From owner-freebsd-arch Sun Sep 3 0:38:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp02.iafrica.com (smtp02.iafrica.com [196.7.0.140]) by hub.freebsd.org (Postfix) with ESMTP id BEA9637B424 for ; Sun, 3 Sep 2000 00:38:18 -0700 (PDT) Received: from [196.7.18.138] (helo=grimreaper.grondar.za ident=root) by smtp02.iafrica.com with esmtp (Exim 1.92 #1) id 13VUM0-000K96-00; Sun, 3 Sep 2000 09:38:12 +0200 Received: from grimreaper.grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.za (8.11.0/8.11.0) with ESMTP id e837d1x16901; Sun, 3 Sep 2000 09:39:03 +0200 (SAST) (envelope-from mark@grimreaper.grondar.za) Message-Id: <200009030739.e837d1x16901@grimreaper.grondar.za> To: Brian Somers Cc: freebsd-arch@FreeBSD.ORG Subject: Re: setuid ssh should die References: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> In-Reply-To: <200009022121.e82LLV771512@hak.lan.Awfulhak.org> ; from Brian Somers "Sat, 02 Sep 2000 22:21:31 +0100." Date: Sun, 03 Sep 2000 09:39:01 +0200 From: Mark Murray Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > What do people reckon then (-arch cc'd) ? I'll add > > #ENABLE_SUIDSSH= true > > to etc/defaults/make.conf then mention it in ssh_config and make the > adjustment to the ssh build so that it defaults to *not* being suid. Sounds perfectly sensible to me. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 5: 4:47 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id E1B6537B424 for ; Sun, 3 Sep 2000 05:04:42 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id FAA24681 for ; Sun, 3 Sep 2000 05:04:42 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id FAA09774 for ; Sun, 3 Sep 2000 05:04:41 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id FAA19222 for arch@freebsd.org; Sun, 3 Sep 2000 05:04:41 -0700 (PDT) Date: Sun, 3 Sep 2000 05:04:41 -0700 (PDT) From: Don Lewis Message-Id: <200009031204.FAA19222@salsa.gv.tsc.tdk.com> To: arch@freebsd.org Subject: width of cr_ref Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Now that sockets hold a reference to the ucred structure, should cr_ref be a wider type? Really busy servers with a lot of sockets owned by one user might overflow cr_ref, causing mysterious crashes when the ucred structure is freed too early. struct ucred { u_short cr_ref; /* reference count */ uid_t cr_uid; /* effective user id */ short cr_ngroups; /* number of groups */ gid_t cr_groups[NGROUPS]; /* groups */ }; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 5:36:11 2000 Delivered-To: freebsd-arch@freebsd.org Received: from nothing-going-on.demon.co.uk (nothing-going-on.demon.co.uk [193.237.89.66]) by hub.freebsd.org (Postfix) with ESMTP id 066D237B423; Sun, 3 Sep 2000 05:35:57 -0700 (PDT) Received: (from nik@localhost) by nothing-going-on.demon.co.uk (8.11.0/8.11.0) id e83CZE184997; Sun, 3 Sep 2000 13:35:14 +0100 (BST) (envelope-from nik) Date: Sun, 3 Sep 2000 13:35:09 +0100 From: Nik Clayton To: Kris Kennaway Cc: arch@freebsd.org Subject: Re: Enabling sshd by default Message-ID: <20000903133508.A84865@canyon.nothing-going-on.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from kris@FreeBSD.org on Fri, Sep 01, 2000 at 09:22:55PM -0700 Organization: FreeBSD Project Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Fri, Sep 01, 2000 at 09:22:55PM -0700, Kris Kennaway wrote: > What say you all to the following patch: > > =================================================================== > RCS file: /home/ncvs/src/etc/defaults/rc.conf,v > retrieving revision 1.77 > diff -u -r1.77 rc.conf > --- etc/defaults/rc.conf 2000/08/18 09:37:50 1.77 > +++ etc/defaults/rc.conf 2000/09/02 04:14:33 > @@ -134,7 +134,7 @@ > pppoed_provider="*" # Provider and ppp(8) config file entry. > pppoed_flags="-P /var/run/pppoed.pid" # Flags to pppoed (if enabled). > pppoed_interface="fxp0" # The interface that pppoed runs on. > -sshd_enable="NO" # Enable sshd > +sshd_enable="YES" # Enable sshd > sshd_program="/usr/sbin/sshd" # path to sshd, if you want a different one. > sshd_flags="" # Additional flags for sshd. I thought recent commits to rc.conf had been to disable daemons by default, so that /etc/rc.conf would show the admin the daemons that had been explicitly turned on? This reverses that behaviour. How about this patch to src/release/sysinstall/config.c instead? --- config.c.old Sun Sep 3 13:33:30 2000 +++ config.c Sun Sep 3 13:34:06 2000 @@ -390,7 +390,8 @@ fprintf(rcSite, "# Enable network daemons for user convenience.\n"); fprintf(rcSite, "inetd_enable=\"YES\"\n"); fprintf(rcSite, "portmap_enable=\"YES\"\n"); - fprintf(rcSite, "sendmail_enable=\"YES\"\n\b"); + fprintf(rcSite, "sendmail_enable=\"YES\"\n"); + fprintf(rcSite, "sshd_enable=\"YES\"\n\b"); } /* Now do variable substitutions */ N -- Internet connection, $19.95 a month. Computer, $799.95. Modem, $149.95. Telephone line, $24.95 a month. Software, free. USENET transmission, hundreds if not thousands of dollars. Thinking before posting, priceless. Somethings in life you can't buy. For everything else, there's MasterCard. -- Graham Reed, in the Scary Devil Monastery To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 7:26:35 2000 Delivered-To: freebsd-arch@freebsd.org Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id BFC4837B43E; Sun, 3 Sep 2000 07:26:32 -0700 (PDT) Date: Sun, 3 Sep 2000 10:26:31 -0400 (EDT) From: Brian Fundakowski Feldman X-Sender: green@green.dyndns.org To: Don Lewis Cc: arch@freebsd.org Subject: Re: width of cr_ref In-Reply-To: <200009031204.FAA19222@salsa.gv.tsc.tdk.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 3 Sep 2000, Don Lewis wrote: > Now that sockets hold a reference to the ucred structure, should cr_ref > be a wider type? Really busy servers with a lot of sockets owned by one > user might overflow cr_ref, causing mysterious crashes when the ucred > structure is freed too early. > > struct ucred { > u_short cr_ref; /* reference count */ > uid_t cr_uid; /* effective user id */ > short cr_ngroups; /* number of groups */ > gid_t cr_groups[NGROUPS]; /* groups */ > }; And since it's a big structure anyway... and the u_short either unaligns or pads the next int-sized field (cr_uid)... I have no objections to making ucred have a u_int cr_ref. -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 8:50: 5 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 109D937B42C for ; Sun, 3 Sep 2000 08:50:03 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id IAA25847 for ; Sun, 3 Sep 2000 08:50:02 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id IAA10134 for ; Sun, 3 Sep 2000 08:50:02 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id IAA19487 for arch@freebsd.org; Sun, 3 Sep 2000 08:50:01 -0700 (PDT) Date: Sun, 3 Sep 2000 08:50:01 -0700 (PDT) From: Don Lewis Message-Id: <200009031550.IAA19487@salsa.gv.tsc.tdk.com> To: arch@freebsd.org Subject: Request for review: restructuring of per-uid resource limits Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The current implemention of the per-uid resource limits has some problems: Increases and decreases in the size of socket buffers and the creation and destruction of processes (calls to chgsbsize() and chgproccnt()) happen much more frequently than credential changes, but the chgsbsize() and chgproccnt() do a hash lookup of the uidinfo structure on the fly for each call. This is especially bad in the case of chgsbsize() which may be called from an interrupt context. It would be much more efficient to do the lookups and save the pointers to the uidinfo structures when credentials are changed and just follow the pointers to update the resource consumption. chgsbsize() can be called from an interrupt context, when the hash table may be in an inconsistent state. Changes to the hash table could be protected by splnet(), but that hurts performance by increasing the amount of time that interrupts are blocked. Under certain circumstances it might be possible for chgsbsize() to call MALLOC(..., M_WAITOK), which would be bad if done in an interrupt context. Most of this code probably belongs in kern_resource.c rather than kern_proc.c. The patch at fixes the above problems, at the expense of a little more memory and some extra messyness in a few other parts of the code. The only real uglyness is in kern_prot.c, which should probably have some duplicate code sequences moved to separate functions. The chgproccnt() and chgsbsize() functions are a lot cleaner should be quite a bit faster. I applied this patch to a couple day old version of -current. It compiles without any extra warnings, and seems to run ok under the light testing that I've done. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 10:17:59 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 9A70937B42C for ; Sun, 3 Sep 2000 10:17:56 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id TAA77855; Sun, 3 Sep 2000 19:17:55 +0200 (CEST) (envelope-from des@flood.ping.uio.no) To: arch@freebsd.org Subject: gensetdefs(8) From: Dag-Erling Smorgrav Date: 03 Sep 2000 19:17:54 +0200 Message-ID: Lines: 7 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Why is gensetdefs(8) in usr.bin? It's only needed for building kernels, so logically it should be in usr.sbin along with config(8). Hysterical raisins or simple oversight? DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 16:18:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id A801737B422 for ; Sun, 3 Sep 2000 16:18:40 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id TAA74920; Sun, 3 Sep 2000 19:18:21 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Sun, 3 Sep 2000 19:18:21 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Don Lewis Cc: freebsd-arch@FreeBSD.org Subject: Re: Request for review: restructuring of per-uid resource limits In-Reply-To: <200009031550.IAA19487@salsa.gv.tsc.tdk.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Just a comment, haven't had a chance to review your e-mail yet -- per-uid resources currently function poorly in combination with jail(). A bit more uniquifying information may need to be used to determine the resource/accounting pool than uid in some FreeBSD environments. A patch was submitted a while back to do this, but it wasn't ever integrated due to lack of time from phk and myself. Probably the appropriate way to handle this is to add some sort of abstraction for determining the correct resource pool, allowing future partioning/namespace schemes to be implemented easily. I.e., struct resourcepool *res; res = getresourcepool(p); if (res == NULL) return; /* no resource limitations */ Possibly, a cred argument to the getresourcepool() function, if we feel that resources will likely be handled on the basis of credentials rather than processes. Given the future directions for MAC and so on, that might make a lot of sense also. