base use ports.
|
| Todd T. Fries wrote:
|
| > I love xz compression. It really pinches the bytes outa ascii files, which
log files
| > are of course made of.
| >
| > Is there a direction someone can point me in that would permit the
functionality this
| > diff provides withou
I love xz compression. It really pinches the bytes outa ascii files, which log
files
are of course made of.
Is there a direction someone can point me in that would permit the
functionality this
diff provides without hardcoding it and perhaps be acceptable for the tree?
diff --git a/usr.bin/new
_cmds[${#_cmds[*]}]="${_cmd#!}"
| > + ;;
| > + bridge)
| > + # Skip bridge in the installer.
| > return
| > ;;
| > *) _cmds[${#_cmds[*]}]="ifconfig $_if ${_c[@]}"
| >
| >
| > Cheers
| >
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
0) {
| lookup_record(T_A, *(ap) + 2, dispatch_a);
| + lookup_record(T_, *(ap) + 2, dispatch_);
| continue;
| }
| if (strncasecmp("exists:", *ap, 7) == 0) {
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
Penned by Theo de Raadt on 20180823 14:22.46, we have:
| Mike Larkin wrote:
|
| > On Thu, Aug 23, 2018 at 11:05:40AM -0500, Todd T. Fries wrote:
| > > This makes me wonder. Does it make sense to support booting a kernel
without
| > > disks? Some people have heard of the p
if (kernel == NULL && ndisks == 0)
| - errx(1, "no kernel or disk specified");
| + if (kernel == NULL && ndisks == 0 && !iso)
| + errx(1, "no kernel or disk/cdrom specified");
| if (nnics == -1)
|
/* transition wait */
| #define IEEE80211_INACT_WAIT5 /* inactivity timer
interval */
| #define IEEE80211_INACT_MAX (300/IEEE80211_INACT_WAIT)
| -#define IEEE80211_CACHE_SIZE100
| +
| #define IEEE80211_CACHE_WAIT30
|
| struct ieee80211_rateset {
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
e liner for parsing
| > known_hosts files.
|
| YIKES, what a horrible idea.
|
| I think the support for complete_* arrays ought to be summarily
| deleted from emacs.c. It is excessive complexity and creeping
| featurism and has no place in a program as sensitve as the shell.
|
| Yours,
| Ingo
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
- }
| > - /* ignore badness */
| > - if (p - buf + 1 > sizeof(hostbuf))
| > - continue;
| > - (void)strlcpy(hostbuf, buf, p - buf + 1);
| > - menuq_add(&menuq, NULL, "%s", hostbuf);
| > - }
| > - free(lbuf);
| > - (void)fclose(fp);
| > -menu:
| > if ((mi = menu_filter(sc, &menuq, "ssh", NULL, (CWM_MENU_DUMMY),
| > search_match_text, search_print_text)) != NULL) {
| > if (mi->text[0] == '\0')
| >
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
To demonstrate:
openssl s_client -connect www.google.com:443
A fix, probably not the full or correct one:
Index: openssl.c
===
RCS file: /cvs/src/usr.bin/openssl/openssl.c,v
retrieving revision 1.19
diff -u -p -u -r1.19 openssl.c
ing revision 1.62
| > diff -u -p -r1.62 cmd.c
| > --- stand/boot/cmd.c27 Jun 2014 20:35:37 - 1.62
| > +++ stand/boot/cmd.c 4 Jul 2014 17:39:53 -
| > @@ -129,7 +129,6 @@ read_conf(void)
| > char *p = cmd_buf;
| >
| > cmd.cmd = NULL;
| > -
| > do {
| > rc = read(fd, p, 1);
| > } while (rc > 0 && *p++ != '\n' &&
| > @@ -155,10 +154,8 @@ read_conf(void)
| > /* Don't want to run the truncated command */
| > rc = -1;
| > }
