On Mon, Dec 01, 2003 at 10:10:20AM -0800, Sean McNeil wrote:
> This was with Heimdal from an installation of -CURRENT. I am using LDAP
> functionality, so option (a) below is not an option. Option (b) below
> sounds more difficult than the change I made to /etc/rc.d/kerberos :)
>
> I hadn't thou
On Mon, Dec 01, 2003 at 05:48:22PM +0100, Dag-Erling Smørgrav wrote:
> They are different issues, but in this context you can't discuss one
> without the other. Authentication doesn't work unless you have a user
> to authenticate. It makes no sense to separate them; you just end up
> duplicating
On Sat, Nov 29, 2003 at 02:45:24AM +0100, Dag-Erling Smørgrav wrote:
> "Jacques A. Vidrine" <[EMAIL PROTECTED]> writes:
> > Interesting. Explain, please. (Maybe privately or in another thread;
> > hate to keep this'n going.) Perhaps you mean that it is
On Sat, Nov 29, 2003 at 02:01:02PM +0100, Matthias Andree wrote:
> "Jacques A. Vidrine" <[EMAIL PROTECTED]> writes:
> > NSS and PAM do not overlap.
>
> I wonder how PAM gets "system" authentication information for pam_pwdb
> or pam_unix or how it'
On Mon, Dec 01, 2003 at 09:47:04PM +0900, Hajimu UMEMOTO wrote:
> I made a patch for this. However, I forgot to sent it to Kerberos5
> guy.
Thanks! I'll see about getting it upstream.
Cheers,
--
Jacques Vidrine NTT/Verio SME FreeBSD UNIX Heimdal
[EMAIL PROTECTED] [EMAIL PROTECTED]
On Sat, Nov 29, 2003 at 04:41:11PM -0500, Richard Coleman wrote:
> There really needs to be an example file for nsswitch.conf in
> /usr/share/example. For people new to FreeBSD 5.X, there is no outward
> sign that nsswitch is supported other than the nsswitch.conf(5) man page.
I won't be adding
On Sun, Nov 30, 2003 at 10:37:08PM -0800, Sean McNeil wrote:
> Hello All,
>
> I was having trouble with startup and kdc/kadmin5 failing. Turns out
> that they were trying to access a shared library in /usr/local/lib
> (libldap.so.2). Unfortunately, both were getting started before
> ldconfig.
>
[Threading intentionally broken.]
On Sat, Nov 29, 2003 at 01:16:25AM +0100, Dag-Erling Smørgrav wrote:
> "Jacques A. Vidrine" <[EMAIL PROTECTED]> writes:
> > NSS and PAM do not overlap. They are complimentary and one cannot do
> > the job of the other.
>
&
On Wed, Nov 26, 2003 at 02:00:08AM +0100, Matthias Andree wrote:
> Matthew Dillon <[EMAIL PROTECTED]> writes:
>
> > How much do you intend to use NSS for? I mean, what's the point of
> > adopting this cool infrastructure if all you are going to do with it
> > is make a better PAM out
On Tue, Nov 25, 2003 at 12:39:11PM -0800, Matthew Dillon wrote:
> My original opinion
> still stands... you guys are using this issue as an excuse to basically
> do away with static binaries, rather then fixing the real problem which
> is an inability to dynamically load modules in
On Tue, Nov 25, 2003 at 04:46:24PM +0200, Enache Adrian wrote:
> On Mon, Nov 24, 2003 a.d., Jacques A. Vidrine wrote:
> > The application is broken. You must only check errno if you get an
> > error indication from the library call.
>
> Sorry, but I don't see your point
On Tue, Nov 25, 2003 at 11:50:25AM -0800, Matthew Dillon wrote:
> Just not thinking out of the box, maybe.
Matt, I'm talking about the de facto standard NSS, as found in Solaris
and Linux; and now FreeBSD 5 [*] and soon NetBSD [**]. You are talking
about some better mousetrap. The latter doe
On Mon, Nov 24, 2003 at 08:22:52PM -0600, David Leimbach wrote:
> Yep :).
>
> I feel like saying "set the default to static and make the dynamic bins
> the option" so
> the people who can't be bothered to compile their own system even
> though everyone
> I know does this for tuning purposes anyw
On Mon, Nov 24, 2003 at 10:06:12PM -0500, Andrew Gallatin wrote:
> How about Gordon's initial bootstone, which increased by 25%?
