On Thu, Aug 27, 2015 at 12:43:30AM +0200, Mark Kettenis wrote:
miod@ added this back in 2002 (rev 1.36):
Back out a few more uvm changes, especially wrt swap usage.
This unbreaks m68k m88k sparc and perhaps others, which eventually froze
when hitting swap.
Tested by various people
/large snip
Assuming the locking in MULTIPROCESSOR goes like:
interrupt grabs splsoftnet - ip_input - PF grabs KERNEL_LOCK()
We need to take care of ioctl() call path and purge thread. Those need to
get synchronize with packets using KERNEL_LOCK(). They should not to mess
with
On Tuesday 25 August 2015 19:19:58 Edgar Pettijohn wrote:
I was curious if this issue is fixed in -current or if there is going to
be a patch available on the errata page?
Yes, this is fixed in -current (and will be in 5.8) - see r1.68 of server.c.
There may be back ports/commits of various
Hi,
When syslogd is reloading a modified config, it does a reexec on
itself. For this it uses the original arguments of main(). The
function loghost_parse() modifies the optarg memory it is operating
on. To prevent that the exec arguments have been tampered, pass a
copy of optarg to
security model.
How many users of that functionality will there be?
We only need to concern ourselves with the cost; you have to justify
the benefit. How many people were doing this with sudo, and how many
will need this with doas?
While I understand it's a good idea to limit
On 27/08/15 19:08, Theo de Raadt wrote:
doas is a one of the few setuid programs. It should try to do a
little bit less functionality, because doing less is part of the
security model.
How many users of that functionality will there be?
We only need to concern ourselves with the cost; you
Renaud Allard wrote:
On 08/26/2015 06:39 PM, Michael Reed wrote:
Hi Renauld,
On 08/26/15 09:38, Renaud Allard wrote:
I rewrote a little bit the patch to remove a small kind-of typo in the
manpage and remove too long lines.
So with this patch, you add the user the right to choose the
On 27/08/15 19:30, Theo de Raadt wrote:
security model.
How many users of that functionality will there be?
We only need to concern ourselves with the cost; you have to justify
the benefit. How many people were doing this with sudo, and how many
will need this with doas?
While I
On Thu, Aug 27, 2015 at 10:13:25AM -0600, Theo de Raadt wrote:
Why not strdup?
And now with strdup() as suggested by Theo.
ok?
bluhm
Index: usr.sbin/syslogd/syslogd.c
===
RCS file:
Sorry, I think adding an option is too much. I just committed halex's o=
riginal
diff to only change the type. I thought he was going to do that by now.=
Hi Ted,
The thing is, my patch doesn't do the same thing at all as the one which
adds auth-doas. My patch lets the user choose
On 27/08/15 18:32, Ted Unangst wrote:
Sorry, I think adding an option is too much. I just committed halex's original
diff to only change the type. I thought he was going to do that by now.
Hi Ted,
The thing is, my patch doesn't do the same thing at all as the one which
adds auth-doas.
On Thu, Aug 27, 2015 at 1:09 PM Theo de Raadt dera...@cvs.openbsd.org
wrote:
Sorry, I think adding an option is too much. I just committed halex's
o=
riginal
diff to only change the type. I thought he was going to do that by
now.=
Hi Ted,
The thing is, my patch doesn't do
On Thu, Aug 27, 2015 at 10:13:25AM -0600, Theo de Raadt wrote:
Why not strdup?
And now with strdup() as suggested by Theo.
ok, because such style is not really a leak.
Index: usr.sbin/syslogd/syslogd.c
===
RCS file:
How many users of that functionality will there be?
We only need to concern ourselves with the cost; you have to justify
the benefit. How many people were doing this with sudo, and how many
will need this with doas?
My current model is to use my yubikey when sudo'ing. Occasionally
On Thu, 27 Aug 2015 15:47:18 +0200, Alexander Bluhm wrote:
When syslogd is reloading a modified config, it does a reexec on
itself. For this it uses the original arguments of main(). The
function loghost_parse() modifies the optarg memory it is operating
on. To prevent that the exec
On Thu, Aug 27, 2015 at 09:44:33AM -0600, Todd C. Miller wrote:
On Thu, 27 Aug 2015 15:47:18 +0200, Alexander Bluhm wrote:
When syslogd is reloading a modified config, it does a reexec on
itself. For this it uses the original arguments of main(). The
function loghost_parse() modifies
On 27/08/15(Thu) 14:19, Alexandr Nedvedicky wrote:
/large snip
Assuming the locking in MULTIPROCESSOR goes like:
interrupt grabs splsoftnet - ip_input - PF grabs KERNEL_LOCK()
We need to take care of ioctl() call path and purge thread. Those need to
get synchronize with packets
On Thu, 27 Aug 2015 17:57:45 +0200, Alexander Bluhm wrote:
On Thu, Aug 27, 2015 at 09:44:33AM -0600, Todd C. Miller wrote:
On Thu, 27 Aug 2015 15:47:18 +0200, Alexander Bluhm wrote:
When syslogd is reloading a modified config, it does a reexec on
itself. For this it uses the original
Renaud Allard wrote:
On 27/08/15 18:32, Ted Unangst wrote:
Sorry, I think adding an option is too much. I just committed halex's
original
diff to only change the type. I thought he was going to do that by now.
