Re: Replication option for ldapd(8)

2012-12-16 Thread Martin Hedenfalk
11 dec 2012 kl. 11:40 skrev Joel Carnat j...@carnat.net: Hello, I want to achieve a Master / Slave replication with OpenBSD's shipped ldapd(8). Are there any native features to synchronize both instances (like openldap's syncrepl) or do I have to script a bunch of

Re: KSH command logged to syslog

2012-12-16 Thread David Coppa
.profile can be interrupted with ctrl+c. Because it is under controle or the user and he/she can disable such funcionality. the safer way imho is patching ksh

Re: KSH command logged to syslog

2012-12-16 Thread Paul de Weerd
On Sun, Dec 16, 2012 at 11:02:31AM +0100, David Coppa wrote: | .profile can be interrupted with ctrl+c. | | Because it is under controle or the user and he/she can disable | such funcionality. | | the safer way imho is patching ksh After that, expect all your users to suddenly switch to one

Re: KSH command logged to syslog

2012-12-16 Thread Janne Johansson
My guess, compliance to some standard Den 16 dec 2012 11:17 skrev Paul de Weerd we...@weirdnet.nl: On Sun, Dec 16, 2012 at 11:02:31AM +0100, David Coppa wrote: | .profile can be interrupted with ctrl+c. | | Because it is under controle or the user and he/she can disable | such

Re: KSH command logged to syslog

2012-12-16 Thread Andres Perera
On Sun, Dec 16, 2012 at 5:47 AM, Paul de Weerd we...@weirdnet.nl wrote: On Sun, Dec 16, 2012 at 11:02:31AM +0100, David Coppa wrote: | .profile can be interrupted with ctrl+c. | | Because it is under controle or the user and he/she can disable | such funcionality. | | the safer way imho

Re: KSH command logged to syslog

2012-12-16 Thread Andres Perera
btw, this program should be the only entry in /etc/shells so only root is allowed privacy On Sun, Dec 16, 2012 at 6:38 AM, Andres Perera andre...@zoho.com wrote: #include sys/types.h #include stdio.h #include unistd.h #define sp /usr/bin/script #define sf /var/db/ghetto_act/%ju main() {

Re: KSH command logged to syslog

2012-12-16 Thread Paul de Weerd
On Sun, Dec 16, 2012 at 06:38:08AM -0430, Andres Perera wrote: | On Sun, Dec 16, 2012 at 5:47 AM, Paul de Weerd we...@weirdnet.nl wrote: | On Sun, Dec 16, 2012 at 11:02:31AM +0100, David Coppa wrote: | | .profile can be interrupted with ctrl+c. | | | | Because it is under controle or the

Re: KSH command logged to syslog

2012-12-16 Thread Andres Perera
On Sun, Dec 16, 2012 at 7:10 AM, Paul de Weerd we...@weirdnet.nl wrote: On Sun, Dec 16, 2012 at 06:38:08AM -0430, Andres Perera wrote: | On Sun, Dec 16, 2012 at 5:47 AM, Paul de Weerd we...@weirdnet.nl wrote: | On Sun, Dec 16, 2012 at 11:02:31AM +0100, David Coppa wrote: | | .profile can be

Re: KSH command logged to syslog

2012-12-16 Thread Alexander Hall
Andres Perera andre...@zoho.com wrote: On Sun, Dec 16, 2012 at 7:10 AM, Paul de Weerd we...@weirdnet.nl wrote: On Sun, Dec 16, 2012 at 06:38:08AM -0430, Andres Perera wrote: | On Sun, Dec 16, 2012 at 5:47 AM, Paul de Weerd we...@weirdnet.nl wrote: | On Sun, Dec 16, 2012 at 11:02:31AM +0100,

Re: Wireless WPA and crypto hardware

2012-12-16 Thread Martin Kjær Jørgensen
On Sat, Dec 15, 2012 at 06:24:38PM +0100, Stefan Sperling wrote: On Sat, Dec 15, 2012 at 12:00:07PM -0500, Nick Holland wrote: On 12/15/12 11:45, Martin Kjær Jørgensen wrote: Do you think an AMD Elan 133 Mhz is modern enough for at 54/mbit wireless WPA2 throughput? Are you kidding

Re: KSH command logged to syslog

2012-12-16 Thread Andres Perera
On Sun, Dec 16, 2012 at 8:07 AM, Alexander Hall alexan...@beard.se wrote: I still want to know the reason for all this. If it's for security, it sure feels ass-backwards and questionable at best. it's useful for honeypot scenarios, with all proposed solutions so far being influenced by

Re: for students or your children

2012-12-16 Thread Jay Patel
HI ..hehe ya i know but its for kids :D and its not about fame and glory... On Fri, Dec 14, 2012 at 5:52 AM, Tobias Ulmer tobi...@tmux.org wrote: On Wed, Dec 12, 2012 at 11:03:50AM +0530, Jay Patel wrote: Hi all .. is OpenBSD taking part in google code-in : The answer is No, as

Re: Wireless WPA and crypto hardware

2012-12-16 Thread Stefan Sperling
On Sun, Dec 16, 2012 at 01:52:10PM +0100, Martin Kjær Jørgensen wrote: Sounds like OpenBSD is not quite ready for being a production Access Point. Well, that depends on your needs. But yes, alternatives like OpenWRT are tuned better for use as a speedy access point and run on smaller devices

Re: Isolating Firefox in a nested X server, and running as a different user

2012-12-16 Thread Robert Connolly
Ok. I took the suggestions, and now have: Xephyr -screen 1358x693 :1 ssh -Xf firefox@localhost 'twm -display :1 firefox -no-remote --display :1' I found the xsel(1) scripts to do copying and pasting from different displays, and it works with some getting used to. I intend to make some

Re: Isolating Firefox in a nested X server, and running as a different user

2012-12-16 Thread Jiri B
On Sun, Dec 16, 2012 at 02:21:59PM -0800, Robert Connolly wrote: I would like to hear comments about using pf to filter user/group, to make sure Firefox uses a proxy. The idea behind this is to stop Firefox from leaking my IP. Is this the most efficient way to do this? I block an user using

OpenBSD desktop

2012-12-16 Thread Robert Connolly
Hello. I have heard on IRC that I am running a vulnerable version of Firefox, despite running 'pkg_add -a -u', on my OpenBSD 5.2 system. The advice I got was to run snapshots, because OpenBSD does not have the human resources to maintain packages. I understand this is a problem, but I want