| > -
| > *p = '\0';
| > }
| > -
| > } while (rc > 0 && !(rc = docmd()));
| >
| > close(fd);
| > @@ -378,25 +375,25 @@ Xstty(void)
| > char *cp;
| > dev_t dev;
| >
| > - if (cmd.argc == 1)
| > + if (cmd.argc == 1) {
| > printf("%s speed is %d\n", ttyname(0), cnspeed(0, -1));
| > - else {
| > - dev = ttydev(cmd.argv[1]);
| > - if (dev == NODEV)
| > - printf("%s not a console device\n", cmd.argv[1]);
| > - else {
| > - if (cmd.argc == 2)
| > - printf("%s speed is %d\n", cmd.argv[1],
| > - cnspeed(dev, -1));
| > - else {
| > - sp = 0;
| > - for (cp = cmd.argv[2]; *cp && isdigit(*cp);
cp++)
| > - sp = sp * 10 + (*cp - '0');
| > - cnspeed(dev, sp);
| > - }
| > - }
| > + return 0;
| > + }
| > + dev = ttydev(cmd.argv[1]);
| > + if (dev == NODEV) {
| > + printf("%s not a console device\n", cmd.argv[1]);
| > + return 0;
| > }
| >
| > + if (cmd.argc == 2)
| > + printf("%s speed is %d\n", cmd.argv[1],
| > + cnspeed(dev, -1));
| > + else {
| > + sp = 0;
| > + for (cp = cmd.argv[2]; isdigit(*cp); cp++)
| > + sp = sp * 10 + (*cp - '0');
| > + cnspeed(dev, sp);
| > + }
| > return 0;
| > }
| >
| > @@ -407,8 +404,6 @@ Xtime(void)
| >
| > if (cmd.argc == 1)
| > printf(ctime(&tt));
| > - else {
| > - }
| >
| > return 0;
| > }
| > @@ -429,8 +424,8 @@ Xls(void)
| > ls(cmd.path, &sb);
| > else {
| > if ((fd = opendir(cmd.path)) < 0) {
| > - printf ("opendir(%s): %s\n", cmd.path,
| > - strerror(errno));
| > + printf("opendir(%s): %s\n", cmd.path,
| > + strerror(errno));
| > return 0;
| > }
| >
| > @@ -440,10 +435,10 @@ Xls(void)
| > *p++ = '/';
| > *p = '\0';
| >
| > - while(readdir(fd, p) >= 0) {
| > + while (readdir(fd, p) >= 0) {
| > if (stat(cmd.path, &sb) < 0)
| > printf("stat(%s): %s\n", cmd.path,
| > - strerror(errno));
| > + strerror(errno));
| > else
| > ls(p, &sb);
| > }
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
| xshare: done.
| xfont: done.
| done.
| 958a959
| > ./usr/X11R6/include/intel_aub.h
| 5877c5878
| < ./usr/X11R6/lib/libpixman-1.so.32.4
| ---
| > ./usr/X11R6/lib/libpixman-1.so.32.6
| cd /usr/release; cksum -a sha256 x*tgz > SHA256
|
|
|
| Ian McWilliam
--
Todd T. Fries .
ink in addition to sshd_rdomain=0,1,2,3 the patch might handle
| >> ssh_rdomain_0_flags="-C /etc/ssh/sshd_0_config". I'm guessing it
| >> makes sense to add to sshd_flags= rather than over-write it, but
| >> that's splitting hairs.
| >>
| >> I've been wondering about how to implement what you've done, and
| >> have ended up with 'route -T 3 exec /etc/rc.d/... -f' in /etc/rc.local.
| >>
| >> I like this direction.
| >
| >For crazy stuff, use /etc/rc.local
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
than over-write it, but
that's splitting hairs.
I've been wondering about how to implement what you've done, and
have ended up with 'route -T 3 exec /etc/rc.d/... -f' in /etc/rc.local.
I like this direction.
Thanks,
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
16 May 2014 08:21:54 - 1.289
| +++ sys/net/if.c 16 May 2014 14:15:24 -
| @@ -423,6 +423,9 @@ if_attach(struct ifnet *ifp)
| #else
| TAILQ_INSERT_TAIL(&ifnet, ifp, if_list);
| #endif
| +#ifdef INET6
| + ifp->if_xflags |= IFXF_NOINET6;
| +#endif
|
| m_
z' then upon resume 'ifconfig wpi0 -inet6' for the library and then
'rtsol wpi0' at home.