> http://docs.freebsd.org/cgi/mid.cgi?16091.44150.539095.704531
>
> And I just did a "make clean" run in /usr/ports/archivers (by manually
> mv'ing a static and dynamic
On Mon, Nov 24, 2003 at 07:11:29PM -0800, Matthew Dillon wrote:
> You don't need dynamic loading to get nsswitch type functionality. You
> only need dynamic loading if nobody is willing to write an IPC
> model to get the functionality. It's really silly to create such a
> fundamen
On Sun, Nov 23, 2003 at 04:14:08PM +0200, Enache Adrian wrote:
> $ cc close.c -o close && ./close
> 0
> 0
>
> $ cc close.c -lc_r -o close && ./close
> 0
> 25
>
> $ cat close.c
> #include
> main()
> {
> int fd = open("/dev/null", 1);
> printf("%d\n", errno);
> close(fd);
>
[cc: dropped]
I suppose I should comment on this thread, since I'm closely related
to at least two of the rationales mentioned for moving towards an
all-dynamically-linked system. (I would prefer to stay out of this
thread. In my mind we've had all these arguments in various
forums months ago an
On Fri, Oct 10, 2003 at 06:44:25PM +0700, Dikshie wrote:
>
>
> ===> kerberos5
> cd /usr/src/kerberos5; /usr/obj/usr/src/make.i386/make buildincludes;
> /usr/obj/usr/src/make.i386/make installincludes
> ===> kerberos5/doc
> ===> kerberos5/lib
> ===> kerberos5/lib/libroken
> ./make-roken > tmp.h ;
On Fri, Oct 03, 2003 at 09:02:19PM +0300, Ruslan Ermilov wrote:
> Maybe now it will be more obvious why I thought that upgrade_checks
> should always be done, for all standard src/Makefile targets.
> Currently, you either need to upgrade your /usr/bin/make binary
> manually, or to use this command
On Fri, Oct 03, 2003 at 07:57:51PM +0300, Clau wrote:
> hello,
>
> i just downloaded via cvsup the latest kernel for freebsd 5.1.
> i had a problem with it, more exactly when i did a "make depend"
> it stopped at some place, and gave me this error:
> "can't find kernel source tree"
> i fixed this
On Wed, Sep 24, 2003 at 10:27:29AM -0500, Jacques A. Vidrine wrote:
> At link time, either (a) I want *this* threaded library damnit, or (b)
^^^
> that one threading library might provide but not another.
As an aside, appa
[Mostly trying to stay out of this thread, but I must comment at
least on this point.]
On Wed, Sep 24, 2003 at 11:01:01AM -0400, Daniel Eischen wrote:
> On Wed, 24 Sep 2003, Scott Long wrote:
> > Daniel Eischen wrote:
> > > o Allows shared libraries (Qt, GTK, OpenGL, etc) to be built that
> > >
On Tue, Sep 16, 2003 at 09:47:44PM -0400, David Rhodus wrote:
> On Tuesday, September 16, 2003, at 11:54 AM, Dag-Erling Smørgrav wrote:
> >Is there a specific problem with OpenSSH 3.5 which requires an update
> >to 3.6.1? Or do you just want me to update it to make the numbers
> >look pretty on yo
On Tue, Sep 16, 2003 at 08:43:00AM -0400, David Rhodus wrote:
> Right, say if still the OpenSSH did or still comes out to be
> real. Ops, now thats right, we don't have 3.6.1 in STABLE, why ? It
> was released on April 1, does that not give one enough time to merge
> this in ?
Merging new versions
On Mon, Sep 15, 2003 at 11:18:24PM +0300, Ruslan Ermilov wrote:
> You mean you upgrade to RELENG_5_1? Beware that this branch
> is currently not buildable: libpthread build is broken.
Eh? By `this branch' you mean RELENG_5_1? How is it broken? If
there is a problem (I don't know of any --- it
On Fri, Aug 22, 2003 at 11:15:01AM -0700, Tim Kientzle wrote:
> On the other hand, having
>
> /etc/nsswitch.conf.example
>
> would
> a) Advertise the existence of nsswitch capabilities in
> an obvious place where people new to FreeBSD would
> see it.
