From owner-freebsd-arch Sun Aug 27 0:21:26 2000 Delivered-To: freebsd-arch@freebsd.org Received: from netplex.com.au (adsl-63-207-30-186.dsl.snfc21.pacbell.net [63.207.30.186]) by hub.freebsd.org (Postfix) with ESMTP id D630B37B42C; Sun, 27 Aug 2000 00:21:18 -0700 (PDT) Received: from netplex.com.au (peter@localhost [127.0.0.1]) by netplex.com.au (8.11.0/8.9.3) with ESMTP id e7R7L6G27398; Sun, 27 Aug 2000 00:21:08 -0700 (PDT) (envelope-from peter@netplex.com.au) Message-Id: <200008270721.e7R7L6G27398@netplex.com.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: Peter Pentchev Cc: Robert Watson , Mike Smith , Brian Fundakowski Feldman , Darren Reed , "Jordan K. Hubbard" , root@ihack.net, freebsd-sparc@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Subject: Re: Competition In-Reply-To: <20000823180039.G63286@ringwraith.office1.bg> Date: Sun, 27 Aug 2000 00:21:06 -0700 From: Peter Wemm Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Peter Pentchev wrote: > On Wed, Aug 23, 2000 at 10:51:03AM -0400, Robert Watson wrote: > [snip Robert Watson quoting Mike Smith] > > > > Actually, the check of the "helo" field is something I'd like removed: it > > makes life very difficult for hosts behind NATs without proper SMTP > > proxies (such as default installs of our natd, which does not include an > > SMTP proxy :-). It's not possible to send-pr from internal machines > > behind my NAT without having world-visible DNS names for all my internal > > machines. > > So configure your MTA to send the NAT proxy address in the HELO; this might > make other MTA's on your LAN unhappy, but the world outside sees a kosher > HELO with the exact hostname of the host it's coming from. For what it's worth, the HELO check is for a hostname that *resolves* to something, not an exact hostname == connecting host match. If you said 'HELO whitehouse.gov' it would be accepted. Incidently, I'm a firm believer that non-reachable hosts shouldn't be involved in SMTP sending at all. The simplest and most reliable way this should be done is to transparently proxy any outbound SMTP attempts to a local externally visible mail gateway. This is doubly important for dialup ISP's who desperately need to transparently proxy *both* inbound and outbound connections. This 1) severely cramps the style of folks who would use the dialups for SMTP relay searching and 3rd party relay abuse, and 2) stops 3rd parties from abusing open SMTP servers on your dialups and getting you in trouble with open-relay list folks. As an example of what I mean by transparent relaying for SMTP, try: telnet 216.226.198.10 smtp telnet 216.226.198.11 smtp telnet 216.226.198.12 smtp etc. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Aug 27 8:27:55 2000 Delivered-To: freebsd-arch@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 608) id E2FC737B42C; Sun, 27 Aug 2000 08:27:51 -0700 (PDT) From: "Jonathan M. Bresler" To: david@allunix.com Cc: jkh@winston.osd.bsdi.com, reebsd-sparc@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG In-reply-to: <200008221232290300.011C52D9@web4.allunix.com> (david@allunix.com) Subject: Re: was Competition now mail-lists Message-Id: <20000827152751.E2FC737B42C@hub.freebsd.org> Date: Sun, 27 Aug 2000 08:27:51 -0700 (PDT) Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > It appears that someone simply doesn't > >know how to configure DNS properly and freebsd.org is hardly the > only > >site which will reject mail from them on that basis; it's a very > >common spam-prevention technique. > > Some of us have no choice, I am using comcast@home cable service and > my email to the lists bounce back to me on a regular basis. > > David DeTinne > David, As Postmaster for FreeBSD.org, I believe that it is my responsibility to stop as much spam as I can without damaging the flow of email. One of the methods for doing this is to refuse mail from hosts that are misconfigured or rely on misconfigured dns servers. You have the option of switching from comcast@home do some other provider. those other providers may have characteristics that you find undesireable. nonetheless you have a choice. perhaps not the one that you would prefer. i, personally, would prefer having to choose between certain 35 foot sailboats, but dont have that choice at this time. such is life ;( ;) jmb To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Aug 27 17:40:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail.rpi.edu (mail.rpi.edu [128.113.100.7]) by hub.freebsd.org (Postfix) with ESMTP id 03EE337B422; Sun, 27 Aug 2000 17:40:07 -0700 (PDT) Received: from [128.113.24.47] (gilead.acs.rpi.edu [128.113.24.47]) by mail.rpi.edu (8.9.3/8.9.3) with ESMTP id UAA379582; Sun, 27 Aug 2000 20:39:23 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <16475.967112881@winston.osd.bsdi.com> References: <16475.967112881@winston.osd.bsdi.com> Date: Sun, 27 Aug 2000 20:39:40 -0400 To: Jordan Hubbard , Wes Peters From: Garance A Drosihn Subject: Re: Integration of Net/OpenBSD code (was Re: your mail) Cc: "Jordan K. Hubbard" , Darren Reed , mjacob@feral.com, freebsd-sparc@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Content-Type: text/plain; charset="us-ascii" ; format="flowed" Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 3:28 AM -0700 8/24/00, Jordan Hubbard wrote: > > Yes, yes, yes. The order of importance varies widely, but the above > > three would pretty much cover the bases. Anyone interested in doing > >OK, and in what order would you personally rank them? [jkh puts Wes on >the spot with a question he's still trying to answer for himself]. :-) Okay, I'll vote for PPC, based on nothing more than I have some G3 and G4 powermacs (both at home and here at work). I'll admit that isn't much of a market analysis... :-) --- Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Aug 27 17:46:27 2000 Delivered-To: freebsd-arch@freebsd.org Received: from feral.com (feral.com [192.67.166.1]) by hub.freebsd.org (Postfix) with ESMTP id E425837B423; Sun, 27 Aug 2000 17:46:23 -0700 (PDT) Received: from zeppo.feral.com (IDENT:mjacob@zeppo [192.67.166.71]) by feral.com (8.9.3/8.9.3) with ESMTP id RAA20614; Sun, 27 Aug 2000 17:44:52 -0700 Date: Sun, 27 Aug 2000 17:41:17 -0700 (PDT) From: Matthew Jacob Reply-To: mjacob@feral.com To: Garance A Drosihn Cc: Jordan Hubbard , Wes Peters , "Jordan K. Hubbard" , Darren Reed , freebsd-sparc@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Subject: Re: Integration of Net/OpenBSD code (was Re: your mail) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > Okay, I'll vote for PPC, based on nothing more than I have some G3 > and G4 powermacs (both at home and here at work). I'll admit that > isn't much of a market analysis... :-) As a side FYI- NetBSD also runs on the G4. So does YellowDog Linux. I just made sure the Qlogic driver I have runs on the latter on a G4 (it does). I have some pending patches for NetBSD in this area too. This is one snappy little sucker- really *nice* mechanicals. But in terms of what FreeBSD ought to port to for both it's current and future customers? That's a stretch. The Apple folks might like us, but the sparc server market is much more important. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Aug 27 20: 8:30 2000 Delivered-To: freebsd-arch@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id C7A8B37B446; Sun, 27 Aug 2000 20:08:15 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 13TFNs-0000Lo-00; Sun, 27 Aug 2000 21:14:52 -0600 Message-ID: <39A9D92B.F6BA5C29@softweyr.com> Date: Sun, 27 Aug 2000 21:14:51 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.1-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: Garance A Drosihn Cc: Jordan Hubbard , "Jordan K. Hubbard" , Darren Reed , mjacob@feral.com, freebsd-sparc@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Subject: Re: Integration of Net/OpenBSD code (was Re: your mail) References: <16475.967112881@winston.osd.bsdi.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Garance A Drosihn wrote: > > At 3:28 AM -0700 8/24/00, Jordan Hubbard wrote: > > > Yes, yes, yes. The order of importance varies widely, but the above > > > three would pretty much cover the bases. Anyone interested in doing > > > >OK, and in what order would you personally rank them? [jkh puts Wes on > >the spot with a question he's still trying to answer for himself]. :-) > > Okay, I'll vote for PPC, based on nothing more than I have some G3 > and G4 powermacs (both at home and here at work). I'll admit that > isn't much of a market analysis... :-) I must've missed Jordan's direct question. Personally? PowerPC, since we have a customer WAITING for that, then MIPS, because we have several prospective customers who already use it, followed by StrongARM, because we have three notable prospective customers who have asked about it. While we're at it, let's start with PowerPC on the MBX board, since that's so close to what I need. ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Aug 28 9:11:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id B152B37B43E for ; Mon, 28 Aug 2000 09:11:20 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id SAA21560; Mon, 28 Aug 2000 18:07:32 +0200 (CEST) (envelope-from des@flood.ping.uio.no) To: Marcel Moolenaar Cc: arch@FreeBSD.ORG Subject: Re: RFC: Linuxulator MI bits in sys/compat/linux References: <39A02834.E6500194@cup.hp.com> From: Dag-Erling Smorgrav Date: 28 Aug 2000 18:07:31 +0200 In-Reply-To: Marcel Moolenaar's message of "Sun, 20 Aug 2000 11:49:24 -0700" Message-ID: Lines: 11 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Marcel Moolenaar writes: > I like to have consensus about where the MI bits will live. My proposal > is: > > sys/compat/linux Sounds good to me (not that I am any kind of kernel guru...) DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Aug 28 10:42:35 2000 Delivered-To: freebsd-arch@freebsd.org Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (Postfix) with ESMTP id 705DB37B424 for ; Mon, 28 Aug 2000 10:42:21 -0700 (PDT) Received: (from smap@localhost) by whistle.com (8.10.0/8.10.0) id e7SHgLn05258 for ; Mon, 28 Aug 2000 10:42:21 -0700 (PDT) Received: from bubba.whistle.com( 207.76.205.7) by whistle.com via smap (V2.0) id xma005256; Mon, 28 Aug 2000 10:42:01 -0700 Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id KAA69859 for freebsd-arch@freebsd.org; Mon, 28 Aug 2000 10:42:00 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200008281742.KAA69859@bubba.whistle.com> Subject: Proposal to clarify mbuf handling rules (fwd) To: freebsd-arch@freebsd.org Date: Mon, 28 Aug 2000 10:42:00 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG David O'Brien correctly pointed out that I should have sent the email below to -arch and -net instead of -current and -net. So at the risk of repetition for some folks, here it is again for anybody on -arch but not -net or -current. Followups should go to -net I suppose. Sorry for the confusion. Thanks, -Archie > From owner-freebsd-net@FreeBSD.ORG Sun Aug 27 14:38:34 2000 > From: Archie Cobbs > Message-Id: <200008272125.OAA66159@bubba.whistle.com> > Subject: Proposal to clarify mbuf handling rules > To: freebsd-net@FreeBSD.ORG, freebsd-current@FreeBSD.ORG > > In looking at some of the problems relating to divert, bridging, > etc., it's apparent that lots of code is breaking one of the rules > for handling mbufs: that mbuf data can sometimes be read-only. > > Each mbuf may be either a normal mbuf or a cluster mbuf (if the > mbuf flags contains M_EXT). Cluster mbufs point to an entire page > of memory, and this page of memory may be shared by more than one > cluster mbuf (see m_copypacket()). This effectively makes the mbuf > data read-only, because a change to one mbuf affects all of the > mbufs, not just the one you're working on. There have been (and > still are) several FreeBSD bugs because of this subtlety. > > A test for an mbuf being "read-only" is: > > if ((m->m_flags & M_EXT) != 0 && MEXT_IS_REF(m)) ... > > So an implicit rule for handling mbufs is that they should be > treated as read-only unless/until you either check that it's not, > and/or pullup a new (non-cluster) mbuf that covers the data area > that you're going to modify. > > However, many routines that take an mbuf parameter assume that the > mbuf given to them is modifiable and proceed to write all over it. > A few examples are: ip_input(), in_arpinput(), tcp_input(), > divert_packt(), etc. > > In practice, this is often not a problem because the mbuf is actually > modifiable (because there are no other references to it). But this > is just because we've been lucky. When you throw things like bridging, > dummynet, divert, and netgraph into the mix, not to mention other > site-specific hacks, then these assumptions no longer hold. At the > minimum these assumptions should be clearly commented, but that's > not even the case right now. > > Routines that don't change any data, or that only do m_pullup(), > M_PREPEND(), m_adj(), etc. don't have a problem. > > So I'd like to propose a mini-project to clarify and fix this problem. > Here is the propsal: > > 1. All routines that take an mbuf as an argument must not assume > that any mbuf in the chain is modifyable, unless expclicitly > and clearly documented (in the comment at the top of the function) > as doing so. > > 2. For routines that don't modify data, incorporate liberal use > of the "const" keyword to make this clear. For example, change > > struct ip *ip; > ip = mtod(m, struct ip *); > > to: > > const struct ip *ip; > ip = mtod(m, const struct ip *); > > 3. For any routines that do need to modify mbuf data, but don't > assume anything about the mbuf, alter those routines to do > an m_pullup() when necessary to make the data are they are > working on modifiable. For example: > > struct ip *ip; > > /* Pull up IP header */ > if (m->m_len < sizeof(*ip) && !(m = m_pullup(m, sizeof(*ip)))) > return; > ip = mtod(m, struct ip *); > > #ifdef NEW_CODE_BEING_ADDED > /* Make sure the IP header area is writable */ > if ((m->m_flags & M_EXT) != 0 && MEXT_IS_REF(m)) { > /* m_pullup() *always* prepends a fresh, non-cluster mbuf */ > if ((m = m_pullup(m, sizeof(struct ip))) == 0) > return; > ip = mtod(m, struct ip *); > } > #endif > > /* Modify the header */ > ip->ip_len = 123; > ... > > The only negative is the addition of the NEW_CODE_BEING_ADDED code > in the relevant places. In practice this test will usually fail, > as most mbufs are modifiable, so there should be no noticable > slowdown. However, robustness should improve, especially when > bridging, diverting, etc. > > What do people think? If this is generally agreeable I'll try to > work on putting together a patch set for review. ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Aug 28 10:47: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 0692637B423 for ; Mon, 28 Aug 2000 10:47:06 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA86419; Mon, 28 Aug 2000 13:46:56 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 28 Aug 2000 13:46:56 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Archie Cobbs Cc: freebsd-arch@freebsd.org Subject: Re: Proposal to clarify mbuf handling rules (fwd) In-Reply-To: <200008281742.KAA69859@bubba.whistle.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG It might be worth taking another look at the IOLite work, as although it changes the API, it has a fairly organized book keeping mechanism to track readable/writable mbufs, do copy-on-write, etc, etc. The code may not be immediately usable, but might give some ideas about how to handle this kind of thing, and under what conditions packets will or won't need modification during processing. One area that worries me in particular is the ipfw code in relation to the bridging code: the ipfw code assumes it can pullup the packet to get a contiguous IP header; however, callers may not necessarily like that. Similarly, issues of packet freeing: I'd rather see IP filtering code return "yay" or "nay" on the packet, and allow the caller to free it if they see fit. Another symetric mbuf handling issue, where calling conventions aren't well-defined. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Aug 28 11: 8:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (Postfix) with ESMTP id 01D7B37B43C; Mon, 28 Aug 2000 11:08:52 -0700 (PDT) Received: (from smap@localhost) by whistle.com (8.10.0/8.10.0) id e7SI8ph05639; Mon, 28 Aug 2000 11:08:51 -0700 (PDT) Received: from bubba.whistle.com( 207.76.205.7) by whistle.com via smap (V2.0) id xma005637; Mon, 28 Aug 2000 11:08:37 -0700 Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.3) id LAA70096; Mon, 28 Aug 2000 11:08:37 -0700 (PDT) (envelope-from archie) From: Archie Cobbs Message-Id: <200008281808.LAA70096@bubba.whistle.com> Subject: Re: Proposal to clarify mbuf handling rules (fwd) In-Reply-To: "from Robert Watson at Aug 28, 2000 01:46:56 pm" To: Robert Watson Date: Mon, 28 Aug 2000 11:08:37 -0700 (PDT) Cc: freebsd-arch@freebsd.org X-Mailer: ELM [version 2.4ME+ PL82 (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Robert Watson writes: > It might be worth taking another look at the IOLite work, as although it > changes the API, it has a fairly organized book keeping mechanism to track > readable/writable mbufs, do copy-on-write, etc, etc. The code may not be > immediately usable, but might give some ideas about how to handle this > kind of thing, and under what conditions packets will or won't need > modification during processing. Got an URL? > One area that worries me in particular is the ipfw code in relation to the > bridging code: the ipfw code assumes it can pullup the packet to get a > contiguous IP header; however, callers may not necessarily like that. I don't see the problem.. can you explain? > Similarly, issues of packet freeing: I'd rather see IP filtering code > return "yay" or "nay" on the packet, and allow the caller to free it if > they see fit. Another symetric mbuf handling issue, where calling > conventions aren't well-defined. Yes, that would be an improvement as well. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Aug 28 13:48:40 2000 Delivered-To: freebsd-arch@freebsd.org Received: from wally.eecs.harvard.edu (wally.eecs.harvard.edu [140.247.60.30]) by hub.freebsd.org (Postfix) with ESMTP id 2235237B422 for ; Mon, 28 Aug 2000 13:48:36 -0700 (PDT) Received: from localhost (stein@localhost) by wally.eecs.harvard.edu (8.10.0/8.10.0) with ESMTP id e7SKmO110161 for ; Mon, 28 Aug 2000 16:48:24 -0400 (EDT) Date: Mon, 28 Aug 2000 16:48:24 -0400 (EDT) From: Christopher Stein X-Sender: stein@wally To: freebsd-arch@freebsd.org Subject: seeking information on kernel threads Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, I am experimenting with ufs and need to know more about the general freebsd kernel threads in order to decide where to put some functionality. I am hoping that someone will set me straight on the different kernel threads and what they do. I have managed to glean some information from the source. There are 5 threads: (1) bufdaemon (pid 4): Flushes dirty buffers. The comment in the source says (kern/vfs_bio.c): "buffer flushing daemon. Buffers are normally flushed by the update daemon but if it cannot keep up this process starts to take the load in an attempt to prevent getnewbuf() from blocking." "Update daemon", what's that? Is this a reference to the syncer thread? Who forks the bufdaemon? The "update" man page says: -- cut here -- UPDATE(4) FreeBSD Kernel Interfaces Manual UPDATE(4) NAME update - flush internal filesystem caches to disk periodically SYNOPSIS update DESCRIPTION The update kernel process helps protect the integrity of disk volumes by flushing volatile cached filesystem data to disk. This is done at thirty second intervals by default. The time period may be changed by using sysctl(8) to modify the kern.update variable. The update process does the equivalent of the sync(2) function call to do the task. -- cut here -- Is this out of date? I thought FreeBSD implemented a trickle sync algorithm, which would contradict much of the description above. (2) Syncer (pid 5): sched_sync() in kern/vfs_subr.c. Pretty clear that this one writes dirty buffers. However, it seems to have a variable throttle (speedup_syncer()).. why then the bufdaemon process? Also the pid number suggests that it is started *after* the bufdaemon. Hmm. FreeBSD has a unified buffer cache (UBC). How do the file system cleaning daemons and the paging daemons interact? (4) pagedaemon (pid 2): writes and evicts VM pages to the swap device via LRU (??) More info please. (5) swapper (pid 0): Haven't been able to glean much on this one from the source. At some points it seems to be a sort of a template for bcopying into new kernel threads. Its name would suggest that it moves entire processes out of core and onto the swap device. ?? More info please. Anyways, information and clarifications are greatly appreciated. -Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Aug 29 1:46:40 2000 Delivered-To: freebsd-arch@freebsd.org Received: from lists01.iafrica.com (lists01.iafrica.com [196.7.0.141]) by hub.freebsd.org (Postfix) with ESMTP id CE5C137B42C for ; Tue, 29 Aug 2000 01:46:36 -0700 (PDT) Received: from nwl.fw.uunet.co.za ([196.31.2.162]) by lists01.iafrica.com with esmtp (Exim 3.12 #2) id 13Th2K-0004FJ-00; Tue, 29 Aug 2000 10:46:28 +0200 Received: (from nobody@localhost) by nwl.fw.uunet.co.za (8.8.8/8.6.9) id KAA07085; Tue, 29 Aug 2000 10:46:25 +0200 (SAST) Received: by nwl.fw.uunet.co.za via recvmail id 6747; Tue Aug 29 10:44:27 2000 Received: from sheldonh (helo=axl.fw.uunet.co.za) by axl.fw.uunet.co.za with local-esmtp (Exim 3.16 #1) id 13Th0N-000Ll8-00; Tue, 29 Aug 2000 10:44:27 +0200 From: Sheldon Hearn To: Christopher Stein Cc: freebsd-arch@freebsd.org Subject: Re: seeking information on kernel threads In-reply-to: Your message of "Mon, 28 Aug 2000 16:48:24 -0400." Date: Tue, 29 Aug 2000 10:44:27 +0200 Message-ID: <83645.967538667@axl.fw.uunet.co.za> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 28 Aug 2000 16:48:24 -0400, Christopher Stein wrote: > The "update" man page says: > > -- cut here -- > > UPDATE(4) FreeBSD Kernel Interfaces Manual > UPDATE(4) The update(4) manual page was replaced with a syncer(4) manual page in FreeBSD 4.1-RELEASE. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Aug 29 10:21:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from wally.eecs.harvard.edu (wally.eecs.harvard.edu [140.247.60.30]) by hub.freebsd.org (Postfix) with ESMTP id 408CA37B440 for ; Tue, 29 Aug 2000 10:21:05 -0700 (PDT) Received: from localhost (stein@localhost) by wally.eecs.harvard.edu (8.10.0/8.10.0) with ESMTP id e7THG2822762; Tue, 29 Aug 2000 13:16:02 -0400 (EDT) Date: Tue, 29 Aug 2000 13:16:02 -0400 (EDT) From: Christopher Stein X-Sender: stein@wally To: Jake Burkholder Cc: freebsd-arch@freebsd.org Subject: Re: seeking information on kernel threads In-Reply-To: <20000829024432.90592BA69@io.yi.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 28 Aug 2000, Jake Burkholder wrote: > This isn't really -arch material... Ok, which list would you suggest? This is certainly OS architecture related. Perhaps the -arch in freebsd-arch@ represent machine architecture rather than OS architecture? If this is the case, please direct me to the OS architecture list. > proc0 I guess, which is eventually the swapper. They get started by > sysinits, which are run from mi_startup(). > > SYSINIT(bufdaemon, SI_SUB_KTHREAD_BUF, SI_ORDER_FIRST, kproc_start, &buf_kp) > Here's some ps waux output from my 4.0 system: root 0 0.0 0.0 0 0 ?? DLs Wed04PM 0:00.23 (swapper) root 4 0.0 0.0 0 0 ?? DL Wed04PM 0:00.50 (bufdaemon) root 5 0.0 0.0 0 0 ?? DL Wed04PM 1:59.45 (syncer) bufdaemon and swapper appear to be distinct processes. > > DESCRIPTION > > The update kernel process helps protect the integrity of disk volumes > > by flushing volatile cached filesystem data to disk. This is done at > > thirty second intervals by default. The time period may be changed by > > using sysctl(8) to modify the kern.update variable. The update process > > does the equivalent of the sync(2) function call to do the task. > > > > -- cut here -- > > > > Is this out of date? I thought FreeBSD implemented a trickle sync > > algorithm, which would contradict much of the description above. > > I don't really know what this means. Yes, it is (was) out of date. The man page was replaced with a syncer page in 4.1. My point was that a trickle sync algorithm is more than just an update process with a small period between wakeups. Trickle sync processes a fraction of the dirty buffers on every wakeup, unlike the more bursty update, which used to sync all the dirty blocks. > > > > (2) Syncer (pid 5): sched_sync() in kern/vfs_subr.c. Pretty clear that > > this one writes dirty buffers. However, it seems to have a variable > > throttle (speedup_syncer()).. why then the bufdaemon process? Also the pid > > number suggests that it is started *after* the bufdaemon. Hmm. > > Its not really relevant which is started first, they won't be needed > until after all the sysinits are over and the scheduler() starts. So the syncer writes dirty file system buffers. What does bufdaemon do then? Here are the 3 kernel VM daemons: root 2 0.0 0.0 0 0 ?? DL Wed04PM 0:00.51 (pagedaemon) root 3 0.0 0.0 0 0 ?? DL Wed04PM 0:00.00 (vmdaemon) root 0 0.0 0.0 0 0 ?? DLs Wed04PM 0:00.23 (swapper) How are they different? From the source (vm/vm_pageout.c) vm_daemon appears to perform swapping activities; that is, the eviction of full processes from core. Pagedaemon (also vm/vm_pageout.c) appears to write and evict pages to the swap device. What then does the swapper do? thx -Chris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Aug 29 10:34:19 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 55D5537B422 for ; Tue, 29 Aug 2000 10:34:16 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA00129; Tue, 29 Aug 2000 13:34:10 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 29 Aug 2000 13:34:10 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Christopher Stein Cc: freebsd-arch@FreeBSD.org Subject: Re: seeking information on kernel threads In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG There person you want to e-mail is Matt Dillon who is responsible for a lot of the current paging/swapping code, and revamped the VM system. Feel free to forward the response to -arch so there are a lot of us out there less familiar with the VM system who would not mind becoming more familiar with it :-). You'll also find that there are other kernel threads that pop into existence for specific tasks -- the most common is the AIO implementation, which will create a pool of worker threads to handle specific in-process requests. In the upcoming SMPng code commit, I believe interrupts will also be bound to threads in the kernel, so there should be more threads in the near future; presumably this will become a more common implementation practice as kernel synchronization primitives improve. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Aug 29 11:29:11 2000 Delivered-To: freebsd-arch@freebsd.org Received: from garm.bart.nl (garm.bart.nl [194.158.170.13]) by hub.freebsd.org (Postfix) with ESMTP id 56A5237B423 for ; Tue, 29 Aug 2000 11:29:06 -0700 (PDT) Received: from daemon.ninth-circle.org (root@daemon.ninth-circle.org [195.38.210.81]) by garm.bart.nl (8.10.1/8.10.1) with ESMTP id e7TISsE31971; Tue, 29 Aug 2000 20:28:55 +0200 (CEST) Received: (from asmodai@localhost) by daemon.ninth-circle.org (8.9.3/8.9.3) id UAA95261; Tue, 29 Aug 2000 20:26:28 +0200 (CEST) (envelope-from asmodai) Date: Tue, 29 Aug 2000 20:26:28 +0200 From: Jeroen Ruigrok/Asmodai To: Archie Cobbs Cc: Peter Jeremy , arch@FreeBSD.ORG Subject: Re: Interface types defined in if_types.h Message-ID: <20000829202628.C90607@daemon.ninth-circle.org> References: <00Aug10.081900est.115209@border.alcanet.com.au> <200008150059.RAA26865@bubba.whistle.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200008150059.RAA26865@bubba.whistle.com>; from archie@whistle.com on Mon, Aug 14, 2000 at 05:59:49PM -0700 Organisation: Ninth-Circle Enterprises Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [Sorry for the late response, catching up after my vacation still] -On [20000816 17:37], Archie Cobbs (archie@whistle.com) wrote: >Peter Jeremy writes: >> /sys/net/if_types.h describes itself as: >> * Interface types for benefit of parsing media address headers. >> * This list is derived from the SNMP list of ifTypes, currently >> * documented in RFC1573, now maintained as: >> * >> * ftp.isi.edu/in-notes/iana/assignments/smi-numbers >> >> The current version of smi-numbers lists 115 ifTypes that don't appear >> in if_types.h (including l2vlan (135) for 802.1q). FreeBSD also >> defines 4 types (IFT_GIF, IFT_PVC, IFT_FAITH and IFT_STF) that don't >> match IANA assignments. > >Hmmm.. we can start by doing the obvious/uncontroversial stuff. >That is, go ahead and import any new and non-conflicting types. This is what I am already doing. I first moved the KAME added types to the end, just like with NetBSD and will add the rest RSN. -- Jeroen Ruigrok vd Werven/Asmodai asmodai@[wxs.nl|bart.nl|freebsd.org] Documentation nutter/C-rated Coder BSD: Technical excellence at its best The BSD Programmer's Documentation Project Abandon hope, all ye who enter here... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Aug 29 17:40: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from alcanet.com.au (mail.alcanet.com.au [203.62.196.10]) by hub.freebsd.org (Postfix) with SMTP id DAB7037B42C for ; Tue, 29 Aug 2000 17:39:58 -0700 (PDT) Received: by border.alcanet.com.au id <115254>; Wed, 30 Aug 2000 11:39:27 +1000 Content-return: prohibited Date: Wed, 30 Aug 2000 11:39:20 +1100 From: Peter Jeremy Subject: Re: Interface types defined in if_types.h In-reply-to: <20000829202628.C90607@daemon.ninth-circle.org>; from asmodai@wxs.nl on Tue, Aug 29, 2000 at 08:26:28PM +0200 To: Jeroen Ruigrok/Asmodai Cc: arch@FreeBSD.ORG Mail-followup-to: Jeroen Ruigrok/Asmodai , arch@FreeBSD.ORG Message-Id: <00Aug30.113927est.115254@border.alcanet.com.au> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline User-Agent: Mutt/1.2.4i References: <00Aug10.081900est.115209@border.alcanet.com.au> <200008150059.RAA26865@bubba.whistle.com> <20000829202628.C90607@daemon.ninth-circle.org> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 2000-Aug-29 20:26:28 +0200, Jeroen Ruigrok/Asmodai wrote: >-On [20000816 17:37], Archie Cobbs (archie@whistle.com) wrote: >>Peter Jeremy writes: >>> /sys/net/if_types.h describes itself as: >>> * Interface types for benefit of parsing media address headers. >>> * This list is derived from the SNMP list of ifTypes, currently >>> * documented in RFC1573, now maintained as: >>> * >>> * ftp.isi.edu/in-notes/iana/assignments/smi-numbers >>> >>> The current version of smi-numbers lists 115 ifTypes that don't appear >>> in if_types.h (including l2vlan (135) for 802.1q). FreeBSD also >>> defines 4 types (IFT_GIF, IFT_PVC, IFT_FAITH and IFT_STF) that don't >>> match IANA assignments. >> >>Hmmm.. we can start by doing the obvious/uncontroversial stuff. >>That is, go ahead and import any new and non-conflicting types. > >This is what I am already doing. > >I first moved the KAME added types to the end, just like with NetBSD and >will add the rest RSN. /sys/net/if_vlan_var.h defines IFT_8021_VLAN to represent a VLAN (but defines it as IFT_PROPVIRTUAL - 'proprietary virtual/internal'). This will presumably move into if_types.h with a value of 135. Once this is done, PR kern/19436 can be updated to use this define. Would you like patches for this? Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 3:27:41 2000 Delivered-To: freebsd-arch@freebsd.org Received: from pike.osd.bsdi.com (pike.osd.bsdi.com [204.216.28.222]) by hub.freebsd.org (Postfix) with ESMTP id F1AB937B424 for ; Wed, 30 Aug 2000 03:27:38 -0700 (PDT) Received: (from jhb@localhost) by pike.osd.bsdi.com (8.9.3/8.9.3) id DAA50313; Wed, 30 Aug 2000 03:26:50 -0700 (PDT) (envelope-from jhb) From: John Baldwin Message-Id: <200008301026.DAA50313@pike.osd.bsdi.com> Subject: Re: NO vs NO_ In-Reply-To: <20000830125403.A76840@ark.cris.net> from Alexey Zelkin at "Aug 30, 2000 12:54:03 pm" To: Alexey Zelkin Date: Wed, 30 Aug 2000 03:26:50 -0700 (PDT) Cc: arch@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [ moved to -arch, the home of all bikeshed arguments ] Alexey Zelkin wrote: > hi, > > looks like it's time to rehash "NO vs NO_" theme. Any objections > against changing all occurences of "NO_*" variables in src/'s Makefiles > to "NO*" ? Since "NO*" variables is mostly used in tree I think we should > go in this way to avoid lots "empty" patches. The reason many of us have been adding NO_* instead of NO* is to improve readability. As someone else has pointed out, the NO_'s outnumber NO in make.conf anyways, so if you are going to make a change, go to NO_*. There is also a precedent for using _'s in make variables in other variable names as well: MAKE_KERBEROS4 MAKE_KERBEROS5 MACHINE_ARCH USA_RESIDENT MODULES_WITH_WORLD MAKE_IDEA etc. etc. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 3:30:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 4899B37B443 for ; Wed, 30 Aug 2000 03:30:41 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id MAA30280; Wed, 30 Aug 2000 12:30:40 +0200 (CEST) (envelope-from des@flood.ping.uio.no) To: arch@freebsd.org Subject: build tools as separate distribution From: Dag-Erling Smorgrav Date: 30 Aug 2000 12:30:39 +0200 Message-ID: Lines: 11 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG What would the good people think of moving gcc, gas, ld etc., as well as include files and static libraries out of the bin dist and into a separate distribution, called e.g. prog or devel? There are a lot of cases (e.g. firewalls, mail gateways) where you neither need nor want build tools, and PicoBSD is sometimes too radical. This would provide a sort of middle path between the too-minimalist PicoBSD and the not-minimalist-enough bin dist we have today. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 3:41:25 2000 Delivered-To: freebsd-arch@freebsd.org Received: from lists01.iafrica.com (lists01.iafrica.com [196.7.0.141]) by hub.freebsd.org (Postfix) with ESMTP id 02F4737B422 for ; Wed, 30 Aug 2000 03:41:21 -0700 (PDT) Received: from nwl.fw.uunet.co.za ([196.31.2.162]) by lists01.iafrica.com with esmtp (Exim 3.12 #2) id 13U5Iy-0005UM-00; Wed, 30 Aug 2000 12:41:16 +0200 Received: (from nobody@localhost) by nwl.fw.uunet.co.za (8.8.8/8.6.9) id MAA10123; Wed, 30 Aug 2000 12:41:15 +0200 (SAST) Received: by nwl.fw.uunet.co.za via recvmail id 9778; Wed Aug 30 12:39:51 2000 Received: from sheldonh (helo=axl.fw.uunet.co.za) by axl.fw.uunet.co.za with local-esmtp (Exim 3.16 #1) id 13U5Hb-000764-00; Wed, 30 Aug 2000 12:39:51 +0200 From: Sheldon Hearn To: Alexey Zelkin Cc: arch@freebsd.org Subject: Re: NO vs NO_ In-reply-to: Your message of "Wed, 30 Aug 2000 03:26:50 MST." <200008301026.DAA50313@pike.osd.bsdi.com> Date: Wed, 30 Aug 2000 12:39:51 +0200 Message-ID: <27283.967631991@axl.fw.uunet.co.za> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Alexey Zelkin wrote: > looks like it's time to rehash "NO vs NO_" theme. Any objections > against changing all occurences of "NO_*" variables in src/'s Makefiles > to "NO*" ? Since "NO*" variables is mostly used in tree I think we should > go in this way to avoid lots "empty" patches. If you don't get any technical objections, make a patch available for testing and review. If the only feedback you get is about the flavour of the gravy, rather than the meat itself, listen carefully, then go ahead and do it the way you want it done. Call it "chef's prerogative". :-) For what it's worth, I agree that it'll taste better if you add underscores. In my opinion, the only technical issue worth discussing is whether the change is expected to be merged onto the RELENG_4 branch. If it's a straight conversion, you'll make life difficult for lots of people. However, if you were to put magic in the RELENG_4 mk files (when the time came), you could translate deprecated names into their new names, possibly even generating warnings for each translation. Having said that, I don't think there's any merit in providing such translation in HEAD. What you're looking for, it seems, is a clean break. A good way to do this is to allow backward compatibility in RELENG_4 but not in HEAD. Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 3:52:25 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 8169037B43C for ; Wed, 30 Aug 2000 03:52:23 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id DAA23775; Wed, 30 Aug 2000 03:52:14 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id DAA80146; Wed, 30 Aug 2000 03:52:14 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id DAA05440; Wed, 30 Aug 2000 03:52:14 -0700 (PDT) From: Don Lewis Message-Id: <200008301052.DAA05440@salsa.gv.tsc.tdk.com> Date: Wed, 30 Aug 2000 03:52:13 -0700 In-Reply-To: References: X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Dag-Erling Smorgrav , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Aug 30, 12:30pm, Dag-Erling Smorgrav wrote: } Subject: build tools as separate distribution } What would the good people think of moving gcc, gas, ld etc., as well } as include files and static libraries out of the bin dist and into a } separate distribution, called e.g. prog or devel? There are a lot of } cases (e.g. firewalls, mail gateways) where you neither need nor want } build tools, and PicoBSD is sometimes too radical. This would provide } a sort of middle path between the too-minimalist PicoBSD and the } not-minimalist-enough bin dist we have today. I'm in favor of it and have even done this in the past (other than the static libraries) as a local hack to 2.1. This is pretty easy to implement, though I recall having problems disentangling ld with some non-optional things like ldconfig and ld.so. I also did the same thing for lpr, sendmail, uucp, and the r-commands. The only difficult part is making the necessary changes to sysinstall. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 5:13:50 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id CF66B37B422 for ; Wed, 30 Aug 2000 05:13:48 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 067F21925A for ; Wed, 30 Aug 2000 07:13:48 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id HAA01289 for freebsd-arch@freebsd.org; Wed, 30 Aug 2000 07:13:47 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Wed, 30 Aug 2000 07:13:47 -0500 From: "Jacques A. Vidrine" To: freebsd-arch@freebsd.org Subject: Request for review: nsswitch Message-ID: <20000830071347.A1167@hamlet.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , freebsd-arch@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, Patches adding nsswitch support to FreeBSD 4.1-RELEASE, 4-STABLE, and 5-CURRENT can be found at: http://www.nectar.com/freebsd/nsswitch I would like to commit this support to -CURRENT in about a week or so. I'd appreciate a review of the patch. This brings over nsswitch functionality from NetBSD. /etc/nsswitch.conf controls lookups for group, hosts, networks, passwd, and shells databases. Database sources may be files, dns (Hesiod), nis, or a compat mode (using +/- in passwd and group databases) that uses nis or dns. You can see the man page linked from URL above. Cheers, -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 5:35:47 2000 Delivered-To: freebsd-arch@freebsd.org Received: from columbus.cris.net (columbus.cris.net [212.110.128.65]) by hub.freebsd.org (Postfix) with ESMTP id 97C7537B42C; Wed, 30 Aug 2000 05:35:35 -0700 (PDT) Received: from ark.cris.net (ark.cris.net [212.110.128.68]) by columbus.cris.net (8.9.3/8.9.3) with ESMTP id PAA03675; Wed, 30 Aug 2000 15:35:15 +0300 (EEST) Received: (from phantom@localhost) by ark.cris.net (8.9.3/8.9.3) id PAA02124; Wed, 30 Aug 2000 15:35:00 +0300 (EEST) (envelope-from phantom) Date: Wed, 30 Aug 2000 15:35:00 +0300 From: Alexey Zelkin To: John Baldwin Cc: arch@FreeBSD.org, committers@FreeBSD.org Subject: aout-to-elf (was: Re: NO vs NO_) Message-ID: <20000830153500.B1040@ark.cris.net> References: <20000830125403.A76840@ark.cris.net> <200008301026.DAA50313@pike.osd.bsdi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <200008301026.DAA50313@pike.osd.bsdi.com>; from jhb@pike.osd.bsdi.com on Wed, Aug 30, 2000 at 03:26:50AM -0700 X-Operating-System: FreeBSD 3.5-STABLE i386 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hi, On Wed, Aug 30, 2000 at 03:26:50AM -0700, John Baldwin wrote: > [ moved to -arch, the home of all bikeshed arguments ] BTW, one more question related to architecture design of our buildworld system. Is there any reason to keep aout-to-elf upgrade chunks there for 4.x and 5.x systems ? Maybe it's time to cleanup Makefiles for HEAD and RELENG_4 ? > Alexey Zelkin wrote: > > hi, > > > > looks like it's time to rehash "NO vs NO_" theme. Any objections > > against changing all occurences of "NO_*" variables in src/'s Makefiles > > to "NO*" ? Since "NO*" variables is mostly used in tree I think we should > > go in this way to avoid lots "empty" patches. > > The reason many of us have been adding NO_* instead of NO* is to improve > readability. As someone else has pointed out, the NO_'s outnumber NO in > make.conf anyways, so if you are going to make a change, go to NO_*. > > There is also a precedent for using _'s in make variables in other > variable names as well: > > MAKE_KERBEROS4 > MAKE_KERBEROS5 > MACHINE_ARCH > USA_RESIDENT > MODULES_WITH_WORLD > MAKE_IDEA > etc. etc. > > -- > > John Baldwin -- http://www.FreeBSD.org/~jhb/ > PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc > "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ -- /* Alexey Zelkin && phantom@cris.net */ /* Tavric National University && phantom@FreeBSD.org */ /* Sysadmin/Developer && phantom@sms.umc.com.ua */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 6:48:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id C787037B43F for ; Wed, 30 Aug 2000 06:48:50 -0700 (PDT) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id GAA03996; Wed, 30 Aug 2000 06:48:17 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda03994; Wed Aug 30 06:48:02 2000 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.9.3/8.9.1) id GAA29793; Wed, 30 Aug 2000 06:48:02 -0700 (PDT) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdl29791; Wed Aug 30 06:47:38 2000 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.0/8.9.1) id e7UDlbh84409; Wed, 30 Aug 2000 06:47:37 -0700 (PDT) Message-Id: <200008301347.e7UDlbh84409@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdG84403; Wed Aug 30 06:47:02 2000 X-Mailer: exmh version 2.1.1 10/15/1999 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 4.1-RELEASE X-Sender: cy To: Dag-Erling Smorgrav Cc: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-reply-to: Your message of "30 Aug 2000 12:30:39 +0200." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 30 Aug 2000 06:47:02 -0700 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message , Dag-Erling Smorgrav writes: > What would the good people think of moving gcc, gas, ld etc., as well > as include files and static libraries out of the bin dist and into a > separate distribution, called e.g. prog or devel? There are a lot of > cases (e.g. firewalls, mail gateways) where you neither need nor want > build tools, and PicoBSD is sometimes too radical. This would provide > a sort of middle path between the too-minimalist PicoBSD and the > not-minimalist-enough bin dist we have today. Excellent idea! Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 8: 5: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id 7059F37B424 for ; Wed, 30 Aug 2000 08:05:05 -0700 (PDT) Received: from newsguy.com (p57-dn02kiryunisiki.gunma.ocn.ne.jp [211.0.245.122]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id AAA10947; Thu, 31 Aug 2000 00:04:55 +0900 (JST) Message-ID: <39AD2111.C7F0F782@newsguy.com> Date: Wed, 30 Aug 2000 23:58:25 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dag-Erling Smorgrav wrote: > > What would the good people think of moving gcc, gas, ld etc., as well > as include files and static libraries out of the bin dist and into a > separate distribution, called e.g. prog or devel? There are a lot of > cases (e.g. firewalls, mail gateways) where you neither need nor want > build tools, and PicoBSD is sometimes too radical. This would provide > a sort of middle path between the too-minimalist PicoBSD and the > not-minimalist-enough bin dist we have today. IMHO, and as an hibernating committer, this would be good. -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@white.bunnies.bsdconspiracy.net OK, so the solar flares are my fault.. I am sorry, ok?!?! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 8: 5:26 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id 79EE437B424 for ; Wed, 30 Aug 2000 08:05:23 -0700 (PDT) Received: from newsguy.com (p57-dn02kiryunisiki.gunma.ocn.ne.jp [211.0.245.122]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id AAA10973; Thu, 31 Aug 2000 00:04:58 +0900 (JST) Message-ID: <39AD222B.CE9A26B5@newsguy.com> Date: Thu, 31 Aug 2000 00:03:07 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: "Jacques A. Vidrine" Cc: freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch References: <20000830071347.A1167@hamlet.nectar.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Jacques A. Vidrine" wrote: > > Hi, > > Patches adding nsswitch support to FreeBSD 4.1-RELEASE, 4-STABLE, and > 5-CURRENT can be found at: > http://www.nectar.com/freebsd/nsswitch > > I would like to commit this support to -CURRENT in about a week or so. > I'd appreciate a review of the patch. > > This brings over nsswitch functionality from NetBSD. /etc/nsswitch.conf > controls lookups for group, hosts, networks, passwd, and shells > databases. Database sources may be files, dns (Hesiod), nis, or a > compat mode (using +/- in passwd and group databases) that uses nis or > dns. You can see the man page linked from URL above. Being guilty of not having looked at it at all, but this sounds like a typical case where we would want a /etc/defaults/nsswitch.conf with overrides in /etc/nsswitch.conf...? -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@white.bunnies.bsdconspiracy.net OK, so the solar flares are my fault.. I am sorry, ok?!?! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 8:57:35 2000 Delivered-To: freebsd-arch@freebsd.org Received: from columbus.cris.net (columbus.cris.net [212.110.128.65]) by hub.freebsd.org (Postfix) with ESMTP id B146B37B43E; Wed, 30 Aug 2000 08:57:27 -0700 (PDT) Received: from ark.cris.net (ark.cris.net [212.110.128.68]) by columbus.cris.net (8.9.3/8.9.3) with ESMTP id SAA53265; Wed, 30 Aug 2000 18:56:58 +0300 (EEST) Received: (from phantom@localhost) by ark.cris.net (8.9.3/8.9.3) id SAA32939; Wed, 30 Aug 2000 18:56:45 +0300 (EEST) (envelope-from phantom) Date: Wed, 30 Aug 2000 18:56:45 +0300 From: Alexey Zelkin To: Sheldon Hearn Cc: arch@freebsd.org, committers@freebsd.org Subject: Re: NO vs NO_ Message-ID: <20000830185645.A32496@ark.cris.net> References: <200008301026.DAA50313@pike.osd.bsdi.com> <27283.967631991@axl.fw.uunet.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <27283.967631991@axl.fw.uunet.co.za>; from sheldonh@uunet.co.za on Wed, Aug 30, 2000 at 12:39:51PM +0200 X-Operating-System: FreeBSD 3.5-STABLE i386 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hi, On Wed, Aug 30, 2000 at 12:39:51PM +0200, Sheldon Hearn wrote: > In my opinion, the only technical issue worth discussing is whether the > change is expected to be merged onto the RELENG_4 branch. If it's a > straight conversion, you'll make life difficult for lots of people. > However, if you were to put magic in the RELENG_4 mk files (when the > time came), you could translate deprecated names into their new names, > possibly even generating warnings for each translation. I thought to use construction like that: ALLOW_DEPRECATED = true DEPRECATED_VARS = CLEAN CLEANDIR CRYPT PROFILE SECURE GAMES INFO LIBC_R .for var in ${DEPRECATED_VARS} .if defined(NO${var}) .if defined(ALLOW_DEPRECATED) && !empty(ALLOW_DEPRECATED) NO_${var}=${NO${var}} .else @echo "The variable NO${var} is deprecated, use NO_${var} instead" @/usr/bin/false .endif .endif .endfor -- /* Alexey Zelkin && phantom@cris.net */ /* Tavric National University && phantom@FreeBSD.org */ /* Sysadmin/Developer && phantom@sms.umc.com.ua */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 9:43:14 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel3.hp.com (palrel3.hp.com [156.153.255.226]) by hub.freebsd.org (Postfix) with ESMTP id 4B56237B423; Wed, 30 Aug 2000 09:43:08 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel3.hp.com (Postfix) with ESMTP id A7D33668A; Wed, 30 Aug 2000 09:43:07 -0700 (PDT) Received: from cup.hp.com (gauss.cup.hp.com [15.28.97.152]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id JAA23138; Wed, 30 Aug 2000 09:43:07 -0700 (PDT) Message-ID: <39AD399B.D0D45787@cup.hp.com> Date: Wed, 30 Aug 2000 12:43:07 -0400 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Alexey Zelkin Cc: John Baldwin , arch@FreeBSD.ORG, committers@FreeBSD.ORG Subject: Re: aout-to-elf (was: Re: NO vs NO_) References: <20000830125403.A76840@ark.cris.net> <200008301026.DAA50313@pike.osd.bsdi.com> <20000830153500.B1040@ark.cris.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Alexey Zelkin wrote: > > BTW, one more question related to architecture design of our buildworld > system. Is there any reason to keep aout-to-elf upgrade chunks there > for 4.x and 5.x systems ? Maybe it's time to cleanup Makefiles for > HEAD and RELENG_4 ? I'm planning to remove those targets when I have some time. In the mean time I've been working on getting the basis of a single upgrade target. This target should also work when someone upgrades from 2.2.x systems. If the aout-to-elf targets are in the way, we can discuss their early retirement, otherwise I suggest leaving them in until the (new) upgrade target has been verified to work. -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 9:49:36 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel3.hp.com (palrel3.hp.com [156.153.255.226]) by hub.freebsd.org (Postfix) with ESMTP id 0B71937B422 for ; Wed, 30 Aug 2000 09:49:34 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel3.hp.com (Postfix) with ESMTP id AB5A366C7; Wed, 30 Aug 2000 09:49:33 -0700 (PDT) Received: from cup.hp.com (gauss.cup.hp.com [15.28.97.152]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id JAA23371; Wed, 30 Aug 2000 09:49:33 -0700 (PDT) Message-ID: <39AD3B1D.CFB294FC@cup.hp.com> Date: Wed, 30 Aug 2000 12:49:33 -0400 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Alexey Zelkin Cc: Sheldon Hearn , arch@FreeBSD.ORG Subject: Re: NO vs NO_ References: <200008301026.DAA50313@pike.osd.bsdi.com> <27283.967631991@axl.fw.uunet.co.za> <20000830185645.A32496@ark.cris.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [-committers removed] Alexey Zelkin wrote: > > On Wed, Aug 30, 2000 at 12:39:51PM +0200, Sheldon Hearn wrote: > > > However, if you were to put magic in the RELENG_4 mk files (when the > > time came), you could translate deprecated names into their new names, > > possibly even generating warnings for each translation. I think it is mandatory for -stable and we probably should do it for -current as well. In -current, the automagical translation can be removed some time prior to the release. The reason for this is simply habit. Give people a change to get used to the new names, how ever they are going to look like. -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10: 0: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel3.hp.com (palrel3.hp.com [156.153.255.226]) by hub.freebsd.org (Postfix) with ESMTP id 954E837B42C for ; Wed, 30 Aug 2000 10:00:07 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel3.hp.com (Postfix) with ESMTP id 1C27A2B55; Wed, 30 Aug 2000 10:00:07 -0700 (PDT) Received: from cup.hp.com (gauss.cup.hp.com [15.28.97.152]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id KAA23904; Wed, 30 Aug 2000 10:00:06 -0700 (PDT) Message-ID: <39AD3D96.7256B648@cup.hp.com> Date: Wed, 30 Aug 2000 13:00:06 -0400 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dag-Erling Smorgrav wrote: > > What would the good people think of moving gcc, gas, ld etc., as well > as include files and static libraries out of the bin dist and into a > separate distribution, called e.g. prog or devel? There are a lot of > cases (e.g. firewalls, mail gateways) where you neither need nor want > build tools, and PicoBSD is sometimes too radical. This would provide > a sort of middle path between the too-minimalist PicoBSD and the > not-minimalist-enough bin dist we have today. Funny you mention this. I have been in contact with the project manager of the OpenWatcom project and he told me that watcom is being ported to FreeBSD. For those who don't know what watcom is: Watcom is a compiler for ia32 that compiles code for dos, dos4gw, different flavors of Windows, OS/2 and Novell (I probably forget some). An alpha port was almost finished when the product was discontinued. The product will be open source in a couple of months and ports for FreeBSD (I said this already) and probably Linux will be made. In short: I see interesting possibilities and having the compilers be a seperate distribution can make certain possibilities more attractive. Am I vague enough? :-) see also http://www.openwatcom.org/ -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10: 1:38 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dragon.nuxi.com (trang.nuxi.com [209.152.133.57]) by hub.freebsd.org (Postfix) with ESMTP id C0BC437B423 for ; Wed, 30 Aug 2000 10:01:36 -0700 (PDT) Received: (from obrien@localhost) by dragon.nuxi.com (8.9.3/8.9.1) id KAA45796; Wed, 30 Aug 2000 10:01:27 -0700 (PDT) (envelope-from obrien) Date: Wed, 30 Aug 2000 10:01:26 -0700 From: "David O'Brien" To: Dag-Erling Smorgrav Cc: arch@freebsd.org Subject: Re: build tools as separate distribution Message-ID: <20000830100126.D45710@dragon.nuxi.com> Reply-To: obrien@freebsd.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from des@flood.ping.uio.no on Wed, Aug 30, 2000 at 12:30:39PM +0200 X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Aug 30, 2000 at 12:30:39PM +0200, Dag-Erling Smorgrav wrote: > What would the good people think of moving gcc, gas, ld etc., as well > as include files and static libraries out of the bin dist and into a > separate distribution, called e.g. prog or devel? There are a lot of You need to convince JKH (as release engineer). I was going to do this for 4.2, but he said no. -- -- David (obrien@FreeBSD.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10: 3:23 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dragon.nuxi.com (trang.nuxi.com [209.152.133.57]) by hub.freebsd.org (Postfix) with ESMTP id 80ACF37B43E for ; Wed, 30 Aug 2000 10:03:17 -0700 (PDT) Received: (from obrien@localhost) by dragon.nuxi.com (8.9.3/8.9.1) id KAA45809; Wed, 30 Aug 2000 10:02:58 -0700 (PDT) (envelope-from obrien) Date: Wed, 30 Aug 2000 10:02:58 -0700 From: "David O'Brien" To: Alexey Zelkin , arch@FreeBSD.org Subject: Re: NO vs NO_ Message-ID: <20000830100258.E45710@dragon.nuxi.com> Reply-To: obrien@FreeBSD.org References: <20000830125403.A76840@ark.cris.net> <200008301026.DAA50313@pike.osd.bsdi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200008301026.DAA50313@pike.osd.bsdi.com>; from jhb@pike.osd.bsdi.com on Wed, Aug 30, 2000 at 03:26:50AM -0700 X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Aug 30, 2000 at 03:26:50AM -0700, John Baldwin wrote: Alexey Zelkin wrote: > looks like it's time to rehash "NO vs NO_" theme. Any objections > against changing all occurences of "NO_*" variables in src/'s Makefiles > to "NO*" ? Yes, *_STRONG OBJECTIONS_*. -- -- David (obrien@FreeBSD.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:15:50 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 3CCAD37B424; Wed, 30 Aug 2000 10:15:46 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id LAA98663; Wed, 30 Aug 2000 11:15:44 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id LAA16929; Wed, 30 Aug 2000 11:15:23 -0600 (MDT) Message-Id: <200008301715.LAA16929@harmony.village.org> To: Alexey Zelkin Subject: Re: aout-to-elf (was: Re: NO vs NO_) Cc: John Baldwin , arch@FreeBSD.org, committers@FreeBSD.org In-reply-to: Your message of "Wed, 30 Aug 2000 15:35:00 +0300." <20000830153500.B1040@ark.cris.net> References: <20000830153500.B1040@ark.cris.net> <20000830125403.A76840@ark.cris.net> <200008301026.DAA50313@pike.osd.bsdi.com> Date: Wed, 30 Aug 2000 11:15:23 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20000830153500.B1040@ark.cris.net> Alexey Zelkin writes: : BTW, one more question related to architecture design of our buildworld : system. Is there any reason to keep aout-to-elf upgrade chunks there : for 4.x and 5.x systems ? Maybe it's time to cleanup Makefiles for : HEAD and RELENG_4 ? For 4.x, we need to keep them. Maybe they can go away in 5.x. With them in 4.x, we can almost upgrade from aout systems to 4.x (although we do not document it in UPDATING). Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:17:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id 0D44B37B422 for ; Wed, 30 Aug 2000 10:17:40 -0700 (PDT) Received: from localhost (localhost [::1]) (authenticated) by peace.mahoroba.org (8.11.0/8.11.0/peace) with ESMTP/inet6 id e7UHGjE43476; Thu, 31 Aug 2000 02:16:45 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Thu, 31 Aug 2000 02:16:40 +0900 (JST) Message-Id: <20000831.021640.74713558.ume@mahoroba.org> To: n@nectar.com Cc: freebsd-arch@freebsd.org Subject: Re: Request for review: nsswitch From: Hajimu UMEMOTO In-Reply-To: <20000830071347.A1167@hamlet.nectar.com> References: <20000830071347.A1167@hamlet.nectar.com> X-Mailer: xcite1.20> Mew version 1.95b38 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> On Wed, 30 Aug 2000 07:13:47 -0500 >>>>> "Jacques A. Vidrine" said: n> Patches adding nsswitch support to FreeBSD 4.1-RELEASE, 4-STABLE, and n> 5-CURRENT can be found at: n> http://www.nectar.com/freebsd/nsswitch n> I would like to commit this support to -CURRENT in about a week or so. n> I'd appreciate a review of the patch. n> This brings over nsswitch functionality from NetBSD. /etc/nsswitch.conf n> controls lookups for group, hosts, networks, passwd, and shells n> databases. Database sources may be files, dns (Hesiod), nis, or a n> compat mode (using +/- in passwd and group databases) that uses nis or n> dns. You can see the man page linked from URL above. It seems nsswitch support to getaddrinfo.c is still far from NetBSD-current. Please please sync as possible. We need share it with *BSD so that KAME guys can maintain easier. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:20:48 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 4C3DA37B42C; Wed, 30 Aug 2000 10:20:44 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id LAA98705; Wed, 30 Aug 2000 11:20:29 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id LAA17007; Wed, 30 Aug 2000 11:20:08 -0600 (MDT) Message-Id: <200008301720.LAA17007@harmony.village.org> To: Marcel Moolenaar Subject: Re: aout-to-elf (was: Re: NO vs NO_) Cc: Alexey Zelkin , John Baldwin , arch@FreeBSD.org, committers@FreeBSD.org In-reply-to: Your message of "Wed, 30 Aug 2000 12:43:07 EDT." <39AD399B.D0D45787@cup.hp.com> References: <39AD399B.D0D45787@cup.hp.com> <20000830125403.A76840@ark.cris.net> <200008301026.DAA50313@pike.osd.bsdi.com> <20000830153500.B1040@ark.cris.net> Date: Wed, 30 Aug 2000 11:20:08 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <39AD399B.D0D45787@cup.hp.com> Marcel Moolenaar writes: : This target should also work when someone upgrades from 2.2.x systems. Are your patches cooked enough to share? Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:21:41 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id CD8F237B424 for ; Wed, 30 Aug 2000 10:21:38 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id LAA98720; Wed, 30 Aug 2000 11:21:37 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id LAA17046; Wed, 30 Aug 2000 11:21:15 -0600 (MDT) Message-Id: <200008301721.LAA17046@harmony.village.org> To: Dag-Erling Smorgrav Subject: Re: RFC: Linuxulator MI bits in sys/compat/linux Cc: Marcel Moolenaar , arch@FreeBSD.ORG In-reply-to: Your message of "28 Aug 2000 18:07:31 +0200." References: <39A02834.E6500194@cup.hp.com> Date: Wed, 30 Aug 2000 11:21:15 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Dag-Erling Smorgrav writes: : Marcel Moolenaar writes: : > I like to have consensus about where the MI bits will live. My proposal : > is: : > : > sys/compat/linux : : Sounds good to me (not that I am any kind of kernel guru...) My only complaint with putting anything in sys/compat is that I've been typing for years sys/com to have tcsh complete it to sys/compile. Now, I have to type compi :-( Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:28:26 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 2331E37B422 for ; Wed, 30 Aug 2000 10:28:23 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id LAA98741; Wed, 30 Aug 2000 11:28:21 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id LAA17081; Wed, 30 Aug 2000 11:28:00 -0600 (MDT) Message-Id: <200008301728.LAA17081@harmony.village.org> To: Dag-Erling Smorgrav Subject: Re: build tools as separate distribution Cc: arch@FreeBSD.ORG In-reply-to: Your message of "30 Aug 2000 12:30:39 +0200." References: Date: Wed, 30 Aug 2000 11:28:00 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Dag-Erling Smorgrav writes: : What would the good people think of moving gcc, gas, ld etc., as well : as include files and static libraries out of the bin dist and into a : separate distribution, called e.g. prog or devel? There are a lot of : cases (e.g. firewalls, mail gateways) where you neither need nor want : build tools, and PicoBSD is sometimes too radical. This would provide : a sort of middle path between the too-minimalist PicoBSD and the : not-minimalist-enough bin dist we have today. I would like this idea. The up side is that it saves about 100MB of space, iirc. The down side is that minimal is no longer able to build a kernel, which is why they were in there to start with. I'd like this idea. On a related note, I have a bunch of scripts for producing relatively small systems (on the order of 16MB), but they do lack most of common utilities that aren't needed to boot or to use the network. You can shave another 4MB off of this by dynamically linking /bin and /sbin. Of course, when you do that, / and /usr must be on the same partition. For our systems, this isn't a big deal (although I don't enable this at the moment). I think that you can shave another 1M or two by rewriting the rc scripts. Oh, and you can save 1M by using a minimized termcap. If I had 8MB parts to worry about, I'd try to get an uncompressed FreeBSD to fit into them. As it is, we have 32MB and 64MB parts, which are big enough that I don't need to worry. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:31:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 502C337B424; Wed, 30 Aug 2000 10:31:16 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id LAA98762; Wed, 30 Aug 2000 11:31:15 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id LAA17118; Wed, 30 Aug 2000 11:30:53 -0600 (MDT) Message-Id: <200008301730.LAA17118@harmony.village.org> To: obrien@FreeBSD.ORG Subject: Re: build tools as separate distribution Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG In-reply-to: Your message of "Wed, 30 Aug 2000 10:01:26 PDT." <20000830100126.D45710@dragon.nuxi.com> References: <20000830100126.D45710@dragon.nuxi.com> Date: Wed, 30 Aug 2000 11:30:53 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20000830100126.D45710@dragon.nuxi.com> "David O'Brien" writes: : On Wed, Aug 30, 2000 at 12:30:39PM +0200, Dag-Erling Smorgrav wrote: : > What would the good people think of moving gcc, gas, ld etc., as well : > as include files and static libraries out of the bin dist and into a : > separate distribution, called e.g. prog or devel? There are a lot of : : You need to convince JKH (as release engineer). I was going to do this : for 4.2, but he said no. I think we can do this for 5.0, however, since I think we can convince him that it is a good idea. However, I think that someone will need to come up with patches to sysinstall. Also, there's likely some UI issues with minimal changing from "complete for a hosting system" to "incomplete for a hosting system, but complete for a target system." Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:34:15 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id EACCB37B423 for ; Wed, 30 Aug 2000 10:34:09 -0700 (PDT) Received: (from dan@localhost) by dan.emsphone.com (8.9.3/8.9.3) id MAA12743; Wed, 30 Aug 2000 12:33:51 -0500 (CDT) (envelope-from dan) Date: Wed, 30 Aug 2000 12:33:51 -0500 From: Dan Nelson To: Warner Losh Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution Message-ID: <20000830123351.A29508@dan.emsphone.com> References: <200008301728.LAA17081@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: Mutt/1.3.7i In-Reply-To: <200008301728.LAA17081@harmony.village.org>; from "Warner Losh" on Wed Aug 30 11:28:00 GMT 2000 X-OS: FreeBSD 5.0-CURRENT Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In the last episode (Aug 30), Warner Losh said: > In message Dag-Erling Smorgrav writes: > : What would the good people think of moving gcc, gas, ld etc., as well > : as include files and static libraries out of the bin dist and into a > : separate distribution, called e.g. prog or devel? There are a lot of > > I would like this idea. The up side is that it saves about 100MB of > space, iirc. The down side is that minimal is no longer able to > build a kernel, which is why they were in there to start with. The move to a modular kernel makes the need to recompile GENERIC less important than it used to be, so it's not that much of a loss. -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 10:35:37 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 1BD4037B43C for ; Wed, 30 Aug 2000 10:35:35 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id LAA98813; Wed, 30 Aug 2000 11:35:30 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id LAA17243; Wed, 30 Aug 2000 11:35:09 -0600 (MDT) Message-Id: <200008301735.LAA17243@harmony.village.org> To: Dan Nelson Subject: Re: build tools as separate distribution Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG In-reply-to: Your message of "Wed, 30 Aug 2000 12:33:51 CDT." <20000830123351.A29508@dan.emsphone.com> References: <20000830123351.A29508@dan.emsphone.com> <200008301728.LAA17081@harmony.village.org> Date: Wed, 30 Aug 2000 11:35:09 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20000830123351.A29508@dan.emsphone.com> Dan Nelson writes: : In the last episode (Aug 30), Warner Losh said: : > In message Dag-Erling Smorgrav writes: : > : What would the good people think of moving gcc, gas, ld etc., as well : > : as include files and static libraries out of the bin dist and into a : > : separate distribution, called e.g. prog or devel? There are a lot of : > : > I would like this idea. The up side is that it saves about 100MB of : > space, iirc. The down side is that minimal is no longer able to : > build a kernel, which is why they were in there to start with. : : The move to a modular kernel makes the need to recompile GENERIC less : important than it used to be, so it's not that much of a loss. Yes. However, the move to a more more modular kernel still has a ways to go. GENERIC is still too big a pigdog, and some of the "base" device drivers still need to be modularized. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 11: 2:41 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dragon.nuxi.com (trang.nuxi.com [209.152.133.57]) by hub.freebsd.org (Postfix) with ESMTP id E5B9437B43C for ; Wed, 30 Aug 2000 11:02:34 -0700 (PDT) Received: (from obrien@localhost) by dragon.nuxi.com (8.9.3/8.9.1) id LAA46198 for arch@FreeBSD.ORG; Wed, 30 Aug 2000 11:02:34 -0700 (PDT) (envelope-from obrien) Date: Wed, 30 Aug 2000 11:02:33 -0700 From: "David O'Brien" To: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution Message-ID: <20000830110233.C45964@dragon.nuxi.com> Reply-To: arch@FreeBSD.ORG References: <20000830100126.D45710@dragon.nuxi.com> <20000830100126.D45710@dragon.nuxi.com> <200008301730.LAA17118@harmony.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200008301730.LAA17118@harmony.village.org>; from imp@village.org on Wed, Aug 30, 2000 at 11:30:53AM -0600 X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Aug 30, 2000 at 11:30:53AM -0600, Warner Losh wrote: > In message <20000830100126.D45710@dragon.nuxi.com> "David O'Brien" writes: > : On Wed, Aug 30, 2000 at 12:30:39PM +0200, Dag-Erling Smorgrav wrote: > : > What would the good people think of moving gcc, gas, ld etc., as well > : > as include files and static libraries out of the bin dist and into a > : > separate distribution, called e.g. prog or devel? There are a lot of > : > : You need to convince JKH (as release engineer). I was going to do this > : for 4.2, but he said no. > > I think we can do this for 5.0, however, since I think we can convince > him that it is a good idea. JKH said he plans on having sysinstall changed for 5.0 and true packages. Thus why he said it wasn't worth the effort in -current. I don't think he wanted to rock the boat in -stable. -- -- David (obrien@FreeBSD.org) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 11: 4:33 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel1.hp.com (palrel1.hp.com [156.153.255.242]) by hub.freebsd.org (Postfix) with ESMTP id 0CF5437B422; Wed, 30 Aug 2000 11:04:30 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel1.hp.com (Postfix) with ESMTP id F3919BD49; Wed, 30 Aug 2000 11:03:00 -0700 (PDT) Received: from cup.hp.com (gauss.cup.hp.com [15.28.97.152]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id LAA27173; Wed, 30 Aug 2000 11:03:00 -0700 (PDT) Message-ID: <39AD4C54.61807FF8@cup.hp.com> Date: Wed, 30 Aug 2000 14:03:00 -0400 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Warner Losh Cc: Alexey Zelkin , John Baldwin , arch@FreeBSD.org, committers@FreeBSD.org Subject: Re: aout-to-elf (was: Re: NO vs NO_) References: <39AD399B.D0D45787@cup.hp.com> <20000830125403.A76840@ark.cris.net> <200008301026.DAA50313@pike.osd.bsdi.com> <20000830153500.B1040@ark.cris.net> <200008301720.LAA17007@harmony.village.