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 16:37:52 2000 Delivered-To: freebsd-arch@freebsd.org Received: from alcanet.com.au (mail.alcanet.com.au [203.62.196.10]) by hub.freebsd.org (Postfix) with SMTP id 0012F37B422 for ; Sun, 3 Sep 2000 16:37:48 -0700 (PDT) Received: by border.alcanet.com.au id <115353>; Mon, 4 Sep 2000 10:37:13 +1000 Content-return: prohibited Date: Mon, 04 Sep 2000 10:37:29 +1100 From: Peter Jeremy Subject: Re: setuid ssh should die To: freebsd-arch@FreeBSD.ORG Mail-followup-to: freebsd-arch@FreeBSD.ORG Message-Id: <00Sep4.103713est.115353@border.alcanet.com.au> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline User-Agent: Mutt/1.2.4i Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Can people please avoid putting mailing lists into the Cc: list twice: >Cc: ..., arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 16:43:35 2000 Delivered-To: freebsd-arch@freebsd.org Received: from Awfulhak.org (tun.AwfulHak.org [194.242.139.173]) by hub.freebsd.org (Postfix) with ESMTP id E4AC437B422 for ; Sun, 3 Sep 2000 16:43:28 -0700 (PDT) Received: from hak.lan.Awfulhak.org (root@hak.lan.awfulhak.org [172.16.0.12]) by Awfulhak.org (8.9.3/8.9.3) with ESMTP id AAA19511; Mon, 4 Sep 2000 00:41:24 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.0/8.11.0) with ESMTP id e83NfKX33240; Mon, 4 Sep 2000 00:41:20 +0100 (BST) (envelope-from brian@hak.lan.Awfulhak.org) Message-Id: <200009032341.e83NfKX33240@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.1.1 10/15/1999 To: Peter Jeremy Cc: freebsd-arch@FreeBSD.ORG, brian@Awfulhak.org Subject: Re: setuid ssh should die In-Reply-To: Message from Peter Jeremy of "Mon, 04 Sep 2000 10:37:29 +1100." <00Sep4.103713est.115353@border.alcanet.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 04 Sep 2000 00:41:19 +0100 From: Brian Somers Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Can people please avoid putting mailing lists into the Cc: list > twice: > >Cc: ..., arch@FreeBSD.ORG, freebsd-arch@FreeBSD.ORG Sorry, that was my fault :-/ > Peter -- Brian Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 17:59:55 2000 Delivered-To: freebsd-arch@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 79C7237B43C for ; Sun, 3 Sep 2000 17:59:53 -0700 (PDT) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id e840xeF01766; Sun, 3 Sep 2000 17:59:40 -0700 Date: Sun, 3 Sep 2000 17:59:39 -0700 From: Brooks Davis To: Warner Losh Cc: "Jacques A. Vidrine" , arch@FreeBSD.ORG Subject: Re: setuid ssh should die Message-ID: <20000903175939.B310@Odin.AC.HMC.Edu> References: <20000902160156.D1263@hamlet.nectar.com> <200009022015.e82KFN740808@hak.lan.Awfulhak.org> <41784.967926245@critter> <20000902223244.A39844@mithrandr.moria.org> <20000902160156.D1263@hamlet.nectar.com> <200009022222.e82MMqG02383@billy-club.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200009022222.e82MMqG02383@billy-club.village.org>; from imp@village.org on Sat, Sep 02, 2000 at 04:22:52PM -0600 Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, Sep 02, 2000 at 04:22:52PM -0600, Warner Losh wrote: > Put me down for "turn of setuid" bit. It is needed only for rsh > compatibility (yes, in the client), but we shouldn't encourage that > usage of ssh. I will comment that while I definatly want to see RSH die, I'm on networks where I'm forced to use ssh as a slightly better rsh instead of a secure login system because some of the admins couldn't tie their shoes without help. In those cases it's really nice to just force ssh to use RSH auth and use the config aliasing feature to allow me to connect to machines that aren't in DNS by name. I guess I'm just pointing out that there are cases where this feature is quite useful though I'd not scream about it as long as there's a make.conf option to restore the old (evil) behavior. -- Brooks -- Any statement of the form "X is the one, true Y" is FALSE. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 19:39:14 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id B67A837B422 for ; Sun, 3 Sep 2000 19:39:12 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id UAA19858; Sun, 3 Sep 2000 20:39:11 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id UAA54264; Sun, 3 Sep 2000 20:38:35 -0600 (MDT) Message-Id: <200009040238.UAA54264@harmony.village.org> To: Dag-Erling Smorgrav Subject: Re: gensetdefs(8) Cc: arch@FreeBSD.ORG In-reply-to: Your message of "03 Sep 2000 19:17:54 +0200." References: Date: Sun, 03 Sep 2000 20:38:35 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Dag-Erling Smorgrav writes: : Why is gensetdefs(8) in usr.bin? It's only needed for building : kernels, so logically it should be in usr.sbin along with config(8). : Hysterical raisins or simple oversight? It is also used for modules. Don't know if that changes anything or not, however. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 23: 7:54 2000 Delivered-To: freebsd-arch@freebsd.org Received: from alcanet.com.au (mail.alcanet.com.au [203.62.196.10]) by hub.freebsd.org (Postfix) with SMTP id 8A1DD37B422 for ; Sun, 3 Sep 2000 23:07:50 -0700 (PDT) Received: by border.alcanet.com.au id <115265>; Mon, 4 Sep 2000 17:07:23 +1000 Date: Mon, 04 Sep 2000 17:07:32 +1100 From: Peter Jeremy Subject: Local changes to the contrib tree(s) To: freebsd-arch@freebsd.org Message-Id: <00Sep4.170723est.115265@border.alcanet.com.au> MIME-version: 1.0 X-Mailer: Mutt 1.0i Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [This is a meta-arch posting discussing the architecture of the FreeBSD build process, rather than the architecture of FreeBSD] One problem with CVS is that once a file is removed from the vendor branch, it can never return to the vendor branch, requiring manual conflict resolution for every future upgrade. As a result of this, there's strong pressure not to take files off the vendor branch. Instead, patches are submitted to the relevant author and the fix will be integrated with the next release. I would like to propose something closer to the ports build process - the vendor files are never touched, instead a series of patches are applied to the original sources before compilation. This way, temporary local changes can be easily applied and removed. As an example, given: /usr/src/contrib/utility/somefile.c /usr/src/usr.bin/utility/somefile.pch the make would start by applying somefile.pch to somefile.c, creating /usr/obj/usr/src/usr.bin/utility/somefile.c, which is then compiled. The downside is that maintaining the patches requires more effort than just editing the files in place, though a make target could be created to create the .pch file from the patched source. What do other people think of this? Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sun Sep 3 23:21:10 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 0EABF37B424 for ; Sun, 3 Sep 2000 23:21:08 -0700 (PDT) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id AAA20702; Mon, 4 Sep 2000 00:21:06 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id AAA22097; Mon, 4 Sep 2000 00:20:29 -0600 (MDT) Message-Id: <200009040620.AAA22097@harmony.village.org> To: Peter Jeremy Subject: Re: Local changes to the contrib tree(s) Cc: freebsd-arch@FreeBSD.ORG In-reply-to: Your message of "Mon, 04 Sep 2000 17:07:32 +1100." <00Sep4.170723est.115265@border.alcanet.com.au> References: <00Sep4.170723est.115265@border.alcanet.com.au> Date: Mon, 04 Sep 2000 00:20:29 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message <00Sep4.170723est.115265@border.alcanet.com.au> Peter Jeremy writes: : As an example, given: : /usr/src/contrib/utility/somefile.c : /usr/src/usr.bin/utility/somefile.pch : the make would start by applying somefile.pch to somefile.c, creating : /usr/obj/usr/src/usr.bin/utility/somefile.c, which is then compiled. : : The downside is that maintaining the patches requires more effort than : just editing the files in place, though a make target could be created : to create the .pch file from the patched source. : : What do other people think of this? I find it esthetically displeasing. It would be less ugly to commit it to /usr/src/usr.bin/utility/somefile.c and control things with Makefile .PATH. This way it is easy to generate patches for the maintainer and we don't have to maintain patch files which is a major major pita. This is similar to how we do added files. These files can come and go w/o any CVS difficulties. -D still works. branches still work. The only cost is a slight bit of potential confusion with having two copies in the tree. Sure, this file would live in the Attic when it is deleted, but we have lots of files there already. Hmmm, people importing new versions of the package would need to merge into this file too, which is also a disadvantage. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 3:55:51 2000 Delivered-To: freebsd-arch@freebsd.org Received: from alpha.dante.org.uk (alpha.dante.org.uk [193.63.211.19]) by hub.freebsd.org (Postfix) with ESMTP id D5C3037B43E; Mon, 4 Sep 2000 03:55:47 -0700 (PDT) Received: from theta.dante.org.uk ([193.63.211.7]) by alpha.dante.org.uk with esmtp (Exim 3.12 #4) id 13VtuU-00002D-00; Mon, 04 Sep 2000 11:55:30 +0100 Received: from localhost ([127.0.0.1] helo=dante.org.uk) by theta.dante.org.uk with esmtp (Exim 3.12 #4) id 13VtuM-0004ZO-00; Mon, 04 Sep 2000 11:55:23 +0100 Message-ID: <39B37F9A.395012F3@dante.org.uk> Date: Mon, 04 Sep 2000 11:55:22 +0100 From: Konstantin Chuguev Organization: Delivery of Advanced Networking Service to Europe Ltd. X-Mailer: Mozilla 4.75 [en] (X11; U; SunOS 5.6 sun4u) X-Accept-Language: en, ru MIME-Version: 1.0 To: "Andrey A. Chernov" , Boris Popov , freebsd-arch@FreeBSD.ORG, freebsd-i18n@FreeBSD.ORG Subject: Re: Proposal to include iconv library in the base system. References: <20000901185945.A29804@nagual.pp.ru> <39AFD666.880FE6C@dante.org.uk> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Konstantin Chuguev wrote: > I will try my best to produce the final version 1.0 of the library and > conversion modules before Monday. > Sorry, I was a bit too optimistic here. Still catching bugs... -- * * Konstantin Chuguev - Application Engineer * * Francis House, 112 Hills Road * Cambridge CB2 1PQ, United Kingdom D A N T E WWW: http://www.dante.