> b) Document the defaults.
>
On Tue, Aug 05, 2003 at 03:55:55AM -0700, Terry Lambert wrote:
> Through the credential passing? I thought that wasn't reliable
> for this type of thing. Specifically, the jail would be in an
> untrusted protection domain; if you just accepted the credential
> blindly, then anyone could be root i
On Mon, Aug 04, 2003 at 10:53:03AM -0700, Terry Lambert wrote:
> You would either lose or overexpose root-restricted functionality,
> such as flood-ping.
Eh? Why? pingd can know your credentials.
Cheers,
--
Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal
[EMAIL PROTECTED]
On Wed, Jul 23, 2003 at 01:57:56AM +0200, Simon Barner wrote:
> > > --- plugins/check_by_ssh.c.orig Mon Apr 23 09:43:11 2001
> > > +++ plugins/check_by_ssh.cTue Jul 22 05:05:52 2003
> > > @@ -191,7 +191,7 @@
> > > if (commands>1)
> > > remotecmd=strscat(remotecmd,";echo STATUS
On Tue, Jul 22, 2003 at 02:26:08PM +0200, Simon Barner wrote:
> --- plugins/check_by_ssh.c.orig Mon Apr 23 09:43:11 2001
> +++ plugins/check_by_ssh.cTue Jul 22 05:05:52 2003
> @@ -191,7 +191,7 @@
> if (commands>1)
> remotecmd=strscat(remotecmd,";echo STATUS CODE: $?;"
On Sat, Jul 19, 2003 at 05:05:39AM +0200, Simon Barner wrote:
> --- freefem/fem/femDisk.cpp.orig Sat Jul 19 04:09:32 2003
> +++ freefem/fem/femDisk.cpp Sat Jul 19 04:13:43 2003
> @@ -95,7 +95,7 @@
> char *result = 0;
> int dummy;
>
> -ifstream fin( path );
> +std::ifstrea
On Fri, Jul 18, 2003 at 12:18:14PM -0700, Nate Lawson wrote:
> Warner mentioned this was due to the gcc import. Nearly every part of the
> kernel that uses newbus or buf.h prints out lots of warnings. Can someone
> see about fixing this, whether it's by fixing our headers or build flags
> or gcc
[For some reason I haven't seen Alexander's post yet, so I'm mixing
replies here.]
On Fri, Jul 18, 2003 at 06:12:10PM +0200, Michael Nottebrock wrote:
> On Friday 18 July 2003 17:37, Alexander Kabaev wrote:
> > On Fri, 18 Jul 2003 10:33:58 -0500
> >
> > &q
[cc: list trimmed]
On Fri, Jul 18, 2003 at 10:32:51AM +0200, Michael Nottebrock wrote:
> I've tried to come up with a less obscure testcase:
>
> #include
> #include
> using namespace std;
>
> int main ()
> {
>
> string astring="Hello World";
> cout << astring << endl;
> }
>
> Now, if I c
[Sorry for delayed reply. I'm offline mostly lately.]
On Thu, May 22, 2003 at 12:09:06PM +, David Leimbach wrote:
>
> On Thursday, May 22, 2003, at 03:53 AM, CARTER Anthony wrote:
>
> > Hi,
> >
> > Just done a buildworld and installworld from yesterdays CVSUp (today,
> > 22nd,
> > 10:51am
ds in place :-)
ed -s /path/to/binary <<-EOF
/libc_r.so.5/ s/libc_r.so.5/libthr.so.1/
w
q
EOF
or similar ...
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED]
t, if you are a committer that uses Kerberos IV, please
consider maintaining the security/krb4 port.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTE
is kind of a burden.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED]
To Unsubscribe: send mail to [EMAIL PROTECTED]
with &
he apache+mod_ssl and
openssl port maintainers. It sounds to me like they are doing
something very wrong.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PR
if
> #endif
>
>
> Should the OpenSSL in FreeBSD be defining OPENSSL_THREADS?
I think you may be right. OpenSSL 0.9.7's out-of-the box configure
creates an opensslconf.h that would define OPENSSL_THREADS on FreeBSD.