Just because the new default will be the equivalent of 'ifconfig wpi0 -inet6'
until configured doesn't mean there isn't a use for clearing it later on as
wel
let the few of us that want this apparently obsecure case add 'inet6
eui64' and be done with it.
Aka, lets not hold up the rest of the functionality just because we
can't agree if we need a further diff to make 'inet6 eui64'
"better/faster/easier/another way to skin the cat"...
IMHO, its time to polish in the tree. This is, afterall, a _security_
related diff, no?
Thanks,
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
Otto
Some broken routers that dish out dhcp leases and set themselves as the
recursive
resolver have been reported to not respond when someone queries .
There may be some benifit, but for what percent of users?
Added complexity seems not the direction we want to go in, indeed.
Thanks,
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
I am fine with the resolv.conf 'family
inet4 inet6'
remaining as it is until a future time if/when it makes sense to change it.
Doing so prematurely does not help.
Thanks,
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
The syntax is:
| .Bd -ragged -offset indent
| .Cm family Ar family Op Ar family
--
Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
This seems to make sense. ok todd@. Please get at least one other ok though.
Penned by Brad Smith on 20140118 20:57.26, we have:
| On Thu, Jan 09, 2014 at 03:55:44PM -0500, Brad Smith wrote:
| > The default PF ruleset as setup by rc is too restrictive. Have the default
| > ruleset allow for DHCP
Penned by Ted Unangst on 20130504 0:57.40, we have:
| On Sat, May 04, 2013 at 07:26, Martijn van Duren wrote:
| > For a lot of cases this isn't a problem. But there are a couple of
| > instances where the domain name resolves to something a little to
| > generic to be useful to determine it's orig
Penned by Antoine Jacoutot on 20130403 10:24.19, we have:
| On Wed, Apr 03, 2013 at 05:14:10PM +0200, Alexander Hall wrote:
| > On 04/03/13 13:42, Vadim Zhukov wrote:
| > > This patch makes rc.subr show only supported operations in usage.
| > > This avoids some sort of confusion when, e.g., /etc/rc
Penned by Ted Unangst on 20130326 8:09.14, we have:
| On Tue, Mar 26, 2013 at 11:13, Mark Kettenis wrote:
| >> Date: Tue, 26 Mar 2013 05:20:27 -0400
| >> From: Ted Unangst
| >>
| >> These isa devs are already disabled and not particularly popular among
| >> our users. affected: tcic, sea, wds, e
Given that cwm has origins in 9wm, wouldn't it be appropriate to
have firefox and firefox:0 and firefox:1 ?
Otherwise, your diff makes much sense as if you typed 'firefox'
from the command line, the shell would do what your diff does.
Thanks,
Penned by andre...@zoho.com on 20130226 7:07.23, we
Penned by sven falempin on 20130222 17:05.33, we have:
| On Fri, Feb 22, 2013 at 2:29 PM, sangdrax8 wrote:
|
| > I am new to OpenBSD, but would like to take advantage of a redundant
| > setup with ipsec/carp/sasyncd. I have run into a situation which seems
| > to be a bug, and was directed to po
see in6.c:in6_ifawithscope()
probably ought to add a case int he TAILQ_FOREACH(ifp, ...) loop
to 'continue;' if the interface is down...?
Penned by Stuart Henderson on 20130219 19:11.10, we have:
| Someone trying to replace some latvian boxes with bgpd/npppd mentioned
| a problem with v6 on carp
The source address selection mechanism in IPv4 is to my understanding:
the first address on the interface associated with the route
to the remote host
The source address selection mechanism in IPv6 is to my understanding:
for each of the global addresses on a system, turn it into an integer
In light of nat64 in pf(4), what purpose does faithd(8) serve anymore?
I played with it a bit over a decade ago, but don't recall having any use
for it in the last number of years.