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 5:42:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from segfault.kiev.ua (segfault.kiev.ua [193.193.193.4]) by hub.freebsd.org (Postfix) with ESMTP id 39E0C37B424 for ; Mon, 4 Sep 2000 05:42:18 -0700 (PDT) Received: (from netch@localhost) by segfault.kiev.ua (8) id PQD87124; Mon, 4 Sep 2000 15:41:54 +0300 (EEST) (envelope-from netch) Date: Mon, 4 Sep 2000 15:41:54 +0300 From: Valentin Nechayev To: Maxime Henrion , freebsd-arch@freebsd.org Subject: Re: thought about allocation of the first 1024th ports Message-ID: <20000904154153.D2306@netch.kiev.ua> Reply-To: netch@segfault.kiev.ua References: <20000902180027.A13029@cybercable.fr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <20000902180027.A13029@cybercable.fr>; from mux@qualys.com on Sat, Sep 02, 2000 at 03:58:48PM +0000 X-42: On Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Sat, Sep 02, 2000 at 15:58:48, mux wrote about "thought about allocation of the first 1024th ports": > On most Unix systems and on FreeBSD, the first 1024th ports can't be allocated by a > non-root process. As far as I know, this is justfied because services running on these [skip] > What I wonder now is if an application-independant mechanism to permit some ports below > 1024 to be bound to sockets not owned by root processes would be useful. You assign in a I had made patches to allow ACL for ports binding, tested for 3.3 and 4.0. See http://www.lucky.net/~netch/unix/FreeBSD/portacl/ But it does not use any Posix.1e-compatible- or -inspired- API, but has ipfw(8)-similar interface. If someone (rwatson?) can say what API style is "ideologically approved", I can rewrite it. Also it does not have English documentation (only Russian) yet. /netch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 10:18:24 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id E5A4837B422; Mon, 4 Sep 2000 10:18:21 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id KAA05221; Mon, 4 Sep 2000 10:18:21 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id KAA13781; Mon, 4 Sep 2000 10:18:21 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id KAA21836; Mon, 4 Sep 2000 10:18:20 -0700 (PDT) From: Don Lewis Message-Id: <200009041718.KAA21836@salsa.gv.tsc.tdk.com> Date: Mon, 4 Sep 2000 10:18:20 -0700 In-Reply-To: References: X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Robert Watson , Don Lewis Subject: Re: Request for review: restructuring of per-uid resource limits Cc: freebsd-arch@FreeBSD.ORG Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sep 3, 7:18pm, Robert Watson wrote: } Subject: Re: Request for review: restructuring of per-uid resource limits } } Just a comment, haven't had a chance to review your e-mail yet -- per-uid } resources currently function poorly in combination with jail(). A bit } more uniquifying information may need to be used to determine the } resource/accounting pool than uid in some FreeBSD environments. A patch } was submitted a while back to do this, but it wasn't ever integrated due } to lack of time from phk and myself. Probably the appropriate way to } handle this is to add some sort of abstraction for determining the correct } resource pool, allowing future partioning/namespace schemes to be } implemented easily. I.e., } } struct resourcepool *res; } res = getresourcepool(p); } if (res == NULL) } return; /* no resource limitations */ } } Possibly, a cred argument to the getresourcepool() function, if we feel } that resources will likely be handled on the basis of credentials rather } than processes. Given the future directions for MAC and so on, that might } make a lot of sense also. It would probably be easier to invert this and add a pointer to the resource pool to the credential (and p_prison should probably be moved to ucred). Trying to figure out anything from proc doesn't work too well in the case of things like sbsize, since sockets may stick around a lot longer than the processes that created them. Sockets do hang on to a reference to the credential. My modifications to the API should make this easier to implement, since the credential is passed at the higher levels instead of the uid. I think most of the changes needed would be limited to the callers of uifind() and friends (mostly in kern_prot.c and kern_resource.c). One current bit of uglyness is the pcred/ucred split and how we use the uid fields in both. If you throw jail() into the mix, it will probably get worse, since some resources might be limited on per-jail basis, some on a per-uid basis, and some on a per-uid in the jail basis, possibly with a limit on the total per-jail in the last case. Now that I think about it, this probably means we'll want to implement a separate hash table for each resource, rather than a single table that tracks multiple resources for a given key. I'd like to get my patch tested and into the tree sooner rather than later, since I'm concerned about bugs in the existing implementation. I also want something that can be MFC'ed to 4-stable. Speaking of my patch, I did some of the cleanup that I mentioned in my previous message, and also fixed an interaction with NFS that caused a panic. My new patch is at . To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 10:41:18 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 2ADDE37B43F for ; Mon, 4 Sep 2000 10:41:15 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id NAA86140; Mon, 4 Sep 2000 13:41:11 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 4 Sep 2000 13:41:11 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Don Lewis Cc: freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: restructuring of per-uid resource limits In-Reply-To: <200009041718.KAA21836@salsa.gv.tsc.tdk.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 4 Sep 2000, Don Lewis wrote: > It would probably be easier to invert this and add a pointer to the > resource pool to the credential (and p_prison should probably be moved > to ucred). Trying to figure out anything from proc doesn't work too > well in the case of things like sbsize, since sockets may stick around > a lot longer than the processes that created them. Sockets do hang on > to a reference to the credential. Ok, sounds good to me -- I've been meaning to look further into moving this kind of thing into the credential for a while, due to similar kinds of problems in setting up capabilities and MAC. Ideally, everything required to make access control and resource bound decisions should be accessible from the process's credential, making things like sockets and files work correctly. Another thing to be moved into the credential, then, is probably support for the various P_ flags relating to access control. This inthe long run will mean that fewer cred structures can be shared, but I think that's survivable. > My modifications to the API should make this easier to implement, since > the credential is passed at the higher levels instead of the uid. I > think most of the changes needed would be limited to the callers of > uifind() and friends (mostly in kern_prot.c and kern_resource.c). Sounds good. > One current bit of uglyness is the pcred/ucred split and how we use > the uid fields in both. If you throw jail() into the mix, it will > probably get worse, since some resources might be limited on per-jail > basis, some on a per-uid basis, and some on a per-uid in the jail > basis, possibly with a limit on the total per-jail in the last case. > Now that I think about it, this probably means we'll want to implement > a separate hash table for each resource, rather than a single table that > tracks multiple resources for a given key. Hmm. We need to think about the abstractions more in this area -- I've been looking at it from the perspective of TrustedBSD, where subjects (processes) and objects are tagged with labels. When forks/execs/certain syscalls occur, transforms on the labels may occur, including the copy-on-write effect currently provided by crcopy() et al. Only the interpretter of a particular component of the label knows what the semantics are in situations such as jail(), fork(), exec(), and therefore which pools should be equivilent, and which shouldn't. In the long term, providing each label provider with the opportunity to modify its component of the label as it sees fit makes sense, in effect allowing this behavior to be pluggable. A full implementation of this idea is quite a ways away, although we may have funding to do it sometime next year, I hope. In the mean time, a gradual migration to making use of cred structures rather than proc structures, is probably a good idea. Allowing jail to modify the resource pointer on a credential and having a per-jail uid hash would probably provide the desired behavior in the interim. > I'd like to get my patch tested and into the tree sooner rather than > later, since I'm concerned about bugs in the existing implementation. > I also want something that can be MFC'ed to 4-stable. > > Speaking of my patch, I did some of the cleanup that I mentioned > in my previous message, and also fixed an interaction with NFS that > caused a panic. My new patch is at > . Sounds right to me -- one of the larger problems I've been having to deal with is to what extent I'm willing to attempt to rush infrastructure changes, or leave them for the time being and introduce hacks to work around current problems. In general, I think it's safe to conclude that fixing the problems in the short term without using revised infrastructure is fine, as long as the semantics can be the same later. I.e., I went ahead with the p_can() changes to fix a number of problems in inter-process interaction, despite the fact that I'll be rewriting all that later with improved label handling :-). I'd go ahead with your changes as is. BTW, was the NFS panic to do with changing the contents of struct ucred? I've noticed some odd stuff there -- a differentiation should definitely be made between internal credential handling in NFS, and the OS credential structure, as they contain potentially quite different things. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 10:57:45 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id C283737B423; Mon, 4 Sep 2000 10:57:42 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id KAA05432; Mon, 4 Sep 2000 10:57:42 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id KAA13872; Mon, 4 Sep 2000 10:57:41 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id KAA21915; Mon, 4 Sep 2000 10:57:41 -0700 (PDT) From: Don Lewis Message-Id: <200009041757.KAA21915@salsa.gv.tsc.tdk.com> Date: Mon, 4 Sep 2000 10:57:40 -0700 In-Reply-To: References: X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Robert Watson , Don Lewis Subject: Re: Request for review: restructuring of per-uid resource limits Cc: freebsd-arch@FreeBSD.ORG Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sep 4, 1:41pm, Robert Watson wrote: } Subject: Re: Request for review: restructuring of per-uid resource limits } On Mon, 4 Sep 2000, Don Lewis wrote: } } > It would probably be easier to invert this and add a pointer to the } > resource pool to the credential (and p_prison should probably be moved } > to ucred). Trying to figure out anything from proc doesn't work too } > well in the case of things like sbsize, since sockets may stick around } > a lot longer than the processes that created them. Sockets do hang on } > to a reference to the credential. } } Ok, sounds good to me -- I've been meaning to look further into moving } this kind of thing into the credential for a while, due to similar kinds } of problems in setting up capabilities and MAC. Ideally, everything } required to make access control and resource bound decisions should be } accessible from the process's credential, making things like sockets and } files work correctly. Another thing to be moved into the credential, } then, is probably support for the various P_ flags relating to access } control. This inthe long run will mean that fewer cred structures can be } shared, but I think that's survivable. The only two obvious flags I see are P_JAILED and P_SUGID. The former wouldn't hurt sharing, especially if p_prison is moved as well. I have mixed feelings about moving the latter, since it really is private to a process. } BTW, was the NFS panic to do with changing the contents of struct ucred? } I've noticed some odd stuff there -- a differentiation should definitely } be made between internal credential handling in NFS, and the OS credential } structure, as they contain potentially quite different things. Not exactly -- nfs_statfs() allocates a temporary credential with crget() and didn't fill in the uidinfo pointer, which it didn't know anything about. When it called crfree(), crfree() called uifree(NULL), which went BOOM. I added an extra test to crfree(). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 15:42:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from wally.eecs.harvard.edu (wally.eecs.harvard.edu [140.247.60.30]) by hub.freebsd.org (Postfix) with ESMTP id ACEEA37B42C for ; Mon, 4 Sep 2000 15:42:15 -0700 (PDT) Received: from localhost (stein@localhost) by wally.eecs.harvard.edu (8.10.0/8.10.0) with ESMTP id e84MgAH25596 for ; Mon, 4 Sep 2000 18:42:10 -0400 (EDT) Date: Mon, 4 Sep 2000 18:42:09 -0400 (EDT) From: Christopher Stein X-Sender: stein@wally To: freebsd-arch@freebsd.org Subject: Re: vm and fs threads Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, About a week ago, I posted some questions to this list about the various VM and buffer cache kprocs. I was directed to Matt Dillon and he replied with an excellent outline. Please find it attached. -Chris ---------- Forwarded message ---------- Date: Tue, 29 Aug 2000 16:34:01 -0700 (PDT) From: Matt Dillon To: Christopher Stein Subject: Re: vm and fs threads :Hi Matt, : :I was referred to you from -ARCH to answer my questions about the :functionality of the various FS and VM kernel threads. : :Here's some ps waux output from my 4.0 system: : :root 4 0.0 0.0 0 0 ?? DL Wed04PM 0:00.50 (bufdaemon) :root 5 0.0 0.0 0 0 ?? DL Wed04PM 1:59.45 (syncer) The syncer is responsible for course-grained flushing of all files with dirty blocks. It essentially runs down the list of files with dirty blocks and fsync's them, file by file. This occurs every so often whether there is memory pressure or not. The syncer operates primarily under light loads, to make sure that dirty blocks get flushed out to their backing store so you don't lose too much if the machine crashes. The bufdaemon is responsible for flushing dirty buffer cache blocks when necessary due to memory pressure. It works on a block-by-block basis rather then a file-by-file basis, and flushes the blocks based on a LRU algorithm. The bufdaemon operates primarily under heavier loads to make sure that there are a sufficient number of clean buffers for the filesystem the reuse and to sequence out I/O in a reasonable optimal manner under heavy load conditions. :bufdaemon and syncer appear to be distinct processes. The syncer is the :background thread that writes dirty blocks to disk. What does the :bufdaemon do? : :Here are the 3 kernel VM daemons: : :root 2 0.0 0.0 0 0 ?? DL Wed04PM 0:00.51 (pagedaemon) :root 3 0.0 0.0 0 0 ?? DL Wed04PM 0:00.00 (vmdaemon) :root 0 0.0 0.0 0 0 ?? DLs Wed04PM 0:00.23 (swapper) : :How are they different? From the source (vm/vm_pageout.c) vm_daemon :appears to perform swapping activities; that is, the eviction of full :processes from core. Pagedaemon (also vm/vm_pageout.c) appears to write :and evict pages to the swap device. What then does the swapper do? : :Your clarifications are much appreciated. : :-Chris The pagedaemon is responsible for keeping track of how often VM pages are accessed and using that information to order them in the page queues. The pagedaemon is also responsible for flushing VM pages to their backing store (either the filesystem or swap, depending), under any load condition. The flush rate depends on the load. On lightly loaded machines the pagedaemon is mostly idle and only tries to order pages 'loosely' (i.e. doesn't make a huge effort to keep pages in the right queues). Under heavier loads the pagedaemon makes more of an effort to put pages in their proper page queues and is also responsible for flushing the pages to their backing store when it determines that there are too many dirty pages in the system. The pagedaemon tends to take on the brunt of the disk writing work under heavier load conditions. The VM daemon wakes up under heavy memory pressure and is responsible for enforcing the resource limits associated with various processes. Specifically, the 'memoryuse' resource (RLIMIT_RSS). It will forcefully deactivate pages in processes whos resident set sizes are larger then their resource limits allow. The VM daemon does no paging on its own. Instead it makes certain pages 'more likely to be paged' by the pagedaemon. The VM daemon is also responsible, under extreme memory pressure, for swapping out whole processes. It does this by forcefully deactivating all of a process's pages and then forcefully putting the process to sleep for (typically) 20 seconds. It does not actually page the pages out, it allows the pagedaemon to do that. It simply makes the pages 'most likely' to be paged out and enforces the sleep period to prevent the process from paging them back in too early. The 'swapper' (process 0) doesn't really do much any more. It basically looks for processes marked as being swapped out, determines if there is sufficient space to allow them to run again, and wakes them up. (see the 'scheduler' procedure in /usr/src/sys/vm/vm_glue.c). -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 18:34: 1 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 238B737BB11 for ; Mon, 4 Sep 2000 18:33:54 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id SAA08278 for ; Mon, 4 Sep 2000 18:33:53 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id SAA15091 for ; Mon, 4 Sep 2000 18:33:53 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id SAA22923 for freebsd-arch@FreeBSD.ORG; Mon, 4 Sep 2000 18:33:52 -0700 (PDT) From: Don Lewis Message-Id: <200009050133.SAA22923@salsa.gv.tsc.tdk.com> Date: Mon, 4 Sep 2000 18:33:51 -0700 In-Reply-To: <200009041718.KAA21836@salsa.gv.tsc.tdk.com> References: <200009041718.KAA21836@salsa.gv.tsc.tdk.com> X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: restructuring of per-uid resource limits Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sep 4, 10:18am, Don Lewis wrote: } Subject: Re: Request for review: restructuring of per-uid resource limits } } Speaking of my patch, I did some of the cleanup that I mentioned } in my previous message, and also fixed an interaction with NFS that } caused a panic. My new patch is at } . Once I turned on INVARIANTS, I found some bugs in my KASSERTs. An updated version of this patch is at . It seems to be running OK for me, and I've also got it running on a 4-stable machine. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 20:21: 1 2000 Delivered-To: freebsd-arch@freebsd.org Received: from smtp05.primenet.com (smtp05.primenet.com [206.165.6.135]) by hub.freebsd.org (Postfix) with ESMTP id 4DEA837B422; Mon, 4 Sep 2000 20:20:59 -0700 (PDT) Received: (from daemon@localhost) by smtp05.primenet.com (8.9.3/8.9.3) id UAA19797; Mon, 4 Sep 2000 20:21:09 -0700 (MST) Received: from usr02.primenet.com(206.165.6.202) via SMTP by smtp05.primenet.com, id smtpdAAA.baaHM; Mon Sep 4 20:20:59 2000 Received: (from tlambert@localhost) by usr02.primenet.com (8.8.5/8.8.5) id UAA04806; Mon, 4 Sep 2000 20:20:39 -0700 (MST) From: Terry Lambert Message-Id: <200009050320.UAA04806@usr02.primenet.com> Subject: Re: Request for review: nsswitch To: winter@jurai.net (Matthew N. Dodd) Date: Tue, 5 Sep 2000 03:20:39 +0000 (GMT) Cc: phk@critter.freebsd.dk (Poul-Henning Kamp), n@nectar.com (Jacques A. Vidrine), ume@FreeBSD.ORG (Hajimu UMEMOTO), arch@FreeBSD.ORG In-Reply-To: from "Matthew N. Dodd" at Sep 03, 2000 01:40:10 AM X-Mailer: ELM [version 2.5 PL2] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > Since we're on this topic anyway, there is one thing which has always > > bothered me: Why don't we have the option of a per user alias file > > for hostnames ? > > 'cause that feature would totally rule and we can't have any ruling as > we're stodgy old BSD. :) I always thought that it was for the same reason that root does not have "." in its path by default. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Mon Sep 4 22:52:41 2000 Delivered-To: freebsd-arch@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 950FE37B422; Mon, 4 Sep 2000 22:52:39 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 13WBkE-0000Ez-00; Mon, 04 Sep 2000 23:58:06 -0600 Message-ID: <39B48B6E.158195C4@softweyr.com> Date: Mon, 04 Sep 2000 23:58:06 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; FreeBSD 4.1-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Terry Lambert Cc: "Matthew N. Dodd" , Poul-Henning Kamp , "Jacques A. Vidrine" , Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch References: <200009050320.UAA04806@usr02.primenet.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Terry Lambert wrote: > > > > Since we're on this topic anyway, there is one thing which has always > > > bothered me: Why don't we have the option of a per user alias file > > > for hostnames ? > > > > 'cause that feature would totally rule and we can't have any ruling as > > we're stodgy old BSD. :) > > I always thought that it was for the same reason that root > does not have "." in its path by default. To avoid being completely stupid? One of the UNIX systems I've used over the years, probably SunOS, allowed you to add the name of a host as a {sym,}link to rlogin; the executable would check argv[0] and if it wasn't a recognized pattern try it as a hostname. The common usage was to add links to your favorite hosts in /hosts/name and add that to your PATH. My vote would be to add this feature to ssh. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 0:32:20 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 3F20937B422; Tue, 5 Sep 2000 00:32:16 -0700 (PDT) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.8.7/8.8.7) with ESMTP id SAA22814; Tue, 5 Sep 2000 18:32:04 +1100 Date: Tue, 5 Sep 2000 18:32:01 +1100 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Don Lewis Cc: Robert Watson , freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: restructuring of per-uid resource limits In-Reply-To: <200009041718.KAA21836@salsa.gv.tsc.tdk.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 4 Sep 2000, Don Lewis wrote: > I'd like to get my patch tested and into the tree sooner rather than > later, since I'm concerned about bugs in the existing implementation. > I also want something that can be MFC'ed to 4-stable. The sbsize limit should be backed out of 4-stable until it is correctly implemented. Recent changes probably increased the chance of a panic by calling chgsbsize() in interrupt context. I think the previous version was more likely to cause an effective limit of nearly RLIM_INFINITY (even when the apparent limit is much lower) and a resource leak than a panic, since the result of incrementing sb_hiwat in interrupt context without incrementing ui_sbsize was to tend to make ui_sbsize go negative when the socket is deallocated. There was only a panic when ui_sbsize hit precisely 0 earlier than it should have (and ui_proccnt was also 0). The bugs in chgsbsize() would probably have been detected earlier if the sanity checks were unconditional and complete like they were for ui_proccnt in rev.1.65 of kern_proc.c. The check for ui_proccnt going negative was removed and the check for ui_proccnt going to precisely 0 too early was made conditional (turned into a KASSERT()). The check for ui_sbsize going negative never existed and the check for ui_sbsize going to precisely 0 too early was always a KASSERT(). Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 0:37:48 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 3F0D437B424; Tue, 5 Sep 2000 00:37:45 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id JAA84989; Tue, 5 Sep 2000 09:37:21 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Wes Peters Cc: Terry Lambert , "Matthew N. Dodd" , Poul-Henning Kamp , "Jacques A. Vidrine" , Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch References: <200009050320.UAA04806@usr02.primenet.com> <39B48B6E.158195C4@softweyr.com> From: Dag-Erling Smorgrav Date: 05 Sep 2000 09:37:20 +0200 In-Reply-To: Wes Peters's message of "Mon, 04 Sep 2000 23:58:06 -0600" Message-ID: Lines: 13 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Wes Peters writes: > My vote would be to add this feature to ssh. Why? Those who want it can implement it trivially with a shell script: #!/bin/sh /usr/bin/ssh $@ -- $(basename $0) then symlink to your heart's content. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 5:58:44 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 75C8737B422; Tue, 5 Sep 2000 05:58:42 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id FAA12582; Tue, 5 Sep 2000 05:58:31 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id FAA17488; Tue, 5 Sep 2000 05:58:30 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id FAA24311; Tue, 5 Sep 2000 05:58:26 -0700 (PDT) From: Don Lewis Message-Id: <200009051258.FAA24311@salsa.gv.tsc.tdk.com> Date: Tue, 5 Sep 2000 05:58:26 -0700 In-Reply-To: References: X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Bruce Evans , Don Lewis Subject: Re: Request for review: restructuring of per-uid resource limits Cc: Robert Watson , freebsd-arch@FreeBSD.ORG Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sep 5, 6:32pm, Bruce Evans wrote: } Subject: Re: Request for review: restructuring of per-uid resource limits } On Mon, 4 Sep 2000, Don Lewis wrote: } } > I'd like to get my patch tested and into the tree sooner rather than } > later, since I'm concerned about bugs in the existing implementation. } > I also want something that can be MFC'ed to 4-stable. } } The sbsize limit should be backed out of 4-stable until it is correctly } implemented. Recent changes probably increased the chance of a panic } by calling chgsbsize() in interrupt context. I think the previous } version was more likely to cause an effective limit of nearly } RLIM_INFINITY (even when the apparent limit is much lower) and a } resource leak than a panic, since the result of incrementing sb_hiwat } in interrupt context without incrementing ui_sbsize was to tend to } make ui_sbsize go negative when the socket is deallocated. There was } only a panic when ui_sbsize hit precisely 0 earlier than it should have } (and ui_proccnt was also 0). My patch removes all the dangerous operations from interrupt context. It also reference counts the uidinfo structure, which only gets freed when the reference count goes to zero. The hazards in the present implementation are what motivated me to work on this. } The bugs in chgsbsize() would probably have been detected earlier if } the sanity checks were unconditional and complete like they were for } ui_proccnt in rev.1.65 of kern_proc.c. The check for ui_proccnt going } negative was removed and the check for ui_proccnt going to precisely 0 } too early was made conditional (turned into a KASSERT()). The check } for ui_sbsize going negative never existed and the check for ui_sbsize } going to precisely 0 too early was always a KASSERT(). My patch has KASSERT checks that look for ui_sbsize or ui_proccnt going negative, or not being zero when freeing the uidinfo structure. I could be convinced to make this checks mandatory. I'm planning on commiting my patch to -current sometime today, assuming I can get a satisfactory review. I'd like to commit it to -stable after a few days exercise in -current. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 7:19:19 2000 Delivered-To: freebsd-arch@freebsd.org Received: from spirit.jaded.net (shortbus.jaded.net [216.94.132.8]) by hub.freebsd.org (Postfix) with ESMTP id BB16D37B43F for ; Tue, 5 Sep 2000 07:19:17 -0700 (PDT) Received: (from dan@localhost) by spirit.jaded.net (8.9.3/8.9.3) id KAA00637 for arch@freebsd.org; Tue, 5 Sep 2000 10:19:56 -0400 (EDT) (envelope-from dan) Date: Tue, 5 Sep 2000 10:19:56 -0400 From: Dan Moschuk To: arch@freebsd.org Subject: ftpd and sendfile() Message-ID: <20000905101956.C415@spirit.jaded.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [ Originally sent to -committers, was advised to post here before committing ] Any objections to making ftpd use sendfile()? -- Man is a rational animal who always loses his temper when he is called upon to act in accordance with the dictates of reason. -- Oscar Wilde To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 8:42: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from houston.matchlogic.com (mail.matchlogic.com [205.216.147.127]) by hub.freebsd.org (Postfix) with ESMTP id 4689837B424 for ; Tue, 5 Sep 2000 08:42:06 -0700 (PDT) Received: by houston.matchlogic.com with Internet Mail Service (5.5.2650.21) id ; Tue, 5 Sep 2000 09:42:05 -0600 Message-ID: <5FE9B713CCCDD311A03400508B8B30135878FE@bdr-xcln.is.matchlogic.com> From: Charles Randall To: 'Maxime Henrion' , freebsd-arch@freebsd.org Subject: RE: thought about allocation of the first 1024th ports Date: Tue, 5 Sep 2000 09:41:54 -0600 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG We run ipfw+natd for local port redirection on some of our web servers. That allows us to avoid setuid root executables. I've found it to be a very workable solution for programmers and system admins. Charles -----Original Message----- From: Maxime Henrion [mailto:mux@qualys.com] Sent: Saturday, September 02, 2000 10:00 AM To: freebsd-arch@freebsd.org Subject: thought about allocation of the first 1024th ports Hi, On most Unix systems and on FreeBSD, the first 1024th ports can't be allocated by a non-root process. As far as I know, this is justfied because services running on these ports generally require root privileges to accomplish their tasks because they are intended to be used by all the users on the system and need to access to their datas. However, some services don't need these privileges, like identd servers, or even web servers. This implies security problems if these servers are vulnerable to a bug or a buffer overflow. Advanced servers use setuid() and setgid() system calls to drop their privileges after having bound the socket. This improves security as if the server is vulnerable, it can not be used to gain root privileges but only a user's privileges. What I wonder now is if an application-independant mechanism to permit some ports below 1024 to be bound to sockets not owned by root processes would be useful. You assign in a configuration file which UID's are allowed to allocate which port. Of course, root processes will also be allowed to allocate these ports and user with other UID's still can't ; this ensures backward compatibility. With such a mechanism, you can run a server as a user and not as root even if the application doesn't support the setuid/setgid system. The requirement for this to work is that the application doesn't permits itself to do some other root-only operations than binding the socket to a privileged port ; it should be this way in most applications. I invite you to send me your thoughts/advices/rotten tomatoes by e-mail ;-) I hope I didn't miss something obvious and that something allowing to do what I describe don't already exists. Regards, Maxime Henrion To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 8:47: 3 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 3FF1537B424; Tue, 5 Sep 2000 08:47:01 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id LAA00990; Tue, 5 Sep 2000 11:47:00 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Tue, 5 Sep 2000 11:47:00 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Dan Moschuk Cc: arch@freebsd.org Subject: Re: ftpd and sendfile() In-Reply-To: <20000905101956.C415@spirit.jaded.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG (a) Make sure it doesn't break ASCII mode (b) Make sure that interuption of transfers works, and that correct reporting of bytes transfered happens regardless of success or failure. Not sure what the implications of these two suggestions are :-). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services On Tue, 5 Sep 2000, Dan Moschuk wrote: > > [ Originally sent to -committers, was advised to post here before committing ] > > Any objections to making ftpd use sendfile()? > > -- > Man is a rational animal who always loses his temper when he is called > upon to act in accordance with the dictates of reason. > -- Oscar Wilde > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-arch" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 11:11:30 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gidora.zeta.org.au (gidora.zeta.org.au [203.26.10.25]) by hub.freebsd.org (Postfix) with SMTP id 1FB4837B422 for ; Tue, 5 Sep 2000 11:11:27 -0700 (PDT) Received: (qmail 25345 invoked from network); 5 Sep 2000 18:11:23 -0000 Received: from unknown (HELO bde.zeta.org.au) (203.2.228.102) by gidora.zeta.org.au with SMTP; 5 Sep 2000 18:11:23 -0000 Date: Wed, 6 Sep 2000 05:11:20 +1100 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Don Lewis Cc: Robert Watson , freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: restructuring of per-uid resource limits In-Reply-To: <200009051258.FAA24311@salsa.gv.tsc.tdk.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 5 Sep 2000, Don Lewis wrote: > My patch has KASSERT checks that look for ui_sbsize or ui_proccnt going > negative, or not being zero when freeing the uidinfo structure. I > could be convinced to make this checks mandatory. I think sanity checks (if any are implemented) should be mandatory in new code. Perhaps there should be several levels of KASSERTs, with at least one level where the sanity checks are not mandatory (like the current default of INVARIANTS not defined). Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 15:16:40 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 687B737B423; Tue, 5 Sep 2000 15:16:38 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id PAA20611; Tue, 5 Sep 2000 15:16:31 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id PAA21915; Tue, 5 Sep 2000 15:16:30 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id PAA25991; Tue, 5 Sep 2000 15:16:21 -0700 (PDT) From: Don Lewis Message-Id: <200009052216.PAA25991@salsa.gv.tsc.tdk.com> Date: Tue, 5 Sep 2000 15:16:21 -0700 In-Reply-To: References: X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Bruce Evans , Don Lewis Subject: Re: Request for review: restructuring of per-uid resource limits Cc: Robert Watson , freebsd-arch@FreeBSD.ORG Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sep 6, 5:11am, Bruce Evans wrote: } Subject: Re: Request for review: restructuring of per-uid resource limits } On Tue, 5 Sep 2000, Don Lewis wrote: } } > My patch has KASSERT checks that look for ui_sbsize or ui_proccnt going } > negative, or not being zero when freeing the uidinfo structure. I } > could be convinced to make this checks mandatory. } } I think sanity checks (if any are implemented) should be mandatory in } new code. Done and committed. } Perhaps there should be several levels of KASSERTs, with at } least one level where the sanity checks are not mandatory (like the } current default of INVARIANTS not defined). That sounds good to me. Having to change the sense of the test to convert between "if (...) panic" and KASSERT as well as the other syntax changes basically sucks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Tue Sep 5 21:21:25 2000 Delivered-To: freebsd-arch@freebsd.org Received: from panzer.kdm.org (panzer.kdm.org [216.160.178.169]) by hub.freebsd.org (Postfix) with ESMTP id BF78B37B423; Tue, 5 Sep 2000 21:21:19 -0700 (PDT) Received: (from ken@localhost) by panzer.kdm.org (8.9.3/8.9.1) id WAA97128; Tue, 5 Sep 2000 22:21:19 -0600 (MDT) (envelope-from ken) Date: Tue, 5 Sep 2000 22:21:19 -0600 From: "Kenneth D. Merry" To: net@FreeBSD.ORG Subject: new zero copy sockets and NFS snapshot Message-ID: <20000905222119.A97109@panzer.kdm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG [ -arch and -current BCC'ed for wider coverage, please direct followups to -net and/or me ] I have put a new copy of the zero copy sockets and NFS patches, against -current as of early September 5th, 2000, here: http://people.FreeBSD.ORG/~ken/zero_copy/ Questions, comments and feedback are welcome. Besides being generated against a newer version of -current, the following things have changed in the new patches posted above: - Merged in the new mbuf reference counting code from -current. - Fixed a bug in writev(2) and sendmsg(2) handling noticed by Alan Cox. We weren't incrementing the iov pointer in the uio structure, like uiomove() does. - Fixed another bug in the zero copy code, noticed by Alan Cox. Move the initialization of the cow_send in sosend() (in uipc_socket.c) into the inner while loop. For those of you who missed the previous messages about this code (that went out to -net, -arch and -current), here's a quick list of what is included in the code: - Two sets of zero copy send code, written by Drew Gallatin and Robert Picco . - Zero copy receive code, written by Drew Gallatin. - Zero copy NFS code, written by Drew Gallatin. - Header splitting firmware for Alteon's Tigon II boards (written by me), based on version 12.4.11 of their firmware. This is used in combination with the zero copy receive code to guarantee that the payload of TCP or UDP packet is placed into a page-aligned buffer. - Alteon firmware debugging ioctls and supporting routines for the Tigon driver (also written by me). This will help anyone who is doing firmware development under FreeBSD for the Tigon boards. The Alteon header splitting and debugging code was written for Pluto Technologies (www.plutotech.com), which has kindly agreed to let me release the code. Ken -- Kenneth Merry ken@kdm.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 8:32:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from segfault.kiev.ua (segfault.kiev.ua [193.193.193.4]) by hub.freebsd.org (Postfix) with ESMTP id 4817137B422 for ; Wed, 6 Sep 2000 08:32:47 -0700 (PDT) Received: (from netch@localhost) by segfault.kiev.ua (8) id SMP92660 for freebsd-arch@freebsd.org; Wed, 6 Sep 2000 18:32:44 +0300 (EEST) (envelope-from netch) Date: Wed, 6 Sep 2000 18:32:43 +0300 From: Valentin Nechayev To: freebsd-arch@freebsd.org Subject: Re: thought about allocation of the first 1024th ports Message-ID: <20000906183242.B7975@netch.kiev.ua> Reply-To: netch@segfault.kiev.ua References: <5FE9B713CCCDD311A03400508B8B30135878FE@bdr-xcln.is.matchlogic.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <5FE9B713CCCDD311A03400508B8B30135878FE@bdr-xcln.is.matchlogic.com>; from crandall@matchlogic.com on Tue, Sep 05, 2000 at 03:42:18PM +0000 X-42: On Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Tue, Sep 05, 2000 at 15:42:18, crandall wrote about "RE: thought about allocation of the first 1024th ports": > We run ipfw+natd for local port redirection on some of our web servers. That > allows us to avoid setuid root executables. > > I've found it to be a very workable solution for programmers and system > admins. It's not objection, but just comment; and nevertheless still;)) "Very workable", but on ideal. Consider, i.e., squid on port 3128, and intruder's program, which binds the same port with SO_REUSE*. At least it blocks whole port if squid falls (squid likes fall;)) (Please don't say that there should not be bad guys' shells on server.) That's why I say problem is not of large priority, but of large severity. > On most Unix systems and on FreeBSD, the first 1024th ports can't be > allocated by a > non-root process. As far as I know, this is justfied because services > running on these > ports generally require root privileges to accomplish their tasks because > they are > intended to be used by all the users on the system and need to access to > their datas. /netch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 11:50:34 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 4EABE37B422 for ; Wed, 6 Sep 2000 11:50:31 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id UAA92266; Wed, 6 Sep 2000 20:50:30 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: arch@freebsd.org Subject: Linprocfs needs more stats From: Dag-Erling Smorgrav Date: 06 Sep 2000 20:50:29 +0200 Message-ID: Lines: 20 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In order to implement some of the commonly used features of the Linux /proc file system, I need some stats which aren't currently available in the kernel. I know how to generate them, but doing so requires modifying files in the sys/kern and sys/vm directories, amongst others... Initially, I'd like to add the following: - more detailed version/build info in vers.c (for /proc/version) - more detailed CPU usage statistics (for /proc/uptime and /proc/stat): number of ticks spent in {user,sys,intr,idle} since boot. The changes are not very intrusive, though the CPU usage stats will add a handful of instructions to statclock(). DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 12:46: 9 2000 Delivered-To: freebsd-arch@freebsd.org Received: from njord.bart.nl (njord.bart.nl [194.158.170.15]) by hub.freebsd.org (Postfix) with ESMTP id B65A237B422; Wed, 6 Sep 2000 12:46:06 -0700 (PDT) Received: from daemon.ninth-circle.org (daemon.ninth-circle.org [195.38.210.81]) by njord.bart.nl (8.10.1/8.10.1) with ESMTP id e86JjIr04374; Wed, 6 Sep 2000 21:45:25 +0200 (CEST) Received: (from asmodai@localhost) by daemon.ninth-circle.org (8.9.3/8.9.3) id VAA58988; Wed, 6 Sep 2000 21:41:10 +0200 (CEST) (envelope-from asmodai) Date: Wed, 6 Sep 2000 21:41:09 +0200 From: Jeroen Ruigrok/Asmodai To: Robert Watson Cc: Dan Moschuk , arch@freebsd.org Subject: Re: ftpd and sendfile() Message-ID: <20000906214109.B58347@daemon.ninth-circle.org> References: <20000905101956.C415@spirit.jaded.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from rwatson@freebsd.org on Tue, Sep 05, 2000 at 11:47:00AM -0400 Organisation: Ninth-Circle Enterprises Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -On [20000905 18:03], Robert Watson (rwatson@freebsd.org) wrote: > >(a) Make sure it doesn't break ASCII mode Simple, you don't use sendfile() for ASCII. -- Jeroen Ruigrok vd Werven/Asmodai asmodai@[wxs.nl|bart.nl|freebsd.org] Documentation nutter/C-rated Coder BSD: Technical excellence at its best The BSD Programmer's Documentation Project Abandon hope, all ye who enter here... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 12:47:20 2000 Delivered-To: freebsd-arch@freebsd.org Received: from njord.bart.nl (njord.bart.nl [194.158.170.15]) by hub.freebsd.org (Postfix) with ESMTP id 3548A37B423; Wed, 6 Sep 2000 12:47:15 -0700 (PDT) Received: from daemon.ninth-circle.org (daemon.ninth-circle.org [195.38.210.81]) by njord.bart.nl (8.10.1/8.10.1) with ESMTP id e86JkIr04458; Wed, 6 Sep 2000 21:46:25 +0200 (CEST) Received: (from asmodai@localhost) by daemon.ninth-circle.org (8.9.3/8.9.3) id VAA59032; Wed, 6 Sep 2000 21:44:52 +0200 (CEST) (envelope-from asmodai) Date: Wed, 6 Sep 2000 21:44:51 +0200 From: Jeroen Ruigrok/Asmodai To: Don Lewis Cc: Bruce Evans , Robert Watson , freebsd-arch@FreeBSD.ORG Subject: Re: Request for review: restructuring of per-uid resource limits Message-ID: <20000906214451.C58347@daemon.ninth-circle.org> References: <200009052216.PAA25991@salsa.gv.tsc.tdk.