Mark supplied the opensslconf.h's that are used in the FreeBS
hose interfaces that go through nsdispatch
(e.g. gethostbyname_r but not realpath_r).
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] .
On Tue, Feb 18, 2003 at 08:55:02PM +0100, Dag-Erling Smorgrav wrote:
> "Jacques A. Vidrine" <[EMAIL PROTECTED]> writes:
> > On Tue, Feb 18, 2003 at 12:01:29PM +0100, Dag-Erling Smorgrav wrote:
> > > The code that fails to compile is blatantly wrong:
> >
3 18:39:46 -
***
*** 23,28
--- 23,29
.endif
USE_BZIP2=yes
+ CONFIGURE_ENV+= CPPFLAGS=-DOPENSSL_DES_LIBDES_COMPATIBILITY
CONFIGURE_ARGS+= --with-tcp-wrappers \
--with-pkgconfdir=${PREFIX}/etc
.if defined(WITH_PAM)
(MAINTAINER
been an array. With OpenSSL >= 0.9.7, the type of
`schedule' is a struct.
This port uses , which we have as a symlink to
(ugh, I'd better remove that, too). If that include is replaced with
e.g.
#ifdef HAVE_OPENSSL
#define OPENSSL_DES_LIBDES_COMPATIBILITY
#include
#e
e my posting of two years ago:
http://groups.google.com/groups?&selm=97b83t%2414q3%241%40FreeBSD.csie.NCTU.edu.tw&rnum=1
>
BTW, I don't care if linking a program with rand() gives an obnoxious
warning or not. Just pointing out that rand() is less useful than it
might seem.
Che
On Sun, Feb 09, 2003 at 03:17:12PM +0100, Erik Trulsson wrote:
> On Sun, Feb 09, 2003 at 08:03:57AM -0600, Jacques A. Vidrine wrote:
> > On Sat, Feb 08, 2003 at 05:23:01PM -0800, Terry Lambert wrote:
> > > The compiler
> > > didn't complain when he checked
s the location of the
>previous definition
Yes, I'll eliminate these today.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] .
has anything to
do with optimization; rather, it is to do with lack of `warning'
flags. For example, if you build libc with WARNS=5 (so as to get the
`-Wuninitialized' flag), then you get this warning.
> "x.c:9:warning: `foo' might be used uninitialized in this functio
nding on
whether I'm using static or dynamic linking. But maybe it's me, I'll
look more carefully later.
How about pointing out the bug you found?
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD U
On Mon, Feb 03, 2003 at 07:37:06PM -0600, Jacques A. Vidrine wrote:
> Now that 5.0 has been released, can we please make PFIL_HOOKS the
> default?
Oh, I should have said that I'm going to make the change in a few days
if there are no objections.
Cheers,
--
Jacques A. Vidrine <[E
Now that 5.0 has been released, can we please make PFIL_HOOKS the
default?
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTE
Are you
certain you have rebuilt pam_krb5? What is the output of `ident
/usr/lib/pam_krb5.so' (should show revision 1.13 or later).
The `four hours' does indeed correspond to DES's enabling of pam_krb5
by default in etc/pam.d/sshd.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTE
t and using
the `wrong' libc, all bets are off.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED]
To Unsu
this would cause you major problems. Binaries that expected the
libc.so.4 interface would be calling into libc.so.5, and probably
causing very strange behaviour.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX
then be invoked by dump -L to create a snapshot for it.
Despite a distaste for setuid executables, I think I'd prefer a simple
/sbin/snapshot setuid program. Primarily, enabling `vfs.usermount'
gives more privileges to more users than I'm comfortable with.
Secondarily, /sbin/snap
an making OpenPAM bitch so I remember
> to fix it :)
I believe I fixed this in revision 1.13 of pam_krb5.c. I'd be much
obliged if you double-checked.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX .
hile building GNOME 2).
Later (much later) I'll try to narrow the problem down further.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.celabo.org/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] .
empted to check out the ports tree. After
20 minutes or so, again the system was `hung', although this time I
couldn't check whether there were any processes in `wdrain', because it
was hung hard and completely.