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Warner Losh wrote: > > In message <39AD399B.D0D45787@cup.hp.com> Marcel Moolenaar writes: > : This target should also work when someone upgrades from 2.2.x systems. > > Are your patches cooked enough to share? I don't have any patches yet. My first goal is to have buildworld do the right thing when performed on a 2.2.x system. From that moment on the upgrade target will be mostly about bootblocks and being failsafe and such. Which reminds me. Does someone have a pointer to a 2.2.x distribution. I haven't been able to find a mirror that still carries those. -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 11: 8:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from jade.chc-chimes.com (jade.chc-chimes.com [216.28.46.6]) by hub.freebsd.org (Postfix) with ESMTP id 0D9CE37B424 for ; Wed, 30 Aug 2000 11:08:13 -0700 (PDT) Received: by jade.chc-chimes.com (Postfix, from userid 1001) id 262F51C66; Wed, 30 Aug 2000 14:08:12 -0400 (EDT) Date: Wed, 30 Aug 2000 14:08:12 -0400 From: Bill Fumerola To: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution Message-ID: <20000830140812.Q33771@jade.chc-chimes.com> References: <20000830100126.D45710@dragon.nuxi.com> <20000830100126.D45710@dragon.nuxi.com> <200008301730.LAA17118@harmony.village.org> <20000830110233.C45964@dragon.nuxi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20000830110233.C45964@dragon.nuxi.com>; from obrien@FreeBSD.ORG on Wed, Aug 30, 2000 at 11:02:33AM -0700 X-Operating-System: FreeBSD 3.3-STABLE i386 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Aug 30, 2000 at 11:02:33AM -0700, David O'Brien wrote: > JKH said he plans on having sysinstall changed for 5.0 and true packages. > Thus why he said it wasn't worth the effort in -current. I don't think > he wanted to rock the boat in -stable. Are these the same plans from 5 years ago? -- Bill Fumerola - Network Architect, BOFH / Chimes, Inc. billf@chimesnet.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 11:20: 5 2000 Delivered-To: freebsd-arch@freebsd.org Received: from zibbi.mikom.csir.co.za (zibbi.mikom.csir.co.za [146.64.24.58]) by hub.freebsd.org (Postfix) with ESMTP id D9C6F37B43E; Wed, 30 Aug 2000 11:19:56 -0700 (PDT) Received: (from jhay@localhost) by zibbi.mikom.csir.co.za (8.10.1/8.10.1) id e7UIH9F04530; Wed, 30 Aug 2000 20:17:09 +0200 (SAT) From: John Hay Message-Id: <200008301817.e7UIH9F04530@zibbi.mikom.csir.co.za> Subject: Re: aout-to-elf (was: Re: NO vs NO_) In-Reply-To: <39AD4C54.61807FF8@cup.hp.com> from Marcel Moolenaar at "Aug 30, 2000 02:03:00 pm" To: marcel@cup.hp.com (Marcel Moolenaar) Date: Wed, 30 Aug 2000 20:17:09 +0200 (SAT) Cc: arch@FreeBSD.org, committers@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > In message <39AD399B.D0D45787@cup.hp.com> Marcel Moolenaar writes: > > : This target should also work when someone upgrades from 2.2.x systems. > > > > Are your patches cooked enough to share? > > I don't have any patches yet. My first goal is to have buildworld do the > right thing when performed on a 2.2.x system. From that moment on the > upgrade target will be mostly about bootblocks and being failsafe and > such. > > Which reminds me. Does someone have a pointer to a 2.2.x distribution. I > haven't been able to find a mirror that still carries those. 2.2.8 is available on ftp.internat.freebsd.org. No packages or X though. John -- John Hay -- John.Hay@icomtek.csir.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 11:21: 4 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 8987937B43C for ; Wed, 30 Aug 2000 11:20:55 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id D90341925A; Wed, 30 Aug 2000 13:20:53 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id NAA15402; Wed, 30 Aug 2000 13:20:53 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Wed, 30 Aug 2000 13:20:53 -0500 From: "Jacques A. Vidrine" To: "Daniel C. Sobral" Cc: freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch Message-ID: <20000830132053.A15387@hamlet.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , "Daniel C. Sobral" , freebsd-arch@FreeBSD.ORG References: <20000830071347.A1167@hamlet.nectar.com> <39AD222B.CE9A26B5@newsguy.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <39AD222B.CE9A26B5@newsguy.com>; from dcs@newsguy.com on Thu, Aug 31, 2000 at 12:03:07AM +0900 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Aug 31, 2000 at 12:03:07AM +0900, Daniel C. Sobral wrote: > Being guilty of not having looked at it at all, but this sounds like a > typical case where we would want a /etc/defaults/nsswitch.conf with > overrides in /etc/nsswitch.conf...? I'm not sure I agree. The types of things that have configuration exampes in /etc/defaults are quite complicated. nsswitch.conf is simple and described entirely in the man page. Also, if there is no /etc/nsswitch.conf, the internal defaults are sane. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 11:26:28 2000 Delivered-To: freebsd-arch@freebsd.org Received: from merc95.us.sas.com (merc95.us.sas.com [149.173.6.5]) by hub.freebsd.org (Postfix) with ESMTP id B583E37B422 for ; Wed, 30 Aug 2000 11:26:25 -0700 (PDT) Received: from merc95.us.sas.com ([127.0.0.1]) by merc95.us.sas.com with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2651.58) id RVYT53K5; Wed, 30 Aug 2000 14:26:19 -0400 Received: from 10.28.149.26 by merc95.us.sas.com (InterScan E-Mail VirusWall NT); Wed, 30 Aug 2000 14:26:19 -0400 (Eastern Daylight Time) Received: from bb01f39.unx.sas.com (bb01f39.unx.sas.com [10.16.2.246]) by mozart.unx.sas.com (8.9.3 (PHNE_18979)/8.9.3) with ESMTP id OAA26697; Wed, 30 Aug 2000 14:26:18 -0400 (EDT) Received: (from jwd@localhost) by bb01f39.unx.sas.com (8.9.3/8.9.1) id OAA87084; Wed, 30 Aug 2000 14:26:17 -0400 (EDT) (envelope-from jwd) Date: Wed, 30 Aug 2000 14:26:17 -0400 From: John DeBoskey To: freebsd-arch@FreeBSD.ORG Cc: "Daniel C. Sobral" , "Jacques A. Vidrine" Subject: Re: Request for review: nsswitch Message-ID: <20000830142617.B86368@unx.sas.com> References: <20000830071347.A1167@hamlet.nectar.com> <39AD222B.CE9A26B5@newsguy.com> <20000830132053.A15387@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <20000830132053.A15387@hamlet.nectar.com>; from n@nectar.com on Wed, Aug 30, 2000 at 01:20:53PM -0500 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG ----- Jacques A. Vidrine's Original Message ----- > On Thu, Aug 31, 2000 at 12:03:07AM +0900, Daniel C. Sobral wrote: > > Being guilty of not having looked at it at all, but this sounds like a > > typical case where we would want a /etc/defaults/nsswitch.conf with > > overrides in /etc/nsswitch.conf...? > > I'm not sure I agree. The types of things that have configuration > exampes in /etc/defaults are quite complicated. nsswitch.conf is simple > and described entirely in the man page. Also, if there is no > /etc/nsswitch.conf, the internal defaults are sane. > > -- > Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org How about a simple compromise? While the internal defaults may be sane, they are `invisible' to the average user. What if we put the defaults into a /etc/defaults/nsswitch.conf file. If they need to be overridden locally, then a /etc/nsswitch.conf file is created and the defaults version is ignored.. ?? -John -- FreeBSD... The choice of those who know how to choose... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 11:30: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 9130737B422 for ; Wed, 30 Aug 2000 11:30:06 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 0AD2D1925A; Wed, 30 Aug 2000 13:30:06 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id NAA15437; Wed, 30 Aug 2000 13:30:05 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Wed, 30 Aug 2000 13:30:05 -0500 From: "Jacques A. Vidrine" To: Hajimu UMEMOTO Cc: freebsd-arch@freebsd.org Subject: Re: Request for review: nsswitch Message-ID: <20000830133005.B15387@hamlet.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , Hajimu UMEMOTO , freebsd-arch@freebsd.org References: <20000830071347.A1167@hamlet.nectar.com> <20000831.021640.74713558.ume@mahoroba.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000831.021640.74713558.ume@mahoroba.org>; from ume@mahoroba.org on Thu, Aug 31, 2000 at 02:16:40AM +0900 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Aug 31, 2000 at 02:16:40AM +0900, Hajimu UMEMOTO wrote: > It seems nsswitch support to getaddrinfo.c is still far from > NetBSD-current. Please please sync as possible. We need share it > with *BSD so that KAME guys can maintain easier. I'm sorry, I must have misunderstood something in our previous communication. There seemed to me to be other fundamental differences between getaddrinfo.c in NetBSD-current and our getaddrinfo.c, such as FAITH support. Should I take NetBSD's and merge in the FAITH code that we have in FreeBSD's? what else? -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 12: 7:11 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id 2324337B629 for ; Wed, 30 Aug 2000 12:07:06 -0700 (PDT) Received: from localhost (localhost [::1]) (authenticated) by peace.mahoroba.org (8.11.0/8.11.0/peace) with ESMTP/inet6 id e7UJ6JE43985; Thu, 31 Aug 2000 04:06:19 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Thu, 31 Aug 2000 04:06:15 +0900 (JST) Message-Id: <20000831.040615.78746226.ume@mahoroba.org> To: n@nectar.com Cc: freebsd-arch@freebsd.org Subject: Re: Request for review: nsswitch From: Hajimu UMEMOTO In-Reply-To: <20000830133005.B15387@hamlet.nectar.com> References: <20000830071347.A1167@hamlet.nectar.com> <20000831.021640.74713558.ume@mahoroba.org> <20000830133005.B15387@hamlet.nectar.com> X-Mailer: xcite1.20> Mew version 1.95b38 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> On Wed, 30 Aug 2000 13:30:05 -0500 >>>>> "Jacques A. Vidrine" said: n> On Thu, Aug 31, 2000 at 02:16:40AM +0900, Hajimu UMEMOTO wrote: > It seems nsswitch support to getaddrinfo.c is still far from > NetBSD-current. Please please sync as possible. We need share it > with *BSD so that KAME guys can maintain easier. n> I'm sorry, I must have misunderstood something in our previous n> communication. There seemed to me to be other fundamental differences n> between getaddrinfo.c in NetBSD-current and our getaddrinfo.c, such as n> FAITH support. n> Should I take NetBSD's and merge in the FAITH code that we have in n> FreeBSD's? what else? Sorry for my inconvenience. Actually, there is many difference between NetBSD's and FreeBSD's. Please take just nsswitch support code from NetBSD's and merge it into FreeBSD's. Because your work in this time is nsswitch related thing, it's enough to sync around nsdispatch() call and API of _dns_getaddrinfo() etc. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 12:24: 1 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id 1882737B422; Wed, 30 Aug 2000 12:24:00 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.9.3/8.9.3) with ESMTP id MAA87494; Wed, 30 Aug 2000 12:23:52 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: obrien@FreeBSD.ORG Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: Message from "David O'Brien" of "Wed, 30 Aug 2000 10:01:26 PDT." <20000830100126.D45710@dragon.nuxi.com> Date: Wed, 30 Aug 2000 12:23:52 -0700 Message-ID: <87490.967663432@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Well, actually, I said "no" for 4.1. If you can figure out how to do this cleanly and in such a way that there's no tech support hit for it (making the always-necessary assumption that users are dumber than a bag of hammers), I'd certainly entertain the suggestion. - Jordan > On Wed, Aug 30, 2000 at 12:30:39PM +0200, Dag-Erling Smorgrav wrote: > > What would the good people think of moving gcc, gas, ld etc., as well > > as include files and static libraries out of the bin dist and into a > > separate distribution, called e.g. prog or devel? There are a lot of > > You need to convince JKH (as release engineer). I was going to do this > for 4.2, but he said no. > > -- > -- David (obrien@FreeBSD.org) > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-arch" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 12:33: 2 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id A22A437B43C for ; Wed, 30 Aug 2000 12:33:00 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.9.3/8.9.3) with ESMTP id MAA87603; Wed, 30 Aug 2000 12:32:50 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Bill Fumerola Cc: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: Message from Bill Fumerola of "Wed, 30 Aug 2000 14:08:12 EDT." <20000830140812.Q33771@jade.chc-chimes.com> Date: Wed, 30 Aug 2000 12:32:50 -0700 Message-ID: <87599.967663970@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Wed, Aug 30, 2000 at 11:02:33AM -0700, David O'Brien wrote: > > > JKH said he plans on having sysinstall changed for 5.0 and true packages. > > Thus why he said it wasn't worth the effort in -current. I don't think > > he wanted to rock the boat in -stable. > > Are these the same plans from 5 years ago? Your wise-ass comments aside, I think that there are a number of things which are driving us to NOT just hack-hack-hack on sysinstall some more and attempt to accomplish by behind-the-scenes trickery what should be accomplished by a proper mechanism, I.E. having all the fundamental building blocks be proper packages and "bin" simply a meta-package which depends on those packages which comprise what we currently consider "the bindist." Since it's also far easier to be a back-seat driver on issues like this than to actually assist the process, I would welcome your coding contributions to making this happen rather than just suggesting that we tangle our existing mess even further. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 12:43:40 2000 Delivered-To: freebsd-arch@freebsd.org Received: from pike.osd.bsdi.com (pike.osd.bsdi.com [204.216.28.222]) by hub.freebsd.org (Postfix) with ESMTP id 3A30037B424 for ; Wed, 30 Aug 2000 12:43:35 -0700 (PDT) Received: (from jhb@localhost) by pike.osd.bsdi.com (8.9.3/8.9.3) id MAA65247; Wed, 30 Aug 2000 12:43:00 -0700 (PDT) (envelope-from jhb) From: John Baldwin Message-Id: <200008301943.MAA65247@pike.osd.bsdi.com> Subject: Re: Request for review: nsswitch In-Reply-To: <39AD222B.CE9A26B5@newsguy.com> from "Daniel C. Sobral" at "Aug 31, 2000 00:03:07 am" To: "Daniel C. Sobral" Date: Wed, 30 Aug 2000 12:43:00 -0700 (PDT) Cc: arch@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Daniel C. Sobral wrote: > "Jacques A. Vidrine" wrote: > > > > Hi, > > > > Patches adding nsswitch support to FreeBSD 4.1-RELEASE, 4-STABLE, and > > 5-CURRENT can be found at: > > http://www.nectar.com/freebsd/nsswitch > > > > I would like to commit this support to -CURRENT in about a week or so. > > I'd appreciate a review of the patch. > > > > This brings over nsswitch functionality from NetBSD. /etc/nsswitch.conf > > controls lookups for group, hosts, networks, passwd, and shells > > databases. Database sources may be files, dns (Hesiod), nis, or a > > compat mode (using +/- in passwd and group databases) that uses nis or > > dns. You can see the man page linked from URL above. > > Being guilty of not having looked at it at all, but this sounds like a > typical case where we would want a /etc/defaults/nsswitch.conf with > overrides in /etc/nsswitch.conf...? No, I don't think so. We don't have an /etc/defaults/resolv.conf, and it is about on the same order. -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 12:44: 4 2000 Delivered-To: freebsd-arch@freebsd.org Received: from jade.chc-chimes.com (jade.chc-chimes.com [216.28.46.6]) by hub.freebsd.org (Postfix) with ESMTP id B492237B422 for ; Wed, 30 Aug 2000 12:44:01 -0700 (PDT) Received: by jade.chc-chimes.com (Postfix, from userid 1001) id 273FF1C66; Wed, 30 Aug 2000 15:44:01 -0400 (EDT) Date: Wed, 30 Aug 2000 15:44:01 -0400 From: Bill Fumerola To: Jordan Hubbard Cc: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution Message-ID: <20000830154401.R33771@jade.chc-chimes.com> References: <87599.967663970@winston.osd.bsdi.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <87599.967663970@winston.osd.bsdi.com>; from jkh@winston.osd.bsdi.com on Wed, Aug 30, 2000 at 12:32:50PM -0700 X-Operating-System: FreeBSD 3.3-STABLE i386 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Aug 30, 2000 at 12:32:50PM -0700, Jordan Hubbard wrote: > > Are these the same plans from 5 years ago? > > Your wise-ass comments aside, I think that there are a number of > things which are driving us to NOT just hack-hack-hack on sysinstall > some more and attempt to accomplish by behind-the-scenes trickery what > should be accomplished by a proper mechanism, I.E. having all the > fundamental building blocks be proper packages and "bin" simply a > meta-package which depends on those packages which comprise what we > currently consider "the bindist." > > Since it's also far easier to be a back-seat driver on issues like > this than to actually assist the process, I would welcome your coding > contributions to making this happen rather than just suggesting that > we tangle our existing mess even further. Well, considering everytime everyone has an idea for sysinstall, the shouts of "Wait! Something new and better that already addresses that is already in the works!" ring loudly from Concord. Someone offered to actually look into doing the work (or I think even mentioned that he did the work) previously in the thread, so I was trying to determine how much further that should be persued. I, for one, am about to roll out lots of machines that are carbon copies of themselves and would like a stripped down install option. -- Bill Fumerola - Network Architect, BOFH / Chimes, Inc. billf@chimesnet.com / billf@FreeBSD.org PS. Making pkg_* style packages using the existing bsd.prog.mk would be really, really easy. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 12:50:16 2000 Delivered-To: freebsd-arch@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 9760D37B43C; Wed, 30 Aug 2000 12:50:14 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id MAA29147; Wed, 30 Aug 2000 12:50:14 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Wed, 30 Aug 2000 12:50:14 -0700 (PDT) From: Kris Kennaway To: Alexey Zelkin Cc: John Baldwin , arch@FreeBSD.org Subject: Re: aout-to-elf (was: Re: NO vs NO_) In-Reply-To: <20000830153500.B1040@ark.cris.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 30 Aug 2000, Alexey Zelkin wrote: > BTW, one more question related to architecture design of our buildworld > system. Is there any reason to keep aout-to-elf upgrade chunks there > for 4.x and 5.x systems ? Maybe it's time to cleanup Makefiles for > HEAD and RELENG_4 ? I think it's time they died a death. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 13:13:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 60A0137B424 for ; Wed, 30 Aug 2000 13:13:09 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 43FCF1925A; Wed, 30 Aug 2000 15:13:05 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id PAA24783; Wed, 30 Aug 2000 15:13:05 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Wed, 30 Aug 2000 15:13:04 -0500 From: "Jacques A. Vidrine" To: Hajimu UMEMOTO Cc: freebsd-arch@freebsd.org Subject: Re: Request for review: nsswitch Message-ID: <20000830151304.B15458@hamlet.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , Hajimu UMEMOTO , freebsd-arch@freebsd.org References: <20000830071347.A1167@hamlet.nectar.com> <20000831.021640.74713558.ume@mahoroba.org> <20000830133005.B15387@hamlet.nectar.com> <20000831.040615.78746226.ume@mahoroba.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000831.040615.78746226.ume@mahoroba.org>; from ume@mahoroba.org on Thu, Aug 31, 2000 at 04:06:15AM +0900 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Aug 31, 2000 at 04:06:15AM +0900, Hajimu UMEMOTO wrote: > Sorry for my inconvenience. > Actually, there is many difference between NetBSD's and FreeBSD's. > Please take just nsswitch support code from NetBSD's and merge it into > FreeBSD's. Because your work in this time is nsswitch related thing, > it's enough to sync around nsdispatch() call and API of > _dns_getaddrinfo() etc. OK, I started with NetBSD's getaddrinfo.c and merged in the FreeBSDisms. I'm testing it now. If you don't mind, I'll forward you the code/patch off list, and I'd like you to give it a once over. I'll integrate it with the patch set on my web site later tonight. Thanks! -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 13:25:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id 7ADB337B440 for ; Wed, 30 Aug 2000 13:25:52 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.9.3/8.9.3) with ESMTP id NAA87943; Wed, 30 Aug 2000 13:25:43 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Bill Fumerola Cc: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: Message from Bill Fumerola of "Wed, 30 Aug 2000 15:44:01 EDT." <20000830154401.R33771@jade.chc-chimes.com> Date: Wed, 30 Aug 2000 13:25:43 -0700 Message-ID: <87939.967667143@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Well, considering everytime everyone has an idea for sysinstall, the > shouts of "Wait! Something new and better that already addresses that > is already in the works!" ring loudly from Concord. I think that takes rather wide liberties in recounting what's actually been said from Concord or anywhere else for that matter. What I've said, and more times than I can count now, is that something new and better is NEEDED. More recently, I've also pointed out the existence of the libh project as one potential candidate for filling that need. I've also stated in some detail, at various times in the past, just what WAS needed to fix all of the historical shortcomings of our installation and package management system. None of that precludes someone from doing the actual work, far from it. I've been practically begging for that to happen for over 5 years now, and I have no illusions about BSDi riding in on a white horse to hire the people to do the job. I might have had some early on, but I quickly wised up on that score. > Someone offered to actually look into doing the work (or I think even > mentioned that he did the work) previously in the thread, so I was The problem with hacking on sysinstall, even for someone willing to do the work, is that it's an evil mess and most people underestimate the challenge when making such statements. This then leads to either nothing happening (which is comparatively harmless) or them making an even bigger hash out of it, something which leads to mystery-failures at release time. That's pretty embarassing and anything but harmless, especially to my sleep schedule. If it were properly designed and implemented, people could hack on it without breaking it so easily, but it's not. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 13:27: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id AB3B837B43E for ; Wed, 30 Aug 2000 13:27:01 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id D22561925A; Wed, 30 Aug 2000 15:27:00 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id PAA24842; Wed, 30 Aug 2000 15:27:00 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Wed, 30 Aug 2000 15:27:00 -0500 From: "Jacques A. Vidrine" To: John DeBoskey Cc: freebsd-arch@FreeBSD.ORG, "Daniel C. Sobral" Subject: Re: Request for review: nsswitch Message-ID: <20000830152700.E15458@hamlet.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , John DeBoskey , freebsd-arch@FreeBSD.ORG, "Daniel C. Sobral" References: <20000830071347.A1167@hamlet.nectar.com> <39AD222B.CE9A26B5@newsguy.com> <20000830132053.A15387@hamlet.nectar.com> <20000830142617.B86368@unx.sas.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000830142617.B86368@unx.sas.com>; from jwd@unx.sas.com on Wed, Aug 30, 2000 at 02:26:17PM -0400 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Aug 30, 2000 at 02:26:17PM -0400, John DeBoskey wrote: > How about a simple compromise? > > While the internal defaults may be sane, they are `invisible' to > the average user. What if we put the defaults into a > /etc/defaults/nsswitch.conf file. If they need to be overridden > locally, then a /etc/nsswitch.conf file is created and the > defaults version is ignored.. ?? I think I'll just be careful to document the defaults in the man page, unless I hear a good argument for putting another file in /etc/defaults. I don't think it is worth the effort or diverging from the NetBSD code to provide defaults for a file that will typically have maybe two lines, and at most five (with the current feature set). -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 13:53: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (fw2.aub.dk [195.24.1.195]) by hub.freebsd.org (Postfix) with ESMTP id 4DD6E37B43E for ; Wed, 30 Aug 2000 13:53:03 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e7UKqLN22215; Wed, 30 Aug 2000 22:52:21 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Jordan Hubbard Cc: Bill Fumerola , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: Your message of "Wed, 30 Aug 2000 13:25:43 PDT." <87939.967667143@winston.osd.bsdi.com> Date: Wed, 30 Aug 2000 22:52:21 +0200 Message-ID: <22213.967668741@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >What I've said, and more times than I can count now, is that something >new and better is NEEDED. More recently, I've also pointed out the >existence of the libh project as one potential candidate for filling >that need. As one of the original perpetrators and in fact the one who laid the foundations of sysinstall and "make release" where they lie to this day and then abandonned it to Jordan to maintain the monster, and as a card-carrying old asshole I would like to make a number of observations on this topic: 1. Yes sysinstall is not a pretty sight. (On the other hand, sysinstall was written to run in a rather "DIY" environment and therefore many things were initially not even possible which has latter become possible due to more RAM in the minimum configuration. Remember how long you could install FreeBSD with a single floppy ?) 2. Yes it would be nice if we had a well structured, 5th generation, object-oriented, modular, configurable, scripted, extensible, and provably correct install program. 3. Yes there are things sysinstall doesn't do very well. BUT: 4. Sysinstall does a hell of a good job for a lot of people and has done so for many years by now. They are used to it and know how to get the job done with it. 5. Any rewrite of sysinstall is bound to suffer "second systems syndrome" in fact Jordans evangelism for the project over the last 5 years to some extent proves this already: Anything rutinely called "the all singing and dancing foo" is bound to suffer from 2SS. (If you don't know what 2SS is, you need to read "The Mythical Man-Month" by Fred. P. Brooks). 6. Unless significant perceived improvement over the current sysinstall is realized, a transistion to a new tool faces a significant probability of a "New Coke" fate: "Why on earth did they fuck with this stuff, it worked fine ?!!!" Until now, I have always assumed that observation number 5 would prevent the sysinstallNG from ever being completed (seems I was right so far) and as a backup I assumed that observation number 6 would effectively kill it in early infancy if it did in fact carry to term with number 4 nailing the lid in the coffin firmly shut. I may be totally wrong. I just happen to remember how long time it took before the last people stopped telling us how much better the FreeBSD 1.X shellscripts were at installing FreeBSD than the "monster" we had created. No, I have not even looked at libh. I don't know what it can, what it does or how it does it. And I don't intend to find out unless I absolutely bloody have to. I helped write sysinstall, somebody else do the next one. With that off my chest: I want to wish the people who decide to tackle this task a well meant "Good luck - enjoy it!" I personally found it a very interesting and challenging task to write sysinstall, and I think you will find it a very very interesting task, only too bad the bar is so much higher to clear for you than it was for me, but so is life. You have my source and shoulders to stand on, so it should not be impossible, only just very very hard. Poul-Henning, Release-engineer FreeBSD 2.0 etc etc -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 14: 5:49 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail.ptd.net (mail2.ha-net.ptd.net [207.44.96.66]) by hub.freebsd.org (Postfix) with SMTP id 9CA3537B424 for ; Wed, 30 Aug 2000 14:05:47 -0700 (PDT) Received: (qmail 5422 invoked from network); 30 Aug 2000 21:05:49 -0000 Received: from du211167.cli.ptd.net (HELO mail.ptd.net) (204.186.211.167) by mail.ptd.net with SMTP; 30 Aug 2000 21:05:49 -0000 Message-ID: <39AD7714.E6D37422@mail.ptd.net> Date: Wed, 30 Aug 2000 17:05:24 -0400 From: "Thomas M. Sommers" Organization: None X-Mailer: Mozilla 4.72 [en] (X11; I; FreeBSD 4.0-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Warner Losh Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution References: <200008301728.LAA17081@harmony.village.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Warner Losh wrote: > > In message Dag-Erling Smorgrav writes: > : What would the good people think of moving gcc, gas, ld etc., as well > : as include files and static libraries out of the bin dist and into a > : separate distribution, called e.g. prog or devel? There are a lot of > : cases (e.g. firewalls, mail gateways) where you neither need nor want > : build tools, and PicoBSD is sometimes too radical. This would provide > : a sort of middle path between the too-minimalist PicoBSD and the > : not-minimalist-enough bin dist we have today. > > I would like this idea. The up side is that it saves about 100MB of > space, iirc. The down side is that minimal is no longer able to build > a kernel, which is why they were in there to start with. Perhaps distributions could have an uninstall mechanism, analogous to pkg_delete, so that the build tools could be easily removed after a new kernel is built. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 14: 7:19 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp6.mindspring.com (smtp6.mindspring.com [207.69.200.110]) by hub.freebsd.org (Postfix) with ESMTP id 052B837B42C for ; Wed, 30 Aug 2000 14:07:18 -0700 (PDT) Received: from silvia.hip.berkeley.edu (sji-ca41-168.ix.netcom.com [209.111.208.168]) by smtp6.mindspring.com (8.9.3/8.8.5) with ESMTP id RAA28024; Wed, 30 Aug 2000 17:06:48 -0400 (EDT) Received: (from asami@localhost) by silvia.hip.berkeley.edu (8.11.0/8.9.3) id e7UL4nn02841; Wed, 30 Aug 2000 14:04:49 -0700 (PDT) (envelope-from asami) To: Marcel Moolenaar Cc: Alexey Zelkin , Sheldon Hearn , arch@FreeBSD.ORG Subject: Re: NO vs NO_ References: <200008301026.DAA50313@pike.osd.bsdi.com> <27283.967631991@axl.fw.uunet.co.za> <20000830185645.A32496@ark.cris.net> <39AD3B1D.CFB294FC@cup.hp.com> From: asami@FreeBSD.ORG (Satoshi - Ports Wraith - Asami) Date: 30 Aug 2000 14:04:19 -0700 In-Reply-To: Marcel Moolenaar's message of "Wed, 30 Aug 2000 12:49:33 -0400" Message-ID: Lines: 12 X-Mailer: Gnus v5.7/Emacs 20.7 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * From: Marcel Moolenaar * I think it is mandatory for -stable and we probably should do it for * -current as well. In -current, the automagical translation can be * removed some time prior to the release. I wouldn't object to that, as long as we make the "old" names break loudly (and not silently ignored) at *some* point. Otherwise people might not even notice something's amyss (who reads warnings printed out at the beginning of make world? ;).... Satoshi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 14: 7:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from winston.osd.bsdi.com (winston.osd.bsdi.com [204.216.27.229]) by hub.freebsd.org (Postfix) with ESMTP id 35D9D37B42C for ; Wed, 30 Aug 2000 14:07:51 -0700 (PDT) Received: from winston.osd.bsdi.com (jkh@localhost [127.0.0.1]) by winston.osd.bsdi.com (8.9.3/8.9.3) with ESMTP id OAA88180; Wed, 30 Aug 2000 14:05:02 -0700 (PDT) (envelope-from jkh@winston.osd.bsdi.com) To: Poul-Henning Kamp Cc: Bill Fumerola , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: Message from Poul-Henning Kamp of "Wed, 30 Aug 2000 22:52:21 +0200." <22213.967668741@critter> Date: Wed, 30 Aug 2000 14:05:02 -0700 Message-ID: <88176.967669502@winston.osd.bsdi.com> From: Jordan Hubbard Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > As one of the original perpetrators and in fact the one who laid > the foundations of sysinstall and "make release" where they lie to Hmmm. Some historical liberties are being taken here since, actually, I believe Rod Grimes deserves a good deal of this title - he's the one who wrote much of the beginnings of what we now call release/Makefile today. Also, let's not forget Gary Palmer, who wrote a number of the config screens for sysinstall, he and I handling the "UI side" of sysinstall with most of my solo hacking being aimed at the menu infrastructure, device handling, etc. Unless I miss my guess, your guilt in this affair lies primarily with libdisk, another abstraction in dire need of a rewrite*. :-) Nonetheless, no matter how many weighty software development tomes one quotes, the fact remains: Sysinstall is NOT extensible, easily scriptable (I know, I wrote that bit too) or well suited for doing mass-production of FreeBSD boxes in a hardware vendor environment. Nor is it sufficiently graphical to please folks who are used to the Caldera or Red Hat installers, much less Windows or Solaris, which means that the only people who really *like* it are the folks in the very middle. The hardcore production folks hate it for not allowing them to more easily automate their prooduction lines and the novice users hate it because it's not a click-and-drool method of installing FreeBSD. Sysinstall preaches to the already-converted, and that's essentially the same problem all the other *BSD installers have. - Jordan * Things like region coalesce, collapse and resize would be very nice wishlist items for libdisk MkII. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 14:22: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (fw2.aub.dk [195.24.1.195]) by hub.freebsd.org (Postfix) with ESMTP id 4F42937B422 for ; Wed, 30 Aug 2000 14:22:01 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e7ULLQN38581; Wed, 30 Aug 2000 23:21:26 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Jordan Hubbard Cc: Bill Fumerola , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: Your message of "Wed, 30 Aug 2000 14:05:02 PDT." <88176.967669502@winston.osd.bsdi.com> Date: Wed, 30 Aug 2000 23:21:26 +0200 Message-ID: <38579.967670486@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <88176.967669502@winston.osd.bsdi.com>, Jordan Hubbard writes: >> As one of the original perpetrators and in fact the one who laid >> the foundations of sysinstall and "make release" where they lie to > >Hmmm. Some historical liberties are being taken here since, actually, >I believe Rod Grimes deserves a good deal of this title - he's the one >who wrote much of the beginnings of what we now call release/Makefile >today. No, in fact he didn't. His version of src/release/Makefile contained only the "make hierarchy" target. I received a couple of emails with instructions from Rod about how he had built 1.X but what ended up in src/release/Makefile had little to do with that because 2.0 had too many differences to use his stuff directly. Check the CVS log if you can't remember this... >Also, let's not forget Gary Palmer, who wrote a number of the config >screens for sysinstall, he and I handling the "UI side" of sysinstall >with most of my solo hacking being aimed at the menu infrastructure, >device handling, etc. Getting sysinstall started and getting libcurses working and similar stuff were almost entirely my work. Not until a semi-normal environment were established did you and Gary jump in (as previously agreed I might add :-) >Unless I miss my guess, your guilt in this affair lies primarily with >libdisk, another abstraction in dire need of a rewrite*. :-) ... and with all the small crinkly bits around the fiords :-) >Nonetheless, no matter how many weighty software development tomes one >quotes, the fact remains: Sysinstall is NOT extensible, easily >scriptable (I know, I wrote that bit too) or well suited for doing >mass-production of FreeBSD boxes in a hardware vendor environment. I agree, but it does 95% of the task which makes replacing it so damn hard because the return is only 5% which is a very slim margin for a large task like this. I'm not arguing that sysinstall shouldn't be replaced, I'm argueing that the replacement will have to be more than 5% better *somewhere* and less than 0% worse at any single point to win. As for rewriting libdisk, I already then pointed out that either libdisk should form the base of new fdisk and disklabel programs or those two programs should be enhanced to the point where they could make libdisk obsolete. The fact that adding a disk to an existing FreeBSD system in a civilized manner (ie: Not DD mode) is still not possible is a testimony to how good and easy /stand/sysinstall has worked. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 15:23:48 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 0309237B423 for ; Wed, 30 Aug 2000 15:23:46 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id QAA99950; Wed, 30 Aug 2000 16:23:44 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id QAA25453; Wed, 30 Aug 2000 16:23:21 -0600 (MDT) Message-Id: <200008302223.QAA25453@harmony.village.org> To: "Thomas M. Sommers" Subject: Re: build tools as separate distribution Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG In-reply-to: Your message of "Wed, 30 Aug 2000 17:05:24 EDT." <39AD7714.E6D37422@mail.ptd.net> References: <39AD7714.E6D37422@mail.ptd.net> <200008301728.LAA17081@harmony.village.org> Date: Wed, 30 Aug 2000 16:23:21 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <39AD7714.E6D37422@mail.ptd.net> "Thomas M. Sommers" writes: : Perhaps distributions could have an uninstall mechanism, analogous to : pkg_delete, so that the build tools could be easily removed after a new : kernel is built. This doesn't help much if you are trying to install onto a 32 or 48mb CF card... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Aug 30 23:53:16 2000 Delivered-To: freebsd-arch@freebsd.org Received: from garm.bart.nl (garm.bart.nl [194.158.170.13]) by hub.freebsd.org (Postfix) with ESMTP id 7361237B424 for ; Wed, 30 Aug 2000 23:53:13 -0700 (PDT) Received: from daemon.ninth-circle.org (root@daemon.ninth-circle.org [195.38.210.81]) by garm.bart.nl (8.10.1/8.10.1) with ESMTP id e7V6r2o48118; Thu, 31 Aug 2000 08:53:03 +0200 (CEST) Received: (from asmodai@localhost) by daemon.ninth-circle.org (8.9.3/8.9.3) id IAA01245; Thu, 31 Aug 2000 08:52:36 +0200 (CEST) (envelope-from asmodai) Date: Thu, 31 Aug 2000 08:52:36 +0200 From: Jeroen Ruigrok/Asmodai To: Poul-Henning Kamp Cc: Jordan Hubbard , Bill Fumerola , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution Message-ID: <20000831085236.A98583@daemon.ninth-circle.org> References: <87939.967667143@winston.osd.bsdi.com> <22213.967668741@critter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <22213.967668741@critter>; from phk@critter.freebsd.dk on Wed, Aug 30, 2000 at 10:52:21PM +0200 Organisation: Ninth-Circle Enterprises Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -On [20000831 00:01], Poul-Henning Kamp (phk@critter.freebsd.dk) wrote: >4. Sysinstall does a hell of a good job for a lot of people and > has done so for many years by now. They are used to it and > know how to get the job done with it. I just had someone congratulate us on our 4.x sysinstall. He mainly deals and dealt with Linux, Solaris and Windows and he just loves the way it works. And most of my colleagues at the tech department also love the sysinstall. And even my `I-have-never-used-Unix-before' colleagues at the helpdesk can install FreeBSD. There are obviously two ways to look at this issue: - programmer view - user view and from a user point of view sysinstall is actually pretty good. It does what needs to be done and without moaning. -- Jeroen Ruigrok vd Werven/Asmodai asmodai@[wxs.nl|bart.nl|freebsd.org] Documentation nutter/C-rated Coder BSD: Technical excellence at its best The BSD Programmer's Documentation Project Abandon hope, all ye who enter here... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 0:51: 1 2000 Delivered-To: freebsd-arch@freebsd.org Received: from lists01.iafrica.com (lists01.iafrica.com [196.7.0.141]) by hub.freebsd.org (Postfix) with ESMTP id 896E537B422; Thu, 31 Aug 2000 00:50:57 -0700 (PDT) Received: from nwl.fw.uunet.co.za ([196.31.2.162]) by lists01.iafrica.com with esmtp (Exim 3.12 #2) id 13UP7c-0002Pp-00; Thu, 31 Aug 2000 09:50:52 +0200 Received: (from nobody@localhost) by nwl.fw.uunet.co.za (8.8.8/8.6.9) id JAA11939; Thu, 31 Aug 2000 09:50:51 +0200 (SAST) Received: by nwl.fw.uunet.co.za via recvmail id 11652; Thu Aug 31 09:49:20 2000 Received: from sheldonh (helo=axl.fw.uunet.co.za) by axl.fw.uunet.co.za with local-esmtp (Exim 3.16 #1) id 13UP67-00008d-00; Thu, 31 Aug 2000 09:49:19 +0200 From: Sheldon Hearn To: obrien@freebsd.org Cc: Alexey Zelkin , arch@freebsd.org Subject: Re: NO vs NO_ In-reply-to: Your message of "Wed, 30 Aug 2000 10:02:58 MST." <20000830100258.E45710@dragon.nuxi.com> Date: Thu, 31 Aug 2000 09:49:19 +0200 Message-ID: <534.967708159@axl.fw.uunet.co.za> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 30 Aug 2000 10:02:58 MST, "David O'Brien" wrote: > > looks like it's time to rehash "NO vs NO_" theme. Any objections > > against changing all occurences of "NO_*" variables in src/'s Makefiles > > to "NO*" ? > > Yes, *_STRONG OBJECTIONS_*. I'd like to see freebsd-arch become a list where the word objection takes on the following meaning from Webster's: 2. That which is, or may be, presented in opposition; an adverse reason or argument; a reason for objecting; [...] Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 3:51:47 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 63F1137B505 for ; Thu, 31 Aug 2000 03:51:43 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id MAA34980; Thu, 31 Aug 2000 12:47:39 +0200 (CEST) (envelope-from des@flood.ping.uio.no) To: Marcel Moolenaar Cc: arch@FreeBSD.ORG Subject: Re: build tools as separate distribution References: <39AD3D96.7256B648@cup.hp.com> From: Dag-Erling Smorgrav Date: 31 Aug 2000 12:47:39 +0200 In-Reply-To: Marcel Moolenaar's message of "Wed, 30 Aug 2000 13:00:06 -0400" Message-ID: Lines: 14 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Marcel Moolenaar writes: > Funny you mention this. I have been in contact with the project manager > of the OpenWatcom project and he told me that watcom is being ported to > FreeBSD. For those who don't know what watcom is: Watcom is a compiler > for ia32 that compiles code for dos, dos4gw, different flavors of > Windows, OS/2 and Novell (I probably forget some). This is fabulous news! Watcom is by far the best optimizing C/C++ compiler I've ever used, and it has *excellent* error and warning functionality. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 5:28:37 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gidora.zeta.org.au (gidora.zeta.org.au [203.26.10.25]) by hub.freebsd.org (Postfix) with SMTP id 0532C37B424 for ; Thu, 31 Aug 2000 05:28:31 -0700 (PDT) Received: (qmail 6280 invoked from network); 31 Aug 2000 12:28:24 -0000 Received: from unknown (HELO bde.zeta.org.au) (203.2.228.102) by gidora.zeta.org.au with SMTP; 31 Aug 2000 12:28:24 -0000 Date: Thu, 31 Aug 2000 23:28:21 +1100 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Warner Losh Cc: Dag-Erling Smorgrav , Marcel Moolenaar , arch@FreeBSD.ORG Subject: Re: RFC: Linuxulator MI bits in sys/compat/linux In-Reply-To: <200008301721.LAA17046@harmony.village.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 30 Aug 2000, Warner Losh wrote: > My only complaint with putting anything in sys/compat is that I've > been typing for years sys/com to have tcsh complete it to > sys/compile. Now, I have to type compi :-( Me too, except I use bash and used to use //com*. Along the same lines, it's annoying that duplication of directory hierarchies limits the usefulness of $CDPATH. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 7:11:16 2000 Delivered-To: freebsd-arch@freebsd.org Received: from columbus.cris.net (columbus.cris.net [212.110.128.65]) by hub.freebsd.org (Postfix) with ESMTP id 54BBF37B42C for ; Thu, 31 Aug 2000 07:11:11 -0700 (PDT) Received: from ark.cris.net (root@ark.cris.net [212.110.128.68]) by columbus.cris.net (8.9.3/8.9.3) with ESMTP id RAA36870; Thu, 31 Aug 2000 17:10:37 +0300 (EEST) Received: (from phantom@localhost) by ark.cris.net (8.9.3/8.9.3) id RAA21332; Thu, 31 Aug 2000 17:10:52 +0300 (EEST) (envelope-from phantom) Date: Thu, 31 Aug 2000 17:10:52 +0300 From: Alexey Zelkin To: Marcel Moolenaar Cc: Sheldon Hearn , arch@FreeBSD.ORG Subject: Re: NO vs NO_ Message-ID: <20000831171052.A17250@ark.cris.net> References: <200008301026.DAA50313@pike.osd.bsdi.com> <27283.967631991@axl.fw.uunet.co.za> <20000830185645.A32496@ark.cris.net> <39AD3B1D.CFB294FC@cup.hp.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <39AD3B1D.CFB294FC@cup.hp.com>; from marcel@cup.hp.com on Wed, Aug 30, 2000 at 12:49:33PM -0400 X-Operating-System: FreeBSD 3.5-STABLE i386 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG hi, On Wed, Aug 30, 2000 at 12:49:33PM -0400, Marcel Moolenaar wrote: > I think it is mandatory for -stable and we probably should do it for > -current as well. In -current, the automagical translation can be > removed some time prior to the release. > > The reason for this is simply habit. Give people a change to get used to > the new names, how ever they are going to look like. As I already noted in this thread IMHO it will be useful to introduce variable which defining should force "automagical translation". Default behaviour just will cause build failure. In this case we can leave this variable uncommented (defined) for -STABLE and commented (undefined) for -CURRENT. It also can be useful to put this check to separate file (for example bsd.deprecated.mk) in /usr/share/mk and include to all /usr/share/mk/*mk file which contains any references to NO* variables. It will allow us to check depracated variables usage in any src's Makefile. PS: Anyone working in this area ? I don't want to duplicate efforts since I don't have to much spare time, but currently I can dig in this problem. -- /* Alexey Zelkin && phantom@cris.net */ /* Tavric National University && phantom@FreeBSD.org */ /* Sysadmin/Developer && phantom@sms.umc.com.ua */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 9:23:30 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id D809C37B424 for ; Thu, 31 Aug 2000 09:23:28 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id E33821925F; Thu, 31 Aug 2000 11:23:27 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id LAA26578; Thu, 31 Aug 2000 11:23:27 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Thu, 31 Aug 2000 11:23:27 -0500 From: "Jacques A. Vidrine" To: Hajimu UMEMOTO Cc: freebsd-arch@freebsd.org Subject: Re: Request for review: nsswitch Message-ID: <20000831112327.C26480@hamlet.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , Hajimu UMEMOTO , freebsd-arch@freebsd.org References: <20000830071347.A1167@hamlet.nectar.com> <20000831.021640.74713558.ume@mahoroba.org> <20000830133005.B15387@hamlet.nectar.com> <20000831.040615.78746226.ume@mahoroba.org> <20000830151304.B15458@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000830151304.B15458@hamlet.nectar.com>; from n@nectar.com on Wed, Aug 30, 2000 at 03:13:04PM -0500 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Aug 30, 2000 at 03:13:04PM -0500, Jacques A. Vidrine wrote: > OK, I started with NetBSD's getaddrinfo.c and merged in the FreeBSDisms. > I'm testing it now. If you don't mind, I'll forward you the code/patch > off list, and I'd like you to give it a once over. I'll integrate it > with the patch set on my web site later tonight. This is done, plus Hajimu had some extra changes. Thanks! The patches for 4.1-RELEASE, 4-STABLE, and 5-CURRENT have been updated. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 10:46:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id EC51037B423 for ; Thu, 31 Aug 2000 10:46:15 -0700 (PDT) Received: from newsguy.com (p02-dn03kiryunisiki.gunma.ocn.ne.jp [210.232.224.131]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id CAA03279; Fri, 1 Sep 2000 02:46:06 +0900 (JST) Message-ID: <39AE970A.30208A56@newsguy.com> Date: Fri, 01 Sep 2000 02:34:02 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: "Jacques A. Vidrine" Cc: freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch References: <20000830071347.A1167@hamlet.nectar.com> <39AD222B.CE9A26B5@newsguy.com> <20000830132053.A15387@hamlet.nectar.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Jacques A. Vidrine" wrote: > > On Thu, Aug 31, 2000 at 12:03:07AM +0900, Daniel C. Sobral wrote: > > Being guilty of not having looked at it at all, but this sounds like a > > typical case where we would want a /etc/defaults/nsswitch.conf with > > overrides in /etc/nsswitch.conf...? > > I'm not sure I agree. The types of things that have configuration > exampes in /etc/defaults are quite complicated. nsswitch.conf is simple > and described entirely in the man page. Also, if there is no > /etc/nsswitch.conf, the internal defaults are sane. The criteria is the following: if we need to install a file containing defaults and the user needs to tweak the configuration, then we use defaults. The reason is the following: when upgrading, merging changes to defaults against user modifications is not only very hard, but we have no support for it at all with our tools. I know of two exceptions: 1. Some files are (were?) installed as "sample". This is used when user modification is absolutely required to get the thing going (though it has been misused elsewhere; pccardd, for instance). 2. /boot/loader.rc is never overwritten, but a default is installed if not present. I did this not to rock the boat when loader.conf stuff was introduced, and because a previously working version of loader.rc would continue to work fine. That said, this one I have never been comfortable with. Anyway, if there is not default file being installed, then, indeed, the /etc/defaults thingy is not needed at all. -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@white.bunnies.bsdconspiracy.net OK, so the solar flares are my fault.. I am sorry, ok?!?! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 11: 5:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 7EE5D37B424 for ; Thu, 31 Aug 2000 11:05:05 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id CBE981925F; Thu, 31 Aug 2000 13:05:04 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id NAA26664; Thu, 31 Aug 2000 13:05:04 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Thu, 31 Aug 2000 13:05:04 -0500 From: "Jacques A. Vidrine" To: "Daniel C. Sobral" Cc: freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch Message-ID: <20000831130504.A26641@hamlet.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , "Daniel C. Sobral" , freebsd-arch@FreeBSD.ORG References: <20000830071347.A1167@hamlet.nectar.com> <39AD222B.CE9A26B5@newsguy.com> <20000830132053.A15387@hamlet.nectar.com> <39AE970A.30208A56@newsguy.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <39AE970A.30208A56@newsguy.com>; from dcs@newsguy.com on Fri, Sep 01, 2000 at 02:34:02AM +0900 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Sep 01, 2000 at 02:34:02AM +0900, Daniel C. Sobral wrote: > The reason is the following: when upgrading, merging changes to defaults > against user modifications is not only very hard, but we have no support > for it at all with our tools. The defaults for nsswitch.conf will not change, ever. They have been chosen to emulate the traditional behavior. > Anyway, if there is not default file being installed, then, indeed, the > /etc/defaults thingy is not needed at all. Right, much like /etc/resolv.conf. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 17:41:13 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mta01.chello.no (mta01.chello.no [212.186.255.12]) by hub.freebsd.org (Postfix) with ESMTP id 44AEC37B42C for ; Thu, 31 Aug 2000 17:41:10 -0700 (PDT) Received: from johnny.priv.shamz.net ([213.46.212.80]) by mta01.chello.no (InterMail vK.4.02.00.00 201-232-116 license 77df2db80a2bdce4d335ff4839618d42) with ESMTP id <20000901004139.CLHR8178.mta01@johnny.priv.shamz.net> for ; Fri, 1 Sep 2000 02:41:39 +0200 Received: from dakota.priv.shamz.net (dakota.priv.shamz.net [192.168.0.24]) by johnny.priv.shamz.net (8.9.3/8.9.3) with ESMTP id CAA70502 for ; Fri, 1 Sep 2000 02:40:58 +0200 (CEST) (envelope-from shaun@dakota.priv.shamz.net) Received: (from shaun@localhost) by dakota.priv.shamz.net (8.11.0/8.9.3) id e810evc82329 for arch@FreeBSD.ORG; Fri, 1 Sep 2000 02:40:57 +0200 (CEST) (envelope-from shaun) Date: Fri, 1 Sep 2000 02:40:57 +0200 From: Shaun Jurrens To: arch@FreeBSD.ORG Subject: sysinstall specification (was: build tools as...) Message-ID: <20000901024057.B3659@dakota.priv.shamz.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Although it is hardly my place to enter into the discussions on -arch, I would like to offer an organizational suggestion, that being a greater strength on my part than writing code. A generally recognized method of solving complex problems is to subdivide them into manageable parts. Modularity in programming, design, and problem solving have enough aspects in common, that this little treatise might help. My suggestion is simply that those "fathers" of the current sysinstaller make the design of a new sysinstaller simpler to those not possessing the years of experience with the pitfalls of the gradual "monster" now known as sysinstall. As disgusting as the word rings in most coders ears, it would beneficial if the small group of sysinstall coders/release engineers would put on their "manager" (sorry if that hurt) hats and write a specification of that which would be accepted as a new sysinstaller. That means: 1. coding requirements (language, and general, i.e. "modular" approach) 2. user-interface requirements 3. size requirements 4. list of required functions 5. list of optional functions 6. a time-frame for development (subject to abuse as time allows) Point 4 being the most complex list, it should be divided into sublists of 1) currently available functions including how they are currently (inadequately) resolved, perhaps with references to code, and 2) new and desired functions and how these need to work in conjunction with the other portions of the code. This might seem as difficult as just writing the code, but I see that most of the required authors are sufficiently talented to compose long works in English. It has the advantage of serving as a public checklist for acceptance of the finished "modules" of the code as well, and may interest a greater number of people to take on smaller amounts of the work. The final specification will need to be announced and a moderated mailing list for contributors, tester, etc,. As much as I would like to avoid stepping on anyone's toes/ego, I think this would offer a better chance of getting a new sysinstaller than the current "waiting for divine intervention" method. It would also demonstrate a certain professionality in organizing a much needed (depending on your views, perhaps) development project. I personally think there are enough people willing to work on the project, but the constant warnings about its complexity as well as the "single point of failure" pressure makes people shy away from volunteering. Grant me a bit of charity in your criticisms, the small points have been omitted in favor of keeping this from getting any longer than it already has. -- Yours truly, Shaun D. Jurrens shaun@shamz.net shamz@freenix.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 17:43:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from wall.polstra.com (rtrwan160.accessone.com [206.213.115.74]) by hub.freebsd.org (Postfix) with ESMTP id AC66737B423 for ; Thu, 31 Aug 2000 17:43:56 -0700 (PDT) Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13]) by wall.polstra.com (8.9.3/8.9.3) with ESMTP id RAA14726; Thu, 31 Aug 2000 17:43:53 -0700 (PDT) (envelope-from jdp@polstra.com) From: John Polstra Received: (from jdp@localhost) by vashon.polstra.com (8.9.3/8.9.1) id RAA43832; Thu, 31 Aug 2000 17:43:53 -0700 (PDT) (envelope-from jdp@polstra.com) Date: Thu, 31 Aug 2000 17:43:53 -0700 (PDT) Message-Id: <200009010043.RAA43832@vashon.polstra.com> To: arch@freebsd.org Reply-To: arch@freebsd.org Cc: dcs@newsguy.com Subject: Re: Request for review: nsswitch In-Reply-To: <39AE970A.30208A56@newsguy.com> References: <20000830071347.A1167@hamlet.nectar.com> <39AD222B.CE9A26B5@newsguy.com> <20000830132053.A15387@hamlet.nectar.com> <39AE970A.30208A56@newsguy.com> Organization: Polstra & Co., Seattle, WA Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In article <39AE970A.30208A56@newsguy.com>, Daniel C. Sobral wrote: > 2. /boot/loader.rc is never overwritten, but a default is installed > if not present. I did this not to rock the boat when loader.conf > stuff was introduced, and because a previously working version of > loader.rc would continue to work fine. That said, this one I have > never been comfortable with. This one actually bit me when I upgraded one of my machines to a version that required "/boot/device.hints". In the dim distant past when it was still considered OK, I had modified my "/boot/loader.rc" file to something that worked fine at the time. But it didn't have the ability to load the device.hints file and the install didn't fix it. Since it's no longer really an option to customize this file, I would prefer that it be installed unconditionally. John -- John Polstra jdp@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 17:47:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from wall.polstra.com (rtrwan160.accessone.com [206.213.115.74]) by hub.freebsd.org (Postfix) with ESMTP id DD05C37B42C for ; Thu, 31 Aug 2000 17:47:21 -0700 (PDT) Received: from vashon.polstra.com (vashon.polstra.com [206.213.73.13]) by wall.polstra.com (8.9.3/8.9.3) with ESMTP id RAA14742; Thu, 31 Aug 2000 17:47:13 -0700 (PDT) (envelope-from jdp@polstra.com) From: John Polstra Received: (from jdp@localhost) by vashon.polstra.com (8.9.3/8.9.1) id RAA43862; Thu, 31 Aug 2000 17:47:13 -0700 (PDT) (envelope-from jdp@polstra.com) Date: Thu, 31 Aug 2000 17:47:13 -0700 (PDT) Message-Id: <200009010047.RAA43862@vashon.polstra.com> To: arch@freebsd.org Reply-To: arch@freebsd.org Cc: n@nectar.com Subject: Re: Request for review: nsswitch In-Reply-To: <20000831130504.A26641@hamlet.nectar.com> References: <20000830071347.A1167@hamlet.nectar.com> <20000830132053.A15387@hamlet.nectar.com> <39AE970A.30208A56@newsguy.com> <20000831130504.A26641@hamlet.nectar.com> Organization: Polstra & Co., Seattle, WA Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In article <20000831130504.A26641@hamlet.nectar.com>, Jacques A. Vidrine wrote: > On Fri, Sep 01, 2000 at 02:34:02AM +0900, Daniel C. Sobral wrote: > > The reason is the following: when upgrading, merging changes to defaults > > against user modifications is not only very hard, but we have no support > > for it at all with our tools. > > The defaults for nsswitch.conf will not change, ever. They have been > chosen to emulate the traditional behavior. I have to agree with Daniel here. The whole point of nsswitch.conf is so you can customize it, right? Otherwise why bother with it? We are moving toward using immutable default versions in /etc/defaults with customizable overrides in /etc. That has made dealing with rc.conf and make.conf much, much easier. I think the ultimate goal should be that the admin can customize his /etc directory without the need to do _any_ merging. That means the defaults and the overrides have to be separated. John -- John Polstra jdp@polstra.com John D. Polstra & Co., Inc. Seattle, Washington USA "Disappointment is a good sign of basic intelligence." -- Chögyam Trungpa To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Aug 31 18: 0:15 2000 Delivered-To: freebsd-arch@freebsd.org Received: from pike.osd.bsdi.com (pike.osd.bsdi.com [204.216.28.222]) by hub.freebsd.org (Postfix) with ESMTP id 264DA37B422 for ; Thu, 31 Aug 2000 18:00:12 -0700 (PDT) Received: (from jhb@localhost) by pike.osd.bsdi.com (8.9.3/8.9.3) id RAA12388; Thu, 31 Aug 2000 17:59:58 -0700 (PDT) (envelope-from jhb) From: John Baldwin Message-Id: <200009010059.RAA12388@pike.osd.bsdi.com> Subject: Re: Request for review: nsswitch In-Reply-To: <200009010047.RAA43862@vashon.polstra.com> from John Polstra at "Aug 31, 2000 05:47:13 pm" To: arch@FreeBSD.ORG Date: Thu, 31 Aug 2000 17:59:58 -0700 (PDT) Cc: n@nectar.com X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG John Polstra wrote: > In article <20000831130504.A26641@hamlet.nectar.com>, > Jacques A. Vidrine wrote: > > On Fri, Sep 01, 2000 at 02:34:02AM +0900, Daniel C. Sobral wrote: > > > The reason is the following: when upgrading, merging changes to defaults > > > against user modifications is not only very hard, but we have no support > > > for it at all with our tools. > > > > The defaults for nsswitch.conf will not change, ever. They have been > > chosen to emulate the traditional behavior. > > I have to agree with Daniel here. The whole point of nsswitch.conf is > so you can customize it, right? Otherwise why bother with it? We are > moving toward using immutable default versions in /etc/defaults with > customizable overrides in /etc. That has made dealing with rc.conf > and make.conf much, much easier. I think the ultimate goal should be > that the admin can customize his /etc directory without the need to do > _any_ merging. That means the defaults and the overrides have to be > separated. Erm, nssswitch.conf will not be a very active file like make.conf or rc.conf. > ls -l /etc | grep -v '^[dl]' | wc -l 81 > ls -l /etc/defaults | grep -v '^[dl]' | wc -l 5 I don't think we need 80 files in /etc/defaults. Thus far, the files we have put in /etc/defaults are ones that are changed very often, and thus can present problems with merging, e.g. rc.conf, make.conf, etc. Also, they are files where you can simply maintain a small file in /etc to override default settings. We don't have ttys, resolv.conf, syslog.conf, newsyslog.conf, shells, remote, modems, pam.conf, host.conf, inetd.conf, or any of several other files in /etc/defaults, and we don't need them there. nsswitch.conf will basically take the place of host.conf when this is done. /usr/src/etc/host.conf is on revision 1.6 after being in the tree _seven_ years. 3 of these commits are due to $FreeBSD$. Thus, since its import, it has had all of 2 actual commits, one to add a comment, and one to change the order. Putting host.conf in /etc/defaults would just be dumb. Same with nsswitch.conf. > John > -- > John Polstra jdp@polstra.com > John D. Polstra & Co., Inc. Seattle, Washington USA -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.cslab.vt.edu/~jobaldwi/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 1:25: 1 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mtiwmhc24.worldnet.att.net (mtiwmhc24.worldnet.att.net [204.127.131.49]) by hub.freebsd.org (Postfix) with ESMTP id ABD8837B43C; Fri, 1 Sep 2000 01:24:54 -0700 (PDT) Received: from 216.neworleans-05-10rs16rt.la.dial-access.att.net ([12.73.250.216]) by mtiwmhc24.worldnet.att.net (InterMail vM.4.01.02.39 201-229-119-122) with SMTP id <20000901082447.JRGO13787.mtiwmhc24.worldnet.att.net@216.neworleans-05-10rs16rt.la.dial-access.att.net>; Fri, 1 Sep 2000 08:24:47 +0000 From: Thrumbar Pathfinder To: freebsd-hardware@FreeBSD.org Cc: arch@FreeBSD.ORG Subject: Auto-Mount/Dismount optional drivers development??? Date: Fri, 01 Sep 2000 03:18:03 -0500 Organization: OmniCorp Interstellar Message-ID: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I propose the following enhancements to the drivers used in FreeBSD. Pleas do not confuse this with that Supermount (supermount) used in ManDrake Linux as this is different entirely... The ability for storage devices to auto-Mount/DisMount their media in the event that the eject button is pushed on the drive itself without executing the dismount command from terminal or by script.. This would help in the following ways : 1. Security : Drives can be linked to ones Login to allow access to only prescribed drives (Media) due to the drive that is not mounted cannot be accessed (drives units are ghost, assigned their ID's but not allowed to mount when the logged on user is not allowed access to it). The drive will appear on a manager to be hazed out to indicate that it is dismounted... This would be more secure than the current use of scripts or manual commands as the code would be securely in the in the driver code. The drive, if possible can also be set to prevent the insertion of media or the removal of said media (some drives can - at least in their Win doze version - when trying to eject and active disk prompt the user and the user select the ignore option thus preventing the ejection from taking place) if possible. Will have to contact drive suppliers to find out if possible... 2. Integrity : This prevents the mistaken removal of media without dismounting first in the event the manual eject is pressed. =09 This also allows for quick change of media for tape or cd jukeboxes with just a click of the drive icon or cd prompt change... 3. Access (see security) The driver would detect the eject command (from the button being pressed - much like current adaptec DirectCD does on my CD-RW drive) and triggers a detection to check it the media is active Active - either of the following a: cancels dismount b: waits for activity to end - dismounts c: halts activity - dismounts d: prompts for action non Active - dismounts media This is for media that does not use a mechanical ejection (Floppy (1.44) but uses and articulated ejection (electrical as in CD's, Zip, Jazz). Including hot-swapable HD's using swap trays (caddies). There is more ways this could be used, but my brain is falling off and I cannot think anymore so I will leave it with the above in hopes another can add their own.. I most likely will not be able to contribute much as I have trouble even spelling the word programming much less doing it (still learning at beginning level).. Any constructive comments?????? Thrumbar@Worldnet.att.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 6: 5:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 8743437B422; Fri, 1 Sep 2000 06:05:09 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id JAA38677; Fri, 1 Sep 2000 09:05:07 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Fri, 1 Sep 2000 09:05:07 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Thrumbar Pathfinder Cc: freebsd-hardware@FreeBSD.org, arch@FreeBSD.org Subject: Re: Auto-Mount/Dismount optional drivers development??? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You can imagine the decisions and resulting activities, in the case of removable media, being made in a userland daemon listening for device events. I guess the pertinent question then is, what is the best way in which to deliver this sort of event information to userland processes? To what extent can this event stream be abstracted so as to not represent driver-specific events ("cdrom device (whatever) was ejected" in a cdrom schema as opposed to something acd-specific), and should it be extensible to allow the representing of driver-specific events. Polling for device availability in userland seems like a less pretty solution. Right now, devices in /devfs appear based on whether or not the drive is available, not media. I wonder if there would be an appropriate way for events to be notified via a combination of kqueue() and devfs nodes? Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 6:11:35 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dragon.nuxi.com (trang.nuxi.com [209.152.133.57]) by hub.freebsd.org (Postfix) with ESMTP id C926137B42C for ; Fri, 1 Sep 2000 06:11:33 -0700 (PDT) Received: (from obrien@localhost) by dragon.nuxi.com (8.9.3/8.9.1) id GAA87168 for arch@freebsd.org; Fri, 1 Sep 2000 06:11:33 -0700 (PDT) (envelope-from obrien) Date: Fri, 1 Sep 2000 06:11:32 -0700 From: "David O'Brien" To: arch@freebsd.org Subject: linprocfs movement Message-ID: <20000901061132.A87154@dragon.nuxi.com> Reply-To: arch@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i X-Operating-System: FreeBSD 5.0-CURRENT Organization: The NUXI BSD group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Should src/sys/i386/linux/linprocfs be moved to src/sys/compat/linprocfs or src/sys/compat/linux/linprocfs ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 7:47:47 2000 Delivered-To: freebsd-arch@freebsd.org Received: from relay.butya.kz (butya-gw.butya.kz [212.154.129.94]) by hub.freebsd.org (Postfix) with ESMTP id 2E73737B42C; Fri, 1 Sep 2000 07:47:41 -0700 (PDT) Received: by relay.butya.kz (Postfix, from userid 1000) id 0D1A5288AF; Fri, 1 Sep 2000 21:47:38 +0700 (ALMST) Received: from localhost (localhost [127.0.0.1]) by relay.butya.kz (Postfix) with ESMTP id 035A428775; Fri, 1 Sep 2000 21:47:37 +0700 (ALMST) Date: Fri, 1 Sep 2000 21:47:37 +0700 (ALMST) From: Boris Popov To: freebsd-arch@freebsd.org, freebsd-i18n@freebsd.org Cc: ache@freebsd.org Subject: CFR: iconv functions (was: Proposal to include iconv library in the base system) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 24 Aug 2000, Boris Popov wrote: > Proposal to include iconv library and iconv(1) program in the base system. > > This library of functions and its companion iconv program provide > converts between various single-byte and multibyte charsets. These iconv* > functions are essential in the mixed networks and on local machines with > multiple charsets. Ok, it seems that I can comment on all questions by myself: > The questionable part is a which set of character sets should be > included in the base system and which should be supplied as packages. Initially only library code needs to be imported, and the rest supplied as ports/packages. > Secondly, where should the functions be placed? Initially, the iconv > library was a separate file (libiconv*). However, it seems that > Solaris has the library in libc and Linux in glibc. I do not > know how HPUX does this. libc seems to be the right place for iconv* functions. > And the third question is where I should place the source code for > character conversion schemes in the source tree. This is no longer an issue because CCS'es will be supplied as ports for now. If nobody objects I'm going to commit iconv library at the end of next week as part of the smbfs import. -- Boris Popov http://www.butya.kz/~bp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 8: 0:12 2000 Delivered-To: freebsd-arch@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id F010237B424; Fri, 1 Sep 2000 08:00:05 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.0/8.11.0) id e81Exnp29833; Fri, 1 Sep 2000 18:59:49 +0400 (MSD) (envelope-from ache) Date: Fri, 1 Sep 2000 18:59:46 +0400 From: "Andrey A. Chernov" To: Boris Popov Cc: freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG, Konstantin Chuguev Subject: Re: Proposal to include iconv library in the base system. Message-ID: <20000901185945.A29804@nagual.pp.ru> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from bp@butya.kz on Thu, Aug 24, 2000 at 05:39:39PM +0700 Organization: Biomechanoid Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Aug 24, 2000 at 05:39:39PM +0700, Boris Popov wrote: > FreeBSD already contains a few character conversion schemes for > msdosfs, nwfs, cd9660fs and syscon mapping tables. However, the usage We need XLAT converters for them, not Unicode one, as I understand Unicode data loaded into kernel will be too big. > The questionable part is a which set of character sets should be > included in the base system and which should be supplied as packages. We need to include all charsets we have locale support in the base system. > Secondly, where should the functions be placed? Initially, the iconv /usr/libdata/iconv What I am not understand at this moment: how iconv handles non-convertable characters? I don't see any way to set fill character in described interface. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 8:13: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from relay.butya.kz (butya-gw.butya.kz [212.154.129.94]) by hub.freebsd.org (Postfix) with ESMTP id 144DE37B423 for ; Fri, 1 Sep 2000 08:13:06 -0700 (PDT) Received: by relay.butya.kz (Postfix, from userid 1000) id 004B128775; Fri, 1 Sep 2000 22:13:02 +0700 (ALMST) Received: from localhost (localhost [127.0.0.1]) by relay.butya.kz (Postfix) with ESMTP id EAE4A28677 for ; Fri, 1 Sep 2000 22:13:02 +0700 (ALMST) Date: Fri, 1 Sep 2000 22:13:02 +0700 (ALMST) From: Boris Popov To: freebsd-arch@freebsd.org Subject: Shared kernel code Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello, Currently I'm preparing smbfs bits for import into main tree. Since both nwfs and smbfs contains common parts I've tried to unify them in order to share code. Currently there are two common parts: kernel side of iconv library and encapsulation of mbuf management functions. Both can be statically compiled in the kernel or loaded as KLDs. But there is an interesting question arises - where to put source code for those modules which don't represent any device and may consists from multiple source files ? Historically such files were placed in the kern and libkern directories. But it seems that both aren't suitable for newly added interfaces because of the flat name space. So, my suggestion is to create sys/lib directory which should be organized as src/lib directory. Eg: sys/lib libiconv/ libmbuf/ etc... Basically, sys/libkern also can be moved under lib directory. Comments are welcome. -- Boris Popov http://www.butya.kz/~bp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 8:22:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from relay.butya.kz (butya-gw.butya.kz [212.154.129.94]) by hub.freebsd.org (Postfix) with ESMTP id E7FBD37B422; Fri, 1 Sep 2000 08:22:03 -0700 (PDT) Received: by relay.butya.kz (Postfix, from userid 1000) id 2CF9928775; Fri, 1 Sep 2000 22:22:01 +0700 (ALMST) Received: from localhost (localhost [127.0.0.1]) by relay.butya.kz (Postfix) with ESMTP id 2313F28677; Fri, 1 Sep 2000 22:22:01 +0700 (ALMST) Date: Fri, 1 Sep 2000 22:22:01 +0700 (ALMST) From: Boris Popov To: "Andrey A. Chernov" Cc: freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG, Konstantin Chuguev Subject: Re: Proposal to include iconv library in the base system. In-Reply-To: <20000901185945.A29804@nagual.pp.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 1 Sep 2000, Andrey A. Chernov wrote: > On Thu, Aug 24, 2000 at 05:39:39PM +0700, Boris Popov wrote: > > FreeBSD already contains a few character conversion schemes for > > msdosfs, nwfs, cd9660fs and syscon mapping tables. However, the usage > > We need XLAT converters for them, not Unicode one, as I understand Unicode > data loaded into kernel will be too big. Correct, for 8 bit charsets XLAT table dynamically built in the user space and then uploaded to the kernel space. This can't be done for multibyte charsets, though. > > The questionable part is a which set of character sets should be > > included in the base system and which should be supplied as packages. > > We need to include all charsets we have locale support in the base system. Noted. > > Secondly, where should the functions be placed? Initially, the iconv > > /usr/libdata/iconv Ok. > What I am not understand at this moment: how iconv handles non-convertable > characters? I don't see any way to set fill character in described > interface. I'll cite iconv(3) man page: If a sequence of input bytes does not form a valid charac- ter in the specified charset, conversion stops after the previous successfully converted character. If the input buffer ends with an incomplete character or shift sequence, conversion stops after the previous successfully converted bytes. -- Boris Popov http://www.butya.kz/~bp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 8:39:35 2000 Delivered-To: freebsd-arch@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id B524737B43C; Fri, 1 Sep 2000 08:39:31 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.0/8.11.0) id e81FcPd30081; Fri, 1 Sep 2000 19:38:25 +0400 (MSD) (envelope-from ache) Date: Fri, 1 Sep 2000 19:38:24 +0400 From: "Andrey A. Chernov" To: Boris Popov Cc: freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG, Konstantin Chuguev Subject: Re: Proposal to include iconv library in the base system. Message-ID: <20000901193824.A30020@nagual.pp.ru> References: <20000901185945.A29804@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from bp@butya.kz on Fri, Sep 01, 2000 at 10:22:01PM +0700 Organization: Biomechanoid Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Sep 01, 2000 at 10:22:01PM +0700, Boris Popov wrote: > If a sequence of input bytes does not form a valid charac- > ter in the specified charset, conversion stops after the > previous successfully converted character. If the input > buffer ends with an incomplete character or shift > sequence, conversion stops after the previous successfully > converted bytes. As I understand, an application (f.e. XLAT table builder for the kernel) should track any stop location and insert f.e. '?' there manually. Is it so? -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 9:17:15 2000 Delivered-To: freebsd-arch@freebsd.org Received: from alpha.dante.org.uk (alpha.dante.org.uk [193.63.211.19]) by hub.freebsd.org (Postfix) with ESMTP id E305037B42C; Fri, 1 Sep 2000 09:17:07 -0700 (PDT) Received: from theta.dante.org.uk ([193.63.211.7]) by alpha.dante.org.uk with esmtp (Exim 3.12 #4) id 13UtUg-000694-00; Fri, 01 Sep 2000 17:16:42 +0100 Received: from localhost ([127.0.0.1] helo=dante.org.uk) by theta.dante.org.uk with esmtp (Exim 3.12 #4) id 13UtUd-00073s-00; Fri, 01 Sep 2000 17:16:39 +0100 Message-ID: <39AFD666.880FE6C@dante.org.uk> Date: Fri, 01 Sep 2000 17:16:38 +0100 From: Konstantin Chuguev Organization: Delivery of Advanced Networking Service to Europe Ltd. X-Mailer: Mozilla 4.75 [en] (X11; U; SunOS 5.6 sun4u) X-Accept-Language: en, ru MIME-Version: 1.0 To: "Andrey A. Chernov" Cc: Boris Popov , freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG Subject: Re: Proposal to include iconv library in the base system. References: <20000901185945.A29804@nagual.pp.ru> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Andrey A. Chernov" wrote: > On Thu, Aug 24, 2000 at 05:39:39PM +0700, Boris Popov wrote: > > FreeBSD already contains a few character conversion schemes for > > msdosfs, nwfs, cd9660fs and syscon mapping tables. However, the usage > > We need XLAT converters for them, not Unicode one, as I understand Unicode > data loaded into kernel will be too big. > It depends on what do you mean by Unicode data. At the Unicode site there is a plain/text table with Unicode data, with the number of recored approximately equal 0xFFFF - . Each record corresponds to a Unicode character and can have up to 10 or more fields, among them the canonical name of the character, information about capital and small letters, directionality and so on. This information is intended to be used for processing/[de]normalizing Unicode text. All this is not needed for the charset conversion. The most commonly used 8-bit charsets for filesystems are ISO-8859, Windows-125x, IBM-86x and KOI8-R. It is easy to create XLAT tables for conversion between pairs of these charsets; obviously we won't need the "full mesh" of pairs here, only tables for charsets used for the same language. Simplifying that, we will need N * 2 * 256bytes for all tables. There are two problems here: * it is not so easy to guess the N number. For 4 charsets used for Russian we will need 6 * 2 tables (for 5 charsets - 10 * 2 tables); add other languages; * new filesystems use Unicode encodings: UCS-2 (Windows), some may use UTF-8. These encodings are not supported by XLAT. iconv CCS modules consist of 2 tables each. One table is for translation from the charset to Unicode (UCS-4), the other - from UCS-4 to the charset. There are 4 different table types currently supported: 7-bit, 8-bit, 14-bit and 16-bit. The table layout is hidden from the module interface, two functions actually doing the conversion are as follows (names of functions and arguments here don't match exactly those in the iconv implementation): ucs4_t iconv_ccs_convert_to_ucs(void *module, ucs4_t charset_char); ucs4_t iconv_ccs_convert_from_ucs(void *module, ucs4_t ucs_char); The internal 14-bit and 16-bit tables are two-level, not flat. There is one more type of CCS modules I'm thinking about: 32-bit tables for translation between full range of CJK characters in, say, BIG5 or CNS11643, and the next version of Unicode standard with these character added. 1. charsets for right-to-left scripts; they use special control characters for changing the direction of writing; the algorithm is different from the Unicode one; more complicated logic is necessary for these charsets. The second type of modules is CES - character encoding schemes. Their interface is similar to that below: ucs4_t ccs_convert_to_ucs(void *module, unsigned char **srcstr, unsigned *srcbytelen); int ccs_convert_from_ucs(void *module, unsigned char **dststr, unsigned *dstbytelen, ucs4_t srcchar); The difference from CCS is that there is no fixed-length correspondense between the UCS and original charset characters. Each UCS character can be translated to/from 0 to N bytes of a text encoded in the original character encoding scheme. Now the supported schemes are: * _tbl_simple - used for most European charsets (for ASCII and all 8-bit charsets); it simply uses the corresponding CCS module; * EUC family for CJK; * ISO-2022-xx for CJK; * UCS-4, UCS-2, UTF-16, UTF-8, UTF-7. A new type of CES modules can be the one for charsets used for Arabic and Hebrew, where more complicated algorithm used to convert directionality control characters from/to Unicode. Now, all the modules are loadable and shareable. If the system is using a fair amount of charsets at the same time, the amount of table data loaded into kernel can be actually smaller than when loading all corresponding pairs of XLAT tables. > > > The questionable part is a which set of character sets should be > > included in the base system and which should be supplied as packages. > > We need to include all charsets we have locale support in the base system. > Exactly, this is what was intended. All [UNIX] charsets supported in the FreeBSD distribution (i.e. which are present in the locale directory) PLUS charsets used in other types of filesystems (Windows, Netware?, MacOS?) for the languages supported by FreeBSD (see locale again). Otherwise there is no much need to include iconv to the kernel at the moment. Perhaps, minus CJK charsets due to their size. I don't know if there is a need of CJK charset conversion for filesystems. All other modules can easily be installed from ports/packages. > > > Secondly, where should the functions be placed? Initially, the iconv > > /usr/libdata/iconv > I think this case is much the same as for PAM modules. > > What I am not understand at this moment: how iconv handles non-convertable > characters? I don't see any way to set fill character in described > interface. > According to the standard, iconv stops when it finds an illegal sequence of bytes in the source byte sequence (input charset). If there is no corresponding character in the destination charset, the behaviour of iconv is implementation-dependent. My implementation currently translates it into a predefined (at compile time) substitution character. Don't remember though whether it is '_' or '?' :-) I will try my best to produce the final version 1.0 of the library and conversion modules before Monday. -- * * Konstantin Chuguev - Application Engineer * * Francis House, 112 Hills Road * Cambridge CB2 1PQ, United Kingdom D A N T E WWW: http://www.dante.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 9:45:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from palrel1.hp.com (palrel1.hp.com [156.153.255.242]) by hub.freebsd.org (Postfix) with ESMTP id 69C0E37B43E for ; Fri, 1 Sep 2000 09:45:22 -0700 (PDT) Received: from adlmail.cup.hp.com (adlmail.cup.hp.com [15.0.100.30]) by palrel1.hp.com (Postfix) with ESMTP id 44C451320E for ; Fri, 1 Sep 2000 09:29:42 -0700 (PDT) Received: from cup.hp.com (gauss.cup.hp.com [15.28.97.152]) by adlmail.cup.hp.com (8.9.3 (PHNE_18546)/8.9.3 SMKit7.02) with ESMTP id JAA25750 for ; Fri, 1 Sep 2000 09:29:42 -0700 (PDT) Message-ID: <39AFD975.C0207B36@cup.hp.com> Date: Fri, 01 Sep 2000 12:29:41 -0400 From: Marcel Moolenaar Organization: Hewlett-Packard X-Mailer: Mozilla 4.73 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: arch@FreeBSD.ORG Subject: Re: linprocfs movement References: <20000901061132.A87154@dragon.nuxi.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG David O'Brien wrote: > > Should src/sys/i386/linux/linprocfs be moved to src/sys/compat/linprocfs > or src/sys/compat/linux/linprocfs ? We have decided to integrate linprocfs into the Linuxulator. This is the reason why it's under /sys/i386/linux in the first place. I basicly don't want the linux procfs stuff in a seperate directory, but along with the other files in either /sys/compat/linux or /sys/i386/linux. At this time I don't know what is inherently MD and what is MI, so I don't know which files need to be where and whether we need to move some function around. So, if we still going to integrate, I suggest to leave it where it is for the moment. If we're not going to integrate linprocfs into the Linuxulator after all (ie keep a seperate linprocfs module) then it should probably be moved to /sys/compat/linprocfs and out of the way of the Linuxulator. -- Marcel Moolenaar mail: marcel@cup.hp.com / marcel@FreeBSD.org tel: (408) 447-4222 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 9:58:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id A5D5937B424; Fri, 1 Sep 2000 09:58:48 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.0/8.11.0) id e81GwQN30666; Fri, 1 Sep 2000 20:58:26 +0400 (MSD) (envelope-from ache) Date: Fri, 1 Sep 2000 20:58:25 +0400 From: "Andrey A. Chernov" To: Konstantin Chuguev Cc: Boris Popov , freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG Subject: Re: Proposal to include iconv library in the base system. Message-ID: <20000901205825.A30569@nagual.pp.ru> References: <20000901185945.A29804@nagual.pp.ru> <39AFD666.880FE6C@dante.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <39AFD666.880FE6C@dante.org.uk>; from Konstantin.Chuguev@dante.org.uk on Fri, Sep 01, 2000 at 05:16:38PM +0100 Organization: Biomechanoid Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Sep 01, 2000 at 05:16:38PM +0100, Konstantin Chuguev wrote: > * new filesystems use Unicode encodings: UCS-2 (Windows), some may use > UTF-8. These encodings are not supported by XLAT. I assume Windows (Unicode) <-> 8bit charset tables are loadable too. Doesn't? > Exactly, this is what was intended. All [UNIX] charsets supported in the > FreeBSD distribution (i.e. which are present in the locale directory) PLUS > charsets used in other types of filesystems (Windows, Netware?, MacOS?) for Currently we support Windows and ISO 9660 for CDs, so PLUS Windows (Unicode) and ISO 9660 charsets. If we take Russian example, we need following tables (for kernel only): 1) KOI8-R <-> CP866 for MSDOS FS 2) KOI8-R <-> Unicode for Windows FS 3) We also need ISO 9660 conversion scheme, but I not know about character set used there. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 10:22:28 2000 Delivered-To: freebsd-arch@freebsd.org Received: from alpha.dante.org.uk (alpha.dante.org.uk [193.63.211.19]) by hub.freebsd.org (Postfix) with ESMTP id 01BE937B424; Fri, 1 Sep 2000 10:22:23 -0700 (PDT) Received: from theta.dante.org.uk ([193.63.211.7]) by alpha.dante.org.uk with esmtp (Exim 3.12 #4) id 13UuVy-0006f7-00; Fri, 01 Sep 2000 18:22:06 +0100 Received: from localhost ([127.0.0.1] helo=dante.org.uk) by theta.dante.org.uk with esmtp (Exim 3.12 #4) id 13UuVq-00074M-00; Fri, 01 Sep 2000 18:21:58 +0100 Message-ID: <39AFE5B6.1F418EDD@dante.org.uk> Date: Fri, 01 Sep 2000 18:21:58 +0100 From: Konstantin Chuguev Organization: Delivery of Advanced Networking Service to Europe Ltd. X-Mailer: Mozilla 4.75 [en] (X11; U; SunOS 5.6 sun4u) X-Accept-Language: en, ru MIME-Version: 1.0 To: "Andrey A. Chernov" Cc: Boris Popov , freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG Subject: Re: Proposal to include iconv library in the base system. References: <20000901185945.A29804@nagual.pp.ru> <39AFD666.880FE6C@dante.org.uk> <20000901205825.A30569@nagual.pp.ru> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Andrey A. Chernov" wrote: > On Fri, Sep 01, 2000 at 05:16:38PM +0100, Konstantin Chuguev wrote: > > * new filesystems use Unicode encodings: UCS-2 (Windows), some may use > > UTF-8. These encodings are not supported by XLAT. > > I assume Windows (Unicode) <-> 8bit charset tables are loadable > too. Doesn't? > Yes, they are. iconv always loads 2 CES modules for conversion. A CES module can load 0 or more CCS modules. Let me show you a few examples: If we are converting from koi8-r to UCS-2 and/or the other way around, there will be 3 modules loaded: (CES) _tbl_simple -> (CCS) koi8-r (CES) ucs-2 For conversion between koi8-r and windows-1251, there will be 3 modules again: (CES) _tbl_simple -> (CCS) koi8-r (CES) _tbl_simple -> (CCS) windows-1251 (Note, that only one instance of the _tbl_simple module will be loaded, as modules are shareable; there might be two different small sets of structures allocated for each CES->CCS binding at iconv_open time, and freed at iconv_close time.) For conversion between UTF-8 and EUC-JP 6 modules are required: (CES) utf-8 (CES) euc-jp -> (CCS) us-ascii -> (CCS) jis_x0208-1983 -> (CCS) jis_x0201 -> (CCS) jis_x0212-1990 To convert between EUC-JP and ISO-2022-JP we need 6 modules: (CES) euc-jp -> (CCS) us-ascii -> (CCS) jis_x0208-1983 -> (CCS) jis_x0201 -> (CCS) jis_x0212-1990 (CES) iso-2022-jp -> (CCS) us-ascii -> (CCS) jis_x0208-1983 -> (CCS) jis_x0201 -> (CCS) jis_x0212-1990 Again, all CCS modules will be shared. > > > Exactly, this is what was intended. All [UNIX] charsets supported in the > > FreeBSD distribution (i.e. which are present in the locale directory) PLUS > > charsets used in other types of filesystems (Windows, Netware?, MacOS?) for > > Currently we support Windows and ISO 9660 for CDs, so PLUS Windows > (Unicode) and ISO 9660 charsets. > > If we take Russian example, we need following tables (for kernel only): > > 1) KOI8-R <-> CP866 for MSDOS FS > 2) KOI8-R <-> Unicode for Windows FS What about Windows < 95? I'm sure people used localized file names there too. And it was not Unicode. > > 3) We also need ISO 9660 conversion scheme, but I not know about > character set used there. > Can anybody please give me a reference to ISO 9660 specification. I would also like to know which IBM charsets are used in MSDOS FS for languages other than Russian (and supported in FreeBSD). -- * * Konstantin Chuguev - Application Engineer * * Francis House, 112 Hills Road * Cambridge CB2 1PQ, United Kingdom D A N T E WWW: http://www.dante.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 10:24:38 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id E2B2537B423 for ; Fri, 1 Sep 2000 10:24:35 -0700 (PDT) Received: from newsguy.com (p30-dn02kiryunisiki.gunma.ocn.ne.jp [211.0.245.95]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id CAA00138 for ; Sat, 2 Sep 2000 02:24:34 +0900 (JST) Message-ID: <39AFE63C.88FD22F@newsguy.com> Date: Sat, 02 Sep 2000 02:24:12 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: arch@freebsd.org Subject: loader.rc References: <20000830071347.A1167@hamlet.nectar.com> <39AD222B.CE9A26B5@newsguy.com> <20000830132053.A15387@hamlet.nectar.com> <39AE970A.30208A56@newsguy.com> <200009010043.RAA43832@vashon.polstra.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG John Polstra wrote: > > This one actually bit me when I upgraded one of my machines to a > version that required "/boot/device.hints". In the dim distant past > when it was still considered OK, I had modified my "/boot/loader.rc" > file to something that worked fine at the time. But it didn't have > the ability to load the device.hints file and the install didn't fix > it. > > Since it's no longer really an option to customize this file, I > would prefer that it be installed unconditionally. Good point. Though, perhaps, a make option to leave that file alone might be interesting. -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@white.bunnies.bsdconspiracy.net OK, so the solar flares are my fault.. I am sorry, ok?!?! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 10:27:46 2000 Delivered-To: freebsd-arch@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id E514637B424; Fri, 1 Sep 2000 10:27:42 -0700 (PDT) Received: (from ache@localhost) by nagual.pp.ru (8.11.0/8.11.0) id e81HRKB30862; Fri, 1 Sep 2000 21:27:20 +0400 (MSD) (envelope-from ache) Date: Fri, 1 Sep 2000 21:27:20 +0400 From: "Andrey A. Chernov" To: Konstantin Chuguev Cc: Boris Popov , freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG Subject: Re: Proposal to include iconv library in the base system. Message-ID: <20000901212720.A30831@nagual.pp.ru> References: <20000901185945.A29804@nagual.pp.ru> <39AFD666.880FE6C@dante.org.uk> <20000901205825.A30569@nagual.pp.ru> <39AFE5B6.1F418EDD@dante.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <39AFE5B6.1F418EDD@dante.org.uk>; from Konstantin.Chuguev@dante.org.uk on Fri, Sep 01, 2000 at 06:21:58PM +0100 Organization: Biomechanoid Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Sep 01, 2000 at 06:21:58PM +0100, Konstantin Chuguev wrote: > > 1) KOI8-R <-> CP866 for MSDOS FS > > 2) KOI8-R <-> Unicode for Windows FS > > What about Windows < 95? I'm sure people used localized file names there too. > And it was not Unicode. There was windows-1251 used, but we don't support non-Unicoded Windows FS in any case. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 11:15:34 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp05.primenet.com (smtp05.primenet.com [206.165.6.135]) by hub.freebsd.org (Postfix) with ESMTP id D51EF37B617; Fri, 1 Sep 2000 11:14:41 -0700 (PDT) Received: (from daemon@localhost) by smtp05.primenet.com (8.9.3/8.9.3) id LAA28533; Fri, 1 Sep 2000 11:14:48 -0700 (MST) Received: from usr05.primenet.com(206.165.6.205) via SMTP by smtp05.primenet.com, id smtpdAAACDaGG3; Fri Sep 1 11:14:34 2000 Received: (from tlambert@localhost) by usr05.primenet.com (8.8.5/8.8.5) id LAA09132; Fri, 1 Sep 2000 11:14:20 -0700 (MST) From: Terry Lambert Message-Id: <200009011814.LAA09132@usr05.primenet.com> Subject: Re: Proposal to include iconv library in the base system. To: ache@nagual.pp.ru (Andrey A. Chernov) Date: Fri, 1 Sep 2000 18:14:20 +0000 (GMT) Cc: bp@butya.kz (Boris Popov), freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG, Konstantin.Chuguev@dante.org.uk (Konstantin Chuguev) In-Reply-To: <20000901185945.A29804@nagual.pp.ru> from "Andrey A. Chernov" at Sep 01, 2000 06:59:46 PM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Thu, Aug 24, 2000 at 05:39:39PM +0700, Boris Popov wrote: > > FreeBSD already contains a few character conversion schemes for > > msdosfs, nwfs, cd9660fs and syscon mapping tables. However, the usage > > We need XLAT converters for them, not Unicode one, as I understand Unicode > data loaded into kernel will be too big. You can mmap a file into a pageable region in the kernel; it's just a pain requiring a lot of glue, and eats KVM address space (same problem with SYSV SHM). You could change the approach to "window" it, but you'd really want to only enforce that in low KVM situations. It's useful to have the tables in the kernel when you are, for example, trying to deal with NTFS or another modern FS which uses Unicode as the on disk storage format for directory data. Likewise, it would allow you to do translation between (for example) ISO 8859-1 and ISO 8859-5 character sets between a machine which is exporting ISO 8859-1 to the user space (via the directory entry operations) and a remote system which has an NFS volume containing ISO 8859-5. My personal preference would be to move most of the POSIX interfaces into a library, and go to Unicode for the native FreeBSD system calls. If that happened, you'd still need translation for Linux and other ABI compatability, since they would be pushing a particular 8-bit character set over the user/kernel boundary. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 11:35:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id 9700937B424 for ; Fri, 1 Sep 2000 11:35:08 -0700 (PDT) Received: from newsguy.com (p30-dn02kiryunisiki.gunma.ocn.ne.jp [211.0.245.95]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id DAA08869; Sat, 2 Sep 2000 03:35:06 +0900 (JST) Message-ID: <39AFF4F3.FFAB9A2D@newsguy.com> Date: Sat, 02 Sep 2000 03:26:59 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: arch@FreeBSD.ORG Cc: n@nectar.com Subject: Re: Request for review: nsswitch References: <20000830071347.A1167@hamlet.nectar.com> <20000830132053.A15387@hamlet.nectar.com> <39AE970A.30208A56@newsguy.com> <20000831130504.A26641@hamlet.nectar.com> <200009010047.RAA43862@vashon.polstra.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG John Polstra wrote: > > In article <20000831130504.A26641@hamlet.nectar.com>, > Jacques A. Vidrine wrote: > > > > The defaults for nsswitch.conf will not change, ever. They have been > > chosen to emulate the traditional behavior. > > I have to agree with Daniel here. The whole point of nsswitch.conf is > so you can customize it, right? Otherwise why bother with it? We are > moving toward using immutable default versions in /etc/defaults with > customizable overrides in /etc. That has made dealing with rc.conf > and make.conf much, much easier. I think the ultimate goal should be > that the admin can customize his /etc directory without the need to do > _any_ merging. That means the defaults and the overrides have to be > separated. You misunderstand him. He says nsswitch does not require a defaults file because the defaults are hard-coded, and won't ever change. In other words, /etc/nsswitch.conf is optional and no default file is installed. -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@white.bunnies.bsdconspiracy.net OK, so the solar flares are my fault.. I am sorry, ok?!?! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 14:37:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id ADFB937B422 for ; Fri, 1 Sep 2000 14:37:29 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 1D9101925F for ; Fri, 1 Sep 2000 16:37:29 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id QAA44814 for arch@freebsd.org; Fri, 1 Sep 2000 16:37:28 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Fri, 1 Sep 2000 16:37:28 -0500 From: "Jacques A. Vidrine" To: arch@freebsd.org Subject: Re: Request for review: nsswitch Message-ID: <20000901163728.C19985@hamlet.nectar.com> References: <20000830071347.A1167@hamlet.nectar.com> <20000830132053.A15387@hamlet.nectar.com> <39AE970A.30208A56@newsguy.com> <20000831130504.A26641@hamlet.nectar.com> <200009010047.RAA43862@vashon.polstra.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200009010047.RAA43862@vashon.polstra.com>; from jdp@polstra.com on Thu, Aug 31, 2000 at 05:47:13PM -0700 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Aug 31, 2000 at 05:47:13PM -0700, John Polstra wrote: > I think the ultimate goal should be > that the admin can customize his /etc directory without the need to do > _any_ merging. This goal is satisfied without putting a file in /etc/defaults. The defaults are dictated by the traditional behavior -- there will never be merging to do on the part of the admin. Cheers, -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 21: 8:34 2000 Delivered-To: freebsd-arch@freebsd.org Received: from turtle.looksharp.net (cc360882-a.strhg1.mi.home.com [24.2.221.22]) by hub.freebsd.org (Postfix) with ESMTP id AE05637B424 for ; Fri, 1 Sep 2000 21:08:24 -0700 (PDT) Received: from localhost (bsdx@localhost) by turtle.looksharp.net (8.9.3/8.9.3) with ESMTP id AAA96889; Sat, 2 Sep 2000 00:04:36 -0400 (EDT) (envelope-from bsdx@looksharp.net) Date: Sat, 2 Sep 2000 00:04:36 -0400 (EDT) From: Adam To: marcel@cup.hp.com Cc: arch@FreeBSD.Org Subject: Re: aout-to-elf (was: Re: NO vs NO_) In-Reply-To: <200008301817.e7UIH9F04530@zibbi.mikom.csir.co.za> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 30 Aug 2000, John Hay wrote: >> > In message <39AD399B.D0D45787@cup.hp.com> Marcel Moolenaar writes: >> > : This target should also work when someone upgrades from 2.2.x systems. >> > >> > Are your patches cooked enough to share? >> >> I don't have any patches yet. My first goal is to have buildworld do the >> right thing when performed on a 2.2.x system. From that moment on the >> upgrade target will be mostly about bootblocks and being failsafe and >> such. >> >> Which reminds me. Does someone have a pointer to a 2.2.x distribution. I >> haven't been able to find a mirror that still carries those. > >2.2.8 is available on ftp.internat.freebsd.org. No packages or X though. > >John Also try ftp7.de.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 21:22:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 4A7CD37B422 for ; Fri, 1 Sep 2000 21:22:56 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id VAA77093 for ; Fri, 1 Sep 2000 21:22:56 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Fri, 1 Sep 2000 21:22:55 -0700 (PDT) From: Kris Kennaway To: arch@freebsd.org Subject: Enabling sshd by default Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG What say you all to the following patch: Index: crypto/openssh/sshd_config =================================================================== RCS file: /home/ncvs/src/crypto/openssh/sshd_config,v retrieving revision 1.11 diff -u -r1.11 sshd_config --- crypto/openssh/sshd_config 2000/09/02 03:49:22 1.11 +++ crypto/openssh/sshd_config 2000/09/02 04:14:33 @@ -4,9 +4,10 @@ Port 22 #Protocol 2,1 +Protocol 2 #ListenAddress 0.0.0.0 #ListenAddress :: -HostKey /etc/ssh/ssh_host_key +#HostKey /etc/ssh/ssh_host_key HostDsaKey /etc/ssh/ssh_host_dsa_key ServerKeyBits 768 LoginGraceTime 120 Index: etc/defaults/rc.conf =================================================================== RCS file: /home/ncvs/src/etc/defaults/rc.conf,v retrieving revision 1.77 diff -u -r1.77 rc.conf --- etc/defaults/rc.conf 2000/08/18 09:37:50 1.77 +++ etc/defaults/rc.conf 2000/09/02 04:14:33 @@ -134,7 +134,7 @@ pppoed_provider="*" # Provider and ppp(8) config file entry. pppoed_flags="-P /var/run/pppoed.pid" # Flags to pppoed (if enabled). pppoed_interface="fxp0" # The interface that pppoed runs on. -sshd_enable="NO" # Enable sshd +sshd_enable="YES" # Enable sshd sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. sshd_flags="" # Additional flags for sshd. When version 1 mode is disabled, sshd doesn't require any RSA support, and it will happily work out of the box without configuration. sshd_enable checks for the existence of the binary before running it, so this will work fine even if you don't have crypto or OpenSSH installed. If I commit the above, my plan is to add back v1 to the default on Sept 21 along with the change to build RSA for everyone and remove the vestiges of librsaUSA. If we go ahead with the plans to release a net-only 4.1.5-RELEASE around that date they'll also go in there. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 22: 1: 1 2000 Delivered-To: freebsd-arch@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 9532237B43C; Fri, 1 Sep 2000 22:00:58 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 13V5Xl-0000Br-00; Fri, 01 Sep 2000 23:08:41 -0600 Message-ID: <39B08B59.1F00D9FA@softweyr.com> Date: Fri, 01 Sep 2000 23:08:41 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; FreeBSD 4.1-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: Kris Kennaway Cc: arch@freebsd.org Subject: Re: Enabling sshd by default References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > > What say you all to the following patch: > > Index: crypto/openssh/sshd_config > =================================================================== > RCS file: /home/ncvs/src/crypto/openssh/sshd_config,v > retrieving revision 1.11 > diff -u -r1.11 sshd_config > --- crypto/openssh/sshd_config 2000/09/02 03:49:22 1.11 > +++ crypto/openssh/sshd_config 2000/09/02 04:14:33 > @@ -4,9 +4,10 @@ > > Port 22 > #Protocol 2,1 > +Protocol 2 > #ListenAddress 0.0.0.0 > #ListenAddress :: > -HostKey /etc/ssh/ssh_host_key > +#HostKey /etc/ssh/ssh_host_key > HostDsaKey /etc/ssh/ssh_host_dsa_key > ServerKeyBits 768 > LoginGraceTime 120 > Index: etc/defaults/rc.conf > =================================================================== > RCS file: /home/ncvs/src/etc/defaults/rc.conf,v > retrieving revision 1.77 > diff -u -r1.77 rc.conf > --- etc/defaults/rc.conf 2000/08/18 09:37:50 1.77 > +++ etc/defaults/rc.conf 2000/09/02 04:14:33 > @@ -134,7 +134,7 @@ > pppoed_provider="*" # Provider and ppp(8) config file entry. > pppoed_flags="-P /var/run/pppoed.pid" # Flags to pppoed (if enabled). > pppoed_interface="fxp0" # The interface that pppoed runs on. > -sshd_enable="NO" # Enable sshd > +sshd_enable="YES" # Enable sshd > sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. > sshd_flags="" # Additional flags for sshd. > > When version 1 mode is disabled, sshd doesn't require any RSA support, and > it will happily work out of the box without configuration. sshd_enable > checks for the existence of the binary before running it, so this will > work fine even if you don't have crypto or OpenSSH installed. > > If I commit the above, my plan is to add back v1 to the default on Sept 21 > along with the change to build RSA for everyone and remove the vestiges of > librsaUSA. If we go ahead with the plans to release a net-only > 4.1.5-RELEASE around that date they'll also go in there. Sounds good to me. Is anyone else planning on RSA-free-day parties? -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 22:49:57 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 893FC37B424; Fri, 1 Sep 2000 22:49:53 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id BAA49161; Sat, 2 Sep 2000 01:49:52 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sat, 2 Sep 2000 01:49:52 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Kris Kennaway Cc: arch@FreeBSD.org Subject: Re: Enabling sshd by default In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hmm. Trouble is, it will disable ssh1 in existing installations, where it is widely deployed and may result in unhapiness. I'd rather we just waited until Sept 21 and did this, and not turn off protocol 1 by default just yet. Especially given that just this morning I ran into protocol 2 compatibility problems (that I haven't had a chance to track down, but it's irritating at best) Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services On Fri, 1 Sep 2000, Kris Kennaway wrote: > What say you all to the following patch: > > Index: crypto/openssh/sshd_config > =================================================================== > RCS file: /home/ncvs/src/crypto/openssh/sshd_config,v > retrieving revision 1.11 > diff -u -r1.11 sshd_config > --- crypto/openssh/sshd_config 2000/09/02 03:49:22 1.11 > +++ crypto/openssh/sshd_config 2000/09/02 04:14:33 > @@ -4,9 +4,10 @@ > > Port 22 > #Protocol 2,1 > +Protocol 2 > #ListenAddress 0.0.0.0 > #ListenAddress :: > -HostKey /etc/ssh/ssh_host_key > +#HostKey /etc/ssh/ssh_host_key > HostDsaKey /etc/ssh/ssh_host_dsa_key > ServerKeyBits 768 > LoginGraceTime 120 > Index: etc/defaults/rc.conf > =================================================================== > RCS file: /home/ncvs/src/etc/defaults/rc.conf,v > retrieving revision 1.77 > diff -u -r1.77 rc.conf > --- etc/defaults/rc.conf 2000/08/18 09:37:50 1.77 > +++ etc/defaults/rc.conf 2000/09/02 04:14:33 > @@ -134,7 +134,7 @@ > pppoed_provider="*" # Provider and ppp(8) config file entry. > pppoed_flags="-P /var/run/pppoed.pid" # Flags to pppoed (if enabled). > pppoed_interface="fxp0" # The interface that pppoed runs on. > -sshd_enable="NO" # Enable sshd > +sshd_enable="YES" # Enable sshd > sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. > sshd_flags="" # Additional flags for sshd. > > When version 1 mode is disabled, sshd doesn't require any RSA support, and > it will happily work out of the box without configuration. sshd_enable > checks for the existence of the binary before running it, so this will > work fine even if you don't have crypto or OpenSSH installed. > > If I commit the above, my plan is to add back v1 to the default on Sept 21 > along with the change to build RSA for everyone and remove the vestiges of > librsaUSA. If we go ahead with the plans to release a net-only > 4.1.5-RELEASE around that date they'll also go in there. > > Kris > > -- > In God we Trust -- all others must submit an X.509 certificate. > -- Charles Forsythe > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-arch" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 22:54:29 2000 Delivered-To: freebsd-arch@freebsd.org Received: from wolf.istc.kiev.ua (wolf.istc.kiev.ua [193.193.221.1]) by hub.freebsd.org (Postfix) with ESMTP id D33DE37B424; Fri, 1 Sep 2000 22:54:24 -0700 (PDT) Received: from localhost (kunia@localhost) by wolf.istc.kiev.ua ( . . / . . ) with ESMTP id IAA16399; Sat, 2 Sep 2000 08:53:36 +0300 Date: Sat, 2 Sep 2000 08:53:36 +0300 (EEST) From: Olexander Kunytsa To: "Andrey A. Chernov" Cc: Konstantin Chuguev , Boris Popov , freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG Subject: Re: Proposal to include iconv library in the base system. In-Reply-To: <20000901212720.A30831@nagual.pp.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, 1 Sep 2000, Andrey A. Chernov wrote: > > > 1) KOI8-R <-> CP866 for MSDOS FS > > > 2) KOI8-R <-> Unicode for Windows FS > > what about KOI8-U? Windows FS supports Ukrainian filenames To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 23: 4: 6 2000 Delivered-To: freebsd-arch@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 5F96937B424 for ; Fri, 1 Sep 2000 23:04:04 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 13V6Uc-0000Dd-00; Sat, 02 Sep 2000 00:09:30 -0600 Message-ID: <39B0999A.BB04EC80@softweyr.com> Date: Sat, 02 Sep 2000 00:09:30 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; FreeBSD 4.1-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: Jordan Hubbard Cc: Poul-Henning Kamp , Bill Fumerola , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution References: <88176.967669502@winston.osd.bsdi.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Jordan Hubbard wrote: > > > As one of the original perpetrators and in fact the one who laid > > the foundations of sysinstall and "make release" where they lie to > > Hmmm. Some historical liberties are being taken here since, actually, > I believe Rod Grimes deserves a good deal of this title - he's the one > who wrote much of the beginnings of what we now call release/Makefile > today. > > Also, let's not forget Gary Palmer, who wrote a number of the config > screens for sysinstall, he and I handling the "UI side" of sysinstall > with most of my solo hacking being aimed at the menu infrastructure, > device handling, etc. > > Unless I miss my guess, your guilt in this affair lies primarily with > libdisk, another abstraction in dire need of a rewrite*. :-) > > Nonetheless, no matter how many weighty software development tomes one > quotes, the fact remains: Sysinstall is NOT extensible, easily > scriptable (I know, I wrote that bit too) or well suited for doing > mass-production of FreeBSD boxes in a hardware vendor environment. This is an interesting point. The OpenBSD install pretty much sucks from a newbie viewpoint, but when you're installing 20 identical systems and have a programmer handy, it's shocking how easy it is to create a custom boot disk that just DTRT, dragging the bits off your friendly neighborhood FTP server. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 1 23:41:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from relay.butya.kz (butya-gw.butya.kz [212.154.129.94]) by hub.freebsd.org (Postfix) with ESMTP id 6106E37B43C; Fri, 1 Sep 2000 23:41:49 -0700 (PDT) Received: by relay.butya.kz (Postfix, from userid 1000) id F2875288C7; Sat, 2 Sep 2000 13:41:44 +0700 (ALMST) Received: from localhost (localhost [127.0.0.1]) by relay.butya.kz (Postfix) with ESMTP id E84F6288B0; Sat, 2 Sep 2000 13:41:44 +0700 (ALMST) Date: Sat, 2 Sep 2000 13:41:44 +0700 (ALMST) From: Boris Popov To: Olexander Kunytsa Cc: "Andrey A. Chernov" , Konstantin Chuguev , freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG Subject: Re: Proposal to include iconv library in the base system. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Olexander Kunytsa wrote: > On Fri, 1 Sep 2000, Andrey A. Chernov wrote: > > > > 1) KOI8-R <-> CP866 for MSDOS FS > > > > 2) KOI8-R <-> Unicode for Windows FS > > > > what about KOI8-U? Windows FS supports Ukrainian filenames iconv library contains koi8-u character set. -- Boris Popov http://www.butya.kz/~bp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 1:14: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from hand.dotat.at (sfo-gw.covalent.net [207.44.198.62]) by hub.freebsd.org (Postfix) with ESMTP id AE92537B424; Sat, 2 Sep 2000 01:14:05 -0700 (PDT) Received: from fanf by hand.dotat.at with local (Exim 3.15 #3) id 13V8R0-00012Q-00; Sat, 02 Sep 2000 08:13:54 +0000 Date: Sat, 2 Sep 2000 08:13:54 +0000 From: Tony Finch To: Robert Watson Cc: Kris Kennaway , arch@FreeBSD.org Subject: Re: Enabling sshd by default Message-ID: <20000902081354.A3679@hand.dotat.at> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: Organization: Covalent Technologies, Inc Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Robert Watson wrote: >On Fri, 1 Sep 2000, Kris Kennaway wrote: > >> What say you all to the following patch: >> >> --- crypto/openssh/sshd_config 2000/09/02 03:49:22 1.11 >> +++ crypto/openssh/sshd_config 2000/09/02 04:14:33 >> @@ -4,9 +4,10 @@ >> >> Port 22 >> #Protocol 2,1 >> +Protocol 2 >> #ListenAddress 0.0.0.0 >> #ListenAddress :: >>[...] > >Hmm. Trouble is, it will disable ssh1 in existing installations, where it >is widely deployed and may result in unhapiness. Only if the person who is doing the upgrade doesn't run mergemaster properly. The main problem is those people who install during the 20 day window and have unexpected interoperability problems. Tony. -- en oeccget g mtcaa f.a.n.finch v spdlkishrhtewe y dot@dotat.at eatp o v eiti i d. fanf@covalent.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 3: 0:39 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 8AC5D37B43C; Sat, 2 Sep 2000 03:00:36 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id MAA73119; Sat, 2 Sep 2000 12:00:35 +0200 (CEST) (envelope-from des@flood.ping.uio.no) To: Kris Kennaway Cc: arch@FreeBSD.ORG Subject: Re: Enabling sshd by default References: From: Dag-Erling Smorgrav Date: 02 Sep 2000 12:00:34 +0200 In-Reply-To: Kris Kennaway's message of "Fri, 1 Sep 2000 21:22:55 -0700 (PDT)" Message-ID: Lines: 8 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway writes: > What say you all to the following patch: No. OpenSSH's ssh2 implementation doesn't work properly. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 3: 6:30 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp02.iafrica.com (smtp02.iafrica.com [196.7.0.140]) by hub.freebsd.org (Postfix) with ESMTP id AEFDC37B422 for ; Sat, 2 Sep 2000 03:06:21 -0700 (PDT) Received: from [196.7.18.138] (helo=grimreaper.grondar.za ident=root) by smtp02.iafrica.com with esmtp (Exim 1.92 #1) id 13VABa-000AA5-00; Sat, 2 Sep 2000 12:06:07 +0200 Received: from grimreaper.grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.0/8.11.0) with ESMTP id e82A6xx13017; Sat, 2 Sep 2000 12:07:07 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200009021007.e82A6xx13017@grimreaper.grondar.za> To: Wes Peters Cc: arch@FreeBSD.ORG Subject: Re: Enabling sshd by default References: <39B08B59.1F00D9FA@softweyr.com> In-Reply-To: <39B08B59.1F00D9FA@softweyr.com> ; from Wes Peters "Fri, 01 Sep 2000 23:08:41 CST." Date: Sat, 02 Sep 2000 12:06:59 +0200 From: Mark Murray Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Sounds good to me. Is anyone else planning on RSA-free-day parties? Also agree. Also will have a demise-of-RSA-patent party; much hooliganism will be enjoyed. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 3: 8:16 2000 Delivered-To: freebsd-arch@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D5E2D37B424; Sat, 2 Sep 2000 03:08:14 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id DAA25341; Sat, 2 Sep 2000 03:08:14 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 2 Sep 2000 03:08:14 -0700 (PDT) From: Kris Kennaway To: Dag-Erling Smorgrav Cc: arch@FreeBSD.ORG Subject: Re: Enabling sshd by default In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 2 Sep 2000, Dag-Erling Smorgrav wrote: > Kris Kennaway writes: > > What say you all to the following patch: > > No. OpenSSH's ssh2 implementation doesn't work properly. Does not compute. It works fine for me, and it's more of a SSH implementation than we currently enable out of the box (i.e. none). What "does not work properly" for you? Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 3:25:32 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 344FD37B422; Sat, 2 Sep 2000 03:25:27 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id MAA73242; Sat, 2 Sep 2000 12:25:25 +0200 (CEST) (envelope-from des@flood.ping.uio.no) To: Kris Kennaway Cc: arch@FreeBSD.org Subject: Re: Enabling sshd by default References: From: Dag-Erling Smorgrav Date: 02 Sep 2000 12:25:24 +0200 In-Reply-To: Kris Kennaway's message of "Sat, 2 Sep 2000 03:08:14 -0700 (PDT)" Message-ID: Lines: 9 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway writes: > What "does not work properly" for you? Wait, I take that back - the trouble I've had with ssh2 may have been caused by a kernel fuckup. DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 8: 4:15 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id CBDD137B422 for ; Sat, 2 Sep 2000 08:04:10 -0700 (PDT) Received: from localhost (localhost [::1]) (authenticated) by peace.mahoroba.org (8.11.0/8.11.0/peace) with ESMTP/inet6 id e82F32E56060; Sun, 3 Sep 2000 00:03:04 +0900 (JST) (envelope-from ume@FreeBSD.org) Date: Sun, 03 Sep 2000 00:02:59 +0900 (JST) Message-Id: <20000903.000259.104074195.ume@FreeBSD.org> To: n@nectar.com Cc: arch@freebsd.org Subject: Re: Request for review: nsswitch From: Hajimu UMEMOTO In-Reply-To: <20000901163728.C19985@hamlet.nectar.com> References: <20000831130504.A26641@hamlet.nectar.com> <200009010047.RAA43862@vashon.polstra.com> <20000901163728.C19985@hamlet.nectar.com> X-Mailer: xcite1.20> Mew version 1.95b38 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> On Fri, 1 Sep 2000 16:37:28 -0500 >>>>> "Jacques A. Vidrine" said: n> This goal is satisfied without putting a file in /etc/defaults. The n> defaults are dictated by the traditional behavior -- there will never n> be merging to do on the part of the admin. There is some confusion around search order of hard-coded default sources. gethostby*() dns -> files getnetby*() dns -> files getipnodeby*() files -> dns getaddrinfo() files -> dns getnameinfo() files -> dns It should be unified. Recently, FreeBSD's default behavior is lookup /etc/hosts first by /etc/host.conf. Here is a patch. Index: lib/libc/net/gethostnamadr.c diff -u lib/libc/net/gethostnamadr.c.orig lib/libc/net/gethostnamadr.c --- lib/libc/net/gethostnamadr.c.orig Fri Sep 1 16:28:26 2000 +++ lib/libc/net/gethostnamadr.c Sat Sep 2 23:37:10 2000 @@ -51,8 +51,8 @@ /* Host lookup order if nsswitch.conf is broken or nonexistant */ static const ns_src default_src[] = { - { NSSRC_DNS, NS_SUCCESS }, { NSSRC_FILES, NS_SUCCESS }, + { NSSRC_DNS, NS_SUCCESS }, { 0 } }; Index: lib/libc/net/getnetnamadr.c diff -u lib/libc/net/getnetnamadr.c.orig lib/libc/net/getnetnamadr.c --- lib/libc/net/getnetnamadr.c.orig Fri Sep 1 16:28:27 2000 +++ lib/libc/net/getnetnamadr.c Sat Sep 2 23:40:38 2000 @@ -48,8 +48,8 @@ /* Network lookup order if nsswitch.conf is broken or nonexistant */ static const ns_src default_src[] = { - { NSSRC_DNS, NS_SUCCESS }, { NSSRC_FILES, NS_SUCCESS }, + { NSSRC_DNS, NS_SUCCESS }, { 0 } }; Index: lib/libc/net/name6.c diff -u lib/libc/net/name6.c.orig lib/libc/net/name6.c --- lib/libc/net/name6.c.orig Fri Sep 1 20:20:41 2000 +++ lib/libc/net/name6.c Sat Sep 2 23:43:11 2000 @@ -189,8 +189,8 @@ /* Host lookup order if nsswitch.conf is broken or nonexistant */ static const ns_src default_src[] = { - { NSSRC_DNS, NS_SUCCESS }, { NSSRC_FILES, NS_SUCCESS }, + { NSSRC_DNS, NS_SUCCESS }, #ifdef ICMPNL #define NSSRC_ICMP "icmp" { NSSRC_ICMP, NS_SUCCESS }, -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 8:58: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from cybercable.fr (r121m50.cybercable.tm.fr [195.132.121.50]) by hub.freebsd.org (Postfix) with ESMTP id 32A8137B43E for ; Sat, 2 Sep 2000 08:58:06 -0700 (PDT) Received: (from mux@localhost) by cybercable.fr (8.11.0/8.11.0) id e82G0Rc13267 for freebsd-arch@freebsd.org; Sat, 2 Sep 2000 18:00:27 +0200 (CEST) (envelope-from mux) From: Maxime Henrion Date: Sat, 2 Sep 2000 18:00:27 +0200 To: freebsd-arch@freebsd.org Subject: thought about allocation of the first 1024th ports Message-ID: <20000902180027.A13029@cybercable.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, On most Unix systems and on FreeBSD, the first 1024th ports can't be allocated by a non-root process. As far as I know, this is justfied because services running on these ports generally require root privileges to accomplish their tasks because they are intended to be used by all the users on the system and need to access to their datas. However, some services don't need these privileges, like identd servers, or even web servers. This implies security problems if these servers are vulnerable to a bug or a buffer overflow. Advanced servers use setuid() and setgid() system calls to drop their privileges after having bound the socket. This improves security as if the server is vulnerable, it can not be used to gain root privileges but only a user's privileges. What I wonder now is if an application-independant mechanism to permit some ports below 1024 to be bound to sockets not owned by root processes would be useful. You assign in a configuration file which UID's are allowed to allocate which port. Of course, root processes will also be allowed to allocate these ports and user with other UID's still can't ; this ensures backward compatibility. With such a mechanism, you can run a server as a user and not as root even if the application doesn't support the setuid/setgid system. The requirement for this to work is that the application doesn't permits itself to do some other root-only operations than binding the socket to a privileged port ; it should be this way in most applications. I invite you to send me your thoughts/advices/rotten tomatoes by e-mail ;-) I hope I didn't miss something obvious and that something allowing to do what I describe don't already exists. Regards, Maxime Henrion To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 9:15:47 2000 Delivered-To: freebsd-arch@freebsd.org Received: from cybercable.fr (r121m50.cybercable.tm.fr [195.132.121.50]) by hub.freebsd.org (Postfix) with ESMTP id 461E837B423 for ; Sat, 2 Sep 2000 09:15:44 -0700 (PDT) Received: (from mux@localhost) by cybercable.fr (8.11.0/8.11.0) id e82GI7713462 for freebsd-arch@freebsd.org; Sat, 2 Sep 2000 18:18:07 +0200 (CEST) (envelope-from mux) From: Maxime Henrion Date: Sat, 2 Sep 2000 18:18:07 +0200 To: freebsd-arch@freebsd.org Subject: Re: thought about allocation of the first 1024th ports Message-ID: <20000902181807.B13029@cybercable.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Sorry to reply to myself, but I've thought of the capabilities system. Can this help to do what I am trying to do ? I've seen some #ifdef CAPABILITIES and CAP_KILL macros that makes me think capabilities work on FreeBSD. Maxime Henrion To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 9:35:11 2000 Delivered-To: freebsd-arch@freebsd.org Received: from envy.vuurwerk.nl (envy.vuurwerk.nl [194.178.232.112]) by hub.freebsd.org (Postfix) with SMTP id 0339037B424 for ; Sat, 2 Sep 2000 09:35:08 -0700 (PDT) Received: (qmail 72940 invoked from network); 2 Sep 2000 16:35:06 -0000 Received: from kesteren.vuurwerk.nl (HELO daemon.vuurwerk.nl) (194.178.232.59) by envy.vuurwerk.nl with SMTP; 2 Sep 2000 16:35:06 -0000 Received: (nullmailer pid 54328 invoked by uid 11109); Sat, 02 Sep 2000 16:35:06 -0000 Date: Sat, 2 Sep 2000 18:35:06 +0200 From: Peter van Dijk To: freebsd-arch@FreeBSD.ORG Subject: Re: thought about allocation of the first 1024th ports Message-ID: <20000902183506.A54105@vuurwerk.nl> Mail-Followup-To: Peter van Dijk , freebsd-arch@FreeBSD.ORG References: <20000902180027.A13029@cybercable.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000902180027.A13029@cybercable.fr>; from mux@qualys.com on Sat, Sep 02, 2000 at 06:00:27PM +0200 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Sep 02, 2000 at 06:00:27PM +0200, Maxime Henrion wrote: > Hi, > > > > On most Unix systems and on FreeBSD, the first 1024th ports can't be allocated by a > non-root process. As far as I know, this is justfied because services running on these > ports generally require root privileges to accomplish their tasks because they are > intended to be used by all the users on the system and need to access to their datas. There's more to it. Lots of services don't need root privileges at all, like, as you say, ident. Still running ident on a port <1024 has a different benefit - remote sites can be sure that the service on that port is the one the box's admin intended. If ident was running on a high port, a remote site would have no way of knowing if that is actually the ident run by the admin or just by one malicious user. > However, some services don't need these privileges, like identd servers, or even web > servers. This implies security problems if these servers are vulnerable to a bug or a > buffer overflow. Advanced servers use setuid() and setgid() system calls to drop their > privileges after having bound the socket. This improves security as if the server is > vulnerable, it can not be used to gain root privileges but only a user's privileges. Correct. > What I wonder now is if an application-independant mechanism to permit some ports below > 1024 to be bound to sockets not owned by root processes would be useful. You assign in a > configuration file which UID's are allowed to allocate which port. Of course, root > processes will also be allowed to allocate these ports and user with other UID's still > can't ; this ensures backward compatibility. Capabilities can help here, as your other mail says. > With such a mechanism, you can run a server as a user and not as root even if the > application doesn't support the setuid/setgid system. The requirement for this to work > is that the application doesn't permits itself to do some other root-only operations > than binding the socket to a privileged port ; it should be this way in most > applications. Fix the applications, not workaround their bugs. Most simple services run from inetd, which can do the setuid anyway. > I invite you to send me your thoughts/advices/rotten tomatoes by e-mail ;-) I hope I > didn't miss something obvious and that something allowing to do what I describe don't > already exists. Technically all you are describing is perfectly feasible. The use is very limited, unfortunately. Greetz, Peter. -- [ircoper] petervd@vuurwerk.nl - Peter van Dijk / Hardbeat [student] Undernet:#groningen/wallops | IRCnet:/#alliance [developer] _____________ [disbeliever - the world is backwards] (__VuurWerk__(--*- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 9:36:13 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp02.iafrica.com (smtp02.iafrica.com [196.7.0.140]) by hub.freebsd.org (Postfix) with ESMTP id D81B537B423; Sat, 2 Sep 2000 09:36:08 -0700 (PDT) Received: from [196.7.18.138] (helo=grimreaper.grondar.za ident=root) by smtp02.iafrica.com with esmtp (Exim 1.92 #1) id 13VGGu-000DMV-00; Sat, 2 Sep 2000 18:36:01 +0200 Received: from grimreaper.grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.0/8.11.0) with ESMTP id e82Gb0x14259; Sat, 2 Sep 2000 18:37:00 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200009021637.e82Gb0x14259@grimreaper.grondar.za> To: Dag-Erling Smorgrav Cc: Kris Kennaway , arch@FreeBSD.ORG Subject: Re: Enabling sshd by default References: In-Reply-To: ; from Dag-Erling Smorgrav "02 Sep 2000 12:00:34 +0200." Date: Sat, 02 Sep 2000 18:36:59 +0200 From: Mark Murray Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Kris Kennaway writes: > > What say you all to the following patch: > > No. OpenSSH's ssh2 implementation doesn't work properly. This mail seems somehow truncated. The details are missing. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 9:54:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 21C2A37B43C; Sat, 2 Sep 2000 09:54:51 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 5A5FF1925F; Sat, 2 Sep 2000 11:54:50 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id LAA00813; Sat, 2 Sep 2000 11:54:50 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Sat, 2 Sep 2000 11:54:50 -0500 From: "Jacques A. Vidrine" To: Hajimu UMEMOTO Cc: arch@freebsd.org Subject: Re: Request for review: nsswitch Message-ID: <20000902115449.A704@hamlet.nectar.com> References: <20000831130504.A26641@hamlet.nectar.com> <200009010047.RAA43862@vashon.polstra.com> <20000901163728.C19985@hamlet.nectar.com> <20000903.000259.104074195.ume@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000903.000259.104074195.ume@FreeBSD.org>; from ume@FreeBSD.org on Sun, Sep 03, 2000 at 12:02:59AM +0900 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Sep 03, 2000 at 12:02:59AM +0900, Hajimu UMEMOTO wrote: > There is some confusion around search order of hard-coded default > sources. These were taken from NetBSD. The default sources were chosen after quite a bit of debate on the NetBSD mailing lists. In short, tradition won. > > gethostby*() dns -> files > getnetby*() dns -> files > getipnodeby*() files -> dns > getaddrinfo() files -> dns > getnameinfo() files -> dns > > It should be unified. Recently, FreeBSD's default behavior is lookup > /etc/hosts first by /etc/host.conf. Not exactly: FreeBSD's default behavior is BIND, then /etc/hosts. It just so happens that we install an /etc/host.conf file that gives behavior different than the hard-coded defaults. We could install an initial /etc/nsswitch.conf with contents `hosts: files dns' for the same reasons (whatever those were). -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 10: 5:55 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 179CF37B43C; Sat, 2 Sep 2000 10:05:49 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e82H2kN41096; Sat, 2 Sep 2000 19:02:46 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: "Jacques A. Vidrine" Cc: Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch In-Reply-To: Your message of "Sat, 02 Sep 2000 11:54:50 CDT." <20000902115449.A704@hamlet.nectar.com> Date: Sat, 02 Sep 2000 19:02:46 +0200 Message-ID: <41094.967914166@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Since we're on this topic anyway, there is one thing which has always bothered me: Why don't we have the option of a per user alias file for hostnames ? I would love to be able to say: echo "freefall freefall.freebsd.org" >> $HOME/.hostaliases and be able to say just: ssh freefall no matter how the local resolver and/or /etc/hosts file were configured... -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 10:33:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20]) by hub.freebsd.org (Postfix) with ESMTP id 5769937B43C; Sat, 2 Sep 2000 10:33:56 -0700 (PDT) Received: (from bright@localhost) by fw.wintelcom.net (8.10.0/8.10.0) id e82HVnx15674; Sat, 2 Sep 2000 10:31:49 -0700 (PDT) Date: Sat, 2 Sep 2000 10:31:49 -0700 From: Alfred Perlstein To: Poul-Henning Kamp Cc: "Jacques A. Vidrine" , Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch Message-ID: <20000902103149.W18862@fw.wintelcom.net> References: <20000902115449.A704@hamlet.nectar.com> <41094.967914166@critter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.4i In-Reply-To: <41094.967914166@critter>; from phk@critter.freebsd.dk on Sat, Sep 02, 2000 at 07:02:46PM +0200 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG * Poul-Henning Kamp [000902 10:06] wrote: > > Since we're on this topic anyway, there is one thing which has always > bothered me: Why don't we have the option of a per user alias file > for hostnames ? > > I would love to be able to say: > > echo "freefall freefall.freebsd.org" >> $HOME/.hostaliases > > and be able to say just: > > ssh freefall > > no matter how the local resolver and/or /etc/hosts file were configured... Wouldn't that allow a user to take advantage of a program that has stripped itself of privledge but still needs to be protected from changes like that? -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 10:43:38 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 81CE737B422; Sat, 2 Sep 2000 10:43:35 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e82HeuN41162; Sat, 2 Sep 2000 19:40:56 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Alfred Perlstein Cc: "Jacques A. Vidrine" , Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch In-Reply-To: Your message of "Sat, 02 Sep 2000 10:31:49 PDT." <20000902103149.W18862@fw.wintelcom.net> Date: Sat, 02 Sep 2000 19:40:56 +0200 Message-ID: <41160.967916456@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20000902103149.W18862@fw.wintelcom.net>, Alfred Perlstein writes: >* Poul-Henning Kamp [000902 10:06] wrote: >> >> Since we're on this topic anyway, there is one thing which has always >> bothered me: Why don't we have the option of a per user alias file >> for hostnames ? >> >> I would love to be able to say: >> >> echo "freefall freefall.freebsd.org" >> $HOME/.hostaliases >> >> and be able to say just: >> >> ssh freefall >> >> no matter how the local resolver and/or /etc/hosts file were configured... > >Wouldn't that allow a user to take advantage of a program that has >stripped itself of privledge but still needs to be protected from >changes like that? Uhm, such as ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 11: 6:11 2000 Delivered-To: freebsd-arch@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id B048237B43C for ; Sat, 2 Sep 2000 11:06:08 -0700 (PDT) Received: (qmail 61645 invoked by uid 1001); 2 Sep 2000 18:06:06 +0000 (GMT) To: phk@critter.freebsd.dk Cc: n@nectar.com, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch From: sthaug@nethelp.no In-Reply-To: Your message of "Sat, 02 Sep 2000 19:02:46 +0200" References: <41094.967914166@critter> X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sat, 02 Sep 2000 20:06:06 +0200 Message-ID: <61643.967917966@verdi.nethelp.no> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Since we're on this topic anyway, there is one thing which has always > bothered me: Why don't we have the option of a per user alias file > for hostnames ? > > I would love to be able to say: > > echo "freefall freefall.freebsd.org" >> $HOME/.hostaliases > > and be able to say just: > > ssh freefall > > no matter how the local resolver and/or /etc/hosts file were configured... The mechanism already exists. See libc/net/res_query.c, the hostalias() routine: if (_res.options & RES_NOALIASES) return (NULL); if (issetugid()) return (NULL); file = getenv("HOSTALIASES"); and the environment variable needs to point to a file with lines in the format short-name full.name.dom.ain As you can see, it is explicitly disabled for setuid programs. It works for ssh as soon as you make ssh non-setuid (which I think is a good idea in any case...) Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 11:29:39 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id 94FC637B422 for ; Sat, 2 Sep 2000 11:29:33 -0700 (PDT) Received: from localhost (localhost [::1]) (authenticated) by peace.mahoroba.org (8.11.0/8.11.0/peace) with ESMTP/inet6 id e82ISNE07988; Sun, 3 Sep 2000 03:28:23 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Sun, 03 Sep 2000 03:28:19 +0900 (JST) Message-Id: <20000903.032819.74751076.ume@mahoroba.org> To: n@nectar.com Cc: arch@freebsd.org Subject: Re: Request for review: nsswitch From: Hajimu UMEMOTO In-Reply-To: <20000902115449.A704@hamlet.nectar.com> References: <20000901163728.C19985@hamlet.nectar.com> <20000903.000259.104074195.ume@FreeBSD.org> <20000902115449.A704@hamlet.nectar.com> X-Mailer: xcite1.20> Mew version 1.95b38 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> On Sat, 2 Sep 2000 11:54:50 -0500 >>>>> "Jacques A. Vidrine" said: n> These were taken from NetBSD. The default sources were chosen after n> quite a bit of debate on the NetBSD mailing lists. In short, tradition n> won. It seems NetBSD's default is files,dns, now. This change was made at about 10 months ago (gethnamaddr.c 1.26 -> 1.27). -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 11:44:17 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id B2D8237B423 for ; Sat, 2 Sep 2000 11:44:15 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 54A041925F; Sat, 2 Sep 2000 13:44:11 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id NAA00530; Sat, 2 Sep 2000 13:44:11 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Sat, 2 Sep 2000 13:44:11 -0500 From: "Jacques A. Vidrine" To: Hajimu UMEMOTO Cc: arch@freebsd.org Subject: Re: Request for review: nsswitch Message-ID: <20000902134411.A459@hamlet.nectar.com> References: <20000901163728.C19985@hamlet.nectar.com> <20000903.000259.104074195.ume@FreeBSD.org> <20000902115449.A704@hamlet.nectar.com> <20000903.032819.74751076.ume@mahoroba.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000903.032819.74751076.ume@mahoroba.org>; from ume@mahoroba.org on Sun, Sep 03, 2000 at 03:28:19AM +0900 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Sep 03, 2000 at 03:28:19AM +0900, Hajimu UMEMOTO wrote: > It seems NetBSD's default is files,dns, now. This change was made at > about 10 months ago (gethnamaddr.c 1.26 -> 1.27). Ah, but that has never made it into any NetBSD release. Perhaps another thread should be started if we want to change our hard-coded defaults? -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 11:54:41 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peace.mahoroba.org (peace.calm.imasy.or.jp [202.227.26.34]) by hub.freebsd.org (Postfix) with ESMTP id E22EB37B422 for ; Sat, 2 Sep 2000 11:54:37 -0700 (PDT) Received: from localhost (localhost [::1]) (authenticated) by peace.mahoroba.org (8.11.0/8.11.0/peace) with ESMTP/inet6 id e82IrhE08105; Sun, 3 Sep 2000 03:53:43 +0900 (JST) (envelope-from ume@mahoroba.org) Date: Sun, 03 Sep 2000 03:53:39 +0900 (JST) Message-Id: <20000903.035339.92585095.ume@mahoroba.org> To: n@nectar.com Cc: arch@freebsd.org Subject: Re: Request for review: nsswitch From: Hajimu UMEMOTO In-Reply-To: <20000902134411.A459@hamlet.nectar.com> References: <20000902115449.A704@hamlet.nectar.com> <20000903.032819.74751076.ume@mahoroba.org> <20000902134411.A459@hamlet.nectar.com> X-Mailer: xcite1.20> Mew version 1.95b38 on Emacs 20.7 / Mule 4.0 =?iso-2022-jp?B?KBskQjJWMWMbKEIp?