Hi Ted,
The thing is, my patch doesn't do the same thing at all
This is for those of you interested in tame, and skilled enough to
play along.
This is a set of almost 100 diffs to programs in the tree to use tame.
These have been done by myself, doug, florian, semarie, and a few
other people I forget. I would make a rough guess these changes took
about 100
On 27/08/15 21:18, Ted Unangst wrote:
Renaud Allard wrote:
I understand the difference, but we are opposed to adding new options unless a
majority of users are expected to use them.
OK, I can understand. However, it doesn't do anything normal auth can't
do, except giving the user a choice
Hello Martin,
On Tue Aug 25 2015 12:27, Martin Pieuchot wrote:
On 12/08/15(Wed) 17:03, Martin Pieuchot wrote:
I'm currently working on the routing table interface to make is safe
to use by multiple CPUs at the same time. The diff below is a big
step in this direction and I'd really
On Wed, Aug 26, 2015 at 10:13:14PM +0200, Martijn van Duren wrote:
Hello tech@,
When reading cd.4 and comparing it to sys/cdio.h I see that
CDIOREADTOCENTRYS is an alias to CDIOREADTOCENTRIES, while cd.4 still points
to CDIOREADTOCENTRYS.
Both definitions are used in tree:
$ grep -R
Good enough for me.
Thanks
On 08/27/15 08:42, Joel Sing wrote:
On Tuesday 25 August 2015 19:19:58 Edgar Pettijohn wrote:
I was curious if this issue is fixed in -current or if there is going to
be a patch available on the errata page?
Yes, this is fixed in -current (and will be in 5.8) - see
On August 27, 2015 6:32:31 PM GMT+02:00, Ted Unangst t...@tedunangst.com
wrote:
Renaud Allard wrote:
On 08/26/2015 06:39 PM, Michael Reed wrote:
Hi Renauld,
On 08/26/15 09:38, Renaud Allard wrote:
I rewrote a little bit the patch to remove a small kind-of typo in
the manpage and remove
add some sizes to free.
as a bonus, an xxx comment where i believe there's a leak.
Index: aesni.c
===
RCS file: /cvs/src/sys/arch/amd64/amd64/aesni.c,v
retrieving revision 1.32
diff -u -p -r1.32 aesni.c
--- aesni.c 14 Mar 2015
Good evening.
Since ntpd started supporting constraints in 5.7, maybe 57.html should
reflect this?
Index: www/57.html
===
RCS file: /cvs/www/57.html,v
retrieving revision 1.92
diff -u -p -r1.92 57.html
--- www/57.html 6 Aug 2015
This is similar to what is done for relayd and snmpd, etc.
Index: ntpd.conf.5
===
RCS file: /cvs/src/usr.sbin/ntpd/ntpd.conf.5,v
retrieving revision 1.31
diff -u -p -r1.31 ntpd.conf.5
--- ntpd.conf.5 18 May 2015 11:10:03 -
I would prefer that apmd log 10% increments not 20. And fix the off by one,
which made it 21. (I find it odd to see a sequence of 99, 78, 57% in logs.)
Index: apmd.c
===
RCS file: /cvs/src/usr.sbin/apmd/apmd.c,v
retrieving revision
On 27/08/15(Thu) 11:10, Alexandr Nedvedicky wrote:
On Wed, Aug 26, 2015 at 06:12:10PM +0200, Mark Kettenis wrote:
Date: Wed, 26 Aug 2015 17:30:14 +0200
From: Alexandr Nedvedicky alexandr.nedvedi...@oracle.com
Hello,
I'm not sure I got everything right in Calgary. So this patch
On 08/26/2015 06:39 PM, Michael Reed wrote:
Hi Renauld,
On 08/26/15 09:38, Renaud Allard wrote:
I rewrote a little bit the patch to remove a small kind-of typo in the manpage
and remove too long lines.
So with this patch, you add the user the right to choose the authentication
style and
On Wed, Aug 26, 2015 at 06:12:10PM +0200, Mark Kettenis wrote:
Date: Wed, 26 Aug 2015 17:30:14 +0200
From: Alexandr Nedvedicky alexandr.nedvedi...@oracle.com
Hello,
I'm not sure I got everything right in Calgary. So this patch should
roughly illustrates how I think we should start
32 matches
Mail list logo