Does this ring bells for anyone? What should I look for when I get
On Tue, Apr 23, 2002 at 01:20:07AM +0900, Jun Kuriyama wrote:
> At Mon, 22 Apr 2002 11:09:26 -0500,
> Jacques A. Vidrine <[EMAIL PROTECTED]> wrote:
> > I'm curious ... could you send the output of
> >
> > pkg_info -L linux-netscape-navigator-4.79 | xa
kg_info -L linux-netscape-navigator-4.79 | xargs ls -l
?
Also, does `/compat/linux/bin/sh' blow up for you?
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECT
rect fix. Comments alfred, phk? Oh, especially Alfred --- it
seems you committed the delta that added locking to the file
descriptor table.
Meanwhile I'll see if I can reproduce. I wonder if interaction with
the linuxlator is required to tickle the bug.
> I think opening file descr
see if updating allows me to
reproduce the problem.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTECTED] . [EMAIL PROTECTED] . [EMAIL PROTECTED]
T
triple check.
> Also shouldn't host(1) obey /etc/nsswitch.conf?
No:
NAME
host - look up host names using domain server
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos
[EMAIL PROTEC
ports or by hand, also doesn't matter is it newest version or older
> 6.0 release.
Update your -CURRENT. I noticed this problem a month or two ago,
but with a recent build of -CURRENT, gvim finally works again.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]>
On Thu, Feb 21, 2002 at 06:24:59AM +0200, John Hay wrote:
> Hi Jacques,
>
> Make release fails here. Can it be your changes to kerberos?
Could be; I'll have a look. Thanks!
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/
NTT/Verio SME
On Wed, Jan 30, 2002 at 01:47:24PM +, Mark Murray wrote:
> No. We dont. But if Kerberos5 is asked for, then BSD telnet is linked
> against Heimdal.
>
> I'm testing the fix, and will commit in a day or two.
OK, great. I assume you'll import it on the vendor branch?
On Tue, Jan 29, 2002 at 06:38:57PM -0800, Terry Lambert wrote:
> "Jacques A. Vidrine" wrote:
> > Meanwhile, do yourself a favor and use the Heimdal port if you want
> > Heimdal Kerberos.
>
> I think he cares more about telnet than Heimdal.
Do we install the
to it soon (I assume they are swamped), I'll visit the issue
in February.
Meanwhile, do yourself a favor and use the Heimdal port if you want
Heimdal Kerberos.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/
NTT/Verio SME . FreeBSD
On Mon, Jan 21, 2002 at 01:55:53PM -0800, Terry Lambert wrote:
> "Jacques A. Vidrine" wrote:
> > > In the way that the author of the PAM architecture from Sun
> > > spoke at the Silicon Valley BSD User's Group meeting,
> >
> > Do you have a refere
On Mon, Jan 21, 2002 at 12:48:39PM -0800, Terry Lambert wrote:
> "Jacques A. Vidrine" wrote:
> >
> > On Sun, Jan 20, 2002 at 11:43:28PM -0800, Terry Lambert wrote:
> > > Once you guys have this all hammered out, are you going to
> > > integrate PAM a
On Sun, Jan 20, 2002 at 11:43:28PM -0800, Terry Lambert wrote:
> Once you guys have this all hammered out, are you going to
> integrate PAM and Kerberos? 8-) 8-) 8-).
In what way do you mean?
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/
N
e how common this was myself until I started hacking on
guile. I don't hack on it anymore.
Cheers,
--
Jacques A. Vidrine <[EMAIL PROTECTED]> http://www.nectar.cc/
NTT/Verio SME . FreeBSD UNIX .Heimdal Kerberos
[EMAIL PROTECTED] .
ble this dubious feature or
> getresuid needs to be MFC'd all the way back to 3.x.
A workaround that I used previously is to compile up getresuid.so and
run Applix with e.g. `env LD_PRELOAD=/PATH/TO/getresuid.so applix'.
--
Jacques A. Vidrine <[EMAIL PROTECTED]>
On Wed, Aug 29, 2001 at 02:09:35AM -0500, David W. Chapman Jr. wrote:
> I cannot seem to delete some files that fsck can't seem to fix.
Use clri(8) to stomp the directory that is giving you problems, then
run fsck again. Repeat until the filesystem is clean.
Then find your backup :-)
Cheers,
On Tue, May 01, 2001 at 02:13:05AM +0300, Tomi Vainio - Sun Finland - wrote:
> Benjamin Close writes:
> >Is anyone looking into converting the Linux winmodem driver (
> > Lucent Technologies binary object file compiled together with the linux
> > kernel serial driver) into a freebsd device?