= X-PGP-Public-Key: http://www.imasy.org/~ume/publickey.asc X-PGP-Fingerprint: 6B 0C 53 FC 5D D0 37 91 05 D0 B3 EF 36 9B 6A BC X-URL: http://www.imasy.org/~ume/ X-OS: FreeBSD 5.0-CURRENT Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> On Sat, 2 Sep 2000 13:44:11 -0500 >>>>> "Jacques A. Vidrine" said: n> On Sun, Sep 03, 2000 at 03:28:19AM +0900, Hajimu UMEMOTO wrote: > It seems NetBSD's default is files,dns, now. This change was made at > about 10 months ago (gethnamaddr.c 1.26 -> 1.27). n> Ah, but that has never made it into any NetBSD release. Yes. I believe NetBSD 1.5-RELEASE will be released before our 4.2-RELEASE. :-) -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan ume@mahoroba.org ume@bisd.hitachi.co.jp ume@FreeBSD.org http://www.imasy.org/~ume/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 12:53: 3 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 62BD037B422; Sat, 2 Sep 2000 12:53:00 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e82JqsN41584; Sat, 2 Sep 2000 21:52:54 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: sthaug@nethelp.no Cc: n@nectar.com, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch In-Reply-To: Your message of "Sat, 02 Sep 2000 20:06:06 +0200." <61643.967917966@verdi.nethelp.no> Date: Sat, 02 Sep 2000 21:52:54 +0200 Message-ID: <41582.967924374@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <61643.967917966@verdi.nethelp.no>, sthaug@nethelp.no writes: > >The mechanism already exists. See libc/net/res_query.c, the hostalias() >routine: Cool! >As you can see, it is explicitly disabled for setuid programs. It works >for ssh as soon as you make ssh non-setuid (which I think is a good idea >in any case...) Why would ssh need to be setuid ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 12:55:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from verdi.nethelp.no (verdi.nethelp.no [158.36.41.162]) by hub.freebsd.org (Postfix) with SMTP id 8D34337B43C for ; Sat, 2 Sep 2000 12:55:15 -0700 (PDT) Received: (qmail 62719 invoked by uid 1001); 2 Sep 2000 19:55:13 +0000 (GMT) To: phk@critter.freebsd.dk Cc: n@nectar.com, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch From: sthaug@nethelp.no In-Reply-To: Your message of "Sat, 02 Sep 2000 21:52:54 +0200" References: <41582.967924374@critter> X-Mailer: Mew version 1.05+ on Emacs 19.34.2 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Date: Sat, 02 Sep 2000 21:55:13 +0200 Message-ID: <62717.967924513@verdi.nethelp.no> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > >As you can see, it is explicitly disabled for setuid programs. It works > >for ssh as soon as you make ssh non-setuid (which I think is a good idea > >in any case...) > > Why would ssh need to be setuid ? To be able to emulate rsh by using a port < 1024, I assume. It's installed setuid by default in 4.1 - personally I think this is wrong and should be changed. Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13: 0:43 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id 8EFB337B43F; Sat, 2 Sep 2000 13:00:40 -0700 (PDT) Received: (from dan@localhost) by dan.emsphone.com (8.9.3/8.9.3) id OAA07074; Sat, 2 Sep 2000 14:58:22 -0500 (CDT) (envelope-from dan) Date: Sat, 2 Sep 2000 14:58:22 -0500 From: Dan Nelson To: sthaug@nethelp.no Cc: phk@critter.freebsd.dk, n@nectar.com, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch Message-ID: <20000902145822.B28852@dan.emsphone.com> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: Mutt/1.3.8i In-Reply-To: <62717.967924513@verdi.nethelp.no>; from "sthaug@nethelp.no" on Sat Sep 2 21:55:13 GMT 2000 X-OS: FreeBSD 5.0-CURRENT Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In the last episode (Sep 02), sthaug@nethelp.no said: > > >As you can see, it is explicitly disabled for setuid programs. It works > > >for ssh as soon as you make ssh non-setuid (which I think is a good idea > > >in any case...) > > > > Why would ssh need to be setuid ? > > To be able to emulate rsh by using a port < 1024, I assume. It's > installed setuid by default in 4.1 - personally I think this is wrong > and should be changed. Rather, it's so it can read the host key, which is only readable by root. -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13: 2:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id A37CF37B422; Sat, 2 Sep 2000 13:02:22 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 82A7C1925F; Sat, 2 Sep 2000 15:02:21 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id PAA01272; Sat, 2 Sep 2000 15:02:21 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Sat, 2 Sep 2000 15:02:21 -0500 From: "Jacques A. Vidrine" To: Dan Nelson Cc: sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902150221.A1263@hamlet.nectar.com> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000902145822.B28852@dan.emsphone.com>; from dnelson@emsphone.com on Sat, Sep 02, 2000 at 02:58:22PM -0500 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: > Rather, it's so it can read the host key, which is only readable by > root. We're talking about ssh, not sshd. IMHO, ssh should be mode 0555. I have to change this all the time on my machines, since I often socksify ssh. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:16:44 2000 Delivered-To: freebsd-arch@freebsd.org Received: from dan.emsphone.com (dan.emsphone.com [199.67.51.101]) by hub.freebsd.org (Postfix) with ESMTP id BFC7337B423; Sat, 2 Sep 2000 13:16:42 -0700 (PDT) Received: (from dan@localhost) by dan.emsphone.com (8.9.3/8.9.3) id PAA08128; Sat, 2 Sep 2000 15:14:07 -0500 (CDT) (envelope-from dan) Date: Sat, 2 Sep 2000 15:14:07 -0500 From: Dan Nelson To: "Jacques A. Vidrine" Cc: sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902151406.A7615@dan.emsphone.com> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> <20000902150221.A1263@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: Mutt/1.3.8i In-Reply-To: <20000902150221.A1263@hamlet.nectar.com>; from "Jacques A. Vidrine" on Sat Sep 2 15:02:21 GMT 2000 X-OS: FreeBSD 5.0-CURRENT Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In the last episode (Sep 02), Jacques A. Vidrine said: > On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: > > Rather, it's so it can read the host key, which is only readable by > > root. > > We're talking about ssh, not sshd. (assume we're connecting from pc1 to pc2 ) Right; if ssh is not setuid, it doesn't have access to pc1's private host key, so the sshd on pc2 cannot verify pc1's identity. That means sshd can't use .shosts. See the ssh/sshd manpage, under "RhostsRSAAuthentication". -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:17: 0 2000 Delivered-To: freebsd-arch@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id C097A37B424; Sat, 2 Sep 2000 13:16:57 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13VJgG-000AJP-00; Sat, 02 Sep 2000 22:14:24 +0200 Date: Sat, 2 Sep 2000 22:14:24 +0200 From: Neil Blakey-Milner To: "Jacques A. Vidrine" Cc: Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902221424.A39558@mithrandr.moria.org> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> <20000902150221.A1263@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <20000902150221.A1263@hamlet.nectar.com>; from n@nectar.com on Sat, Sep 02, 2000 at 03:02:21PM -0500 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat 2000-09-02 (15:02), Jacques A. Vidrine wrote: > On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: > > Rather, it's so it can read the host key, which is only readable by > > root. > > We're talking about ssh, not sshd. So was he. He is talking RhostsRSAAuthentication. I think we needn't worry about it, and we should default to non-suid, with a comment in the configuration stating that RhostsRSAAuthentication requires suid-root on the ssh binary on the client side. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:21:23 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 9462837B422; Sat, 2 Sep 2000 13:21:09 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id VAA80731; Sat, 2 Sep 2000 21:15:58 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82KFN740808; Sat, 2 Sep 2000 21:15:23 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022015.e82KFN740808@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: "Jacques A. Vidrine" Cc: Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) In-Reply-To: Message from "Jacques A. Vidrine" of "Sat, 02 Sep 2000 15:02:21 CDT." <20000902150221.A1263@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 21:15:23 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: > > Rather, it's so it can read the host key, which is only readable by > > root. > > We're talking about ssh, not sshd. > > IMHO, ssh should be mode 0555. I have to change this all the time on > my machines, since I often socksify ssh. Yes, a make.conf variable would be in order, defaulting to 0555 in line with FallBackToRsh being set to no in /etc/ssh/ssh_config. It would also be worth mentioning the make.conf setting in ssh_config. > -- > Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:24:16 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id CEDC137B424; Sat, 2 Sep 2000 13:24:13 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e82KO5N41786; Sat, 2 Sep 2000 22:24:06 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: Brian Somers Cc: "Jacques A. Vidrine" , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) In-Reply-To: Your message of "Sat, 02 Sep 2000 21:15:23 BST." <200009022015.e82KFN740808@hak.lan.Awfulhak.org> Date: Sat, 02 Sep 2000 22:24:05 +0200 Message-ID: <41784.967926245@critter> From: Poul-Henning Kamp Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200009022015.e82KFN740808@hak.lan.Awfulhak.org>, Brian Somers write s: >> On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: >> > Rather, it's so it can read the host key, which is only readable by >> > root. >> >> We're talking about ssh, not sshd. >> >> IMHO, ssh should be mode 0555. I have to change this all the time on >> my machines, since I often socksify ssh. > >Yes, a make.conf variable would be in order, defaulting to 0555 in >line with FallBackToRsh being set to no in /etc/ssh/ssh_config. Uhm, how about a ssh_config variable where you tell it to drop the setuid bit right away, wouldn't that work ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:35:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id A033D37B423; Sat, 2 Sep 2000 13:35:20 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13VJy0-000ANh-00; Sat, 02 Sep 2000 22:32:44 +0200 Date: Sat, 2 Sep 2000 22:32:44 +0200 From: Neil Blakey-Milner To: Poul-Henning Kamp Cc: Brian Somers , "Jacques A. Vidrine" , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902223244.A39844@mithrandr.moria.org> References: <200009022015.e82KFN740808@hak.lan.Awfulhak.org> <41784.967926245@critter> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <41784.967926245@critter>; from phk@critter.freebsd.dk on Sat, Sep 02, 2000 at 10:24:05PM +0200 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > In message <200009022015.e82KFN740808@hak.lan.Awfulhak.org>, Brian Somers write > s: > >> On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: > >> > Rather, it's so it can read the host key, which is only readable by > >> > root. > >> > >> We're talking about ssh, not sshd. > >> > >> IMHO, ssh should be mode 0555. I have to change this all the time on > >> my machines, since I often socksify ssh. > > > >Yes, a make.conf variable would be in order, defaulting to 0555 in > >line with FallBackToRsh being set to no in /etc/ssh/ssh_config. > > Uhm, how about a ssh_config variable where you tell it to drop > the setuid bit right away, wouldn't that work ? I'd prefer to leave it off. It means one less file to assure myself is safe, if I were thinking with my paranoid security hat on. Most configurations don't need it, and those that do have to edit /etc/ssh/sshd_config on the server side anyway. A comment there will be the most effective way to getting to it. /etc/ssh/sshd_config has already: IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication RhostsRSAAuthentication no The make.conf variable would be useful not to whack that suid bit off next time you buildworld. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:47:57 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id F168837B423; Sat, 2 Sep 2000 13:47:54 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 1D4F81925F; Sat, 2 Sep 2000 15:47:54 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id PAA01346; Sat, 2 Sep 2000 15:47:54 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Sat, 2 Sep 2000 15:47:54 -0500 From: "Jacques A. Vidrine" To: Dan Nelson Cc: sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902154753.B1263@hamlet.nectar.com> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> <20000902150221.A1263@hamlet.nectar.com> <20000902151406.A7615@dan.emsphone.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000902151406.A7615@dan.emsphone.com>; from dnelson@emsphone.com on Sat, Sep 02, 2000 at 03:14:07PM -0500 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Sep 02, 2000 at 03:14:07PM -0500, Dan Nelson wrote: > (assume we're connecting from pc1 to pc2 ) > > Right; if ssh is not setuid, it doesn't have access to pc1's private > host key, so the sshd on pc2 cannot verify pc1's identity. That means > sshd can't use .shosts. See the ssh/sshd manpage, under > "RhostsRSAAuthentication". Sorry, I thought you were talking about something else. RhostsRSAAuthentication is, of course, off by default. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:52:31 2000 Delivered-To: freebsd-arch@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id C469A37B424; Sat, 2 Sep 2000 13:52:25 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13VKFK-000AQU-00; Sat, 02 Sep 2000 22:50:38 +0200 Date: Sat, 2 Sep 2000 22:50:38 +0200 From: Neil Blakey-Milner To: "Jacques A. Vidrine" Cc: Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902225038.A40067@mithrandr.moria.org> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> <20000902150221.A1263@hamlet.nectar.com> <20000902151406.A7615@dan.emsphone.com> <20000902154753.B1263@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <20000902154753.B1263@hamlet.nectar.com>; from n@nectar.com on Sat, Sep 02, 2000 at 03:47:54PM -0500 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat 2000-09-02 (15:47), Jacques A. Vidrine wrote: > On Sat, Sep 02, 2000 at 03:14:07PM -0500, Dan Nelson wrote: > > (assume we're connecting from pc1 to pc2 ) > > > > Right; if ssh is not setuid, it doesn't have access to pc1's private > > host key, so the sshd on pc2 cannot verify pc1's identity. That means > > sshd can't use .shosts. See the ssh/sshd manpage, under > > "RhostsRSAAuthentication". > > Sorry, I thought you were talking about something else. > > RhostsRSAAuthentication is, of course, off by default. On the server side, yes. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 13:57: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 5268E37B423; Sat, 2 Sep 2000 13:57:02 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 8461E1925F; Sat, 2 Sep 2000 15:57:01 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id PAA01402; Sat, 2 Sep 2000 15:57:01 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Sat, 2 Sep 2000 15:57:01 -0500 From: "Jacques A. Vidrine" To: Neil Blakey-Milner Cc: Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902155701.C1263@hamlet.nectar.com> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> <20000902150221.A1263@hamlet.nectar.com> <20000902221424.A39558@mithrandr.moria.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000902221424.A39558@mithrandr.moria.org>; from nbm@mithrandr.moria.org on Sat, Sep 02, 2000 at 10:14:24PM +0200 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Sep 02, 2000 at 10:14:24PM +0200, Neil Blakey-Milner wrote: > So was he. He is talking RhostsRSAAuthentication. I think we needn't > worry about it, and we should default to non-suid, with a comment in the > configuration stating that RhostsRSAAuthentication requires suid-root on > the ssh binary on the client side. Agreed. It may make sense to have ssh warn if it is not setuid, and this option has been requested, e.g. @@ -546,6 +546,10 @@ } /* Disable rhosts authentication if not running as root. */ if (original_effective_uid != 0 || !options.use_privileged_port) { + if (options.rhosts_authentication || + options.rhosts_rsa_authentication) + log("Warning: rhosts disabled - " + "insufficient privileges"); options.rhosts_authentication = 0; options.rhosts_rsa_authentication = 0; } -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14: 1:59 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 0294337B42C; Sat, 2 Sep 2000 14:01:57 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 5A6161925F; Sat, 2 Sep 2000 16:01:56 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id QAA01430; Sat, 2 Sep 2000 16:01:56 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Sat, 2 Sep 2000 16:01:56 -0500 From: "Jacques A. Vidrine" To: Neil Blakey-Milner Cc: Poul-Henning Kamp , Brian Somers , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die Message-ID: <20000902160156.D1263@hamlet.nectar.com> References: <200009022015.e82KFN740808@hak.lan.Awfulhak.org> <41784.967926245@critter> <20000902223244.A39844@mithrandr.moria.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000902223244.A39844@mithrandr.moria.org>; from nbm@mithrandr.moria.org on Sat, Sep 02, 2000 at 10:32:44PM +0200 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > Uhm, how about a ssh_config variable where you tell it to drop > > the setuid bit right away, wouldn't that work ? > > I'd prefer to leave it off. It means one less file to assure myself is > safe, if I were thinking with my paranoid security hat on. In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH and such, breaking SOCKS. ssh is the type of application one would expect to use with SOCKS, so I'd prefer not having the gratuitous setuid bit set. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:24:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id E652C37B42C; Sat, 2 Sep 2000 14:24:44 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id WAA81095; Sat, 2 Sep 2000 22:22:07 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82LLV771512; Sat, 2 Sep 2000 22:21:31 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: "Jacques A. Vidrine" Cc: Neil Blakey-Milner , Poul-Henning Kamp , Brian Somers , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org Subject: Re: setuid ssh should die In-Reply-To: Message from "Jacques A. Vidrine" of "Sat, 02 Sep 2000 16:01:56 CDT." <20000902160156.D1263@hamlet.nectar.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <71489.967929690.1@hak.lan.Awfulhak.org> Date: Sat, 02 Sep 2000 22:21:31 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > > Uhm, how about a ssh_config variable where you tell it to drop > > > the setuid bit right away, wouldn't that work ? > > > > I'd prefer to leave it off. It means one less file to assure myself is > > safe, if I were thinking with my paranoid security hat on. > > In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH > and such, breaking SOCKS. ssh is the type of application one would > expect to use with SOCKS, so I'd prefer not having the gratuitous setuid > bit set. What do people reckon then (-arch cc'd) ? I'll add #ENABLE_SUIDSSH= true to etc/defaults/make.conf then mention it in ssh_config and make the adjustment to the ssh build so that it defaults to *not* being suid. > -- > Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:24:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id E652C37B42C; Sat, 2 Sep 2000 14:24:44 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id WAA81095; Sat, 2 Sep 2000 22:22:07 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82LLV771512; Sat, 2 Sep 2000 22:21:31 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: "Jacques A. Vidrine" Cc: Neil Blakey-Milner , Poul-Henning Kamp , Brian Somers , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org Subject: Re: setuid ssh should die In-Reply-To: Message from "Jacques A. Vidrine" of "Sat, 02 Sep 2000 16:01:56 CDT." <20000902160156.D1263@hamlet.nectar.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <71489.967929690.1@hak.lan.Awfulhak.org> Date: Sat, 02 Sep 2000 22:21:31 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > > Uhm, how about a ssh_config variable where you tell it to drop > > > the setuid bit right away, wouldn't that work ? > > > > I'd prefer to leave it off. It means one less file to assure myself is > > safe, if I were thinking with my paranoid security hat on. > > In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH > and such, breaking SOCKS. ssh is the type of application one would > expect to use with SOCKS, so I'd prefer not having the gratuitous setuid > bit set. What do people reckon then (-arch cc'd) ? I'll add #ENABLE_SUIDSSH= true to etc/defaults/make.conf then mention it in ssh_config and make the adjustment to the ssh build so that it defaults to *not* being suid. > -- > Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:25:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from peach.ocn.ne.jp (peach.ocn.ne.jp [210.145.254.87]) by hub.freebsd.org (Postfix) with ESMTP id 22C3C37B424; Sat, 2 Sep 2000 14:25:18 -0700 (PDT) Received: from newsguy.com (p23-dn01kiryunisiki.gunma.ocn.ne.jp [211.0.245.24]) by peach.ocn.ne.jp (8.9.1a/OCN/) with ESMTP id GAA14459; Sun, 3 Sep 2000 06:25:04 +0900 (JST) Message-ID: <39B17018.7F5B283C@newsguy.com> Date: Sun, 03 Sep 2000 06:24:40 +0900 From: "Daniel C. Sobral" X-Mailer: Mozilla 4.7 [en] (Win98; I) X-Accept-Language: en,pt-BR MIME-Version: 1.0 To: "Jacques A. Vidrine" Cc: Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch References: <20000831130504.A26641@hamlet.nectar.com> <200009010047.RAA43862@vashon.polstra.com> <20000901163728.C19985@hamlet.nectar.com> <20000903.000259.104074195.ume@FreeBSD.org> <20000902115449.A704@hamlet.nectar.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG "Jacques A. Vidrine" wrote: > > > It should be unified. Recently, FreeBSD's default behavior is lookup > > /etc/hosts first by /etc/host.conf. > > Not exactly: FreeBSD's default behavior is BIND, then /etc/hosts. It > just so happens that we install an /etc/host.conf file that gives > behavior different than the hard-coded defaults. We could install an > initial /etc/nsswitch.conf with contents `hosts: files dns' for the same > reasons (whatever those were). Which would justify use of /etc/defaults. :-) -- Daniel C. Sobral (8-DCS) dcs@newsguy.com dcs@freebsd.org capo@white.bunnies.bsdconspiracy.net OK, so the solar flares are my fault.. I am sorry, ok?!?! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:48:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 99CAE37B42C; Sat, 2 Sep 2000 14:48:15 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id RAA60815; Sat, 2 Sep 2000 17:45:14 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sat, 2 Sep 2000 17:45:14 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: "Jacques A. Vidrine" Cc: Neil Blakey-Milner , Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) In-Reply-To: <20000902155701.C1263@hamlet.nectar.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Jacques A. Vidrine wrote: > On Sat, Sep 02, 2000 at 10:14:24PM +0200, Neil Blakey-Milner wrote: > > So was he. He is talking RhostsRSAAuthentication. I think we needn't > > worry about it, and we should default to non-suid, with a comment in the > > configuration stating that RhostsRSAAuthentication requires suid-root on > > the ssh binary on the client side. > > Agreed. > > It may make sense to have ssh warn if it is not setuid, and this option > has been requested, e.g. > > @@ -546,6 +546,10 @@ > } > /* Disable rhosts authentication if not running as root. */ > if (original_effective_uid != 0 || !options.use_privileged_port) { > + if (options.rhosts_authentication || > + options.rhosts_rsa_authentication) > + log("Warning: rhosts disabled - " > + "insufficient privileges"); > options.rhosts_authentication = 0; > options.rhosts_rsa_authentication = 0; > } That sucks. Don't do that. :-) Part of my BSDCon TrustedBSD talk is going to deal with precisely the type code that appears above: rather than checking uid's, please *attempt* the operation where possible (and I realize it's not always possible for compound operation). The reason is that this is a file system based access control check, and that the userland process cannot predict the access control used under the VFS layer. For file systems with non-local security models (NFS, AFS, Coda, smbfs), the local uid is often not a predictor of whether the call will succeed. Instead, either perform the open() directly to check, or make use of the access() syscall. In a capability-based environment, ssh may have CAP_DAC_READ_SEARCH and CAP_NET_BIND, which would permit it to (a) be protected from interference, and (b) read the key file and bind the requisite port. A uid==0 check would foil that, and require the application be modified. This is much the same as similar checks in kernel, where callers should not directly test for privilege, they should query the suser function. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:48:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 3030A37B509; Sat, 2 Sep 2000 14:48:20 -0700 (PDT) Received: from hamlet.nectar.com (hamlet.nectar.com [10.0.1.102]) by gw.nectar.com (Postfix) with ESMTP id 6FB6E1925F; Sat, 2 Sep 2000 16:48:19 -0500 (CDT) Received: (from nectar@localhost) by hamlet.nectar.com (8.9.3/8.9.3) id QAA01561; Sat, 2 Sep 2000 16:48:19 -0500 (CDT) (envelope-from nectar@spawn.nectar.com) Date: Sat, 2 Sep 2000 16:48:19 -0500 From: "Jacques A. Vidrine" To: Robert Watson Cc: Neil Blakey-Milner , Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902164819.B1497@hamlet.nectar.com> References: <20000902155701.C1263@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from rwatson@FreeBSD.ORG on Sat, Sep 02, 2000 at 05:45:14PM -0400 X-Url: http://www.nectar.com/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Sep 02, 2000 at 05:45:14PM -0400, Robert Watson wrote: > > @@ -546,6 +546,10 @@ > > } > > /* Disable rhosts authentication if not running as root. */ > > if (original_effective_uid != 0 || !options.use_privileged_port) { > > + if (options.rhosts_authentication || > > + options.rhosts_rsa_authentication) > > + log("Warning: rhosts disabled - " > > + "insufficient privileges"); > > options.rhosts_authentication = 0; > > options.rhosts_rsa_authentication = 0; > > } > > That sucks. Don't do that. :-) I didn't. That is a patch for OpenSSH's ssh.c, just adding a warning. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:51:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 7EB5537B43F for ; Sat, 2 Sep 2000 14:51:49 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id RAA60872; Sat, 2 Sep 2000 17:51:36 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sat, 2 Sep 2000 17:51:35 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Maxime Henrion Cc: freebsd-arch@freebsd.org Subject: Re: thought about allocation of the first 1024th ports In-Reply-To: <20000902180027.A13029@cybercable.fr> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In most cases, inetd is used to provide the type of service you describe. Inetd is capable of binding privileged ports, and then spawning service applications with specific sets of rights to receive the appropriate socket connections. For example, fingerd does not run with privilege under FreeBSD, rather as "nobody", which is configured in /etc/inetd.conf. Currently, for applications that cannot/do not use inetd (for example, applications with complex access control of their own, or performance requirements that can't be met with inetd), privilege is required, or a privileged helper is required. Even using today's mechanisms, you could imagine a socketsd running, which accepts unix domain socket connections passing a request for a specific type of socket to be bound. Using passed credentials, the daemon could verify the identity of the calling process, and then perform an authorization check. Using file descriptor passing on the UNIX domain socket, the privileged socket can be returned without delegating the binding privilege itself. This can be used for other forms of privileged activity -- the CMU cyrus server makes use of a privileged authentication daemon to perform password checks, rather than holding the privilege itself, reducing risk. You mention, in a follow-up e-mail, that capabilities are an option for addressing this. Yes, that is true, and you can find a capabilities implementation for FreeBSD on www.trustedbsd.org. If you use a -CURRENT of the last week or so, yop'll have to wait for me to put 0.5 of the patch online tonight. However, all CAP_NET_BIND does is violate the system protection policy against binding low port numbers without super-user privilege. This is not the same as fine-grained access control -- what it seems like you'd like is a way to bind new DAC-like access control requirements to specific port numbers. For example, a sysctl modifying an ACL in-kernel for each port number. I've considered such mechanisms, and even experimentally implemented them, but I think the real answer is a more general access control system. I'll describe the initial design for one at BSDcon in October, although the implementation is quite a ways away. In the mean time, use inetd where possible, otherwise use a secure privileged helper process of some sort, or be very careful when giving up privilege to get it right :-). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:53: 4 2000 Delivered-To: freebsd-arch@freebsd.org Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13]) by hub.freebsd.org (Postfix) with ESMTP id 3219937B423; Sat, 2 Sep 2000 14:52:53 -0700 (PDT) Received: from strontium.scientia.demon.co.uk ([192.168.91.36] ident=root) by scientia.demon.co.uk with esmtp (Exim 3.16 #1) id 13VKSv-000C4u-00; Sat, 02 Sep 2000 22:04:41 +0100 Received: (from ben@localhost) by strontium.scientia.demon.co.uk (8.9.3/8.9.3) id WAA30510; Sat, 2 Sep 2000 22:04:41 +0100 (BST) (envelope-from ben) Date: Sat, 2 Sep 2000 22:04:41 +0100 From: Ben Smithurst To: "Jacques A. Vidrine" Cc: Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902220441.O72445@strontium.scientia.demon.co.uk> References: <41582.967924374@critter> <62717.967924513@verdi.nethelp.no> <20000902145822.B28852@dan.emsphone.com> <20000902150221.A1263@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20000902150221.A1263@hamlet.nectar.com> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Jacques A. Vidrine wrote: > On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: >> Rather, it's so it can read the host key, which is only readable by >> root. > > We're talking about ssh, not sshd. Yes, ssh needs to read the host key for RhostsRSA authentication to work. If you don't use RhostsRSA, it doesn't need to be setuid. At least, that's my understanding, which may be wrong. Time for a SSH_SETUID knob in make.conf perhaps. -- Ben Smithurst / ben@FreeBSD.org / PGP: 0x99392F7D To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 14:58:54 2000 Delivered-To: freebsd-arch@freebsd.org Received: from scientia.demon.co.uk (scientia.demon.co.uk [212.228.14.13]) by hub.freebsd.org (Postfix) with ESMTP id 9C60D37B422; Sat, 2 Sep 2000 14:58:51 -0700 (PDT) Received: from strontium.scientia.demon.co.uk ([192.168.91.36] ident=root) by scientia.demon.co.uk with esmtp (Exim 3.16 #1) id 13VLJJ-000CAZ-00; Sat, 02 Sep 2000 22:58:49 +0100 Received: (from ben@localhost) by strontium.scientia.demon.co.uk (8.9.3/8.9.3) id WAA18412; Sat, 2 Sep 2000 22:58:49 +0100 (BST) (envelope-from ben) Date: Sat, 2 Sep 2000 22:58:49 +0100 From: Ben Smithurst To: Robert Watson Cc: arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Message-ID: <20000902225849.R72445@strontium.scientia.demon.co.uk> References: <20000902155701.C1263@hamlet.nectar.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Robert Watson wrote: > Instead, either perform the open() directly to check, or make use of the > access() syscall. Would this be the same access() whose manual page clearly says: CAVEAT Access() is a potential security hole and should never be used. -- Ben Smithurst / ben@FreeBSD.org / PGP: 0x99392F7D To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15: 7: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 6B82937B422; Sat, 2 Sep 2000 15:07:05 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id SAA61021; Sat, 2 Sep 2000 18:07:04 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sat, 2 Sep 2000 18:07:04 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Ben Smithurst Cc: arch@FreeBSD.org Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) In-Reply-To: <20000902225849.R72445@strontium.scientia.demon.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Ben Smithurst wrote: > Robert Watson wrote: > > > Instead, either perform the open() directly to check, or make use of the > > access() syscall. > > Would this be the same access() whose manual page clearly says: > > CAVEAT > Access() is a potential security hole and should never be used. I'd welcome correction here, but my understanding of this comment is that it refers to situations where access() is being used by the application to determine whether it should perform an activity. The gist of the comment is the same as I was suggesting: rather than trying to emulate kernel policy, just use it. I.e., don't access(), rather, open(). Otherwise race conditions can exist between the access check and the implementation of the operation. In kernel, VFS locking can provide atomicity guarantees between the check and the operation itself. In the case of a compound access statement, where multiple privileged operations will be performed and you'd rather give early warning of failure than fail nastily half-way through, access() is fine. I.e., access() is a hint mechanism to the user, rather than a protection mechanism. This is somewhat like some of the performance locking techniques, where you can ignore locks to improve performance in certain memory models, as you can read the value without atomicity guarantees before determining whether you want to pay the cost of locking, while maintaining safety. Correctness is maintained as the real check always occurs before harm is done, but performance or usability is improved. If there's another reason, I'd certainly be interested. I'd probably suggest correcting that comment to read that, if used improperly, it can be a security problem. But the same goes for write() :-). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:10:58 2000 Delivered-To: freebsd-arch@freebsd.org Received: from netplex.com.au (adsl-63-207-30-186.dsl.snfc21.pacbell.net [63.207.30.186]) by hub.freebsd.org (Postfix) with ESMTP id B34CB37B423; Sat, 2 Sep 2000 15:10:31 -0700 (PDT) Received: from netplex.com.au (peter@localhost [127.0.0.1]) by netplex.com.au (8.11.0/8.9.3) with ESMTP id e82M78G32995; Sat, 2 Sep 2000 15:07:08 -0700 (PDT) (envelope-from peter@netplex.com.au) Message-Id: <200009022207.e82M78G32995@netplex.com.