconfig/fontconfig-user.html\fR\. .SH AUTHOR .PP This manual page was written by Keith Packard Index: fc-cache.sgml === RCS file: /cvs/xenocara/dist/fontconfig/fc-cache/fc-cache.sgml,v retrieving revision 1.2 diff -u -p -r1.2 fc-cache.sgml --- fc-cache.sgml 9 Mar 2013 13:58:47 - 1.2 +++ fc-cache.sgml 14 Jul 2015 00:43:16 - @@ -198,7 +198,7 @@ manpage.1: manpage.sgml /para paraThe fontconfig user's guide, in HTML format: - filename/usr/share/doc/fontconfig/fontconfig-user.html/filename./para + filename/usr/X11R6/share/doc/fontconfig/fontconfig-user.html/filename./para /refsect1 refsect1 Index: fc-cat.1 === RCS file: /cvs/xenocara/dist/fontconfig/fc-cat/fc-cat.1,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 fc-cat.1 --- fc-cat.19 Mar 2013 13:34:09 - 1.1.1.1 +++ fc-cat.114 Jul 2015 00:43:48 - @@ -39,7 +39,7 @@ Show version of the program and exit. \fBfc-scan\fR(1) .PP The fontconfig user's guide, in HTML format: -\fI/usr/share/doc/fontconfig/fontconfig-user.html\fR\. +\fI/usr/X11R6/share/doc/fontconfig/fontconfig-user.html\fR\. .SH AUTHOR .PP This manual page was written by Patrick Lam p...@mit.edu\. Index: fc-cat.sgml === RCS file: /cvs/xenocara/dist/fontconfig/fc-cat/fc-cat.sgml,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 fc-cat.sgml --- fc-cat.sgml 9 Mar 2013 13:34:09 - 1.1.1.1 +++ fc-cat.sgml 14 Jul 2015 00:43:59 - @@ -140,7 +140,7 @@ manpage.1: manpage.sgml /para paraThe fontconfig user's guide, in HTML format: - filename/usr/share/doc/fontconfig/fontconfig-user.html/filename./para + filename/usr/X11R6/share/doc/fontconfig/fontconfig-user.html/filename./para /refsect1 refsect1 Index: fc-list.1 === RCS file: /cvs/xenocara/dist/fontconfig/fc-list/fc-list.1,v retrieving revision 1.2 diff -u -p -r1.2 fc-list.1 --- fc-list.1 18 May 2014 10:33:05 - 1.2 +++ fc-list.1 14 Jul 2015 00:44:27 - @@ -69,7 +69,7 @@ fonts. \fBfc-scan\fR(1) .PP The fontconfig user's guide, in HTML format: -\fI/usr/share/doc/fontconfig/fontconfig-user.html\fR\. +\fI/usr/X11R6/share/doc/fontconfig/fontconfig-user.html\fR\. .SH AUTHOR .PP This manual page was written by Keith Packard Index: fc-list.sgml === RCS file: /cvs/xenocara/dist/fontconfig/fc-list/fc-list.sgml,v retrieving revision 1.2 diff -u -p -r1.2 fc-list.sgml --- fc-list.sgml18 May 2014 10:33:05 - 1.2 +++ fc-list.sgml14 Jul 2015 00:44:54 - @@ -197,7 +197,7 @@ manpage.1: manpage.sgml /para paraThe fontconfig user's guide, in HTML format: - filename/usr/share/doc/fontconfig/fontconfig-user.html/filename./para + filename/usr/X11R6/share/doc/fontconfig/fontconfig-user.html/filename./para /refsect1 refsect1 Index: fc-match.1 === RCS file: /cvs/xenocara/dist/fontconfig/fc-match/fc-match.1,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 fc-match.1 --- fc-match.1 9 Mar 2013 13:34:26 - 1.1.1.1 +++ fc-match.1 14 Jul 2015 00:45:23 - @@ -68,7 +68,7 @@ is displayed for matching fonts. \fBfc-scan\fR(1) .PP The fontconfig user's guide, in HTML format: -\fI/usr/share/doc/fontconfig/fontconfig-user.html\fR\. +\fI/usr/X11R6/share/doc/fontconfig/fontconfig-user.html\fR\. .SH AUTHOR .PP This manual page was updated by Patrick Lam p...@csail.mit.edu\. Index: fc-match.sgml === RCS file: /cvs/xenocara/dist/fontconfig/fc-match/fc-match.sgml,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 fc-match.sgml --- fc-match.sgml 9 Mar 2013 13:34:26 - 1.1.1.1 +++ fc-match.sgml 14 Jul 2015 00:45:48 - @@ -188,7 +188,7 @@ output is requested./para /para paraThe fontconfig user's guide, in HTML format: -