I vote it gets tedu'ed.
Penned by David Hill on 20130209 12:53.51, we have:
| Anyone want to OK and commit?
|
| O
Penned by Reyk Floeter on 20121129 6:33.47, we have:
| On Thu, Nov 29, 2012 at 10:59 AM, Mike Belopuhov wrote:
| >> But currently /dev/tunN is usable from any programming language that
| >> that can do reads and writes. With Reyk's changes you need to do an
| >> ioctl even for basic usage, which
Penned by Kenneth R. Westerback on 20121126 12:58.45, we have:
| On Mon, Nov 26, 2012 at 05:40:06PM +, Jason McIntyre wrote:
| > On Mon, Nov 26, 2012 at 07:19:23PM +0200, Paul Irofti wrote:
| > > On Mon, Nov 26, 2012 at 04:26:12PM +, Jason McIntyre wrote:
| > > > On Mon, Nov 26, 2012 at 04:
I for one will not. Re-exec is simple enough, why maintain two
codepaths when only one is regularly used?
ok todd@
Thanks,
Penned by Okan Demirmen on 20121029 18:32.16, we have:
| will anyone miss reload support? one can always re-exec cwm, or any
| other wm for a matter of fact.
|
| Index: c
Penned by Bob Beck on 20121009 10:05.42, we have:
| Gilles, I'm actually wondering - should there even be a difference?
|
| Every practical implementation of 587 I've ever seen requires auth. Is there
| any sane reason to have "enable auth" not actually require it? I.E. what
| I'm asking is is "e
todd@leveno/q2 ~?3$ # $(echo hi > /dev/tty)
todd@leveno/q2 ~?4$
I can't say as though I am aware of anything that can be done after a # that
starts the line on the shell.
As a corilary, ':' is different:
todd@leveno/q2 ~?4$ : $(echo hi > /dev/tty)
hi
todd@leveno/q2 ~?5$
Penned by Marc Espie
I like the direction this is going. I've implemented a shell
equivalent in the past for one scenario, but having it in the
tools directly definitely makes life easier.
1000 admins can implement it differently, but this at least
provides consistent behavior and provides a mechanism for
automation
One can set a dhclient-script to ignore things and then call
the real dhclient-script, but I like this diff better.
Penned by Kenneth R Westerback on 20120726 21:43.39, we have:
| I like this on first read. In fact I thought this already existed.
| I'll actually look more closely at the code tomor
Try reading the whole thread. It's quite clear that OpenBSD in general,
not just a single developers opionino, has no interest in such a closed
system.
The referenced post sums up the whole thread, but you seem like you need more
convincing, so go do more homework and convince yourself.
There ar
Penned by Ted Unangst on 20120725 11:14.05, we have:
| On Wed, Jul 25, 2012 at 17:38, Paul de Weerd wrote:
| > Please read
| >
| > http://www.vidarholen.net/~vidar/overwriting_hard_drive_data.pdf
| >
| > I think it's time to stop propagating the Guttman lies. Overwriting
| > more than once does
Penned by Christian Weisgerber on 20120725 9:37.07, we have:
| Ted Unangst wrote:
|
| > So I'm wiping a file from a fairly slow USB stick and it's taking
| > forever. I don't really give a shit about some guy with a quantum
| > tachyon microscope taking it apart,
|
| But if you do, overwriting
Penned by Thomas Pfaff on 20120610 4:35.00, we have:
| On Sun, 10 Jun 2012 00:23:42 -0500
| "Todd T. Fries" wrote:
| > Penned by Mike Belopuhov on 20120609 6:17.29, we have:
| > | On Sat, Jun 9, 2012 at 12:41 PM, Stuart Henderson
| > | wrote:
| > | > personally, I do s
Penned by Mike Belopuhov on 20120609 6:17.29, we have:
| On Sat, Jun 9, 2012 at 12:41 PM, Stuart Henderson
| wrote:
| > On 2012/06/09 14:09, Alexander Polakov wrote:
| >> > I appreciate that the defaults would stay the same, but really,
| >> > what is the point in doing this? ?cwm can't be everyt
Penned by Sebastian Benoit on 20120321 15:27.54, we have:
| Hi,
|
| i did not find a place where it is documented explicitly how to use a
| certificate chain with relayd.
|
| Should this be documented? Or maybe in ssl(8)?
|
| /Benno
|
| Index: relayd.conf.5
| ===
use the stub syntax in unbound.