On Wed, Feb 21, 2001 at 10:06:29PM +0900, Jun Kuriyama wrote:
> At 20 Feb 2001 09:44:01 GMT,
> Makoto MATSUSHITA wrote:
> > It seems that add 'CFLAGS+=-I${KRB5OBJDIR}' to
> > src/kerberos5/lib/libgssapi/Makefile is required to fix this, since
> > krb5_err.h is not in ${KRB5DIR}/lib/krb5.
>
> In m
On Mon, Jan 29, 2001 at 11:31:32AM -0500, Garrett Wollman wrote:
> < said:
> > I would rather that a separate configuration file be read, for example,
> > with a list of shells(5) format files to consult.
>
> I would rather have a single file, located in a directory intended for
> configuration f
On Sun, Jan 28, 2001 at 10:13:49AM +0100, Steve O'Hara-Smith wrote:
> Hi,
>
> Asbestos suit on, round two.
>
> The patch below changes getusershell to support a #include syntax
> in /etc/shells.
I guess this is what I object to. I don't particularly like having a
new direct
On Sat, Jan 27, 2001 at 08:48:59PM +0100, Steve O'Hara-Smith wrote:
> On Sat, 27 Jan 2001 13:17:22 -0600
> "Jacques A. Vidrine" <[EMAIL PROTECTED]> wrote:
> JV> You could just use the nsdispatch() API that is in -CURRENT, and that
> JV> getusershell() uses
On Sat, Jan 27, 2001 at 01:57:40PM +0100, Steve O'Hara-Smith wrote:
> Life is better than I thought the crypto stuff just has it as a fallback
> conditional on HAVE_GETUSERSHELL so that uses the one from libc. Which leaves
> only sendmail which is similar but for some reason does not have HA
On Mon, Jan 15, 2001 at 12:49:29PM -0600, David W. Chapman Jr. wrote:
> I checked in current with little luck. Does -current support VXA-1 tape
> drives by Ecrix. The site claims that freebsd does, but the only response
> by someone that has one says that it won't successfully backup.
I've been
On Sun, Dec 10, 2000 at 07:16:15PM +0100, Dag-Erling Smorgrav wrote:
> Forrest Aldrich <[EMAIL PROTECTED]> writes:
> > Within the scope of this problem, would it not be simple to code in a
> > configuration diretive in the build process, such that a simple entry
> > in /etc/make.conf would tell th
[Please follow-up to only one list]
Hello,
I need more testers for the following!
nsswitch extends the C library so that arbitrary sources may be
consulted by database routines such as getpwent, gethostbyname, and so
on. This implementation was based on NetBSD's implementation. I have
enhance
On Mon, Oct 23, 2000 at 02:25:40PM -0700, David O'Brien wrote:
> On Mon, Oct 23, 2000 at 05:07:42PM -0400, Brandon D. Valentine wrote:
> > Hmm I don't have any NetBSD machines running the later 1.5 revisions
> > yet, so I've not seen the new scripts,
>
> lynx ftp://ftp.netbsd.org/pub/NetBSD-curre
If you have machines running -CURRENT from September 9 - September
29, _and_ you created an /etc/nsswitch.conf with any of `passwd: dns',
`group: dns', `passwd_compat: dns', `group_compat: dns', then you
are vulnerable to a local attack.
So upgrade :-)
(or just apply the small patch)
--
Jacques
On Fri, Sep 29, 2000 at 12:10:39AM +0700, Max Khon wrote:
> "passwd: compat" should require '+' if I understand it correctly
You understand correctly :-) Further, this is the default when there
is no /etc/nsswitch.conf.
--
Jacques Vidrine / [EMAIL PROTECTED] / [EMAIL PROTECTED] / [EMAIL PROTE
On Thu, Sep 28, 2000 at 10:24:01AM -0500, Dan Nelson wrote:
> Depends on what Seigo meant. If he meant that libc.so.4 and no
> /etc/nsswitch.conf implicitly adds a "+" to the end of /etc/passwd,
> that's definitely a bug.
If you don't have an /etc/nsswitch.conf, then it behaves just like
libc.