Re: unwritable PKG_CACHE directory
On Mon, Jul 06, 2015 at 10:15:20PM -0600, Dale Lindskog wrote: On Mon, 6 Jul 2015, Chris Bennett wrote: If you don't have root access, should you really be installing packages? It is impossible to install packages when you are not root. pkg_add won't let you. This isn't about installing packages without root access. This is about the -n and -s options, which I often run as a non-root user. The -n and -s options don't actually install packages. OK, now I see what you are doing and asking for. Makes sense and seems useful. Sorry for the noise. Chris Bennett
Re: unwritable PKG_CACHE directory
On Mon, Jul 06, 2015 at 07:15:06PM -0600, Dale Lindskog wrote: It is discouraged but possible to run pkg_add(1) with -n or -s as a user other than root. However, if pkg_add(1) does not have write permission to $PKG_CACHE, then unclear error messages are produced. For example: $ ls -ld $PKG_CACHE drwxr-xr-x 2 root wheel 3072 Jul 2 12:13 /var/pkg_cache $ pkg_add -vn gcal pkg_add should be run as root Update candidates: quirks-2.54 - quirks-2.54 quirks-2.54 signed on 2015-03-08T12:33:05Z Fatal error: Ustar [ftp://ftp.openbsd.org/pub/OpenBSD/5.7/packages/amd64/gcal-3.6.3p0.tgz][?]: Error while reading header at /usr/libdata/perl5/OpenBSD/Ustar.pm line 89. Fatal error: Ustar, etc means that the file transfer failed. It happens. If it happens way too much, make a directory and download all the packages with something like wget, which tries many times when connections break. Set that folder as PKG_PATH and another as PKG_CACHE. export PKG_PATH=/home/dude/packages export PKG_CACHE=/home/dude/pkg_cache I do this frequently with gigantic packages such as tex and jdk. I suggest that you change to using an http server. If you want to have a writable PKG_CACHE, why not do something simple like /home/dude/pkg_cache? If you don't have root access, should you really be installing packages? Pass the request upwards. There may be valid reasons NOT to install certain packages. They do not get the full security audit like the base system. If you have cut off remote root access for security reasons, get an IP KVM hooked up for the few times you need root access Chris Bennett
Re: Mention available filesystem types for disklabel somewhere
On Sat, Apr 06, 2013 at 10:48:55AM -0600, Theo de Raadt wrote:
I had to search the sources to realise the fat filesystem type is called
MSDOS. Maybe at least a header can be mentioned in disklabel(8)?
Sorry, everyone knows it is called the MSDOS filesystem. 'FAT' is the new
silly name.
I don't see much value in pointing people from our manual pages to .h files.
There are some useful hints shown by setpid in fdisk:
fdisk: 1 setpid 0
Starting Ending LBA Info:
#: id C H S - C H S [ start:
size ]
---
0: 00 0 0 0 - 0 0 0 [ 0:
0 ] unused
Partition id ('0' to disable) [0 - FF]: [0] (? for help) ?
