I forgot to add, one important side change is that after updating a
library, all packages that depend on it will now automatically rebuild due
to moving library dependencies out of LDFLAGS and into LIBS and specifying
that the BIN depends on LIBS.
On Sep 7, 2016 4:29 PM, "Evan Gates" wrote:
> I'
I've made a lot of changes to the makefiles to specify dependencies
correctly and allow parallel builds with make -j. Please be on the
lookout for bugs and please bring up any objections/criticism.
Specify dependencies correctly to allow parallel builds with -j.
Previously the makefiles relied upo
On Wed, Sep 7, 2016 at 3:26 PM, FRIGN wrote:
> Yes it is a reflex. The semicolons don't hurt anybody and I actually am
> not that much of a shell-god to really exactly know where I can get rid
> of them.
Anywhere you have a single semicolon at the end of the line you can
get rid of it.
>> Why no
On Wed, 7 Sep 2016 15:19:23 -0700
Evan Gates wrote:
Hey Evan,
> I'm glad you quoted! I do have a couple questions and discussion
> points I'd value your feedback on.
I'll do my best to answer your question.
> Why all the extraneous semicolons? I see this a lot in awk, too. I
> think it tends t
Hey FRIGN,
I'm glad you quoted! I do have a couple questions and discussion
points I'd value your feedback on.
Why all the extraneous semicolons? I see this a lot in awk, too. I
think it tends to be a reflex for C programmers.
Why not quote "$ret"? You don't have control over the environment in
commit 1f8903d1689e5f796fbe227587081d28f864cb07
Author: FRIGN
AuthorDate: Wed Sep 7 23:10:05 2016 +0200
Commit: FRIGN
CommitDate: Wed Sep 7 23:10:05 2016 +0200
Shellcheck 2ff fixes
I was inspired by the current discussion on dev@ to use shellcheck to
check my scripts and
commit f8f3a096bc6d812b7d506d8010ca3063c3f70999
Author: Nico Golde
AuthorDate: Wed Sep 7 21:17:12 2016 +0200
Commit: Nico Golde
CommitDate: Wed Sep 7 21:17:12 2016 +0200
errm eprint isnt declared here. thanks Ali H. Fardan
diff --git a/ii.c b/ii.c
index a32326d..51318aa 100644
--- a
> Hey Quentin,
>
> > Just a question though, do we need to set a group to drop privileges
> > to? Wouldn't getting the gid out of the user name sufficient?
>
> why cut the flexibility there?
It looks more simple to me to just give a user to drop privileges to.
A user always has a group attached
On Wed, 7 Sep 2016 17:48:51 +0200
Quentin Rameau wrote:
Hey Quentin,
> Just a question though, do we need to set a group to drop privileges
> to? Wouldn't getting the gid out of the user name sufficient?
why cut the flexibility there? If we extract the groups from a
username, we would also have
Hi,
patch tested here and seconded!
Just a question though, do we need to set a group to drop privileges
to? Wouldn't getting the gid out of the user name sufficient?
Actually two questions, why the nogroup group instead of the nobody
group? I know that nogroup is present on OpenBSD, but the LSB
On Wed, 7 Sep 2016 15:25:56 +0200
FRIGN wrote:
>
Quentin found a problem on OpenBSD which was due to the negligient use
of the passwd struct pointer. Given it points to static memory, we
ended up with a "different" struct when we went to se the privilege
drop. To fix this, we store the uid and g
On Wed, 7 Sep 2016 15:17:11 +0200
FRIGN wrote:
>
Okay, this is hopefully the last iteration.
--
FRIGN
>From e308e34f49c89612ecdd17e989483c211453b6cb Mon Sep 17 00:00:00 2001
From: FRIGN
Date: Wed, 7 Sep 2016 13:32:29 +0200
Subject: [PATCH] Ensure Polyphemus-Mitigation and properly drop privi
On Wed, 7 Sep 2016 15:15:03 +0200
FRIGN wrote:
>
Forget this patch, I forgot to remove my 1337 debugging line
system("id");
return 0;
from it. See attached for the fixed version. Sorry for the noise.
Cheers
FRIGN
--
FRIGN
>From a4470c29ffde668b0b012ca379087a69b2da46fb Mon Se
On Wed, 7 Sep 2016 13:37:30 +0200
FRIGN wrote:
>
After some very helpful feedback by Quentin I updated the patch.
See attached.
Cheers
FRIGN
--
FRIGN
>From 89296e15f7ed693a7c7978342e3c052b52bb Mon Sep 17 00:00:00 2001
From: FRIGN
Date: Wed, 7 Sep 2016 13:32:29 +0200
Subject: [PATCH] En
Hello fellow hackers,
I noticed a few weeks ago that slock did not drop privileges on OpenBSD
until the last commit. Now, still, the privdropping is horrible and
thus I wrote this patch to make it very strict and actually allow the
user to specifiy what to drop to and also override the supplementa
> thanks again for the simplification. I've just merged the patch.
No prob, thanks to you (more to come, k0ga spotted some config.mk
issues)!
> --Markus
>
Heyho Quentin,
thanks again for the simplification. I've just merged the patch.
--Markus
commit 04143fd68dbc656905714eff5c208fadb3464e25
Author: Quentin Rameau
AuthorDate: Wed Sep 7 13:02:42 2016 +0200
Commit: Markus Teich
CommitDate: Wed Sep 7 13:10:25 2016 +0200
Unify how we check passwords between different OSes
diff --git a/config.mk b/config.mk
index 3afc061..04930
Quentin Rameau wrote:
> But I understand what you mean, so what do you think about prefixing
> them with the actual function name (and prepending the tool name too of
> course):
> die("slock: getspnam: cannot retrieve shadow entry[…]");
> die("slock: getpwnam_shadow: cannot retrieve shadow entry[…]
Heyho Quentin,
Quentin Rameau wrote:
> These variables seems to be about the auth_userokay()
So the removal is fine. Thanks for the clarification.
> > > diff --git a/slock.c b/slock.c
> > > …
> > > +#else
> > > + if (rval[0] == '*' && rval[1] == '\0') {
> > > +#ifdef __OpenBSD__
> > > +
Heyho Quentin,
thanks for the update.
Quentin Rameau wrote:
> diff --git a/config.mk b/config.mk
> …
> -# Install mode. On BSD systems MODE=2755 and GROUP=auth
> -# On others MODE=4755 and GROUP=root
> -#MODE=2755
> -#GROUP=auth
There was a patch some time ago making use of those variables. If t
> Heyho Quentin,
Hey Markus,
> I think it's a good simplification, but does it still work on the
> other BSDs as well, not just OpenBSD?
Well, yes it does :)
(at least should, testing is welcomed to confirm that, following
documentation it's ok for NetBSD, FreeBSD, DragonFlyBSD)
> The commented b
commit 9698224090ff2989659717815bfa076d5d436a70
Author: Markus Teich
AuthorDate: Wed Sep 7 10:04:06 2016 +0200
Commit: Markus Teich
CommitDate: Wed Sep 7 10:04:06 2016 +0200
make error message prefix consistent
diff --git a/slock.c b/slock.c
index 08ada6f..62a9841 100644
--- a/slock
Heyho Quentin,
I think it's a good simplification, but does it still work on the other BSDs as
well, not just OpenBSD? The commented block about BSD in config.mk should be
updated as well with the patch.
--Markus
24 matches
Mail list logo