On Thu, Sep 28, 2000 at 10:50:53PM +0900, Seigo Tanimura wrote:
> Here is another possible trouble. While libc.so.4 with nsswitch no
> longer requires the magic '+' entry, libc.so.3 and earlier still
> require '+'.
If one needs to support applications using libc.so.3, then one needs
to use the ns
On Sun, Sep 24, 2000 at 11:43:01PM +0900, Seigo Tanimura wrote:
> As we are supposed to fill in all of the members in struct passwd
> (like Solaris), _pw_passwd should have its initial value other than
> zero.
>
> static struct passwd _pw_passwd =
> {
> "",
> "",
> (uid_t)0,
On Fri, Sep 08, 2000 at 04:47:15PM +0200, Neil Blakey-Milner wrote:
> Note the excessive use of "perl -i -pe 's/foo/bar/'" for in-place
> substitution. I've asked on at least two occasions for a simple,
> easy-to-use, thing to do it without doing a two-liner that copies to
> another file, and then
On Wed, Sep 06, 2000 at 03:21:00PM -0700, Matthew Jacob wrote:
> Are you sure you don't have a partial update?
He's sure. I boo-boo'd :-)
I merrily went out to eat after committing my changes, then checking out
-CURRENT and watching it `make -j 4 buildworld' to completion. Of
course I already h
HEADS UP: nsswitch meets current
Hello,
I have just commited nsswitch support to FreeBSD-current. The code is
based on NetBSD 1.4.2's nsswitch and I attempted to keep the
implementations as close as possible. By creating an
/etc/nsswitch.conf file, you can configure FreeBSD so that various
dat
On Wed, Aug 23, 2000 at 01:36:56PM +0100, Konstantin Chuguev wrote:
> Just wondering: what is the reason of using /opt instead of /usr/local,
> apart from Solaris influence?
No Solaris influence, actually. Just strlen("/opt") < strlen("/usr/local").
It looks nicer to me. Secondarily to see i
On Wed, Aug 23, 2000 at 01:01:59AM -0500, Mike Meyer wrote:
> Um - why? If you removed the setting of LOCALBASE in that case, you
> wouldn't change the disk layout at all.
I prefer installed executables, data files, and man pages to refer to
/opt. Duh.
> However, I was wondering if there was an
On Mon, Aug 21, 2000 at 11:59:26PM -0500, Mike Meyer wrote:
> I'm curious - are there any committers who regularly use a system with
> LOCALBASE set to something other than /usr/local?
I have LOCALBASE=/opt for a couple of years now.
OTOH, I also have a symlink from /usr/local -> /opt due to a s
On Mon, Jun 26, 2000 at 04:09:26PM +0200, Leif Neland wrote:
> How much does this "unrandomness" matter?
That's why I said `depending on the application'.
It probably doesn't matter too much for a Kerberos session key that will
be used for the duration of an ftp session.
It definately matters i
On Sun, Jun 25, 2000 at 12:55:47PM -0700, Kris Kennaway wrote:
> > > I don't know which applications depend on /dev/random providing entropy
> > > and which gather their own.
> SSH and SSL should not be used: PGP should be okay.
FWIW, a quick look indicates:
MIT Kerberos V gathers its own ``en
On Sun, Jun 25, 2000 at 12:35:12PM +0200, Mark Murray wrote:
> 1) It is not yet cryptographically secure, so those of you using
>CURRENT for "live" projects, please be careful!
I guess it follows that it is not a good idea to generate keys or
certificates on -CURRENT for a while (until entrop
On Fri, Jun 23, 2000 at 08:22:00PM +0300, Maxim Sobolev wrote:
> Hmm, where my crystal ball... Aha, I see - probably you are using
> Xfree 4.0, while your friend Xfree3.5*. It is where the problem lie
> (see below).
Well, I use XFree86 4.0 with two displays, and GNOME 1.2, and I don't
have the ki
We've had a CDIOCEJECT ioctl `forever'. Several drivers support
it, such as cd, acd, and wfd. However, there are other drivers
that support removable media but do not support CDIOCEJECT: da
and sa.
Likewise we have CDIOCCLOSE which should cause a device to load
its media.
I want to add these i
1 - 100 of 107 matches
Mail list logo