Penned by Jan Klemkow on 20120217 6:18.33, we have:
| I was working on replacing bind with unbound and nsd a half year ago.
| I run into this problem. I think in local networks you get such setups
| where you have to serve clients with global request like google.de
Penned by Jan Klemkow on 20120217 3:38.24, we have:
| There is an other problem with replacing bind with unbound and nsd.
| If you have a setup where you need to do authoritative and recursive
| resolving of domains with the same socket and you have to synchronise
| with an extern dns server over
I have done this in a different way, namely by 'filtering' the variables
that are passed to /sbin/dhclient-script by using the
'script "/path/to/my/script"' option to run my own script, act on variables
I care about (dns and default gateway) and then calling /sbin/dhclient-script
in the event it st
Are you using global IPv6 addresses for your test or link-local addresses
for your test?
I have found that you sometimes need to ping6 the link-local address
on a carp interface from a workstation before it will respond to ndp.
For reference, this scenario happens if you run rtadvd against a carp
Penned by roberth on 20110620 21:05.14, we have:
| On Mon, 20 Jun 2011 20:12:28 -0500
| Marco Peereboom wrote:
|
| > I am liking this diff quite a bit but it needs more testers. So if
| > you are using softraid crypto please try this diff.
|
| Still working for me.
And me.
Volume Status
Penned by Stuart Henderson on 20110516 5:59.19, we have:
| Re http://permalink.gmane.org/gmane.os.openbsd.misc/185629
| To set IPv6 tunnel endpoints for gif/gre, you have to use
| syntax like "ifconfig gif0 inet6 tunnel 1::1 2::2" rather
| than just "ifconfig gif0 tunnel 1::1 2::2".
|
| This is b
Penned by Mark Kettenis on 20110516 4:33.22, we have:
| > Date: Mon, 16 May 2011 10:05:37 +0100
| > From: Stuart Henderson
| >
| > Useful for following http://www.openbsd.org/faq/faq4.html#getdmesg,
| > amongst other things... ok?
|
| Did you build floppies?
This looks to me like he's adding
Penned by Alexander Hall on 20110513 2:22.36, we have:
| On 05/13/11 04:54, Todd T. Fries wrote:
|
| > ping host 2>&1 | awk '/is down/{next}{print}'
|
| "grep -v" was too trivial, was it? ;-D
sed -n '/is down/{p;}'
Just depends on how granular and what
Utilities which go into the install media should not be grown without
cause, or at the very least, growth wrapped with #ifndef SMALL.
I think if you want some messages quieted, maybe you should look up
some standard unix utilities.
ping host 2>&1 | awk '/is down/{next}{print}'
Penned by Vadim Zh
I would find it more accurate to report 'fopen FAILED' rather than
expect that all failures to open a file are a result of a missing file.
Penned by Stuart Henderson on 20110408 4:23.44, we have:
| would anyone else find this (or a variation thereof) useful?
|
| example use: if you download a pa
I withdraw any thoughts of removing qemu-old anytime soon based on feedback.
Henning confirms performance gains for keeping it.
And we have a reminder that while kqemu is not recommended, it is only usable
on qemu-old.
Penned by Todd T. Fries on 20110321 15:58.35, we have:
| I've gotte
I've gotten one request to decommission qemu-old. It surprised me,
as I thought there were still issues with qemu/ even with the semi recent
thread fix as well as performance differences.
Does anybody have objection to retiring qemu-old to the attic or ?
I'd rather not do this prematurely but if
I've been successfully running with this since Nov 24th. Definately
changes the behavior as advertised and has no issues that I have
seen in my testing, using duid's on svnd(4) on i386.
