From owner-freebsd-current Sun Jan 20 8:15:37 2002 Delivered-To: freebsd-current@freebsd.org Received: from johnson.mail.mindspring.net (johnson.mail.mindspring.net [207.69.200.177]) by hub.freebsd.org (Postfix) with ESMTP id 2D0C437B400 for ; Sun, 20 Jan 2002 08:15:30 -0800 (PST) Received: from 1cust172.tnt4.des-moines.ia.da.uu.net ([63.11.140.172] helo=vaio) by johnson.mail.mindspring.net with smtp (Exim 3.33 #1) id 16RqgU-000835-00; Sat, 19 Jan 2002 03:17:07 -0500 From: tbeveridge@yahoo.com To: Subject: Make it Happen Date: Fri, 18 Jan 2002 21:31:30 -0600 X-Priority: 1 X-MSMail-Priority: High Message-Id: Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG TIRED OF ENDLESSLY POSTING YOUR ONLINE CLASSIFIED AD AND GETTING NO RESULTS? There are over 7000 such sites scattered about the web; and quite frankly, none of them generate enough traffic to be worth your while. Even when someone finds or visits one of these sites, your ad is hopelessly lost in a myriad of similar offerings. Another frustration is search engines. If you are not in the Top 10, forget about high-traffic on your web site. Not everyone can be in the Top 10 and stay there; when there are estimates of four million web pages! How do we know? We know because that's exactly what we used to do. The greatest way of marketing this century is undoubtedly direct e-mail. It's similar to the postman delivering a letter to your mailbox. There is NO stumbling on to it! The ability to promote your product, service, website, or MLM/network marketing opportunity to millions instantly is what advertisers have been dreaming of for over 100 years. We will e-mail your one page promotion to a list of our general addresses. The greatest part is, it's completely affordable. ----------------------------------------------------------------------- NOTICE: Absolutely no pornography, chain letters, get rich quick, pyramid schemes, or any threatening or questionable materials. ----------------------------------------------------------------------- STANDARD PRICING AND PROCEDURES ----------------------------------------------------------------------- EXTRACTING: Our list of general Internet addreses are actually extracted from the most popular web sites on the Internet. The addresses are verified and run through our purification process. The process includes addresses run against our custom remove filter of 2,492 keywords, as well as through our 192MB remove /flamer list. The EDU, ORG, GOV, MIL, and US domains are removed, as well as other domains that asked not to receive e-mail. ----------------------------------------------------------------------- SET-UP FEE: $150.00 This will cover the costs of uploading files, Internet Access (ISP), and software set-up. ----------------------------------------------------------------------- EVALUATION: $350.00 (optional) One of our marketing specialists will evaluate your sales letter, and offer his/her expertise on how to make it the most successful. ----------------------------------------------------------------------- STANDARD PRICING: (Emails Delivered) 1 Million- $800.00 per 2 Million- $700.00 per 3 Million & up- $600.00 per ----------------------------------------------------------------------- SPECIAL OFFER! This introductory offer of $475.00 includes: 1. Set-Up Fee 2. Evaluation of Sales Letter 3. 250,000 e-mails delivered ----------------------------------------------------------------------- PAYMENT POLICY All services must be paid in full prior to delivery of advertisement. Under NO CIRCUMSTANCES will any sales or marketing strategies be discussed until payment is received. ----------------------------------------------------------------------- If you are serious about Direct Email Marketing--Fax the following form to (602) 392-8288 ---------------------------------------------------------------------- PLEASE FILL THIS FORM OUT COMPLETELY! Contact Name: _____________________________________________ Business Name: ______________________________________ Business Type: ______________________________________ # Years in Business: _________________________ Address: _________________________________________________ City: ____________________ State: ______ Zip: ______________ Country: _______________ Email Address: _______________________________________________ Phone: __________________________Fax: ____________________________ ----------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 10:53:42 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 6428C37B402; Sun, 20 Jan 2002 10:53:37 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KIrZ423376; Sun, 20 Jan 2002 21:53:35 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 21:53:34 +0300 From: "Andrey A. Chernov" To: markm@freebsd.org, des@freebsd.org, current@freebsd.org Subject: Step1, pam_unix srandomdev fix for review Message-ID: <20020120185334.GA23348@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bug: srandomdev() can't be used in libraries because it touch internal RNG state which may be used by user program which not want true randomness but pseudo one. Fix: srandomdev() removed, random() replaced by arc4random() which initialize itself from true randomness automatically. --- pam_unix.c.old Sat Jan 19 21:29:49 2002 +++ pam_unix.c Sun Jan 20 21:42:47 2002 @@ -502,15 +502,14 @@ syslog(LOG_ERR, "cannot set password cipher"); login_close(lc); /* Salt suitable for anything */ - srandomdev(); gettimeofday(&tv, 0); - to64(&salt[0], random(), 3); + to64(&salt[0], arc4random(), 3); to64(&salt[3], tv.tv_usec, 3); to64(&salt[6], tv.tv_sec, 2); - to64(&salt[8], random(), 5); - to64(&salt[13], random(), 5); - to64(&salt[17], random(), 5); - to64(&salt[22], random(), 5); + to64(&salt[8], arc4random(), 5); + to64(&salt[13], arc4random(), 5); + to64(&salt[17], arc4random(), 5); + to64(&salt[22], arc4random(), 5); salt[27] = '\0'; pwd->pw_passwd = crypt(pass, salt); @@ -596,15 +595,14 @@ syslog(LOG_ERR, "cannot set password cipher"); login_close(lc); /* Salt suitable for anything */ - srandomdev(); gettimeofday(&tv, 0); - to64(&salt[0], random(), 3); + to64(&salt[0], arc4random(), 3); to64(&salt[3], tv.tv_usec, 3); to64(&salt[6], tv.tv_sec, 2); - to64(&salt[8], random(), 5); - to64(&salt[13], random(), 5); - to64(&salt[17], random(), 5); - to64(&salt[22], random(), 5); + to64(&salt[8], arc4random(), 5); + to64(&salt[13], arc4random(), 5); + to64(&salt[17], arc4random(), 5); + to64(&salt[22], arc4random(), 5); salt[27] = '\0'; if (suser_override) -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:17:21 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id C495F37B402; Sun, 20 Jan 2002 11:17:15 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KJHEj23722; Sun, 20 Jan 2002 22:17:14 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 22:17:12 +0300 From: "Andrey A. Chernov" To: markm@freebsd.org, des@freebsd.org, current@freebsd.org Subject: Step2, pam_unix just expired pass fix for review Message-ID: <20020120191711.GA23576@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bug: There is possible when pam_sm_acct_mgmt() called, password is not expired, but due to some delay between calls (like network delays for NIS passwords), expired at the moment of pam_sm_authenticate() check. It may allow user to enter with expired password under some circumstanes when he is not allowed to do it. Fix: Use traditional Unix check (like found in pre-PAM ftpd.c and login.c) for password expiration at the last moment, i.e. right after checking that it is valid. --- pam_unix.c.bak1 Sun Jan 20 21:42:47 2002 +++ pam_unix.c Sun Jan 20 21:58:45 2002 @@ -152,6 +152,8 @@ retval = strcmp(encrypted, pwd->pw_passwd) == 0 ? PAM_SUCCESS : PAM_AUTH_ERR; + if (pwd->pw_expire && time(NULL) >= pwd->pw_expire) + retval = PAM_AUTH_ERR; } else { -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:28: 3 2002 Delivered-To: freebsd-current@freebsd.org Received: from johnson.mail.mindspring.net (johnson.mail.mindspring.net [207.69.200.177]) by hub.freebsd.org (Postfix) with ESMTP id D39C737B416 for ; Sun, 20 Jan 2002 11:28:00 -0800 (PST) Received: from user-2injgp8.dialup.mindspring.com ([165.121.195.40] helo=europa2) by johnson.mail.mindspring.net with smtp (Exim 3.33 #1) id 16SNdI-0008LP-00 for freebsd-current@FreeBSD.ORG; Sun, 20 Jan 2002 14:28:00 -0500 Message-Id: <3.0.6.32.20020120142635.00da3b28@imatowns.com> X-Sender: ggombert@imatowns.com X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.6 (32) Date: Sun, 20 Jan 2002 14:26:35 -0500 To: freebsd-current@FreeBSD.ORG From: Glenn Gombert Subject: Diskless Boot Working in -Current ?? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have several kernels built using v4.3 that boot fine over an etherboot/NFS network but a kernel built using GENERIC (with the necesary options added to diskless booting, does not seem to boot), also the option 'MFS' (Memory File System) seems to have been removed from -CURRENT for some reason.... this is necessary for DISKLESS NFS booting isn't it ??..... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:31:36 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id E16EB37B435; Sun, 20 Jan 2002 11:31:24 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KJVNm23986; Sun, 20 Jan 2002 22:31:23 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 22:31:21 +0300 From: "Andrey A. Chernov" To: markm@freebsd.org, des@freebsd.org, current@freebsd.org Subject: Step3, pam_opie snprintf bloat fix for review Message-ID: <20020120193121.GA23954@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bug: snprintf is large and slow, increasing program size and slowing it down. Better way is avoid snprintf when it is not neccessary. Fix: Full functionality of snprintf is not needed below, so it is replaced by much faster strlcpy. --- pam_opie.c.bak Sat Jan 19 21:29:49 2002 +++ pam_opie.c Sun Jan 20 22:23:18 2002 @@ -125,7 +125,7 @@ } /* We have to copy the response, because opieverify mucks with it. */ - snprintf(resp, sizeof resp, "%s", response); + strlcpy(resp, response, sizeof resp); /* * Opieverify is supposed to return -1 only if an error occurs. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:38: 6 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id A3B9F37B405; Sun, 20 Jan 2002 11:38:03 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id CDD81532C; Sun, 20 Jan 2002 20:38:01 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step3, pam_opie snprintf bloat fix for review References: <20020120193121.GA23954@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 20 Jan 2002 20:38:01 +0100 In-Reply-To: <20020120193121.GA23954@nagual.pp.ru> Message-ID: Lines: 14 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Bug: > snprintf is large and slow, increasing program size and slowing it down. > Better way is avoid snprintf when it is not neccessary. > > Fix: > Full functionality of snprintf is not needed below, so it is replaced by > much faster strlcpy. Approved (unless Mark has any objections). DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:41:15 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id D97C837B425; Sun, 20 Jan 2002 11:41:10 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id B990C532C; Sun, 20 Jan 2002 20:41:09 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review References: <20020120191711.GA23576@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 20 Jan 2002 20:41:09 +0100 In-Reply-To: <20020120191711.GA23576@nagual.pp.ru> Message-ID: Lines: 25 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Bug: > There is possible when pam_sm_acct_mgmt() called, password is not > expired, but due to some delay between calls (like network delays for NIS > passwords), expired at the moment of pam_sm_authenticate() check. > > It may allow user to enter with expired password under some circumstanes > when he is not allowed to do it. I don't think this is much of an issue (at most, it will allow a user to log on up to a few seconds after her password expires), but I see your point. > Fix: > Use traditional Unix check (like found in pre-PAM ftpd.c and login.c) for > password expiration at the last moment, i.e. right after checking that it > is valid. pam_sm_acct_mgmt() is allowed to return PAM_AUTHTOK_EXPIRED (which is a better return value than PAM_AUTH_ERR for this case). Other than that, I have no objections to your patch. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:45:40 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 4360837B419; Sun, 20 Jan 2002 11:45:14 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KJjCG24135; Sun, 20 Jan 2002 22:45:13 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 22:45:10 +0300 From: "Andrey A. Chernov" To: markm@freebsd.org, des@freebsd.org, current@freebsd.org Subject: Step4, pam_opie getpwnam check fix for review Message-ID: <20020120194510.GA24069@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bug: getpwnum() (or getlogin() in earlier stage) may return NULL under various complex circumstanes, but following code not expect it and may cause NULL pointer reference and core dump. Fix: Add check for NULL and return PAM_AUTH_ERR --- pam_opie.c.bak Sun Jan 20 22:23:18 2002 +++ pam_opie.c Sun Jan 20 22:37:08 2002 @@ -89,7 +89,8 @@ user = NULL; if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) { - pwd = getpwnam(getlogin()); + if ((pwd = getpwnam(getlogin())) == NULL) + PAM_RETURN(PAM_AUTH_ERR); user = pwd->pw_name; } else { -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:50:16 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 3CC3E37B400; Sun, 20 Jan 2002 11:50:07 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KJnbg89740; Sun, 20 Jan 2002 19:49:37 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KJltt32724; Sun, 20 Jan 2002 19:47:56 GMT (envelope-from mark@grondar.za) Message-Id: <200201201947.g0KJltt32724@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review References: <20020120191711.GA23576@nagual.pp.ru> In-Reply-To: <20020120191711.GA23576@nagual.pp.ru> ; from "Andrey A. Chernov" "Sun, 20 Jan 2002 22:17:12 +0300." Date: Sun, 20 Jan 2002 19:47:55 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Bug: > There is possible when pam_sm_acct_mgmt() called, password is not > expired, but due to some delay between calls (like network delays for NIS > passwords), expired at the moment of pam_sm_authenticate() check. It is not pam_sm_authenticate()'s job to determine such things as expiry. This is the business of pam_sm_acct_mgmt(). > It may allow user to enter with expired password under some circumstanes > when he is not allowed to do it. Do you mean that at at the very edge of password expiry, the user may still be able log in (maybe some seconds later)? If so this is not a credible threat. > Fix: > Use traditional Unix check (like found in pre-PAM ftpd.c and login.c) for > password expiration at the last moment, i.e. right after checking that it > is valid. This fix is wrong for pam_sm_authenticate(), but valid for pam_sm_acct_mgmt(). pam_sm_acct_mgmt() already has something functionally equivalent. M > --- pam_unix.c.bak1 Sun Jan 20 21:42:47 2002 > +++ pam_unix.c Sun Jan 20 21:58:45 2002 > @@ -152,6 +152,8 @@ > > retval = strcmp(encrypted, pwd->pw_passwd) == 0 ? > PAM_SUCCESS : PAM_AUTH_ERR; > + if (pwd->pw_expire && time(NULL) >= pwd->pw_expire) > + retval = PAM_AUTH_ERR; > } > else { > > -- > Andrey A. Chernov > http://ache.pp.ru/ -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:54:17 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 860C037B402; Sun, 20 Jan 2002 11:54:10 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KJs8I24217; Sun, 20 Jan 2002 22:54:08 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 22:54:07 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review Message-ID: <20020120195407.GA24138@nagual.pp.ru> References: <20020120191711.GA23576@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 20:41:09 +0100, Dag-Erling Smorgrav wrote: > pam_sm_acct_mgmt() is allowed to return PAM_AUTHTOK_EXPIRED (which is > a better return value than PAM_AUTH_ERR for this case). Other than > that, I have no objections to your patch. This is fix for pam_sm_authenticate(), not for pam_sm_acct_mgmt(). Is pam_sm_authenticate() allowed to return PAM_AUTHTOK_EXPIRED too? I don't find it in allowed return codes list. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:57:51 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 3EAD537B405; Sun, 20 Jan 2002 11:57:47 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KJvdl24260; Sun, 20 Jan 2002 22:57:39 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 22:57:37 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review Message-ID: <20020120195737.GB24138@nagual.pp.ru> References: <20020120191711.GA23576@nagual.pp.ru> <200201201947.g0KJltt32724@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201201947.g0KJltt32724@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 19:47:55 +0000, Mark Murray wrote: > > Do you mean that at at the very edge of password expiry, the user may > still be able log in (maybe some seconds later)? If so this is not a > credible threat. Yes. Few seconds can be few hours or more in case network is down or something like, this mainly for network passwords like NIS. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 11:59:29 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 8578737B404; Sun, 20 Jan 2002 11:59:25 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KJxKi89835; Sun, 20 Jan 2002 19:59:20 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KJtVt32805; Sun, 20 Jan 2002 19:55:31 GMT (envelope-from mark@grondar.za) Message-Id: <200201201955.g0KJtVt32805@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review References: <20020120185334.GA23348@nagual.pp.ru> In-Reply-To: <20020120185334.GA23348@nagual.pp.ru> ; from "Andrey A. Chernov" "Sun, 20 Jan 2002 21:53:34 +0300." Date: Sun, 20 Jan 2002 19:55:31 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Bug: > srandomdev() can't be used in libraries because it touch internal RNG > state which may be used by user program which not want true randomness but > pseudo one. > > Fix: > srandomdev() removed, random() replaced by arc4random() which initialize > itself from true randomness automatically. This works, but strikes me as overkill. This is salt, not cryptographic randomness, so 'srandom(junk)' is most likely better as a replacement for srandomdev() (where 'junk' can be time(), pid or anything similar). Salt's purpose is to make pre-computing a dictionary infeasable from the pure space perspective. M > --- pam_unix.c.old Sat Jan 19 21:29:49 2002 > +++ pam_unix.c Sun Jan 20 21:42:47 2002 > @@ -502,15 +502,14 @@ > syslog(LOG_ERR, "cannot set password cipher"); > login_close(lc); > /* Salt suitable for anything */ > - srandomdev(); > gettimeofday(&tv, 0); > - to64(&salt[0], random(), 3); > + to64(&salt[0], arc4random(), 3); > to64(&salt[3], tv.tv_usec, 3); > to64(&salt[6], tv.tv_sec, 2); > - to64(&salt[8], random(), 5); > - to64(&salt[13], random(), 5); > - to64(&salt[17], random(), 5); > - to64(&salt[22], random(), 5); > + to64(&salt[8], arc4random(), 5); > + to64(&salt[13], arc4random(), 5); > + to64(&salt[17], arc4random(), 5); > + to64(&salt[22], arc4random(), 5); > salt[27] = '\0'; > > pwd->pw_passwd = crypt(pass, salt); > @@ -596,15 +595,14 @@ > syslog(LOG_ERR, "cannot set password cipher"); > login_close(lc); > /* Salt suitable for anything */ > - srandomdev(); > gettimeofday(&tv, 0); > - to64(&salt[0], random(), 3); > + to64(&salt[0], arc4random(), 3); > to64(&salt[3], tv.tv_usec, 3); > to64(&salt[6], tv.tv_sec, 2); > - to64(&salt[8], random(), 5); > - to64(&salt[13], random(), 5); > - to64(&salt[17], random(), 5); > - to64(&salt[22], random(), 5); > + to64(&salt[8], arc4random(), 5); > + to64(&salt[13], arc4random(), 5); > + to64(&salt[17], arc4random(), 5); > + to64(&salt[22], arc4random(), 5); > salt[27] = '\0'; > > if (suser_override) > -- > Andrey A. Chernov > http://ache.pp.ru/ -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12: 1:31 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id C1C4637B400; Sun, 20 Jan 2002 12:01:28 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 91FE0532C; Sun, 20 Jan 2002 21:01:27 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step4, pam_opie getpwnam check fix for review References: <20020120194510.GA24069@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 20 Jan 2002 21:01:26 +0100 In-Reply-To: <20020120194510.GA24069@nagual.pp.ru> Message-ID: Lines: 17 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Bug: > getpwnum() (or getlogin() in earlier stage) may return NULL under > various complex circumstanes, but following code not expect it and may > cause NULL pointer reference and core dump. > > Fix: > Add check for NULL and return PAM_AUTH_ERR Approved (unless Mark objects). Strictly speaking, I think getlogin() should be replaced with the result of pam_get_item(PAM_RUSER), but that's separate issue. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12: 3:59 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id E378B37B405 for ; Sun, 20 Jan 2002 12:03:57 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id AF967532C; Sun, 20 Jan 2002 21:03:56 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Mark Murray Cc: "Andrey A. Chernov" , current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review References: <20020120191711.GA23576@nagual.pp.ru> <200201201947.g0KJltt32724@grimreaper.grondar.org> From: Dag-Erling Smorgrav Date: 20 Jan 2002 21:03:56 +0100 In-Reply-To: <200201201947.g0KJltt32724@grimreaper.grondar.org> Message-ID: Lines: 15 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Mark Murray writes: > > Bug: > > There is possible when pam_sm_acct_mgmt() called, password is not > > expired, but due to some delay between calls (like network delays for NIS > > passwords), expired at the moment of pam_sm_authenticate() check. > It is not pam_sm_authenticate()'s job to determine such things as expiry. > This is the business of pam_sm_acct_mgmt(). Oww, I thought this patch *was* to pam_sm_acct_mgmt(), but I just realized it's not. You're right, it's inappropriate for pam_sm_authenticate(). DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12: 4:46 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 8389237B405; Sun, 20 Jan 2002 12:04:37 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KK4Vd89909; Sun, 20 Jan 2002 20:04:31 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KK0at32884; Sun, 20 Jan 2002 20:00:36 GMT (envelope-from mark@grondar.za) Message-Id: <200201202000.g0KK0at32884@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: markm@FreeBSD.ORG, des@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Step3, pam_opie snprintf bloat fix for review References: <20020120193121.GA23954@nagual.pp.ru> In-Reply-To: <20020120193121.GA23954@nagual.pp.ru> ; from "Andrey A. Chernov" "Sun, 20 Jan 2002 22:31:21 +0300." Date: Sun, 20 Jan 2002 20:00:36 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Bug: > snprintf is large and slow, increasing program size and slowing it down. > Better way is avoid snprintf when it is not neccessary. > > Fix: > Full functionality of snprintf is not needed below, so it is replaced by > much faster strlcpy. This is fine! Style - please make it 'sizeof(foo)', not 'sizeof foo'. M > --- pam_opie.c.bak Sat Jan 19 21:29:49 2002 > +++ pam_opie.c Sun Jan 20 22:23:18 2002 > @@ -125,7 +125,7 @@ > } > > /* We have to copy the response, because opieverify mucks with it. */ > - snprintf(resp, sizeof resp, "%s", response); > + strlcpy(resp, response, sizeof resp); > > /* > * Opieverify is supposed to return -1 only if an error occurs. > -- > Andrey A. Chernov > http://ache.pp.ru/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12: 5:11 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 51C8337B404; Sun, 20 Jan 2002 12:05:01 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KK4wh24379; Sun, 20 Jan 2002 23:04:58 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 23:04:56 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review Message-ID: <20020120200455.GC24138@nagual.pp.ru> References: <20020120185334.GA23348@nagual.pp.ru> <200201201955.g0KJtVt32805@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201201955.g0KJtVt32805@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 19:55:31 +0000, Mark Murray wrote: > > This works, but strikes me as overkill. This is salt, not cryptographic > randomness, so 'srandom(junk)' is most likely better as a replacement > for srandomdev() (where 'junk' can be time(), pid or anything similar). You can't call srandom() from the libraries for the same purposes as srandomdev(), i.e. it damages user application current RNG state in the same way. I mean this: 1) User call srandom(3) 2) Library calls srandomdev() or srandom(123) Second step is effectively damages srandom(3) RNG state. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12: 7:18 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 83CF237B417; Sun, 20 Jan 2002 12:07:16 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 481B3532C; Sun, 20 Jan 2002 21:07:15 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review References: <20020120191711.GA23576@nagual.pp.ru> <20020120195407.GA24138@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 20 Jan 2002 21:07:14 +0100 In-Reply-To: <20020120195407.GA24138@nagual.pp.ru> Message-ID: Lines: 19 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > On Sun, Jan 20, 2002 at 20:41:09 +0100, Dag-Erling Smorgrav wrote: > > pam_sm_acct_mgmt() is allowed to return PAM_AUTHTOK_EXPIRED (which is > > a better return value than PAM_AUTH_ERR for this case). Other than > > that, I have no objections to your patch. > This is fix for pam_sm_authenticate(), not for pam_sm_acct_mgmt(). Is > pam_sm_authenticate() allowed to return PAM_AUTHTOK_EXPIRED too? I don't > find it in allowed return codes list. I misread your mail. Pam_sm_authenticate() is not supposed to care that the password is expired. If it did, it users with expired passwords would be effectively locked out; they're supposed to get a chance to change their password. The application is supposed to call pam_chauthtok() if pam_acct_mgmt() returns PAM_AUTHTOK_EXPIRED; see the sample application in DCE RFC 86.0. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12: 9:46 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 657CD37B400; Sun, 20 Jan 2002 12:09:38 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KK9T889963; Sun, 20 Jan 2002 20:09:29 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KK6Wt32931; Sun, 20 Jan 2002 20:06:32 GMT (envelope-from mark@grondar.za) Message-Id: <200201202006.g0KK6Wt32931@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review References: <20020120195737.GB24138@nagual.pp.ru> In-Reply-To: <20020120195737.GB24138@nagual.pp.ru> ; from "Andrey A. Chernov" "Sun, 20 Jan 2002 22:57:37 +0300." Date: Sun, 20 Jan 2002 20:06:32 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Sun, Jan 20, 2002 at 19:47:55 +0000, Mark Murray wrote: > > > > Do you mean that at at the very edge of password expiry, the user may > > still be able log in (maybe some seconds later)? If so this is not a > > credible threat. > > Yes. Few seconds can be few hours or more in case network is down or > something like, this mainly for network passwords like NIS. This is still not something that is pam_authenticate()'s business. If you believe that this is a problem, then the order and time in which these are done inside pam needs to be addressed, not by kluging pam modules. Perhaps the PAM-using applications need to be looked at as well to make sure they don't do anything silly. pam_authenticate() answers the question "does the user have the correct credentials?". pam_acct_mgmt() answers the question "OK - they are who they say they are. Are they allowed in _now_?". M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:13:37 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id A3F6C37B404 for ; Sun, 20 Jan 2002 12:13:35 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 47F35532C; Sun, 20 Jan 2002 21:13:34 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Mark Murray Cc: "Andrey A. Chernov" , current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review References: <20020120195737.GB24138@nagual.pp.ru> <200201202006.g0KK6Wt32931@grimreaper.grondar.org> From: Dag-Erling Smorgrav Date: 20 Jan 2002 21:13:33 +0100 In-Reply-To: <200201202006.g0KK6Wt32931@grimreaper.grondar.org> Message-ID: Lines: 19 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Mark Murray writes: > > On Sun, Jan 20, 2002 at 19:47:55 +0000, Mark Murray wrote: > > > Do you mean that at at the very edge of password expiry, the user may > > > still be able log in (maybe some seconds later)? If so this is not a > > > credible threat. > > Yes. Few seconds can be few hours or more in case network is down or > > something like, this mainly for network passwords like NIS. > This is still not something that is pam_authenticate()'s business. [...] I think this is all a misunderstanding (I misunderstood it too at first). There is no race. First, pam_authenticate() returns PAM_SUCCESS if the password was correct, regardless of whether it's expired. Next, pam_acct_mgmt() returns PAM_AUTHTOK_EXPIRED if the password has expired when it is called. Everything works as expected even if the password expires between the two calls. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:14: 0 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id C43A037B429; Sun, 20 Jan 2002 12:13:51 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KKDmP24563; Sun, 20 Jan 2002 23:13:49 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 23:13:45 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review Message-ID: <20020120201344.GD24138@nagual.pp.ru> References: <20020120191711.GA23576@nagual.pp.ru> <20020120195407.GA24138@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 21:07:14 +0100, Dag-Erling Smorgrav wrote: > I misread your mail. Pam_sm_authenticate() is not supposed to care > that the password is expired. If it did, it users with expired > passwords would be effectively locked out; they're supposed to get a > chance to change their password. The application is supposed to call > pam_chauthtok() if pam_acct_mgmt() returns PAM_AUTHTOK_EXPIRED; see > the sample application in DCE RFC 86.0. Yes, but I mean edge case when password yet not expired at the moment of pam_acct_mgmt() call (i.e. pam_acct_mgmt() not return PAM_AUTHTOK_EXPIRED), but expired at the moment of pam_authenticate() call. There can be big network delay between this two calls. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:15: 4 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id A288037B404; Sun, 20 Jan 2002 12:15:02 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 58DA3532C; Sun, 20 Jan 2002 21:15:01 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review References: <20020120191711.GA23576@nagual.pp.ru> <20020120195407.GA24138@nagual.pp.ru> <20020120201344.GD24138@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 20 Jan 2002 21:15:00 +0100 In-Reply-To: <20020120201344.GD24138@nagual.pp.ru> Message-ID: Lines: 11 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Yes, but I mean edge case when password yet not expired at the moment of > pam_acct_mgmt() call (i.e. pam_acct_mgmt() not return > PAM_AUTHTOK_EXPIRED), but expired at the moment of pam_authenticate() > call. There can be big network delay between this two calls. pam_authenticate() is always called first. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:17:11 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 48A7F37B400; Sun, 20 Jan 2002 12:17:07 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KKH0m24628; Sun, 20 Jan 2002 23:17:00 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 23:16:56 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step2, pam_unix just expired pass fix for review Message-ID: <20020120201655.GE24138@nagual.pp.ru> References: <20020120195737.GB24138@nagual.pp.ru> <200201202006.g0KK6Wt32931@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201202006.g0KK6Wt32931@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 20:06:32 +0000, Mark Murray wrote: > > pam_authenticate() answers the question "does the user have the correct > credentials?". pam_acct_mgmt() answers the question "OK - they are who > they say they are. Are they allowed in _now_?". Well, I tend to agree, Step2 is withdrawed. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:19:35 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 7D7AE37B404; Sun, 20 Jan 2002 12:19:31 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KKJMe90082; Sun, 20 Jan 2002 20:19:22 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KKHLt33050; Sun, 20 Jan 2002 20:17:21 GMT (envelope-from mark@grondar.za) Message-Id: <200201202017.g0KKHLt33050@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review References: <20020120200455.GC24138@nagual.pp.ru> In-Reply-To: <20020120200455.GC24138@nagual.pp.ru> ; from "Andrey A. Chernov" "Sun, 20 Jan 2002 23:04:56 +0300." Date: Sun, 20 Jan 2002 20:17:21 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Sun, Jan 20, 2002 at 19:55:31 +0000, Mark Murray wrote: > > > > This works, but strikes me as overkill. This is salt, not cryptographic > > randomness, so 'srandom(junk)' is most likely better as a replacement > > for srandomdev() (where 'junk' can be time(), pid or anything similar). > > You can't call srandom() from the libraries for the same purposes as > srandomdev(), i.e. it damages user application current RNG state in the > same way. Hmm. OK. Do you understand, though, why the salt does not need cryptographic randomness? Another patch of yours replaced sprintf with a faster strlcpy, but this uses the _much_ slower arc4random() which is not necessary IMO. How about just using pid's or something? The original crypt(3) salt quantised the time-of-day into 4096 pieces for the salt - how about doing something like that? UUEncode time()|pid()|getuid() might work just fine. > I mean this: > > 1) User call srandom(3) > > 2) Library calls srandomdev() or srandom(123) > > Second step is effectively damages srandom(3) RNG state. > > -- > Andrey A. Chernov > http://ache.pp.ru/ -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:26:35 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 196EF37B477; Sun, 20 Jan 2002 12:26:25 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KKQJj24918; Sun, 20 Jan 2002 23:26:19 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 23:26:17 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review Message-ID: <20020120202615.GF24138@nagual.pp.ru> References: <20020120200455.GC24138@nagual.pp.ru> <200201202017.g0KKHLt33050@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201202017.g0KKHLt33050@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 20:17:21 +0000, Mark Murray wrote: > > Hmm. OK. Do you understand, though, why the salt does not need > cryptographic randomness? Yes. > Another patch of yours replaced sprintf with a faster strlcpy, > but this uses the _much_ slower arc4random() which is not > necessary IMO. How about just using pid's or something? 1) arc4random() is not slower than random(), so it not _increase_ existent PAM slowness. 2) I care here not about PAM, but about user application which RNG state current code damages. 3) I treat arc4random() replacement as bugfix for _application_ which not makes PAM code worse than it already is. > The original crypt(3) salt quantised the time-of-day into > 4096 pieces for the salt - how about doing something like > that? UUEncode time()|pid()|getuid() might work just fine. I agree. But I don't plan to improve PAM in this my fix, I just want to unbreak application first. Someone else can do what you suggest afterwards. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:34:34 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id A4A6537B405; Sun, 20 Jan 2002 12:34:29 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KKYKA90215; Sun, 20 Jan 2002 20:34:20 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KKYZt33206; Sun, 20 Jan 2002 20:34:35 GMT (envelope-from mark@grondar.za) Message-Id: <200201202034.g0KKYZt33206@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review References: <20020120202615.GF24138@nagual.pp.ru> In-Reply-To: <20020120202615.GF24138@nagual.pp.ru> ; from "Andrey A. Chernov" "Sun, 20 Jan 2002 23:26:17 +0300." Date: Sun, 20 Jan 2002 20:34:35 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > The original crypt(3) salt quantised the time-of-day into > > 4096 pieces for the salt - how about doing something like > > that? UUEncode time()|pid()|getuid() might work just fine. > > I agree. But I don't plan to improve PAM in this my fix, I just want to > unbreak application first. Someone else can do what you suggest > afterwards. In which case, please don't make your commit. I understand the problem, and disagree with the fix, so I'll fix it in a different way myself. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 12:40:48 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id DEA2B37B419; Sun, 20 Jan 2002 12:40:45 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KKebP25070; Sun, 20 Jan 2002 23:40:37 +0300 (MSK) (envelope-from ache) Date: Sun, 20 Jan 2002 23:40:35 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review Message-ID: <20020120204035.GA24998@nagual.pp.ru> References: <20020120202615.GF24138@nagual.pp.ru> <200201202034.g0KKYZt33206@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201202034.g0KKYZt33206@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 20:34:35 +0000, Mark Murray wrote: > > > The original crypt(3) salt quantised the time-of-day into > > > 4096 pieces for the salt - how about doing something like > > > that? UUEncode time()|pid()|getuid() might work just fine. > > > > I agree. But I don't plan to improve PAM in this my fix, I just want to > > unbreak application first. Someone else can do what you suggest > > afterwards. > > In which case, please don't make your commit. I understand the > problem, and disagree with the fix, so I'll fix it in a different > way myself. Ok, but please don't forget it. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 13:33:15 2002 Delivered-To: freebsd-current@freebsd.org Received: from avocet.prod.itd.earthlink.net (avocet.mail.pas.earthlink.net [207.217.120.50]) by hub.freebsd.org (Postfix) with ESMTP id 9A23737B402; Sun, 20 Jan 2002 13:33:10 -0800 (PST) Received: from pool0122.cvx21-bradley.dialup.earthlink.net ([209.179.192.122] helo=mindspring.com) by avocet.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SPZx-0007XI-00; Sun, 20 Jan 2002 13:32:41 -0800 Message-ID: <3C4B3775.1AFA318@mindspring.com> Date: Sun, 20 Jan 2002 13:32:37 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: "Andrey A. Chernov" Cc: Mark Murray , des@freebsd.org, current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review References: <20020120185334.GA23348@nagual.pp.ru> <200201201955.g0KJtVt32805@grimreaper.grondar.org> <20020120200455.GC24138@nagual.pp.ru> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" wrote: > On Sun, Jan 20, 2002 at 19:55:31 +0000, Mark Murray wrote: > > This works, but strikes me as overkill. This is salt, not cryptographic > > randomness, so 'srandom(junk)' is most likely better as a replacement > > for srandomdev() (where 'junk' can be time(), pid or anything similar). > > You can't call srandom() from the libraries for the same purposes as > srandomdev(), i.e. it damages user application current RNG state in the > same way. > > I mean this: > > 1) User call srandom(3) > > 2) Library calls srandomdev() or srandom(123) > > Second step is effectively damages srandom(3) RNG state. Since the library is a totally encapsulated usage, it makes sense for it to save and restore state aroun its use of the functions, which would effectively allow concurrent use of the generator with other code that uses it. Other code that cares about the state should do the same. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 13:54:23 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 84C7A37B404 for ; Sun, 20 Jan 2002 13:54:20 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KLsHf90729; Sun, 20 Jan 2002 21:54:17 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KLp7t34081; Sun, 20 Jan 2002 21:51:07 GMT (envelope-from mark@grondar.za) Message-Id: <200201202151.g0KLp7t34081@grimreaper.grondar.org> To: Terry Lambert Cc: current@freebsd.org Subject: Re: Step1, pam_unix srandomdev fix for review References: <3C4B3775.1AFA318@mindspring.com> In-Reply-To: <3C4B3775.1AFA318@mindspring.com> ; from Terry Lambert "Sun, 20 Jan 2002 13:32:37 PST." Date: Sun, 20 Jan 2002 21:51:07 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > Second step is effectively damages srandom(3) RNG state. > > Since the library is a totally encapsulated usage, it makes sense > for it to save and restore state aroun its use of the functions, > which would effectively allow concurrent use of the generator > with other code that uses it. > > Other code that cares about the state should do the same. True but not trivial. I'd be happy to commit working patches :-) M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 14: 3:29 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 9195D37B41C; Sun, 20 Jan 2002 14:03:01 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KM2wP26118; Mon, 21 Jan 2002 01:02:59 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 01:02:56 +0300 From: "Andrey A. Chernov" To: markm@freebsd.org, des@freebsd.org, current@freebsd.org Subject: Step5, pam_opie OPIE auth fix for review Message-ID: <20020120220254.GA25886@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bug: pam_opie module _always_ allows Unix (plaintext) password, even in the cases which are disabled by OPIE auth procedure. Description: How non-PAM standalone OPIE works: 1) If OPIE user exists, its remote host checked against /etc/opieaccess via opieaccessfile() 2) If remote host is found there, user home dir checked for ~/.opiealways file via opiealways() 3) If no such file, it is assumed than OPIE user is allowed to authenticate with plaintext (Unix) password additionly to OPIE exchange. In all other cases OPIE user is not allowed to authenticate with plaintext (Unix) password. How PAM OPIE works: OPIE user can _always_ authenticate with plaintext (Unix) password which is is security lowering and violates OPIE way of things. Fix: It can't be fixed in current 2-state pam_opie return codes model, we need 3 codes: 1) For OPIE exchange success 2) For OPIE exchange failure, but Unix (plaintext) passwords allowed 3) For OPIE exchange failure, but Unix (plaintext) passwords disabled 1) and 2) works exact as in old 2-state model, so 1) is PAM_SUCCESS and 2) is PAM_AUTH_ERR. I choose PAM_CRED_INSUFFICIENT for case 3) which means that pam_opie module deside that all additionally possible auth will be insufficient and returns immediately from modules chain with this code. --- pam_opie.c.old Sun Jan 20 23:56:47 2002 +++ pam_opie.c Mon Jan 21 00:24:51 2002 @@ -66,13 +66,14 @@ struct opie opie; struct options options; struct passwd *pwd; - int retval, i; + int retval, i, pwok; char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "}; char challenge[OPIE_CHALLENGE_MAX]; char prompt[OPIE_CHALLENGE_MAX+22]; char resp[OPIE_SECRET_MAX]; const char *user; const char *response; + const char *rhost; pam_std_option(&options, other_options, argc, argv); @@ -97,6 +98,8 @@ retval = pam_get_user(pamh, (const char **)&user, NULL); if (retval != PAM_SUCCESS) PAM_RETURN(retval); + if ((pwd = getpwnam(user)) == NULL) + PAM_RETURN(PAM_AUTH_ERR); } PAM_LOG("Got user: %s", user); @@ -107,7 +110,14 @@ */ opiedisableaeh(); - opiechallenge(&opie, (char *)user, challenge); + if (opiechallenge(&opie, (char *)user, challenge) == 0) { + rhost = NULL; + (void) pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); + pwok = (rhost != NULL) && (*rhost != '\0') && + opieaccessfile((char *)rhost) && + opiealways(pwd->pw_dir); + } else + pwok = 1; for (i = 0; i < 2; i++) { snprintf(prompt, sizeof prompt, promptstr[i], challenge); retval = pam_get_pass(pamh, &response, prompt, &options); @@ -134,7 +144,10 @@ * it expects. Thus we can't log an error and can only check for * success or lack thereof. */ - retval = opieverify(&opie, resp) == 0 ? PAM_SUCCESS : PAM_AUTH_ERR; + if (opieverify(&opie, resp) != 0) + retval = pwok ? PAM_AUTH_ERR : PAM_CRED_INSUFFICIENT; + else + retval = PAM_SUCCESS; PAM_RETURN(retval); } --- ftpd.c.bak Sat Jan 19 21:29:50 2002 +++ ftpd.c Mon Jan 21 00:30:03 2002 @@ -1190,6 +1190,7 @@ break; case PAM_AUTH_ERR: + case PAM_CRED_INSUFFICIENT: case PAM_USER_UNKNOWN: case PAM_MAXTRIES: rval = 1; --- login.c.bak Sat Jan 19 21:05:16 2002 +++ login.c Mon Jan 21 00:31:45 2002 @@ -802,6 +802,7 @@ break; case PAM_AUTH_ERR: + case PAM_CRED_INSUFFICIENT: case PAM_USER_UNKNOWN: case PAM_MAXTRIES: rval = 1; --- su.bak Sat Jan 19 21:29:49 2002 +++ su Mon Jan 21 00:39:04 2002 @@ -9,7 +9,7 @@ auth requisite pam_wheel.so no_warn auth_as_self noroot_ok #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self -#auth required pam_opie.so no_warn +#auth [defalt=ignore success=done cred_insufficient=die] pam_opie.so no_warn #auth required pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass nullok #auth sufficient pam_rootok.so no_warn --- login.bak Sat Jan 19 21:29:49 2002 +++ login Mon Jan 21 00:39:04 2002 @@ -6,7 +6,7 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn +#auth [defalt=ignore success=done cred_insufficient=die] pam_opie.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass --- ftpd.bak Sat Jan 19 21:29:49 2002 +++ ftpd Mon Jan 21 00:39:04 2002 @@ -9,10 +9,8 @@ #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn #auth sufficient pam_ssh.so no_warn try_first_pass -# Uncomment either pam_opie or pam_unix, but not both of them. -# pam_unix can't be simple chained with pam_opie, ftpd provides proper fallback -auth required pam_opie.so no_warn -#auth required pam_unix.so no_warn try_first_pass +#auth [defalt=ignore success=done cred_insufficient=die] pam_opie.so no_warn +auth required pam_unix.so no_warn try_first_pass # account #account required pam_kerberosIV.so -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 14:21:10 2002 Delivered-To: freebsd-current@freebsd.org Received: from netau1.alcanet.com.au (ntp.alcanet.com.au [203.62.196.27]) by hub.freebsd.org (Postfix) with ESMTP id 114E537B404 for ; Sun, 20 Jan 2002 14:21:08 -0800 (PST) Received: from mfg1.cim.alcatel.com.au (mfg1.cim.alcatel.com.au [139.188.23.1]) by netau1.alcanet.com.au (8.9.3 (PHNE_22672)/8.9.3) with ESMTP id JAA00631; Mon, 21 Jan 2002 09:21:06 +1100 (EDT) Received: from gsmx07.alcatel.com.au by cim.alcatel.com.au (PMDF V5.2-32 #37645) with ESMTP id <01KDBTCFFDWG5IJJ3H@cim.alcatel.com.au>; Mon, 21 Jan 2002 09:21:23 +1100 Received: (from jeremyp@localhost) by gsmx07.alcatel.com.au (8.11.6/8.11.6) id g0KML3q63535; Mon, 21 Jan 2002 09:21:03 +1100 Content-return: prohibited Date: Mon, 21 Jan 2002 09:21:02 +1100 From: Peter Jeremy Subject: Re: Step1, pam_unix srandomdev fix for review In-reply-to: <200201202151.g0KLp7t34081@grimreaper.grondar.org>; from mark@grondar.za on Sun, Jan 20, 2002 at 09:51:07PM +0000 To: Mark Murray Cc: Terry Lambert , current@FreeBSD.ORG Mail-Followup-To: Mark Murray , Terry Lambert , current@FreeBSD.ORG Message-id: <20020121092102.C72285@gsmx07.alcatel.com.au> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline User-Agent: Mutt/1.2.5i References: <3C4B3775.1AFA318@mindspring.com> <200201202151.g0KLp7t34081@grimreaper.grondar.org> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 2002-Jan-20 21:51:07 +0000, Mark Murray wrote: >> > Second step is effectively damages srandom(3) RNG state. >> >> Since the library is a totally encapsulated usage, it makes sense >> for it to save and restore state aroun its use of the functions, >> which would effectively allow concurrent use of the generator >> with other code that uses it. >> >> Other code that cares about the state should do the same. > >True but not trivial. I'd be happy to commit working patches :-) The simplest solution would appear to be to add srandom_r() and random_r() functions - both of which take an initstate() buffer. It should be possible using setstate() but there doesn't appear to be a documented sequence to restore the internal random state to "uninitialised". Is there any good reason why random_r(), srandom_r(), srandomdev_r() should not exist? Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 15:15:30 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 5CFFC37B417; Sun, 20 Jan 2002 15:14:30 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KNEJq91365; Sun, 20 Jan 2002 23:14:19 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KNEDt34526; Sun, 20 Jan 2002 23:14:13 GMT (envelope-from mark@grondar.za) Message-Id: <200201202314.g0KNEDt34526@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> In-Reply-To: <20020120220254.GA25886@nagual.pp.ru> ; from "Andrey A. Chernov" "Mon, 21 Jan 2002 01:02:56 +0300." Date: Sun, 20 Jan 2002 23:14:13 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Bug: > > pam_opie module _always_ allows Unix (plaintext) password, even in the > cases which are disabled by OPIE auth procedure. I agree that this is a bug. > Description: > > How non-PAM standalone OPIE works: > > 1) If OPIE user exists, its remote host checked against /etc/opieaccess > via opieaccessfile() > > 2) If remote host is found there, user home dir checked for ~/.opiealways > file via opiealways() > > 3) If no such file, it is assumed than OPIE user is allowed to > authenticate with plaintext (Unix) password additionly to OPIE exchange. The PAM OPIE may only do OPIE authentication. It is entirely up to the PAM stack to decide what the login policy is. (Well, the PAM stack as specified by the pam configs in /etc/pam*) > In all other cases OPIE user is not allowed to authenticate with plaintext > (Unix) password. > How PAM OPIE works: > > OPIE user can _always_ authenticate with plaintext (Unix) password which > is is security lowering and violates OPIE way of things. Oops. Yes. That is not good. > Fix: > > It can't be fixed in current 2-state pam_opie return codes model, we need > 3 codes: > > 1) For OPIE exchange success > 2) For OPIE exchange failure, but Unix (plaintext) passwords allowed > 3) For OPIE exchange failure, but Unix (plaintext) passwords disabled Nope. I disagree. 1) Success. 2) Failure. 3) Failure. > 1) and 2) works exact as in old 2-state model, so 1) is PAM_SUCCESS and 2) > is PAM_AUTH_ERR. 2) and 3) are _both_ PAM_AUTH_ERR. However - the module may pass on the authentication token (the password) and any following modules are allowed to use this if they find it. (look at the try_first_pass and use_fist_pass options). > I choose PAM_CRED_INSUFFICIENT for case 3) which means that pam_opie > module deside that all additionally possible auth will be insufficient and > returns immediately from modules chain with this code. No. This is messing with the PAM stack in a weird way. I disagree with this method. > --- pam_opie.c.old Sun Jan 20 23:56:47 2002 > +++ pam_opie.c Mon Jan 21 00:24:51 2002 > @@ -66,13 +66,14 @@ > struct opie opie; > struct options options; > struct passwd *pwd; > - int retval, i; > + int retval, i, pwok; > char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "}; > char challenge[OPIE_CHALLENGE_MAX]; > char prompt[OPIE_CHALLENGE_MAX+22]; > char resp[OPIE_SECRET_MAX]; > const char *user; > const char *response; > + const char *rhost; > > pam_std_option(&options, other_options, argc, argv); > > @@ -97,6 +98,8 @@ > retval = pam_get_user(pamh, (const char **)&user, NULL); > if (retval != PAM_SUCCESS) > PAM_RETURN(retval); > + if ((pwd = getpwnam(user)) == NULL) > + PAM_RETURN(PAM_AUTH_ERR); > } > > PAM_LOG("Got user: %s", user); > @@ -107,7 +110,14 @@ > */ > opiedisableaeh(); > > - opiechallenge(&opie, (char *)user, challenge); > + if (opiechallenge(&opie, (char *)user, challenge) == 0) { > + rhost = NULL; > + (void) pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); > + pwok = (rhost != NULL) && (*rhost != '\0') && > + opieaccessfile((char *)rhost) && > + opiealways(pwd->pw_dir); > + } else > + pwok = 1; > for (i = 0; i < 2; i++) { > snprintf(prompt, sizeof prompt, promptstr[i], challenge); > retval = pam_get_pass(pamh, &response, prompt, &options); > @@ -134,7 +144,10 @@ > * it expects. Thus we can't log an error and can only check for > * success or lack thereof. > */ > - retval = opieverify(&opie, resp) == 0 ? PAM_SUCCESS : PAM_AUTH_ERR; > + if (opieverify(&opie, resp) != 0) > + retval = pwok ? PAM_AUTH_ERR : PAM_CRED_INSUFFICIENT; > + else > + retval = PAM_SUCCESS; > PAM_RETURN(retval); > } > > --- ftpd.c.bak Sat Jan 19 21:29:50 2002 > +++ ftpd.c Mon Jan 21 00:30:03 2002 > @@ -1190,6 +1190,7 @@ > break; > > case PAM_AUTH_ERR: > + case PAM_CRED_INSUFFICIENT: > case PAM_USER_UNKNOWN: > case PAM_MAXTRIES: > rval = 1; > --- login.c.bak Sat Jan 19 21:05:16 2002 > +++ login.c Mon Jan 21 00:31:45 2002 > @@ -802,6 +802,7 @@ > break; > > case PAM_AUTH_ERR: > + case PAM_CRED_INSUFFICIENT: > case PAM_USER_UNKNOWN: > case PAM_MAXTRIES: > rval = 1; > --- su.bak Sat Jan 19 21:29:49 2002 > +++ su Mon Jan 21 00:39:04 2002 > @@ -9,7 +9,7 @@ > auth requisite pam_wheel.so no_warn auth_as_self noroot_ok > #auth sufficient pam_kerberosIV.so no_warn > #auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self > -#auth required pam_opie.so no_warn > +#auth [defalt=ignore success=done cred_insufficient=die] pam_opie.so no_warn > #auth required pam_ssh.so no_warn try_first_pass > auth required pam_unix.so no_warn try_first_pass nullok > #auth sufficient pam_rootok.so no_warn > --- login.bak Sat Jan 19 21:29:49 2002 > +++ login Mon Jan 21 00:39:04 2002 > @@ -6,7 +6,7 @@ > > # auth > auth required pam_nologin.so no_warn > -#auth sufficient pam_opie.so no_warn > +#auth [defalt=ignore success=done cred_insufficient=die] pam_opie.so no_warn > #auth sufficient pam_kerberosIV.so no_warn try_first_pass > #auth sufficient pam_krb5.so no_warn try_first_pass > #auth required pam_ssh.so no_warn try_first_pass > --- ftpd.bak Sat Jan 19 21:29:49 2002 > +++ ftpd Mon Jan 21 00:39:04 2002 > @@ -9,10 +9,8 @@ > #auth sufficient pam_kerberosIV.so no_warn > #auth sufficient pam_krb5.so no_warn > #auth sufficient pam_ssh.so no_warn try_first_pass > -# Uncomment either pam_opie or pam_unix, but not both of them. > -# pam_unix can't be simple chained with pam_opie, ftpd provides proper fallback > -auth required pam_opie.so no_warn > -#auth required pam_unix.so no_warn try_first_pass > +#auth [defalt=ignore success=done cred_insufficient=die] pam_opie.so no_warn > +auth required pam_unix.so no_warn try_first_pass > > # account > #account required pam_kerberosIV.so > > -- > Andrey A. Chernov > http://ache.pp.ru/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 15:21:24 2002 Delivered-To: freebsd-current@freebsd.org Received: from smtp6.mindspring.com (smtp6.mindspring.com [207.69.200.110]) by hub.freebsd.org (Postfix) with ESMTP id 09D5137B416 for ; Sun, 20 Jan 2002 15:21:23 -0800 (PST) Received: from user-2injgp8.dialup.mindspring.com ([165.121.195.40] helo=europa2) by smtp6.mindspring.com with smtp (Exim 3.33 #1) id 16SRH8-00032f-00 for current@freebsd.org; Sun, 20 Jan 2002 18:21:22 -0500 Message-Id: <3.0.6.32.20020120182001.00dab7b8@imatowns.com> X-Sender: ggombert@imatowns.com X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.6 (32) Date: Sun, 20 Jan 2002 18:20:01 -0500 To: current@freebsd.org From: Glenn Gombert Subject: "Current & Etherboot" Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG etherboot runs fine on Current, all that is required if to have the 'device.hints' statically compiled into the kernel you are trying to boot: #To statically compile in device wiring instead of /boot/device.hints hints "NETBOOT.hints" #Default places to look for devices. bit strange that the 'regulars' on the list didn't seem to know about this ... Glenn Gombert ggombert@imatowns.