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <200009052216.PAA25991@salsa.gv.tsc.tdk.com>; from Don.Lewis@tsc.tdk.com on Tue, Sep 05, 2000 at 03:16:21PM -0700 Organisation: Ninth-Circle Enterprises Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -On [20000906 02:00], Don Lewis (Don.Lewis@tsc.tdk.com) wrote: >On Sep 6, 5:11am, Bruce Evans wrote: >} Perhaps there should be several levels of KASSERTs, with at >} least one level where the sanity checks are not mandatory (like the >} current default of INVARIANTS not defined). > >That sounds good to me. Having to change the sense of the test to >convert between "if (...) panic" and KASSERT as well as the other >syntax changes basically sucks. Look at the CONDSPLASSERT(9) manpage. It has different characteristics depending on a sysctl value. It hope I understood what you two meant, otherwise excuse my intrusion. :) -- Jeroen Ruigrok vd Werven/Asmodai asmodai@[wxs.nl|bart.nl|freebsd.org] Documentation nutter/C-rated Coder BSD: Technical excellence at its best The BSD Programmer's Documentation Project Abandon hope, all ye who enter here... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 12:51:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 6234C37B423 for ; Wed, 6 Sep 2000 12:51:40 -0700 (PDT) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id VAA92629; Wed, 6 Sep 2000 21:51:38 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: arch@FreeBSD.ORG Subject: Re: Linprocfs needs more stats References: From: Dag-Erling Smorgrav Date: 06 Sep 2000 21:51:38 +0200 In-Reply-To: Dag-Erling Smorgrav's message of "06 Sep 2000 20:50:29 +0200" Message-ID: Lines: 10 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dag-Erling Smorgrav writes: > - more detailed CPU usage statistics (for /proc/uptime and > /proc/stat): number of ticks spent in {user,sys,intr,idle} since > boot. Oh, lookie here, cp_time! Can I take my foot out of my mouth now? DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 14:16: 2 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gatekeeper.tsc.tdk.com (gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (Postfix) with ESMTP id 6F1FB37B424; Wed, 6 Sep 2000 14:16:00 -0700 (PDT) Received: from imap.gv.tsc.tdk.com (imap.gv.tsc.tdk.com [192.168.241.198]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id OAA05972; Wed, 6 Sep 2000 14:15:44 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by imap.gv.tsc.tdk.com (8.9.3/8.9.3) with ESMTP id OAA29785; Wed, 6 Sep 2000 14:15:43 -0700 (PDT) (envelope-from Don.Lewis@tsc.tdk.com) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id OAA29563; Wed, 6 Sep 2000 14:15:42 -0700 (PDT) From: Don Lewis Message-Id: <200009062115.OAA29563@salsa.gv.tsc.tdk.com> Date: Wed, 6 Sep 2000 14:15:42 -0700 In-Reply-To: <20000906214451.C58347@daemon.ninth-circle.org> References: <200009052216.PAA25991@salsa.gv.tsc.tdk.com> <20000906214451.C58347@daemon.ninth-circle.org> X-Mailer: Mail User's Shell (7.2.6 beta(5) 10/07/98) To: Jeroen Ruigrok/Asmodai , Don Lewis Subject: unified assert style (was: Re: Request for review: restructuring of per-uid resource limits) Cc: Bruce Evans , Robert Watson , freebsd-arch@FreeBSD.ORG Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sep 6, 9:44pm, Jeroen Ruigrok/Asmodai wrote: } Subject: Re: Request for review: restructuring of per-uid resource limits } -On [20000906 02:00], Don Lewis (Don.Lewis@tsc.tdk.com) wrote: } >On Sep 6, 5:11am, Bruce Evans wrote: } >} Perhaps there should be several levels of KASSERTs, with at } >} least one level where the sanity checks are not mandatory (like the } >} current default of INVARIANTS not defined). } > } >That sounds good to me. Having to change the sense of the test to } >convert between "if (...) panic" and KASSERT as well as the other } >syntax changes basically sucks. } } Look at the CONDSPLASSERT(9) manpage. } } It has different characteristics depending on a sysctl value. That's closer to what I had in mind (but it is only present in current). It also uses the spl level as one of its conditions. What I've got in mind is an assertion macro that would several parameters. The first would indicate whether the code would be conditional on INVARIANTS. The second parameter would be compared with a sysctl knob and the condition would only be checked if the sysctl value was greater than or equal to the parameter. The third parameter would be compared to another sysctl knob and an assertion failure would result in a panic if the sysctl value was greater than or equal to the parameter, otherwise the failure would only be logged. } It hope I understood what you two meant, otherwise excuse my intrusion. } :) You certainly did. Thanks for the pointer. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 14:40:32 2000 Delivered-To: freebsd-arch@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 37EA737B423; Wed, 6 Sep 2000 14:40:30 -0700 (PDT) Received: from fledge.watson.org (robert@fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.9.3/8.9.3) with SMTP id RAA20687; Wed, 6 Sep 2000 17:37:16 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Wed, 6 Sep 2000 17:37:16 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Jeroen Ruigrok/Asmodai Cc: Dan Moschuk , arch@freebsd.org Subject: Re: ftpd and sendfile() In-Reply-To: <20000906214109.B58347@daemon.ninth-circle.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 6 Sep 2000, Jeroen Ruigrok/Asmodai wrote: > -On [20000905 18:03], Robert Watson (rwatson@freebsd.org) wrote: > > > >(a) Make sure it doesn't break ASCII mode > > Simple, you don't use sendfile() for ASCII. Or, determine when sending in ASCII would result in a data transformation. In any case, that would be a fine solution: I just recommend against breaking it :-). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 15:27:13 2000 Delivered-To: freebsd-arch@freebsd.org Received: from atrn.bpa.nu (CPE-144-132-209-248.nsw.bigpond.net.au [144.132.209.248]) by hub.freebsd.org (Postfix) with ESMTP id 30B9137B423 for ; Wed, 6 Sep 2000 15:27:11 -0700 (PDT) Received: from juju.bsn (juju.bsn [192.168.1.5]) by atrn.bpa.nu (8.9.3/8.9.3) with ESMTP id JAA98600 for ; Thu, 7 Sep 2000 09:27:24 +1000 (EST) (envelope-from andy@ska.bsn) Received: (from andy@localhost) by juju.bsn (8.9.3/8.9.3) id JAA33185 for arch@FreeBSD.org; Thu, 7 Sep 2000 09:27:09 +1100 (EST) (envelope-from andy) Message-Id: <200009062227.JAA33185@juju.bsn> Date: Thu, 7 Sep 2000 09:27:08 +1100 (EST) From: Andy Newman Reply-To: atrn@zeta.org.au Subject: Re: Enabling sshd by default To: arch@FreeBSD.org In-Reply-To: <200009021007.e82A6xx13017@grimreaper.grondar.za> MIME-Version: 1.0 Content-Type: TEXT/plain; CHARSET=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 2 Sep, Mark Murray wrote: >> Sounds good to me. Is anyone else planning on RSA-free-day parties? > Also will have a demise-of-RSA-patent party; much hooliganism will be > enjoyed. RSA went and pooped on everyones parties by a couple of weeks... http://www.rsasecurity.com/news/pr/000906-1.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Wed Sep 6 22: 5:33 2000 Delivered-To: freebsd-arch@freebsd.org Received: from relay.butya.kz (butya-gw.butya.kz [212.154.129.94]) by hub.freebsd.org (Postfix) with ESMTP id 8EFA137B423 for ; Wed, 6 Sep 2000 22:05:26 -0700 (PDT) Received: by relay.butya.kz (Postfix, from userid 1000) id C496A28AAC; Thu, 7 Sep 2000 12:05:22 +0700 (ALMST) Received: from localhost (localhost [127.0.0.1]) by relay.butya.kz (Postfix) with ESMTP id B1F8C28AAB; Thu, 7 Sep 2000 12:05:22 +0700 (ALMST) Date: Thu, 7 Sep 2000 12:05:22 +0700 (ALMST) From: Boris Popov To: Dag-Erling Smorgrav Cc: arch@freebsd.org Subject: Re: Linprocfs needs more stats In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 6 Sep 2000, Dag-Erling Smorgrav wrote: > In order to implement some of the commonly used features of the Linux > /proc file system, I need some stats which aren't currently available > in the kernel. I know how to generate them, but doing so requires > modifying files in the sys/kern and sys/vm directories, amongst > others... It is possible to look at diffs ? -- Boris Popov http://www.butya.kz/~bp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Sep 7 4:56: 6 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 6690237B424 for ; Thu, 7 Sep 2000 04:56:03 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id NAA78964; Thu, 7 Sep 2000 13:56:00 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id NAA52701; Thu, 7 Sep 2000 13:56:00 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Thu, 7 Sep 2000 13:56:00 +0200 (CEST) From: Marius Bendiksen To: Warner Losh Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: <200008301728.LAA17081@harmony.village.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I would like this idea. The up side is that it saves about 100MB of > space, iirc. The down side is that minimal is no longer able to build > a kernel, which is why they were in there to start with. This problem will continue to shrink as our kernels become more modular. You could ship a minimalist kernel, and the necessary modules. Another option would be to provide some public kernel-building service, or an assortment of prebuilt kernels. On the note of shrinking stuff, I am wondering what, if anything, came of the previous discussion regarding the introduction of BUILD_TINY or similar defines? Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Sep 7 5: 6:15 2000 Delivered-To: freebsd-arch@freebsd.org Received: from lists01.iafrica.com (lists01.iafrica.com [196.7.0.141]) by hub.freebsd.org (Postfix) with ESMTP id D9BA137B423 for ; Thu, 7 Sep 2000 05:06:11 -0700 (PDT) Received: from nwl.fw.uunet.co.za ([196.31.2.162]) by lists01.iafrica.com with esmtp (Exim 3.12 #2) id 13X0RU-0005Sx-00; Thu, 07 Sep 2000 14:06:08 +0200 Received: (from nobody@localhost) by nwl.fw.uunet.co.za (8.8.8/8.6.9) id OAA06955; Thu, 7 Sep 2000 14:06:07 +0200 (SAST) Received: by nwl.fw.uunet.co.za via recvmail id 6642; Thu Sep 7 14:05:22 2000 Received: from sheldonh (helo=axl.fw.uunet.co.za) by axl.fw.uunet.co.za with local-esmtp (Exim 3.16 #1) id 13X0Qk-000E5o-00; Thu, 07 Sep 2000 14:05:22 +0200 From: Sheldon Hearn To: Marius Bendiksen Cc: arch@freebsd.org Subject: Re: build tools as separate distribution In-reply-to: Your message of "Thu, 07 Sep 2000 13:56:00 +0200." Date: Thu, 07 Sep 2000 14:05:22 +0200 Message-ID: <54175.968328322@axl.fw.uunet.co.za> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 07 Sep 2000 13:56:00 +0200, Marius Bendiksen wrote: > On the note of shrinking stuff, I am wondering what, if anything, came of > the previous discussion regarding the introduction of BUILD_TINY or > similar defines? One of two things: 1) Some people took it off-line. 2) As with any discussion held amongst a group of people equipped wityh only opinions and no intent to do any work, nothing. :-) Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Sep 7 9:18:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 7DF3637B43E for ; Thu, 7 Sep 2000 09:18:50 -0700 (PDT) Received: from billy-club.village.org (billy-club.village.org [10.0.0.3]) by rover.village.org (8.9.3/8.9.3) with ESMTP id KAA37278; Thu, 7 Sep 2000 10:18:48 -0600 (MDT) (envelope-from imp@billy-club.village.org) Received: from billy-club.village.org (localhost [127.0.0.1]) by billy-club.village.org (8.11.0/8.8.3) with ESMTP id e87GJEG16236; Thu, 7 Sep 2000 10:19:14 -0600 (MDT) Message-Id: <200009071619.e87GJEG16236@billy-club.village.org> To: Marius Bendiksen Subject: Re: build tools as separate distribution Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG In-reply-to: Your message of "Thu, 07 Sep 2000 13:56:00 +0200." References: Date: Thu, 07 Sep 2000 10:19:14 -0600 From: Warner Losh Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In message Marius Bendiksen writes: : On the note of shrinking stuff, I am wondering what, if anything, came of : the previous discussion regarding the introduction of BUILD_TINY or : similar defines? What would these do? One thing I'd like to be able to do is say "build only these modules" when I'm building a kernel rather than all of them... Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Thu Sep 7 10:30:53 2000 Delivered-To: freebsd-arch@freebsd.org Received: from ns1.sunesi.net (ns1.sunesi.net [196.15.192.194]) by hub.freebsd.org (Postfix) with ESMTP id 5683B37B42C for ; Thu, 7 Sep 2000 10:30:51 -0700 (PDT) Received: from nbm by ns1.sunesi.net with local (Exim 3.03 #1) id 13X5Uz-000BR5-00; Thu, 07 Sep 2000 19:30:05 +0200 Date: Thu, 7 Sep 2000 19:30:05 +0200 From: Neil Blakey-Milner To: Warner Losh Cc: Marius Bendiksen , Dag-Erling Smorgrav , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution Message-ID: <20000907193005.A43837@mithrandr.moria.org> References: <200009071619.e87GJEG16236@billy-club.village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <200009071619.e87GJEG16236@billy-club.village.org>; from imp@village.org on Thu, Sep 07, 2000 at 10:19:14AM -0600 Organization: Sunesi Clinical Systems X-Operating-System: FreeBSD 3.3-RELEASE i386 X-URL: http://rucus.ru.ac.za/~nbm/ Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu 2000-09-07 (10:19), Warner Losh wrote: > In message Marius Bendiksen writes: > : On the note of shrinking stuff, I am wondering what, if anything, came of > : the previous discussion regarding the introduction of BUILD_TINY or > : similar defines? > > What would these do? Remove cosmetic stuff that wastes lots of memory. sys/pci/pcisupport.c uses quite a lot of it simply for pretty names to print for human reading at start-up. I sent a patch for pci/pcisupport.c a few weeks ago, but it's probably way stale by now. Neil -- Neil Blakey-Milner Sunesi Clinical Systems nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Fri Sep 8 23: 6:23 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail-relay.eunet.no (mail-relay.eunet.no [193.71.71.242]) by hub.freebsd.org (Postfix) with ESMTP id 2A63737B422 for ; Fri, 8 Sep 2000 23:06:20 -0700 (PDT) Received: from login-1.eunet.no (login-1.eunet.no [193.75.110.2]) by mail-relay.eunet.no (8.9.3/8.9.3/GN) with ESMTP id IAA29993; Sat, 9 Sep 2000 08:02:57 +0200 (CEST) (envelope-from mbendiks@eunet.no) Received: from localhost (mbendiks@localhost) by login-1.eunet.no (8.9.3/8.8.8) with ESMTP id IAA63390; Sat, 9 Sep 2000 08:02:56 +0200 (CEST) (envelope-from mbendiks@eunet.no) X-Authentication-Warning: login-1.eunet.no: mbendiks owned process doing -bs Date: Sat, 9 Sep 2000 08:02:56 +0200 (CEST) From: Marius Bendiksen To: Warner Losh Cc: Dag-Erling Smorgrav , arch@FreeBSD.ORG Subject: Re: build tools as separate distribution In-Reply-To: <200009071619.e87GJEG16236@billy-club.village.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > : On the note of shrinking stuff, I am wondering what, if anything, came of > : the previous discussion regarding the introduction of BUILD_TINY or > : similar defines? > What would these do? My intention, which others had voiced as well, was to try to agree upon a define to add which would cut down various parts of the system to minimal functional sets. For example, one could build sh with this defined, and a number of functions would suddenly not get built into it. Marius To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 9 12:10: 8 2000 Delivered-To: freebsd-arch@freebsd.org Received: from critter.freebsd.dk (flutter.freebsd.dk [212.242.40.147]) by hub.freebsd.org (Postfix) with ESMTP id 436D537B422; Sat, 9 Sep 2000 12:10:03 -0700 (PDT) Received: from critter (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.0/8.9.3) with ESMTP id e89JA1N89356; Sat, 9 Sep 2000 21:10:02 +0200 (CEST) (envelope-from phk@critter.freebsd.dk) To: arch@freebsd.org, smp@freebsd.org Subject: Device probing... From: Poul-Henning Kamp Date: Sat, 09 Sep 2000 21:10:01 +0200 Message-ID: <89354.968526601@critter> Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I would really like to se us move all the device probe/attach code to run in "normal context", ie enable interrupts before we probe everything. The main argument for this is the drivers can then use the full complement of kernel infrastructure and interrupts during probe attach. Drivers needs to be able to function in this environment anyway if they support removeable devices (pccard, usb, etc). Are there reasons to not do this I have overlooked ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD coreteam member | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 9 12:41:22 2000 Delivered-To: freebsd-arch@freebsd.org Received: from mail.m.iinet.net.au (opera3.iinet.net.au [203.59.24.51]) by hub.freebsd.org (Postfix) with SMTP id 4DC4E37B422 for ; Sat, 9 Sep 2000 12:41:17 -0700 (PDT) Received: (qmail 10013 invoked by uid 666); 9 Sep 2000 19:41:13 -0000 Received: from reggae-12-250.nv.iinet.net.au (HELO jules.elischer.org) (203.59.92.250) by mail.m.iinet.net.au with SMTP; 9 Sep 2000 19:41:13 -0000 Message-ID: <39BA9252.794BDF32@elischer.org> Date: Sat, 09 Sep 2000 12:41:06 -0700 From: Julian Elischer X-Mailer: Mozilla 3.04Gold (X11; I; FreeBSD 5.0-CURRENT i386) MIME-Version: 1.0 To: Poul-Henning Kamp Cc: arch@freebsd.org, smp@freebsd.org Subject: Re: Device probing... References: <89354.968526601@critter> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Poul-Henning Kamp wrote: > > I would really like to se us move all the device probe/attach code > to run in "normal context", ie enable interrupts before we probe > everything. > > The main argument for this is the drivers can then use the full > complement of kernel infrastructure and interrupts during probe > attach. > > Drivers needs to be able to function in this environment anyway > if they support removeable devices (pccard, usb, etc). > > Are there reasons to not do this I have overlooked ? I know of no reason not to, and in fact the old BSD code used to do this in order to try work out what interrupt a device was on. (though with shared interrupts this gets harder) > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD coreteam member | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-smp" in the body of the message -- __--_|\ Julian Elischer / \ julian@elischer.org ( OZ ) World tour 2000 ---> X_.---._/ presently in: Perth v To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 9 12:41:42 2000 Delivered-To: freebsd-arch@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 75BBD37B449; Sat, 9 Sep 2000 12:41:25 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 13WRXQ-0002ob-00; Tue, 05 Sep 2000 16:49:57 -0600 Message-ID: <39B57891.1097F0DE@softweyr.com> Date: Tue, 05 Sep 2000 16:49:53 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.75 [en] (X11; U; FreeBSD 4.1-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: Terry Lambert , "Matthew N. Dodd" , Poul-Henning Kamp , "Jacques A. Vidrine" , Hajimu UMEMOTO , arch@FreeBSD.ORG Subject: Re: Request for review: nsswitch References: <200009050320.UAA04806@usr02.primenet.com> <39B48B6E.158195C4@softweyr.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Dag-Erling Smorgrav wrote: > > Wes Peters writes: > > My vote would be to add this feature to ssh. > > Why? Those who want it can implement it trivially with a shell script: Of course. I meant ssh as opposed to rsh or rlogin. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message From owner-freebsd-arch Sat Sep 9 20: 9:50 2000 Delivered-To: freebsd-arch@freebsd.org Received: from gidora.zeta.org.au (gidora.zeta.org.au [203.26.10.25]) by hub.freebsd.org (Postfix) with SMTP id B9C1C37B424 for ; Sat, 9 Sep 2000 20:09:45 -0700 (PDT) Received: (qmail 17553 invoked from network); 10 Sep 2000 03:09:41 -0000 Received: from unknown (HELO bde.zeta.org.au) (203.2.228.102) by gidora.zeta.org.au with SMTP; 10 Sep 2000 03:09:41 -0000 Date: Sun, 10 Sep 2000 14:09:40 +1100 (EST) From: Bruce Evans X-Sender: bde@besplex.bde.org To: Poul-Henning Kamp Cc: arch@FreeBSD.ORG, smp@FreeBSD.ORG Subject: Re: Device probing... In-Reply-To: <89354.968526601@critter> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-arch@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 9 Sep 2000, Poul-Henning Kamp wrote: > I would really like to se us move all the device probe/attach code > to run in "normal context", ie enable interrupts before we probe > everything. > > The main argument for this is the drivers can then use the full > complement of kernel infrastructure and interrupts during probe > attach. > > Drivers needs to be able to function in this environment anyway > if they support removeable devices (pccard, usb, etc). > > Are there reasons to not do this I have overlooked ? Active level-triggered interrupts will repeat endlessly if they have no driver. Active edge-triggered interrupts will prevent further interrupts on the same irq if they have no driver. Active interrupts with no driver hopefully arren't a problem with removable devices (after all drivers have had a chance to run). Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message