Penned by Joel Sing on 20101221 6:30.49, we have:
| When a vnd(4) device is configured the device name is alway
This makes a lot of sense.
Penned by Jacob Meuser on 20101214 10:41.43, we have:
| ok?
|
| --
| jake...@sdf.lonestar.org
| SDF Public Access UNIX System - http://sdf.lonestar.org
|
| Index: usb_subr.c
| ===
| RCS file: /cvs/src/sys
Depends, create an OpenBSD partition between mbr and 1st sector of the msdos fs,
lie and say there lies a 4.2BSD filessytem just enough to permit writing a
disklabel,
and wallah:
t...@blue/pF ~&9$ sudo fdisk sd1
Disk: sd1 geometry: 248/255/63 [3987456 Sectors]
Offset: 0 Signature: 0xA
y arrive on the scene or their
backing store.
*shrug*
Penned by Ted Unangst on 20101213 14:04.13, we have:
| On Mon, Dec 13, 2010 at 2:48 PM, Todd T. Fries wrote:
| > I echo Mark's sentiments, though for a different reason.
| >
| > Softraid crypto volumes take time to fsck, yet are
I echo Mark's sentiments, though for a different reason.
Softraid crypto volumes take time to fsck, yet are useful to use.
In my case I can wait 20+min for my personal laptop to be useful, or I
can wait 5min and let the rest fsck while I get to be productive. The
laptop has /usr, /var, /tmp, /ho
Is this as simple as the below diff? It functions as expected, and makes
FortiGate VPN's stable (I've tested) but is it correct?
--- isakmpd/isakmp_doi.c
+++ isakmpd/isakmp_doi.c
@@ -217,16 +217,32 @@ static int
isakmp_responder(struct message *msg)
{
struct payload *p;
+ u_int16
Penned by Martin Pelik??n on 20100907 18:55.00, we have:
| 2010/9/7, TeXitoi :
| > My proposition, avoiding function:
| >
| > ssh_keys=TOPRINT
| >
| > for key in rsa1 dsa rsa ecdsa; do
| > if [ "$ssh_key" = TOPRINT ]; then
| > echo -n "ssh-keygen: generating new host key:"
|
I am not sure of a better way than what you've proposed, but the logic
does make perfect sense to me.
As a shortened version of what you proposed:
ssh_keys=0
# Generate ssh keys
# Usage: ssh_keygen lowercase_keyname uppercase_keyname [keyfile_string]
ssh_keygen() {
local lc="$1" uc="$2"
Penned by Marc Espie on 20100708 14:49.04, we have:
| On Thu, Jul 08, 2010 at 02:03:41PM +0200, Matthieu Herrb wrote:
| > On Thu, Jul 08, 2010 at 11:50:39AM +0200, Marc Espie wrote:
| > > each time xenocara farts, we get new libs (or less libs).
| > > in order for updates to work, we *should* propa
You're right, it was added in November of 2009 .. current snaps required
for this to work.
Penned by Paul Stoffregen on 20100122 7:19.59, we have:
| Todd T. Fries wrote:
| >For the archive, this is what he is wanting to do, or something very
similar..
|
| Yes, thank you! That is exac
t;; // not hard coded like this, nor
| from user input
|
|return open(dev_name, O_RDWR);
| }
|
| I've tried opening the /dev/usb devices and calling the
| USB_DEVICEINFO ioctl (originally suggested to me by Todd T Fries).
| This gets very close, but the best I've been able to do is
Guys,
I tested this and it seems ppp in the tree is busted to the point of not
working without this diff.
If you use ppp please test current snaps to confirm it is busted then
apply claudio's diff below and test again.
If you use ppp and do not test, do not be surprised if it does not work in
th
Glad you noticed. It is a chicken and egg to include a hash on
install media that then itself gets hashed. Don't expect bsd.rd
to happen. X is another matter. It's not realistic to build X
everytime base is built; for that and for other reasons, the
X hashes cannot (yet) be included in the bsd.
67 matches
Mail list logo