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 15:31: 3 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 3F6F137B400; Sun, 20 Jan 2002 15:30:57 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KNUqI27109; Mon, 21 Jan 2002 02:30:52 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 02:30:50 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: des@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020120233050.GA26913@nagual.pp.ru> References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201202314.g0KNEDt34526@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 23:14:13 +0000, Mark Murray wrote: > > The PAM OPIE may only do OPIE authentication. It is entirely up to the > PAM stack to decide what the login policy is. > > (Well, the PAM stack as specified by the pam configs in /etc/pam*) Yes. And to allow PAM stack to make right decision, pam_opie pass special information to PAM stack. Look at the patch, pam_opie not breaks from the stack by yourself, it is /etc/pam* do that using information from pam_opie. > However - the module may pass on the authentication token (the password) > and any following modules are allowed to use this if they find it. > (look at the try_first_pass and use_fist_pass options). I was thinking about that way but not find a good solution. That way workatround is: 1) In the failure case when Unix (plaintext) passwords are disabled pam_opie can pass specially-generated incorrect password down to pam_unix. 2) pam_unix option must be changed from "try_first_pass" to "use_first_pass", because it asks again for password if "try_first_pass" active, i.e. allows user to enter Unix (plaintext) password again. So we have the same bug, but shifted to one prompt step. I have doubts about 1): what specially-generated incorrect password can be? It seems that any combination is legal and MAY be equal to real password. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 15:44:24 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 133EF37B400; Sun, 20 Jan 2002 15:44:21 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0KNiFn91597; Sun, 20 Jan 2002 23:44:15 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0KNijt34738; Sun, 20 Jan 2002 23:44:45 GMT (envelope-from mark@grondar.za) Message-Id: <200201202344.g0KNijt34738@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120233050.GA26913@nagual.pp.ru> In-Reply-To: <20020120233050.GA26913@nagual.pp.ru> ; from "Andrey A. Chernov" "Mon, 21 Jan 2002 02:30:50 +0300." Date: Sun, 20 Jan 2002 23:44:44 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Sun, Jan 20, 2002 at 23:14:13 +0000, Mark Murray wrote: > > > > The PAM OPIE may only do OPIE authentication. It is entirely up to the > > PAM stack to decide what the login policy is. > > > > (Well, the PAM stack as specified by the pam configs in /etc/pam*) > > Yes. And to allow PAM stack to make right decision, pam_opie pass special > information to PAM stack. Look at the patch, pam_opie not breaks from the > stack by yourself, it is /etc/pam* do that using information from > pam_opie. Sure - but you are making specialised use of the return value that assumes that pam_opie will be followed by pam_unix. This violates the PAM spec. > > However - the module may pass on the authentication token (the password) > > and any following modules are allowed to use this if they find it. > > (look at the try_first_pass and use_fist_pass options). > > I was thinking about that way but not find a good solution. That way > workatround is: > > 1) In the failure case when Unix (plaintext) passwords are disabled > pam_opie can pass specially-generated incorrect password down to pam_unix. > > 2) pam_unix option must be changed from "try_first_pass" to > "use_first_pass", because it asks again for password if "try_first_pass" > active, i.e. allows user to enter Unix (plaintext) password again. So we > have the same bug, but shifted to one prompt step. You may be able to do something with options. Example: if the sysadmin allows a password to be passed down the stack, otherwise pass a dummy. (like ftpd auth required pam_opie.so keep_password or similar) > I have doubts about 1): what specially-generated incorrect password > can be? It seems that any combination is legal and MAY be equal to real > password. Nope. kill the password if it is not allowed. Pass a NULL. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 15:57:12 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 4F6AD37B41B; Sun, 20 Jan 2002 15:56:57 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0KNuq427324; Mon, 21 Jan 2002 02:56:52 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 02:56:48 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: des@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020120235647.GA27206@nagual.pp.ru> References: <20020120233050.GA26913@nagual.pp.ru> <200201202344.g0KNijt34738@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201202344.g0KNijt34738@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 23:44:44 +0000, Mark Murray wrote: > > Yes. And to allow PAM stack to make right decision, pam_opie pass special > > information to PAM stack. Look at the patch, pam_opie not breaks from the > > stack by yourself, it is /etc/pam* do that using information from > > pam_opie. > > Sure - but you are making specialised use of the return value that > assumes that pam_opie will be followed by pam_unix. This violates > the PAM spec. The alternative (yet one) way can be adding Unix (plaintext) password checking code directly to pam_opie. It makes pam_opie fully independent of other modules and specific position in the /etc/pam.d/* config files and allows us to not touch them. If you agree with that way, I'll come with the patch. About other points stated in your message, my answer depends on what you deside for above, because it is unneded to discuss them, if you agree to make pam_opie self-containing. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 15:57: 1 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id F0FD937B41C for ; Sun, 20 Jan 2002 15:56:48 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 37DF9533B; Mon, 21 Jan 2002 00:56:47 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 00:56:46 +0100 In-Reply-To: <20020120233050.GA26913@nagual.pp.ru> Message-ID: Lines: 22 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Yes. And to allow PAM stack to make right decision, pam_opie pass special > information to PAM stack. Look at the patch, pam_opie not breaks from the > stack by yourself, it is /etc/pam* do that using information from > pam_opie. What I can't understand is why OPIE is making that decision in the first place. The only answer I can think of is that it was written before the advent of PAM, and tries to be a poor man's PAM. That is not its place. In any case, if I understand what you're trying to do, it can be done by returning PAM_SUCCESS if OPIE authentication succeeded, PAM_IGNORE if it failed but Unix authentication is still allowed, and PAM_AUTH_ERR if OPIE failed and Unix authentication is *not* allowed. In that case, if you mark pam_opie "sufficient", pam_unix will run only if OPIE authentication failed but allowed Unix authentication to proceed. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16: 0:14 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 33C0E37B400 for ; Sun, 20 Jan 2002 16:00:07 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 095B9533B; Mon, 21 Jan 2002 01:00:06 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 01:00:05 +0100 In-Reply-To: Message-ID: Lines: 14 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav writes: > In any case, if I understand what you're trying to do, it can be done > by returning PAM_SUCCESS if OPIE authentication succeeded, PAM_IGNORE > if it failed but Unix authentication is still allowed, and > PAM_AUTH_ERR if OPIE failed and Unix authentication is *not* allowed. > In that case, if you mark pam_opie "sufficient", pam_unix will run > only if OPIE authentication failed but allowed Unix authentication to > proceed. Hmm, actually, that won't do. I need to think this over some more. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16: 4:58 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 04F3737B443; Sun, 20 Jan 2002 16:04:41 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0L04YF91761; Mon, 21 Jan 2002 00:04:34 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0L04ft34900; Mon, 21 Jan 2002 00:04:41 GMT (envelope-from mark@grondar.za) Message-Id: <200201210004.g0L04ft34900@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: des@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120235647.GA27206@nagual.pp.ru> In-Reply-To: <20020120235647.GA27206@nagual.pp.ru> ; from "Andrey A. Chernov" "Mon, 21 Jan 2002 02:56:48 +0300." Date: Mon, 21 Jan 2002 00:04:41 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Sun, Jan 20, 2002 at 23:44:44 +0000, Mark Murray wrote: > > > > Yes. And to allow PAM stack to make right decision, pam_opie pass special > > > information to PAM stack. Look at the patch, pam_opie not breaks from the > > > stack by yourself, it is /etc/pam* do that using information from > > > pam_opie. > > > > Sure - but you are making specialised use of the return value that > > assumes that pam_opie will be followed by pam_unix. This violates > > the PAM spec. > > The alternative (yet one) way can be adding Unix (plaintext) password > checking code directly to pam_opie. It makes pam_opie fully independent of > other modules and specific position in the /etc/pam.d/* config files and > allows us to not touch them. If you agree with that way, I'll come with > the patch. No. I completely disagree with that method. that is pam_unix's job. DES's PAM_IGNORE suggestion has a lot of merit. > About other points stated in your message, my answer depends on what you > deside for above, because it is unneded to discuss them, if you agree to > make pam_opie self-containing. It must be self-contained, and it must not do stuff that is the job of other modules. Unix password checking is not pam_opie's job. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16: 5: 6 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id D834B37B404 for ; Sun, 20 Jan 2002 16:04:55 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L04pZ27581; Mon, 21 Jan 2002 03:04:51 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:04:47 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121000446.GB27206@nagual.pp.ru> References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 00:56:46 +0100, Dag-Erling Smorgrav wrote: > > What I can't understand is why OPIE is making that decision in the > first place. The only answer I can think of is that it was written > before the advent of PAM, and tries to be a poor man's PAM. That is > not its place. The basic OPIE/S-KEY idea under that was that normally only one-time password is allowed, i.e. user is not allowed to type plaintext passwords at all because connection treated as totally insecured one. But for very special cases configured by sysadmin, like working in the same machine or trusted subnet, OPIE/S-KEY additionally allows plaintext password too, depending on its own configuration. > In any case, if I understand what you're trying to do, it can be done > by returning PAM_SUCCESS if OPIE authentication succeeded, PAM_IGNORE > if it failed but Unix authentication is still allowed, and > PAM_AUTH_ERR if OPIE failed and Unix authentication is *not* allowed. > In that case, if you mark pam_opie "sufficient", pam_unix will run > only if OPIE authentication failed but allowed Unix authentication to > proceed. It sounds good, I'll run a test case and inform you about results. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16: 9:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 164E737B400 for ; Sun, 20 Jan 2002 16:09:41 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0L09Wv91827; Mon, 21 Jan 2002 00:09:32 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0L09Lt34943; Mon, 21 Jan 2002 00:09:21 GMT (envelope-from mark@grondar.za) Message-Id: <200201210009.g0L09Lt34943@grimreaper.grondar.org> To: Dag-Erling Smorgrav Cc: "Andrey A. Chernov" , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: In-Reply-To: ; from Dag-Erling Smorgrav "21 Jan 2002 01:00:05 +0100." Date: Mon, 21 Jan 2002 00:09:21 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Dag-Erling Smorgrav writes: > > In any case, if I understand what you're trying to do, it can be done > > by returning PAM_SUCCESS if OPIE authentication succeeded, PAM_IGNORE > > if it failed but Unix authentication is still allowed, and > > PAM_AUTH_ERR if OPIE failed and Unix authentication is *not* allowed. > > In that case, if you mark pam_opie "sufficient", pam_unix will run > > only if OPIE authentication failed but allowed Unix authentication to > > proceed. > > Hmm, actually, that won't do. I need to think this over some more. The usual route is YES or NO, with IGNORE reserved for modules which have no authentication (like say, pam_motd, which prints /etc/motd during the pam_session_open() phase). IGNORE may have other uses, but I can't remember them offhand. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:17:49 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 25BFE37B416 for ; Sun, 20 Jan 2002 16:17:46 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id AD4A3533B; Mon, 21 Jan 2002 01:17:44 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 01:17:44 +0100 In-Reply-To: <20020121000446.GB27206@nagual.pp.ru> Message-ID: Lines: 30 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > The basic OPIE/S-KEY idea under that was that normally only one-time > password is allowed, i.e. user is not allowed to type plaintext passwords > at all because connection treated as totally insecured one. > > But for very special cases configured by sysadmin, like working in the > same machine or trusted subnet, OPIE/S-KEY additionally allows plaintext > password too, depending on its own configuration. That's what PAM is for. If fixed (not necessary plaintext!) passwords are allowed, the admin will mark pam_opie as "sufficient" and place pam_unix below it; if they're not, he'll just remove pam_unix. The current system, BTW, leaves the policy in the hands of the user, as she can create or remove ~/.opie_always at will. A security policy which is based on letting the user decide what is sufficient authentication and what is not is not a proper security policy. > > In any case, if I understand what you're trying to do, it can be done > > by [...] > It sounds good, I'll run a test case and inform you about results. Actually, that idea won't work, because PAM will ignore PAM_AUTH_ERR from a "sufficient" module. A "requisite" helper module, placed after pam_opie, which fails if ~/.opie_always exists would do the trick, if one really wanted this. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:18:37 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 1F14937B402 for ; Sun, 20 Jan 2002 16:18:34 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L0IPC27866; Mon, 21 Jan 2002 03:18:26 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:18:22 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: Dag-Erling Smorgrav , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121001822.GA27831@nagual.pp.ru> References: <200201210009.g0L09Lt34943@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201210009.g0L09Lt34943@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 00:09:21 +0000, Mark Murray wrote: > > Dag-Erling Smorgrav writes: > > > In any case, if I understand what you're trying to do, it can be done > > > by returning PAM_SUCCESS if OPIE authentication succeeded, PAM_IGNORE > > > if it failed but Unix authentication is still allowed, and > > > PAM_AUTH_ERR if OPIE failed and Unix authentication is *not* allowed. > > > In that case, if you mark pam_opie "sufficient", pam_unix will run > > > only if OPIE authentication failed but allowed Unix authentication to > > > proceed. > > > > Hmm, actually, that won't do. I need to think this over some more. > > The usual route is YES or NO, with IGNORE reserved for modules which > have no authentication (like say, pam_motd, which prints /etc/motd > during the pam_session_open() phase). IGNORE may have other uses, > but I can't remember them offhand. "sufficient" will not works due to IGNORE assigned to AUTH_ERR reaction. [default=ignore success=done auth_err=die] works. Do you agree with this variant? -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:23:48 2002 Delivered-To: freebsd-current@freebsd.org Received: from horsey.gshapiro.net (horsey.gshapiro.net [209.220.147.178]) by hub.freebsd.org (Postfix) with ESMTP id EE8B637B402 for ; Sun, 20 Jan 2002 16:23:42 -0800 (PST) Received: from horsey.gshapiro.net (gshapiro@localhost [IPv6:::1]) by horsey.gshapiro.net (8.12.2/8.12.2) with ESMTP id g0L0NgBN002777 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Sun, 20 Jan 2002 16:23:42 -0800 (PST) Received: (from gshapiro@localhost) by horsey.gshapiro.net (8.12.2/8.12.2/Submit) id g0L0NfGe002774; Sun, 20 Jan 2002 16:23:41 -0800 (PST) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <15435.24461.796634.405538@horsey.gshapiro.net> Date: Sun, 20 Jan 2002 16:23:41 -0800 From: Gregory Neil Shapiro To: freebsd-current@FreeBSD.org Subject: For Review: sendmail 8.12.2 import into -CURRENT X-Mailer: VM 7.00 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I am seeking volunteers to review and test the infrastructure changes needed to import sendmail 8.12.2 into FreeBSD (-CURRENT). If you are interested in helping, please visit: http://people.freebsd.org/~gshapiro/CURRENT-8.12.2 and following the instructions there. Please report any successes or failures to me directly. (-STABLE users -- I'll be posting a similar message to freebsd-stable once I've collected enough feedback here and 8.12.2 has been imported into the HEAD.) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:26: 9 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 6D87D37B404 for ; Sun, 20 Jan 2002 16:26:06 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L0Q0U27952; Mon, 21 Jan 2002 03:26:01 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:25:58 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121002557.GB27831@nagual.pp.ru> References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 01:17:44 +0100, Dag-Erling Smorgrav wrote: > > That's what PAM is for. If fixed (not necessary plaintext!) passwords > are allowed, the admin will mark pam_opie as "sufficient" and place > pam_unix below it; if they're not, he'll just remove pam_unix. It not allows flexible configuration because it is not depends on remote host for example. I.e. for some host pam_unix can be chained, but for some another - not. > The current system, BTW, leaves the policy in the hands of the user, > as she can create or remove ~/.opie_always at will. A security policy > which is based on letting the user decide what is sufficient > authentication and what is not is not a proper security policy. No, by creating ~/.opiealways user can only _increase_ its own security level additionly to pre-setted by sysadmin for him, and can't _decrease_ it. > Actually, that idea won't work, because PAM will ignore PAM_AUTH_ERR > from a "sufficient" module. A "requisite" helper module, placed after > pam_opie, which fails if ~/.opie_always exists would do the trick, if > one really wanted this. ~/.opiealways checked only if opieaccess() found remote host in the /etc/opieaccess table. Yes, this check can be done as separate PAM module, but why two modules in the same area instead of one? -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:29:34 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 147E037B402 for ; Sun, 20 Jan 2002 16:29:30 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0L0TNh92005; Mon, 21 Jan 2002 00:29:23 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0L0TTt35104; Mon, 21 Jan 2002 00:29:29 GMT (envelope-from mark@grondar.za) Message-Id: <200201210029.g0L0TTt35104@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: Dag-Erling Smorgrav , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020121001822.GA27831@nagual.pp.ru> In-Reply-To: <20020121001822.GA27831@nagual.pp.ru> ; from "Andrey A. Chernov" "Mon, 21 Jan 2002 03:18:22 +0300." Date: Mon, 21 Jan 2002 00:29:29 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > "sufficient" will not works due to IGNORE assigned to AUTH_ERR reaction. > > [default=ignore success=done auth_err=die] > > works. > > Do you agree with this variant? Eeew. It may work, but it is really a last-ditch sort of thing. I much prefer an option that specifies the behaviour. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:30:17 2002 Delivered-To: freebsd-current@freebsd.org Received: from web14001.mail.yahoo.com (web14001.mail.yahoo.com [216.136.175.92]) by hub.freebsd.org (Postfix) with SMTP id 5993737B402 for ; Sun, 20 Jan 2002 16:30:11 -0800 (PST) Message-ID: <20020121002635.39089.qmail@web14001.mail.yahoo.com> Received: from [198.95.226.231] by web14001.mail.yahoo.com via HTTP; Sun, 20 Jan 2002 16:26:35 PST Date: Sun, 20 Jan 2002 16:26:35 -0800 (PST) From: k Macy Subject: Re: profiled kernel build fails was Re: -CURRENT AIO bug To: Bruce Evans Cc: freebsd-current@FreeBSD.ORG In-Reply-To: <20020120164213.L7131-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Should I file a PR to track this or is that overkill? -Kip --- Bruce Evans wrote: > On Sat, 19 Jan 2002, k Macy wrote: > > > Thanks for working on this. I was going to try > running > > a profiled kernel on -CURRENT and -STABLE to see > what > > the difference was in time distribution. On > -STABLE > > it built without a hitch. However, on -CURRENT I > got > > the following even after doing a make clean: > > > > ../../../libkern/mcount.c: In function `mcount': > > ../../../libkern/mcount.c:91: `mcount_lock' > undeclared > > (first use in this function) > > The mcount_lock stuff apparently never even > compiled. It is only used > for the !GUPROF && SMP case, but it cannot work in > that case since > mcount_lock is not declared. Unfortunately, LINT > only tests the GUPROF > case, which compiles but is even more broken at > runtime in the SMP > case. GUPROF worse fine in the !SMP case and should > be non-optional > (it gives about 100000 times as much resolution as > PROF on current > machines, instead of only 1000 times as much as on > 486's when it was > written). > > This fix has not been tested. It has some chance of > working, because > RELENG_4 uses similar code. However, it is > certainly broken if the > atomic functions that it calls are not inlined (then > the functions will > call MCOUNT_ENTER() on entry). I think this only > happens if mcount.c > is compiled with -O0. This bug is missing in > RELENG_4 too. > > %%% > Index: profile.h > =================================================================== > RCS file: > /home/ncvs/src/sys/i386/include/profile.h,v > retrieving revision 1.25 > diff -u -2 -r1.25 profile.h > --- profile.h 30 Oct 2001 15:04:57 -0000 1.25 > +++ profile.h 20 Jan 2002 06:05:24 -0000 > @@ -65,4 +65,5 @@ > #define MCOUNT_DECL(s) u_long s; > #ifdef SMP > +extern int mcount_lock; > #define MCOUNT_ENTER(s) { s = read_eflags(); > disable_intr(); \ > while (!atomic_cmpset_acq_int(&mcount_lock, > 0, 1)) \ > %%% > > Bruce > __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:34: 6 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 0612F37B402 for ; Sun, 20 Jan 2002 16:34:05 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 4BF57532C; Mon, 21 Jan 2002 01:34:03 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <200201210009.g0L09Lt34943@grimreaper.grondar.org> <20020121001822.GA27831@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 01:34:02 +0100 In-Reply-To: <20020121001822.GA27831@nagual.pp.ru> Message-ID: Lines: 12 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > [default=ignore success=done auth_err=die] > > works. > > Do you agree with this variant? No. That's a Linuxism. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:36: 1 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 2D5FD37B400 for ; Sun, 20 Jan 2002 16:35:58 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L0ZqR28108; Mon, 21 Jan 2002 03:35:52 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:35:49 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: Dag-Erling Smorgrav , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121003547.GA28007@nagual.pp.ru> References: <20020121001822.GA27831@nagual.pp.ru> <200201210029.g0L0TTt35104@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201210029.g0L0TTt35104@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 00:29:29 +0000, Mark Murray wrote: > > "sufficient" will not works due to IGNORE assigned to AUTH_ERR reaction. > > > > [default=ignore success=done auth_err=die] > > > > works. > > > > Do you agree with this variant? > > Eeew. It may work, but it is really a last-ditch sort of thing. What you dislike in that way? This method fully described in pam(8). I see no differences using short forms like "sufficient" or its full long analog like "[default=ignore sucess=done new_authtok_reqd=done]" short forms are only aliases. > I much prefer an option that specifies the behaviour. I not understand enough what kind of option you mean exactly, where it whould be and how act exactly. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:37: 6 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 092C237B416 for ; Sun, 20 Jan 2002 16:37:02 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L0avp28132; Mon, 21 Jan 2002 03:36:57 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:36:54 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121003654.GB28007@nagual.pp.ru> References: <200201210009.g0L09Lt34943@grimreaper.grondar.org> <20020121001822.GA27831@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 01:34:02 +0100, Dag-Erling Smorgrav wrote: > "Andrey A. Chernov" writes: > > [default=ignore success=done auth_err=die] > > > > works. > > > > Do you agree with this variant? > > No. That's a Linuxism. What do you mean, exactly? Long forms are well described in pam(8) and short forms are only aliases to them. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:42: 5 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id C06EE37B405 for ; Sun, 20 Jan 2002 16:42:01 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 94334533B; Mon, 21 Jan 2002 01:42:00 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 01:42:00 +0100 In-Reply-To: <20020121002557.GB27831@nagual.pp.ru> Message-ID: Lines: 35 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > On Mon, Jan 21, 2002 at 01:17:44 +0100, Dag-Erling Smorgrav wrote: > > The current system, BTW, leaves the policy in the hands of the user, > > as she can create or remove ~/.opie_always at will. A security policy > > which is based on letting the user decide what is sufficient > > authentication and what is not is not a proper security policy. > No, by creating ~/.opiealways user can only _increase_ its own security > level additionly to pre-setted by sysadmin for him, and can't _decrease_ > it. The admin can't enforce "always OPIE" for a user, because the user can always delete his ~/.opiealways. > > Actually, that idea won't work, because PAM will ignore PAM_AUTH_ERR > > from a "sufficient" module. A "requisite" helper module, placed after > > pam_opie, which fails if ~/.opie_always exists would do the trick, if > > one really wanted this. > ~/.opiealways checked only if opieaccess() found remote host in the > /etc/opieaccess table. Oh. I misunderstood the role of /etc/opieaccess in this. This only strengthens my opinion that this check should be in a separate module. How about I write a pam_opieaccess(8) module and you tell me what you think of it? It's really the cleanest solution from PAM's point of view. > Yes, this check can be done as separate PAM module, but why two modules in > the same area instead of one? Because they're different mechanisms that check different things, and their success or failure have different meanings. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:45:45 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 2B7EC37B416 for ; Sun, 20 Jan 2002 16:45:42 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id D9BBA533B; Mon, 21 Jan 2002 01:45:37 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020121001822.GA27831@nagual.pp.ru> <200201210029.g0L0TTt35104@grimreaper.grondar.org> <20020121003547.GA28007@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 01:45:37 +0100 In-Reply-To: <20020121003547.GA28007@nagual.pp.ru> Message-ID: Lines: 25 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > What you dislike in that way? This method fully described in pam(8). The fact that it is described in pam(8) does not mean we like it. We also have a man page for gets(3), but you know what BDE will say if you try to use it. > I see no differences using short forms like > > "sufficient" > > or its full long analog like > > "[default=ignore sucess=done new_authtok_reqd=done]" > > short forms are only aliases. No. The "[...]" form is a Linux-PAM invention, and is tightly linked to Linux-PAM implementation details. It does not exist in other PAM implementations. I aim to move *away* from dependence on Linux-PAM, not *towards* it. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:50:43 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id CCF8C37B402 for ; Sun, 20 Jan 2002 16:50:40 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L0nBV28285; Mon, 21 Jan 2002 03:49:11 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:49:08 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121004906.GA28231@nagual.pp.ru> References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 01:42:00 +0100, Dag-Erling Smorgrav wrote: > > The admin can't enforce "always OPIE" for a user, because the user can > always delete his ~/.opiealways. This is per-machine choice. Long time ago, for S-KEY, it was per-terminal choice too, but OPIE currently not have per-terminal module. There is no needs to enforce it for user logged from trusted machine since whole machine is trusted. But paranoid users can enforce it for themselfs. > How about I write a pam_opieaccess(8) module and you tell me what you > think of it? It's really the cleanest solution from PAM's point of > view. Ok, I'll write it and send for review. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:54:57 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 465B237B416 for ; Sun, 20 Jan 2002 16:54:52 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L0sls28342; Mon, 21 Jan 2002 03:54:47 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:54:44 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121005443.GB28231@nagual.pp.ru> References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121004906.GA28231@nagual.pp.ru> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 03:49:08 +0300, Andrey A. Chernov wrote: > > How about I write a pam_opieaccess(8) module and you tell me what you > > think of it? It's really the cleanest solution from PAM's point of > > view. > > Ok, I'll write it and send for review. Oops, some keyboard slip. I mean: Ok, write it and I can review it. BTW, I can write it to, back to slip meaning. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 16:56:28 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id D716037B416 for ; Sun, 20 Jan 2002 16:56:25 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L0uKb28380; Mon, 21 Jan 2002 03:56:20 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 03:56:18 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121005617.GC28231@nagual.pp.ru> References: <20020121001822.GA27831@nagual.pp.ru> <200201210029.g0L0TTt35104@grimreaper.grondar.org> <20020121003547.GA28007@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 01:45:37 +0100, Dag-Erling Smorgrav wrote: > > No. The "[...]" form is a Linux-PAM invention, and is tightly linked > to Linux-PAM implementation details. It does not exist in other PAM > implementations. I aim to move *away* from dependence on Linux-PAM, > not *towards* it. Well, I understand. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 17:18:32 2002 Delivered-To: freebsd-current@freebsd.org Received: from web14003.mail.yahoo.com (web14003.mail.yahoo.com [216.136.175.94]) by hub.freebsd.org (Postfix) with SMTP id 741F537B402 for ; Sun, 20 Jan 2002 17:18:30 -0800 (PST) Message-ID: <20020121011830.26777.qmail@web14003.mail.yahoo.com> Received: from [198.95.226.231] by web14003.mail.yahoo.com via HTTP; Sun, 20 Jan 2002 17:18:30 PST Date: Sun, 20 Jan 2002 17:18:30 -0800 (PST) From: k Macy Subject: GDB maintainer? To: freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Who is the current GDB maintainer? -Kip __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 17:21:57 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id D0E7437B425 for ; Sun, 20 Jan 2002 17:21:36 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 4F967532C; Mon, 21 Jan 2002 02:21:35 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 02:21:34 +0100 In-Reply-To: <20020121004906.GA28231@nagual.pp.ru> Message-ID: Lines: 26 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-=-= "Andrey A. Chernov" writes: > On Mon, Jan 21, 2002 at 01:42:00 +0100, Dag-Erling Smorgrav wrote: > > The admin can't enforce "always OPIE" for a user, because the user can > > always delete his ~/.opiealways. > This is per-machine choice. Long time ago, for S-KEY, it was per-terminal > choice too, but OPIE currently not have per-terminal module. > There is no needs to enforce it for user logged from trusted machine since > whole machine is trusted. I'm sorry, but in my opinion that should really be the admin's decision. You can trust a machine without necessarily trusting users coming from that machine to pick good passwords. > > How about I write a pam_opieaccess(8) module and you tell me what you > > think of it? It's really the cleanest solution from PAM's point of > > view. > Ok, I'll write it and send for review. No need. See the attached patch. DES -- Dag-Erling Smorgrav - des@ofug.org --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=pam_opieaccess.diff Index: Makefile =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/Makefile,v retrieving revision 1.15 diff -u -r1.15 Makefile --- Makefile 5 Dec 2001 15:55:14 -0000 1.15 +++ Makefile 21 Jan 2002 00:46:54 -0000 @@ -34,6 +34,7 @@ .endif SUBDIR+= pam_nologin SUBDIR+= pam_opie +SUBDIR+= pam_opieaccess SUBDIR+= pam_permit SUBDIR+= pam_radius SUBDIR+= pam_rootok Index: pam_opie/pam_opie.8 =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_opie/pam_opie.8,v retrieving revision 1.4 diff -u -r1.4 pam_opie.8 --- pam_opie/pam_opie.8 14 Jul 2001 08:38:24 -0000 1.4 +++ pam_opie/pam_opie.8 21 Jan 2002 01:18:58 -0000 @@ -1,5 +1,13 @@ .\" Copyright (c) 2001 Mark R V Murray .\" All rights reserved. +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" Portions of this software were developed for the FreeBSD Project by +.\" ThinkSec AS and NAI Labs, the Security Research Division of Network +.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. +.\" .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -9,6 +17,9 @@ .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -47,6 +58,13 @@ .Dq Li auth feature. It also provides a null function for session management. +.Pp +Note that this module does not enforce +.Xr opieaccess 5 +checks. +There is a separate module, +.Xr pam_opieaccess 8 , +for this purpose. .Ss OPIE Authentication Module The OPIE authentication component provides functions to verify the identity of a user Index: pam_opieaccess/Makefile =================================================================== RCS file: pam_opieaccess/Makefile diff -N pam_opieaccess/Makefile --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pam_opieaccess/Makefile 21 Jan 2002 00:53:49 -0000 @@ -0,0 +1,10 @@ +# $FreeBSD$ + +LIB= pam_opieaccess +SHLIB_NAME= ${LIB}.so +SRCS= ${LIB}.c +DPADD= ${LIBOPIE} +LDADD= -lopie +MAN= pam_opieaccess.8 + +.include Index: pam_opieaccess/pam_opieaccess.8 =================================================================== RCS file: pam_opieaccess/pam_opieaccess.8 diff -N pam_opieaccess/pam_opieaccess.8 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pam_opieaccess/pam_opieaccess.8 21 Jan 2002 01:19:01 -0000 @@ -0,0 +1,108 @@ +.\" Copyright (c) 2001 Mark R V Murray +.\" All rights reserved. +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" Portions of this software were developed for the FreeBSD Project by +.\" ThinkSec AS and NAI Labs, the Security Research Division of Network +.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. +.\" +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd January 21, 2002 +.Dt PAM_OPIEACCESS 8 +.Os +.Sh NAME +.Nm pam_opieaccess +.Nd OPIEAccess PAM module +.Sh SYNOPSIS +.Op Ar service-name +.Ar module-type +.Ar control-flag +.Pa pam_self +.Op Ar options +.Sh DESCRIPTION +The +.Nm +module is used in conjunction with the +.Xr pam_opie 8 +PAM module to ascertain that authentication can proceed by other means +(such as the +.Xr pam_unix 8 +module) even if OPIE authentication failed. +To properly use this module, +.Xr pam_opie 8 +should be marked +.Dq Li sufficient , +and +.Nm +should be listed right below it and marked +.Dq Li requisite . +.Pp +The +.Nm +module provides functionality for only one PAM category: +authentication. +In terms of the +.Ar module-type +parameter, this is the +.Dq Li auth +feature. +It also provides null functions for the remaining module types. +.Ss OPIEAccess Authentication Module +The authentication component +.Pq Fn pam_sm_authenticate , +returns +.Dv PAM_IGNORE +if and only if the remote host is listed as a trusted host in +.Pa /etc/opieaccess , +and the user does not have a file named +.Pa opiealways +in his home directory. +Otherwise, it returns +.Dv PAM_AUTH_ERR . +.Pp +The following options may be passed to the authentication module: +.Bl -tag -width ".Cm no_warn" +.It Cm debug +.Xr syslog 3 +debugging information at +.Dv LOG_DEBUG +level. +.It Cm no_warn +suppress warning messages to the user. +These messages include reasons why the user's authentication attempt +was declined. +.El +.Sh SEE ALSO +.Xr opie 4 , +.Xr opieaccess 5 , +.Xr pam_opie 8 , +.Xr pam.conf 5 , +.Xr pam 8 Index: pam_opieaccess/pam_opieaccess.c =================================================================== RCS file: pam_opieaccess/pam_opieaccess.c diff -N pam_opieaccess/pam_opieaccess.