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: Poul-Henning Kamp Cc: Brian Somers , "Jacques A. Vidrine" , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) In-Reply-To: <41784.967926245@critter> Date: Sat, 02 Sep 2000 15:07:08 -0700 From: Peter Wemm Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Poul-Henning Kamp wrote: > In message <200009022015.e82KFN740808@hak.lan.Awfulhak.org>, Brian Somers wri te > s: > >> On Sat, Sep 02, 2000 at 02:58:22PM -0500, Dan Nelson wrote: > >> > Rather, it's so it can read the host key, which is only readable by > >> > root. > >> > >> We're talking about ssh, not sshd. > >> > >> IMHO, ssh should be mode 0555. I have to change this all the time on > >> my machines, since I often socksify ssh. > > > >Yes, a make.conf variable would be in order, defaulting to 0555 in > >line with FallBackToRsh being set to no in /etc/ssh/ssh_config. > > Uhm, how about a ssh_config variable where you tell it to drop > the setuid bit right away, wouldn't that work ? It's too late by then. issetugid() is sticky and stays on forever. Perhaps we can add a clearsetugid() syscall that apps can call when they are prepared to guarantee that things like libc getpwent() don't have a cached copy of the priviliged master.passwd in memory that a coredump might otherwise expose or ptrace() could extract. On the other hand, I don't think applications *can* make this guarantee - they have no way to be *certain* that libc hasn't cached something sensitive. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:12:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 799C637B423; Sat, 2 Sep 2000 15:12:13 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id SAA61047; Sat, 2 Sep 2000 18:09:48 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sat, 2 Sep 2000 18:09:48 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: "Jacques A. Vidrine" Cc: Neil Blakey-Milner , Dan Nelson , sthaug@nethelp.no, phk@critter.freebsd.dk, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) In-Reply-To: <20000902164819.B1497@hamlet.nectar.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Jacques A. Vidrine wrote: > On Sat, Sep 02, 2000 at 05:45:14PM -0400, Robert Watson wrote: > > > @@ -546,6 +546,10 @@ > > > } > > > /* Disable rhosts authentication if not running as root. */ > > > if (original_effective_uid != 0 || !options.use_privileged_port) { > > > + if (options.rhosts_authentication || > > > + options.rhosts_rsa_authentication) > > > + log("Warning: rhosts disabled - " > > > + "insufficient privileges"); > > > options.rhosts_authentication = 0; > > > options.rhosts_rsa_authentication = 0; > > > } > > > > That sucks. Don't do that. :-) > > I didn't. That is a patch for OpenSSH's ssh.c, just adding a warning. Sorry about that -- in any case, we should probably correct that issue. If no one else does, I'll get to it on the capability patch sooner or later. I've been picking up a lot of similar limits elsewhere in the system: it's fine for userland applications to use uid's to enforce application policies, but short-circuiting kernel access control results in userland can make it difficult to modify the kernel policy later. The two policy realms are really fairly different: su's wheel limitation for root access is an example of an application policy limiting the scope of access to kernel resources in a useful way. SSH checking whether it thinks the kernel will let it read a key file or bind a port is less so. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:12:23 2000 Delivered-To: freebsd-arch@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 8928037B423; Sat, 2 Sep 2000 15:12:21 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id PAA83959; Sat, 2 Sep 2000 15:12:21 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 2 Sep 2000 15:12:21 -0700 (PDT) From: Kris Kennaway To: Peter Wemm Cc: Poul-Henning Kamp , Brian Somers , "Jacques A. Vidrine" , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) In-Reply-To: <200009022207.e82M78G32995@netplex.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Peter Wemm wrote: > Perhaps we can add a clearsetugid() syscall that apps can call when they > are prepared to guarantee that things like libc getpwent() don't have a > cached copy of the priviliged master.passwd in memory that a coredump might > otherwise expose or ptrace() could extract. Yes, I'd be against this on these grounds. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:18:30 2000 Delivered-To: freebsd-arch@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 6DE9037B422; Sat, 2 Sep 2000 15:18:28 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id PAA84793; Sat, 2 Sep 2000 15:18:28 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 2 Sep 2000 15:18:27 -0700 (PDT) From: Kris Kennaway To: Brian Somers Cc: "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org Subject: Re: setuid ssh should die In-Reply-To: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Brian Somers wrote: > What do people reckon then (-arch cc'd) ? I'll add > > #ENABLE_SUIDSSH= true > > to etc/defaults/make.conf then mention it in ssh_config and make the > adjustment to the ssh build so that it defaults to *not* being suid. I have no problems making ssh non-suid by default since most people dont use RhostsRSAAuthentication. Since I have ssh changes in the works please send me the patches and I'll apply them after the upgrade. Please add information to the manpage on how to fix it, and a helpful error telling them what to do when the user tries to use it. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:18:35 2000 Delivered-To: freebsd-arch@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 6DE9037B422; Sat, 2 Sep 2000 15:18:28 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id PAA84793; Sat, 2 Sep 2000 15:18:28 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 2 Sep 2000 15:18:27 -0700 (PDT) From: Kris Kennaway To: Brian Somers Cc: "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org Subject: Re: setuid ssh should die In-Reply-To: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Brian Somers wrote: > What do people reckon then (-arch cc'd) ? I'll add > > #ENABLE_SUIDSSH= true > > to etc/defaults/make.conf then mention it in ssh_config and make the > adjustment to the ssh build so that it defaults to *not* being suid. I have no problems making ssh non-suid by default since most people dont use RhostsRSAAuthentication. Since I have ssh changes in the works please send me the patches and I'll apply them after the upgrade. Please add information to the manpage on how to fix it, and a helpful error telling them what to do when the user tries to use it. Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:20:30 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 2A8E337B422 for ; Sat, 2 Sep 2000 15:20:28 -0700 (PDT) Received: from billy-club.village.org (billy-club.village.org [10.0.0.3]) by rover.village.org (8.9.3/8.9.3) with ESMTP id QAA15200; Sat, 2 Sep 2000 16:20:26 -0600 (MDT) (envelope-from imp@billy-club.village.org) Received: from billy-club.village.org (localhost [127.0.0.1]) by billy-club.village.org (8.11.0/8.8.3) with ESMTP id e82MKCG02370; Sat, 2 Sep 2000 16:20:12 -0600 (MDT) Message-Id: <200009022220.e82MKCG02370@billy-club.village.org> To: Poul-Henning Kamp Subject: Re: Request for review: nsswitch Cc: arch@FreeBSD.ORG In-reply-to: Your message of "Sat, 02 Sep 2000 19:02:46 +0200." <41094.967914166@critter> References: <41094.967914166@critter> Date: Sat, 02 Sep 2000 16:20:12 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <41094.967914166@critter> Poul-Henning Kamp writes: : bothered me: Why don't we have the option of a per user alias file : for hostnames ? We do. It just doesn't work with setuid programs at the moment. cf src/lib/libc/net/res_query.c and HOSTALIASES. It is disable for setuid root programs because it introduces some nasty security holes otherwise. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:23:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id DC57837B43C for ; Sat, 2 Sep 2000 15:23:07 -0700 (PDT) Received: from billy-club.village.org (billy-club.village.org [10.0.0.3]) by rover.village.org (8.9.3/8.9.3) with ESMTP id QAA15209; Sat, 2 Sep 2000 16:23:06 -0600 (MDT) (envelope-from imp@billy-club.village.org) Received: from billy-club.village.org (localhost [127.0.0.1]) by billy-club.village.org (8.11.0/8.8.3) with ESMTP id e82MMqG02383; Sat, 2 Sep 2000 16:22:52 -0600 (MDT) Message-Id: <200009022222.e82MMqG02383@billy-club.village.org> To: "Jacques A. Vidrine" Subject: Re: setuid ssh should die Cc: arch@FreeBSD.ORG In-reply-to: Your message of "Sat, 02 Sep 2000 16:01:56 CDT." <20000902160156.D1263@hamlet.nectar.com> References: <20000902160156.D1263@hamlet.nectar.com> <200009022015.e82KFN740808@hak.lan.Awfulhak.org> <41784.967926245@critter> <20000902223244.A39844@mithrandr.moria.org> Date: Sat, 02 Sep 2000 16:22:52 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <20000902160156.D1263@hamlet.nectar.com> "Jacques A. Vidrine" writes: : In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH : and such, breaking SOCKS. ssh is the type of application one would : expect to use with SOCKS, so I'd prefer not having the gratuitous setuid : bit set. I just use my socks patches to the in-tree ssh. I thought I'd committed them a while ago, but it looks like I didn't. Put me down for "turn of setuid" bit. It is needed only for rsh compatibility (yes, in the client), but we shouldn't encourage that usage of ssh. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:26: 2 2000 Delivered-To: freebsd-arch@freebsd.org Received: from netplex.com.au (adsl-63-207-30-186.dsl.snfc21.pacbell.net [63.207.30.186]) by hub.freebsd.org (Postfix) with ESMTP id 1188137B424; Sat, 2 Sep 2000 15:25:57 -0700 (PDT) Received: from netplex.com.au (peter@localhost [127.0.0.1]) by netplex.com.au (8.11.0/8.9.3) with ESMTP id e82MMSG33103; Sat, 2 Sep 2000 15:22:28 -0700 (PDT) (envelope-from peter@netplex.com.au) Message-Id: <200009022222.e82MMSG33103@netplex.com.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: Brian Somers Cc: "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Subject: Re: setuid ssh should die In-Reply-To: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> Date: Sat, 02 Sep 2000 15:22:28 -0700 From: Peter Wemm Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Brian Somers wrote: > > On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > > > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > > > Uhm, how about a ssh_config variable where you tell it to drop > > > > the setuid bit right away, wouldn't that work ? > > > > > > I'd prefer to leave it off. It means one less file to assure myself is > > > safe, if I were thinking with my paranoid security hat on. > > > > In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH > > and such, breaking SOCKS. ssh is the type of application one would > > expect to use with SOCKS, so I'd prefer not having the gratuitous setuid > > bit set. > > What do people reckon then (-arch cc'd) ? I'll add > > #ENABLE_SUIDSSH= true > > to etc/defaults/make.conf then mention it in ssh_config and make the > adjustment to the ssh build so that it defaults to *not* being suid. Actually.. here's a thought.. we presently install ssh and hard link it to slogin. Perhaps we could install it twice instead (its 148K or so) and leave setuid *off* ssh and *on* for slogin. And make a make.conf hook about whether or not to install slogin. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:26: 2 2000 Delivered-To: freebsd-arch@freebsd.org Received: from netplex.com.au (adsl-63-207-30-186.dsl.snfc21.pacbell.net [63.207.30.186]) by hub.freebsd.org (Postfix) with ESMTP id 1188137B424; Sat, 2 Sep 2000 15:25:57 -0700 (PDT) Received: from netplex.com.au (peter@localhost [127.0.0.1]) by netplex.com.au (8.11.0/8.9.3) with ESMTP id e82MMSG33103; Sat, 2 Sep 2000 15:22:28 -0700 (PDT) (envelope-from peter@netplex.com.au) Message-Id: <200009022222.e82MMSG33103@netplex.com.au> X-Mailer: exmh version 2.1.1 10/15/1999 To: Brian Somers Cc: "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Subject: Re: setuid ssh should die In-Reply-To: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> Date: Sat, 02 Sep 2000 15:22:28 -0700 From: Peter Wemm Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Brian Somers wrote: > > On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > > > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > > > Uhm, how about a ssh_config variable where you tell it to drop > > > > the setuid bit right away, wouldn't that work ? > > > > > > I'd prefer to leave it off. It means one less file to assure myself is > > > safe, if I were thinking with my paranoid security hat on. > > > > In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH > > and such, breaking SOCKS. ssh is the type of application one would > > expect to use with SOCKS, so I'd prefer not having the gratuitous setuid > > bit set. > > What do people reckon then (-arch cc'd) ? I'll add > > #ENABLE_SUIDSSH= true > > to etc/defaults/make.conf then mention it in ssh_config and make the > adjustment to the ssh build so that it defaults to *not* being suid. Actually.. here's a thought.. we presently install ssh and hard link it to slogin. Perhaps we could install it twice instead (its 148K or so) and leave setuid *off* ssh and *on* for slogin. And make a make.conf hook about whether or not to install slogin. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:29:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 0B68237B422 for ; Sat, 2 Sep 2000 15:29:50 -0700 (PDT) Received: from billy-club.village.org (billy-club.village.org [10.0.0.3]) by rover.village.org (8.9.3/8.9.3) with ESMTP id QAA15229; Sat, 2 Sep 2000 16:29:48 -0600 (MDT) (envelope-from imp@billy-club.village.org) Received: from billy-club.village.org (localhost [127.0.0.1]) by billy-club.village.org (8.11.0/8.8.3) with ESMTP id e82MTZG02428; Sat, 2 Sep 2000 16:29:35 -0600 (MDT) Message-Id: <200009022229.e82MTZG02428@billy-club.village.org> To: Peter Wemm Subject: Re: setuid ssh should die (Re: Request for review: nsswitch) Cc: arch@FreeBSD.ORG In-reply-to: Your message of "Sat, 02 Sep 2000 15:07:08 PDT." <200009022207.e82M78G32995@netplex.com.au> References: <200009022207.e82M78G32995@netplex.com.au> Date: Sat, 02 Sep 2000 16:29:35 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <200009022207.e82M78G32995@netplex.com.au> Peter Wemm writes: : Perhaps we can add a clearsetugid() syscall that apps can call when they : are prepared to guarantee that things like libc getpwent() don't have a : cached copy of the priviliged master.passwd in memory that a coredump might : otherwise expose or ptrace() could extract. No. clearsetugid is a *BAD* *BAD* idea. Unless it also makes it impossible to set ones uid further after it is called. : On the other hand, I don't think applications *can* make this guarantee - : they have no way to be *certain* that libc hasn't cached something : sensitive. Exactly. There are other reasons for issetugid() than just core dumps. It also protects many variables from being looked at to get at files that otherwise couldn't be got at. The particular case that we're talking about might be best handled by dropping privs for the open and then getting them back, but I seem to recall there was a problem with this. I have an open + fstat implementation that works, but causes the open routine of drivers to be called (as well as the close), which can cause problems for people with tape drives on their systems (which is why I haven't committed it yet). Access(2) introduces a race between when it is checked and when it is opened, which is not good. doing a euid = geteuid(); seteuid(getuid()); open(...); seteuid(euid); might work, but I seem to recall not doing that because of some pathological, but important case that someone brough up in the code review. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:39:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 7284A37B424; Sat, 2 Sep 2000 15:39:47 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id XAA81406; Sat, 2 Sep 2000 23:36:49 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82MaD775707; Sat, 2 Sep 2000 23:36:13 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022236.e82MaD775707@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Peter Wemm Cc: Brian Somers , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Peter Wemm of "Sat, 02 Sep 2000 15:22:28 PDT." <200009022222.e82MMSG33103@netplex.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 23:36:13 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Brian Somers wrote: > > > On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > > > > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > > > > Uhm, how about a ssh_config variable where you tell it to drop > > > > > the setuid bit right away, wouldn't that work ? > > > > > > > > I'd prefer to leave it off. It means one less file to assure myself is > > > > safe, if I were thinking with my paranoid security hat on. > > > > > > In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH > > > and such, breaking SOCKS. ssh is the type of application one would > > > expect to use with SOCKS, so I'd prefer not having the gratuitous setuid > > > bit set. > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > #ENABLE_SUIDSSH= true > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > adjustment to the ssh build so that it defaults to *not* being suid. > > Actually.. here's a thought.. we presently install ssh and hard link it > to slogin. Perhaps we could install it twice instead (its 148K or so) > and leave setuid *off* ssh and *on* for slogin. > > And make a make.conf hook about whether or not to install slogin. But slogin doesn't need to be suid either - not for any reason I know of anyway. > Cheers, > -Peter > -- > Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au > "All of this is for nothing if we don't go to the stars" - JMS/B5 -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:39:59 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 7284A37B424; Sat, 2 Sep 2000 15:39:47 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id XAA81406; Sat, 2 Sep 2000 23:36:49 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82MaD775707; Sat, 2 Sep 2000 23:36:13 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022236.e82MaD775707@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Peter Wemm Cc: Brian Somers , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Peter Wemm of "Sat, 02 Sep 2000 15:22:28 PDT." <200009022222.e82MMSG33103@netplex.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 23:36:13 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Brian Somers wrote: > > > On Sat, Sep 02, 2000 at 10:32:44PM +0200, Neil Blakey-Milner wrote: > > > > On Sat 2000-09-02 (22:24), Poul-Henning Kamp wrote: > > > > > Uhm, how about a ssh_config variable where you tell it to drop > > > > > the setuid bit right away, wouldn't that work ? > > > > > > > > I'd prefer to leave it off. It means one less file to assure myself is > > > > safe, if I were thinking with my paranoid security hat on. > > > > > > In addition to Neil's points, setuid executables ignore LD_LIBRARY_PATH > > > and such, breaking SOCKS. ssh is the type of application one would > > > expect to use with SOCKS, so I'd prefer not having the gratuitous setuid > > > bit set. > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > #ENABLE_SUIDSSH= true > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > adjustment to the ssh build so that it defaults to *not* being suid. > > Actually.. here's a thought.. we presently install ssh and hard link it > to slogin. Perhaps we could install it twice instead (its 148K or so) > and leave setuid *off* ssh and *on* for slogin. > > And make a make.conf hook about whether or not to install slogin. But slogin doesn't need to be suid either - not for any reason I know of anyway. > Cheers, > -Peter > -- > Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au > "All of this is for nothing if we don't go to the stars" - JMS/B5 -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:45: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 9976137B422; Sat, 2 Sep 2000 15:44:54 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id XAA81432; Sat, 2 Sep 2000 23:40:23 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82Mdl775769; Sat, 2 Sep 2000 23:39:47 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022239.e82Mdl775769@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Kris Kennaway Cc: Brian Somers , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Kris Kennaway of "Sat, 02 Sep 2000 15:18:27 PDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 23:39:47 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Sat, 2 Sep 2000, Brian Somers wrote: > > > What do people reckon then (-arch cc'd) ? I'll add > > > > #ENABLE_SUIDSSH= true > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > adjustment to the ssh build so that it defaults to *not* being suid. > > I have no problems making ssh non-suid by default since most people dont > use RhostsRSAAuthentication. > > Since I have ssh changes in the works please send me the patches and I'll > apply them after the upgrade. Please add information to the manpage on how > to fix it, and a helpful error telling them what to do when the user tries > to use it. That's no problem, except for the ``helpful error'' bit. I don't think ssh should attempt to interpret the failure to bind a socket. The perror() should be sufficient in my book. > Kris > > -- > In God we Trust -- all others must submit an X.509 certificate. > -- Charles Forsythe -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:45: 7 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 9976137B422; Sat, 2 Sep 2000 15:44:54 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id XAA81432; Sat, 2 Sep 2000 23:40:23 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82Mdl775769; Sat, 2 Sep 2000 23:39:47 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022239.e82Mdl775769@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Kris Kennaway Cc: Brian Somers , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Kris Kennaway of "Sat, 02 Sep 2000 15:18:27 PDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 23:39:47 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Sat, 2 Sep 2000, Brian Somers wrote: > > > What do people reckon then (-arch cc'd) ? I'll add > > > > #ENABLE_SUIDSSH= true > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > adjustment to the ssh build so that it defaults to *not* being suid. > > I have no problems making ssh non-suid by default since most people dont > use RhostsRSAAuthentication. > > Since I have ssh changes in the works please send me the patches and I'll > apply them after the upgrade. Please add information to the manpage on how > to fix it, and a helpful error telling them what to do when the user tries > to use it. That's no problem, except for the ``helpful error'' bit. I don't think ssh should attempt to interpret the failure to bind a socket. The perror() should be sufficient in my book. > Kris > > -- > In God we Trust -- all others must submit an X.509 certificate. > -- Charles Forsythe -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:58: 5 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 40E6C37B423; Sat, 2 Sep 2000 15:58:00 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id XAA81494; Sat, 2 Sep 2000 23:57:56 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82MvK775931; Sat, 2 Sep 2000 23:57:20 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022257.e82MvK775931@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Brian Somers Cc: Kris Kennaway , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Brian Somers of "Sat, 02 Sep 2000 23:39:47 BST." <200009022239.e82Mdl775769@hak.lan.Awfulhak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 23:57:20 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > On Sat, 2 Sep 2000, Brian Somers wrote: > > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > > > #ENABLE_SUIDSSH= true > > > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > > adjustment to the ssh build so that it defaults to *not* being suid. > > > > I have no problems making ssh non-suid by default since most people dont > > use RhostsRSAAuthentication. > > > > Since I have ssh changes in the works please send me the patches and I'll > > apply them after the upgrade. Please add information to the manpage on how > > to fix it, and a helpful error telling them what to do when the user tries > > to use it. > > That's no problem, except for the ``helpful error'' bit. I don't > think ssh should attempt to interpret the failure to bind a socket. > The perror() should be sufficient in my book. Wait... I'm missing something here. It seems that ssh will exec rsh when FallBackToRsh is enabled. It therefore doesn't need root for anything I know of. Can anybody enlighten me ? -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 15:58:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 40E6C37B423; Sat, 2 Sep 2000 15:58:00 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id XAA81494; Sat, 2 Sep 2000 23:57:56 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82MvK775931; Sat, 2 Sep 2000 23:57:20 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022257.e82MvK775931@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Brian Somers Cc: Kris Kennaway , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org, freebsd-arch@FreeBSD.org, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Brian Somers of "Sat, 02 Sep 2000 23:39:47 BST." <200009022239.e82Mdl775769@hak.lan.Awfulhak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sat, 02 Sep 2000 23:57:20 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > On Sat, 2 Sep 2000, Brian Somers wrote: > > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > > > #ENABLE_SUIDSSH= true > > > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > > adjustment to the ssh build so that it defaults to *not* being suid. > > > > I have no problems making ssh non-suid by default since most people dont > > use RhostsRSAAuthentication. > > > > Since I have ssh changes in the works please send me the patches and I'll > > apply them after the upgrade. Please add information to the manpage on how > > to fix it, and a helpful error telling them what to do when the user tries > > to use it. > > That's no problem, except for the ``helpful error'' bit. I don't > think ssh should attempt to interpret the failure to bind a socket. > The perror() should be sufficient in my book. Wait... I'm missing something here. It seems that ssh will exec rsh when FallBackToRsh is enabled. It therefore doesn't need root for anything I know of. Can anybody enlighten me ? -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 16: 1:46 2000 Delivered-To: freebsd-arch@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id B800437B424; Sat, 2 Sep 2000 16:01:44 -0700 (PDT) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id QAA88365; Sat, 2 Sep 2000 16:01:44 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Sat, 2 Sep 2000 16:01:44 -0700 (PDT) From: Kris Kennaway To: Brian Somers Cc: freebsd-arch@FreeBSD.org Subject: Re: setuid ssh should die In-Reply-To: <200009022257.e82MvK775931@hak.lan.Awfulhak.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Brian Somers wrote: > Wait... I'm missing something here. It seems that ssh will exec rsh > when FallBackToRsh is enabled. It therefore doesn't need root for > anything I know of. Perhaps you didnt read the rest of the thread. The setuid root isn't for FallBackToRsh, it's for RhostsRSAAuthentication Kris -- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 16: 2:57 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 6DFF737B424; Sat, 2 Sep 2000 16:02:49 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id AAA81538; Sun, 3 Sep 2000 00:03:15 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82N2d776018; Sun, 3 Sep 2000 00:02:39 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022302.e82N2d776018@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Brian Somers Cc: Kris Kennaway , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Brian Somers of "Sat, 02 Sep 2000 23:57:20 BST." <200009022257.e82MvK775931@hak.lan.Awfulhak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 03 Sep 2000 00:02:39 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > On Sat, 2 Sep 2000, Brian Somers wrote: > > > > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > > > > > #ENABLE_SUIDSSH= true > > > > > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > > > adjustment to the ssh build so that it defaults to *not* being suid. > > > > > > I have no problems making ssh non-suid by default since most people dont > > > use RhostsRSAAuthentication. > > > > > > Since I have ssh changes in the works please send me the patches and I'll > > > apply them after the upgrade. Please add information to the manpage on how > > > to fix it, and a helpful error telling them what to do when the user tries > > > to use it. > > > > That's no problem, except for the ``helpful error'' bit. I don't > > think ssh should attempt to interpret the failure to bind a socket. > > The perror() should be sufficient in my book. > > Wait... I'm missing something here. It seems that ssh will exec rsh > when FallBackToRsh is enabled. It therefore doesn't need root for > anything I know of. > > Can anybody enlighten me ? Is RhostsRSAAuthentication where .shosts is used on the server ? -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 16: 3: 3 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id 6DFF737B424; Sat, 2 Sep 2000 16:02:49 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id AAA81538; Sun, 3 Sep 2000 00:03:15 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e82N2d776018; Sun, 3 Sep 2000 00:02:39 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009022302.e82N2d776018@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Brian Somers Cc: Kris Kennaway , "Jacques A. Vidrine" , Neil Blakey-Milner , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.ORG, arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Brian Somers of "Sat, 02 Sep 2000 23:57:20 BST." <200009022257.e82MvK775931@hak.lan.Awfulhak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 03 Sep 2000 00:02:39 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > > On Sat, 2 Sep 2000, Brian Somers wrote: > > > > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > > > > > #ENABLE_SUIDSSH= true > > > > > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > > > adjustment to the ssh build so that it defaults to *not* being suid. > > > > > > I have no problems making ssh non-suid by default since most people dont > > > use RhostsRSAAuthentication. > > > > > > Since I have ssh changes in the works please send me the patches and I'll > > > apply them after the upgrade. Please add information to the manpage on how > > > to fix it, and a helpful error telling them what to do when the user tries > > > to use it. > > > > That's no problem, except for the ``helpful error'' bit. I don't > > think ssh should attempt to interpret the failure to bind a socket. > > The perror() should be sufficient in my book. > > Wait... I'm missing something here. It seems that ssh will exec rsh > when FallBackToRsh is enabled. It therefore doesn't need root for > anything I know of. > > Can anybody enlighten me ? Is RhostsRSAAuthentication where .shosts is used on the server ? -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 16: 3:59 2000 Delivered-To: freebsd-arch@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id D62DE37B42C; Sat, 2 Sep 2000 16:03:54 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13VMKD-000Amj-00; Sun, 03 Sep 2000 01:03:49 +0200 Date: Sun, 3 Sep 2000 01:03:49 +0200 From: Neil Blakey-Milner To: Brian Somers Cc: Kris Kennaway , "Jacques A. Vidrine" , Poul-Henning Kamp , Dan Nelson , sthaug@nethelp.no, ume@FreeBSD.org, arch@FreeBSD.org Subject: Re: setuid ssh should die Message-ID: <20000903010349.A41415@mithrandr.moria.org> References: <200009022257.e82MvK775931@hak.lan.Awfulhak.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <200009022257.e82MvK775931@hak.lan.Awfulhak.org>; from brian@Awfulhak.org on Sat, Sep 02, 2000 at 11:57:20PM +0100 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat 2000-09-02 (23:57), Brian Somers wrote: > > > On Sat, 2 Sep 2000, Brian Somers wrote: > > > > > > > What do people reckon then (-arch cc'd) ? I'll add > > > > > > > > #ENABLE_SUIDSSH= true > > > > > > > > to etc/defaults/make.conf then mention it in ssh_config and make the > > > > adjustment to the ssh build so that it defaults to *not* being suid. > > > > > > I have no problems making ssh non-suid by default since most people dont > > > use RhostsRSAAuthentication. > > > > > > Since I have ssh changes in the works please send me the patches and I'll > > > apply them after the upgrade. Please add information to the manpage on how > > > to fix it, and a helpful error telling them what to do when the user tries > > > to use it. > > > > That's no problem, except for the ``helpful error'' bit. I don't > > think ssh should attempt to interpret the failure to bind a socket. > > The perror() should be sufficient in my book. > > Wait... I'm missing something here. It seems that ssh will exec rsh > when FallBackToRsh is enabled. It therefore doesn't need root for > anything I know of. > > Can anybody enlighten me ? RhostsRSAAuthentication is for .rhosts-like authentication, except that there is authentication of the host. You put the host key in /etc/known_hosts, and the hostname in /etc/shosts, and when someone claims to be that host, you compare to the public key in known_hosts, and if they match, you let their authentication succeed. Of not, obviously, it kvetches. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 2 22:42:17 2000 Delivered-To: freebsd-arch@freebsd.org Received: from sasami.jurai.net (sasami.jurai.net [63.67.141.99]) by hub.freebsd.org (Postfix) with ESMTP id A987637B422; Sat, 2 Sep 2000 22:42:14 -0700 (PDT) Received: from localhost (winter@localhost) by sasami.jurai.net (8.9.3/8.8.7) with ESMTP id BAA35605; Sun, 3 Sep 2000 01:40:10 -0400 (EDT) Date: Sun, 3 Sep 2000 01:40:10 -0400 (EDT) From: "Matthew N. Dodd" To: Poul-Henning Kamp Cc: "Jacques A. Vidrine" , Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch In-Reply-To: <41094.967914166@critter> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 2 Sep 2000, Poul-Henning Kamp wrote: > Since we're on this topic anyway, there is one thing which has always > bothered me: Why don't we have the option of a per user alias file > for hostnames ? 'cause that feature would totally rule and we can't have any ruling as we're stodgy old BSD. :) While it would create a potential for many hair-pulling tech support calls I'd love to see the feature and a way to allow the admin to enable/disable it on a per-user or systemwide basis. -- | Matthew N. Dodd | '78 Datsun 280Z | '75 Volvo 164E | FreeBSD/NetBSD | | winter@jurai.net | 2 x '84 Volvo 245DL | ix86,sparc,pmax | | http://www.jurai.net/~winter | This Space For Rent | ISO8802.5 4ever | To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message