Choose from the following Partition id values:
00 unused 20 Willowsoft 66 NetWare 386A9
NetBSD
01 DOS FAT-12 24 NEC DOS67 Novell AB
MacOS X boot
02 XENIX /27 Win Recovery 68 Novell AF
MacOS X HFS+
03 XENIX /usr 38 Theos 69 Novell B7
BSDI filesy*
04 DOS FAT-16 39 Plan 9 70 DiskSecure B8
BSDI swap
05 Extended DOS 40 VENIX 286 75 PCIX BF
Solaris
06 DOS 32MB 41 Lin/Minux DR 80 Minix (old)C0
CTOS
07 NTFS 42 LinuxSwap DR 81 Minix (new)C1
DRDOSs FAT12
08 AIX fs 43 Linux DR 82 Linux swap C4
DRDOSs 32M
09 AIX/Coherent 4D QNX 4.2 Pri83 Linux files* C6
DRDOSs =32M
0A OS/2 Bootmgr 4E QNX 4.2 Sec84 OS/2 hiddenC7
HPFS Disbled
0B Win95 FAT-32 4F QNX 4.2 Ter85 Linux ext. DB
CPM/C.DOS/C*
0C Win95 FAT32L 50 DM 86 NT FAT VS DE
Dell Maint
0E DOS FAT-16 51 DM 87 NTFS VSE1
SpeedStor
0F Extended LBA 52 CP/M or SysV 8E Linux LVM E3
SpeedStor
10 OPUS 53 DM 93 Amoeba FS E4
SpeedStor
11 OS/2 hidden54 Ontrack94 Amoeba BBT EB
BeOS/i386
12 Compaq Diag. 55 EZ-Drive 99 Mylex EE
EFI GPT
14 OS/2 hidden56 Golden Bow 9F BSDI EF
EFI Sys
16 OS/2 hidden5C Priam A0 NotebookSave F1
SpeedStor
17 OS/2 hidden61 SpeedStor A5 FreeBSDF2
DOS 3.3+ Sec
18 AST swap 63 ISC, HURD, * A6 OpenBSDF4
SpeedStor
19 Willowtech 64 NetWare 2.xx A7 NEXTSTEP FF
Xenix BBT
1C ThinkPad Rec 65 NetWare 3.xx A8 MacOS X
Partition id ('0' to disable) [0 - FF]: [0] (? for help)
abort
'abort' is not a valid number.
Partition id ('0' to disable) [0 - FF]: [0] (? for help) 0
fdisk: 1 abort
Re: Small pgrep/pkill enhancement
On Sun, Jun 12, 2011 at 04:31:32PM +, Kevin Chadwick wrote: On Sun, 12 Jun 2011 00:15:58 +0200 Benny Lofgren wrote: Me personally, I'm scared as hell using pkill at all. I've never been concerned with not killing *enough*, it's almost always that I'm afraid I'm killing too *much*... Most of the time, the regex matching makes it usable. I'd rather see that expanded than case sensitivity. I would like a verbose option where I can be notified if nothing matched. I far prefer to use pkill over kill. For example, killing off many gnashes! But I always want success when I use it. I dislike having to verify afterward manually my 2 cents.
Re: aucat(1) mixing: saturating-addition instead of add-and-divide-by-n_inputs
On Thu, May 12, 2011 at 12:37:15AM +0300, Sviatoslav Chagaev wrote: My impression is that the opposite is true on tech@: if you don't have a diff -- it's just empty, useless talk and you shouldn't post if you don't have a diff. Besides, looking from an ordinary Joe User viewpoint, I don't think there is anything that could convince me that aucat is presently appropriatly handling the task of being a system sound server. (Alexandre already gave me enough information about why things are the way they are; I don't see any problem in making everyone happy, the Joe Users who want the sound system to just work and advanced audio-philes who require advanced features and precision control) I have to disagree, there are not very many Joe Users using OpenBSD. I am thrilled about the new sound system. It does Just Work, as long as you bother to read the Man pages, FAQ's and even ask questions. When I started using OpenBSD, I found even getting sound to play on certain DVD's a real challenge. Now, no problem. When I found I had special problems with a crappy Soundblaster card, I asked questions and found out about experimental work, which I used to fix my sound problem. -v is now standard. Have good ideas? Great. But don't tell me to be a Joe User. I hate Joe Users. They can go away. Chris Bennett