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pam_opieaccess/pam_opieaccess.c 21 Jan 2002 01:14:01 -0000 @@ -0,0 +1,150 @@ +/*- + * Copyright (c) 2002 Networks Associates Technologies, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * NAI Labs, the Security Research Division of Network Associates, Inc. + * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the + * DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +__FBSDID("$FreeBSD$"); + +#define _BSD_SOURCE + +#include +#include +#include +#include + +#define PAM_SM_AUTH +#define PAM_SM_ACCOUNT +#define PAM_SM_SESSION +#define PAM_SM_PASSWORD + +#include +#include + +PAM_EXTERN int +pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + struct passwd *pwent; + char *luser, *rhost; + int r; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + r = pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); + if (r != PAM_SUCCESS) + PAM_RETURN(r); + if (rhost == NULL) + PAM_RETURN(PAM_SYSTEM_ERR); + + r = pam_get_item(pamh, PAM_USER, (const void **)&luser); + if (r != PAM_SUCCESS) + PAM_RETURN(r); + if (luser == NULL) + PAM_RETURN(PAM_SYSTEM_ERR); + + if ((pwent = getpwnam(luser)) == NULL) + PAM_RETURN(PAM_SYSTEM_ERR); + + if (opieaccessfile(rhost) && !opiealways(pwent->pw_dir)) + PAM_RETURN(PAM_IGNORE); + + PAM_VERBOSE_ERROR("Refused; remote host is not in opieaccess"); + + PAM_RETURN(PAM_AUTH_ERR); +} + +PAM_EXTERN int +pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_SUCCESS); +} + +PAM_EXTERN int +pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc ,const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_EXTERN int +pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_EXTERN int +pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_EXTERN int +pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_MODULE_ENTRY("pam_opieaccess"); --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 17:29: 0 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 01E1537B404 for ; Sun, 20 Jan 2002 17:28:57 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L1Sr328938; Mon, 21 Jan 2002 04:28:53 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 04:28:52 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121012852.GB28808@nagual.pp.ru> References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 02:21:34 +0100, Dag-Erling Smorgrav wrote: > > I'm sorry, but in my opinion that should really be the admin's > decision. You can trust a machine without necessarily trusting users > coming from that machine to pick good passwords. I not advocate some my position here, I just explain how OPIE supposed to works, i.e. how people (sysadmins) know about it and know how to configure it. IMHO PAM transition should minimize differences with the documented and known by people way of how OPIE works. Generally speaking, you can submit your ideas to OPIE people and they may add some per-user mechanism in future versions. > No need. See the attached patch. Ok. I'll inform you after some testing. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 18:50:30 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 0660037B400 for ; Sun, 20 Jan 2002 18:50:25 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L2o9N30716; Mon, 21 Jan 2002 05:50:09 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 05:50:09 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121025009.GA30673@nagual.pp.ru> References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 02:21:34 +0100, Dag-Erling Smorgrav wrote: > > No need. See the attached patch. > Tested. I use /etc/pam.d/login for test with following OPIE lines: auth sufficient pam_opie.so no_warn auth requisite pam_opieaccess.so no_warn Two problems found, patch included below. 1) When OPIE turned on in the system, not neccessary all users are OPIE-ed, only those who listed in /etc/opiekeys. It means that pam_opieaccess() module must do something only for valid OPIE users listed in /etc/opiekeys and do nothing for others. I use opiechallenge() check for it, and if it fails, return PAM_IGNORE. 2) opiealways() return just opposite to what you might expect, see /usr/src/contrib/opie/libopie/accessfile.c comment about it. Fixed by removing "!" Besides this two things, all works as expected. --- pam_opieaccess.c.old Mon Jan 21 04:35:08 2002 +++ pam_opieaccess.c Mon Jan 21 05:47:27 2002 @@ -55,8 +55,10 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) { + struct opie opie; struct options options; struct passwd *pwent; + char challenge[OPIE_CHALLENGE_MAX]; char *luser, *rhost; int r; @@ -64,22 +66,32 @@ PAM_LOG("Options processed"); - r = pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); - if (r != PAM_SUCCESS) - PAM_RETURN(r); - if (rhost == NULL) - PAM_RETURN(PAM_SYSTEM_ERR); - r = pam_get_item(pamh, PAM_USER, (const void **)&luser); if (r != PAM_SUCCESS) PAM_RETURN(r); if (luser == NULL) PAM_RETURN(PAM_SYSTEM_ERR); + /* + * Don't call the OPIE atexit() handler when our program exits, + * since the module has been unloaded and we will SEGV. + */ + opiedisableaeh(); + + if (opiechallenge(&opie, (char *)luser, challenge) != 0) + PAM_RETURN(PAM_IGNORE); + opieunlock(); + + r = pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); + if (r != PAM_SUCCESS) + PAM_RETURN(r); + if (rhost == NULL) + PAM_RETURN(PAM_SYSTEM_ERR); + if ((pwent = getpwnam(luser)) == NULL) PAM_RETURN(PAM_SYSTEM_ERR); - if (opieaccessfile(rhost) && !opiealways(pwent->pw_dir)) + if (opieaccessfile(rhost) && opiealways(pwent->pw_dir)) PAM_RETURN(PAM_IGNORE); PAM_VERBOSE_ERROR("Refused; remote host is not in opieaccess"); -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 19: 0:25 2002 Delivered-To: freebsd-current@freebsd.org Received: from web14006.mail.yahoo.com (web14006.mail.yahoo.com [216.136.175.122]) by hub.freebsd.org (Postfix) with SMTP id 4860037B41C for ; Sun, 20 Jan 2002 19:00:19 -0800 (PST) Message-ID: <20020121030018.7425.qmail@web14006.mail.yahoo.com> Received: from [203.193.106.164] by web14006.mail.yahoo.com via HTTP; Sun, 20 Jan 2002 19:00:18 PST Date: Sun, 20 Jan 2002 19:00:18 -0800 (PST) From: Raman Ng Reply-To: raman@hello.to Subject: Extended paging bug in Athlon affect FreeBSD? To: stable@freebsd.org, current@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I don't know what mailing list this mail should be posted to, sorry if it is posted to the wrong mailing list. Recently I found Linux 2.4 kernel is affected by the bug of extended paging in AMD Athlon through the following link. I don't know if FreeBSD is also affected. http://linuxtoday.com/news_story.php3?ltsn=2002-01-21-001-20-NW-KN __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 19: 4:24 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id A7EA537B404 for ; Sun, 20 Jan 2002 19:04:19 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0L34EU30851; Mon, 21 Jan 2002 06:04:14 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 06:04:14 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121030414.GA30777@nagual.pp.ru> References: <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> <20020121025009.GA30673@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121025009.GA30673@nagual.pp.ru> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG BTW, I have a doubt about PAM_SYSTEM_ERR code you use in several places like this: > if (luser == NULL) > PAM_RETURN(PAM_SYSTEM_ERR); Please explain two moments: 1) What is stack reaction on this option? Is it the same like PAM_AUTH_ERR reaction or not? 2) Can PAM_SYSTEM_ERR be returned by pam_authenticate() ? If yes. login.c and ftpd.c must be fixed to add this code. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 20: 2:13 2002 Delivered-To: freebsd-current@freebsd.org Received: from fl-mta01.durocom.com (fl-mta01.durocom.com [216.53.195.242]) by hub.freebsd.org (Postfix) with ESMTP id AF2A337B402; Sun, 20 Jan 2002 20:02:02 -0800 (PST) Received: from [198.69.78.93] by fl-mta01.durocom.com with SMTP id <20020121040349.BCXW984.fl-mta01@[198.69.78.93]>; Sun, 20 Jan 2002 23:03:49 -0500 From: liltator@slingshot.com To: Subject: Hi Friend Date: Sun, 20 Jan 2002 21:53:39 -0600 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_1B37_00002A92.00001000" X-Priority: 3 X-MSMail-Priority: Normal Message-Id: <20020121040349.BCXW984.fl-mta01@[198.69.78.93]> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG ------=_NextPart_000_1B37_00002A92.00001000 Content-Type: text/html; ViaPro

To be removed from future mailings CLICK HERE

 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 20:19: 4 2002 Delivered-To: freebsd-current@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id 7392F37B402 for ; Sun, 20 Jan 2002 20:18:58 -0800 (PST) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.5) with SMTP id g0L4IcD62237; Sun, 20 Jan 2002 23:18:38 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Sun, 20 Jan 2002 23:18:37 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Glenn Gombert Cc: freebsd-current@FreeBSD.ORG Subject: Re: Diskless Boot Working in -Current ?? In-Reply-To: <3.0.6.32.20020120142635.00da3b28@imatowns.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I use diskless booting daily on 5.0-CURRENT, and after some tweaks to rc.diskless[12] (now committed) it works just fine. In 5.0-CURRENT, FFS is used directly over malloc disks (md) to support local storage. You should be able to configure netbooing on 5.0 in much the same way as RELENG_4. Are you having a specific problem, or is this just an "is this possible?"? Thanks, Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Sun, 20 Jan 2002, Glenn Gombert wrote: > I have several kernels built using v4.3 that boot fine over an > etherboot/NFS network but a kernel built using GENERIC (with the necesary > options added to diskless booting, does not seem to boot), also the option > 'MFS' (Memory File System) seems to have been removed from -CURRENT for > some reason.... this is necessary for DISKLESS NFS booting isn't it ??..... > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 20:24:20 2002 Delivered-To: freebsd-current@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id A92C837B416 for ; Sun, 20 Jan 2002 20:24:15 -0800 (PST) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.5) with SMTP id g0L4O7D62316; Sun, 20 Jan 2002 23:24:08 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Sun, 20 Jan 2002 23:24:07 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Glenn Gombert Cc: current@freebsd.org Subject: Re: "Current & Etherboot" In-Reply-To: <3.0.6.32.20020120182001.00dab7b8@imatowns.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Most people I know of that netboot boxes on Intel platforms now use PXE. With PXE config, the pxe loader has full access to the NFS-mounted /boot directory, so there's no reason to compile in the hints. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Sun, 20 Jan 2002, Glenn Gombert wrote: > etherboot runs fine on Current, all that is required if to have the > 'device.hints' statically compiled into the kernel you are trying to boot: > > #To statically compile in device wiring instead of /boot/device.hints > hints "NETBOOT.hints" #Default places to look for devices. > > > bit strange that the 'regulars' on the list didn't seem to know about this > ... > Glenn Gombert > ggombert@imatowns.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 23:40:18 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id 57B2937B404 for ; Sun, 20 Jan 2002 23:40:13 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020121074008.ZWPJ3578.rwcrmhc52.attbi.com@InterJet.elischer.org> for ; Mon, 21 Jan 2002 07:40:08 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id XAA09711 for ; Sun, 20 Jan 2002 23:34:31 -0800 (PST) Date: Sun, 20 Jan 2002 23:34:30 -0800 (PST) From: Julian Elischer To: current@freebsd.org Subject: __stderrp error Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Lots of my old programs get: /usr/libexec/ld-elf.so.1: /usr/local/lib/libpng.so.3: Undefined symbol "__stderrp" this is NOT the error in UPDATING and doing what it says for a similar problem: 20010924: The buildworld has been fixed. You may need to install the 4.x compatibility libraries for some old binaries to work. Add COMPAT4X=true to your /etc/make.conf to get them installed on every installworld, or execute the following to get them installed only once: cd src/lib/compat/compat4x. make all install You will see ``__stdoutp undefined'' until you do this. has NO effect whatsoever. The only thign I can do is recompile any package that has thos problem. but sometimes it's hard finding which package needs to be recomiled. thoughts? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 23:44:14 2002 Delivered-To: freebsd-current@freebsd.org Received: from hawk.prod.itd.earthlink.net (hawk.mail.pas.earthlink.net [207.217.120.22]) by hub.freebsd.org (Postfix) with ESMTP id AB50637B416; Sun, 20 Jan 2002 23:44:12 -0800 (PST) Received: from pool0107.cvx22-bradley.dialup.earthlink.net ([209.179.198.107] helo=mindspring.com) by hawk.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SZ76-0004q7-00; Sun, 20 Jan 2002 23:43:32 -0800 Message-ID: <3C4BC6A0.4078CBA6@mindspring.com> Date: Sun, 20 Jan 2002 23:43:28 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Mark Murray Cc: "Andrey A. Chernov" , des@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120233050.GA26913@nagual.pp.ru> <200201202344.g0KNijt34738@grimreaper.grondar.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Mark Murray wrote: > > Yes. And to allow PAM stack to make right decision, pam_opie pass special > > information to PAM stack. Look at the patch, pam_opie not breaks from the > > stack by yourself, it is /etc/pam* do that using information from > > pam_opie. > > Sure - but you are making specialised use of the return value that > assumes that pam_opie will be followed by pam_unix. This violates > the PAM spec. Cool discussion. Once you guys have this all hammered out, are you going to integrate PAM and Kerberos? 8-) 8-) 8-). -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Sun Jan 20 23:50:47 2002 Delivered-To: freebsd-current@freebsd.org Received: from router.hackerheaven.org (qn-213-73-194-22.quicknet.nl [213.73.194.22]) by hub.freebsd.org (Postfix) with ESMTP id 762D437B402 for ; Sun, 20 Jan 2002 23:50:43 -0800 (PST) Received: from loki.ipv6.hackerheaven.org (loki.ipv6.hackerheaven.org [10.0.0.12]) by router.hackerheaven.org (Postfix) with ESMTP id 9EA1B1C15; Mon, 21 Jan 2002 08:50:06 +0100 (CET) Date: Mon, 21 Jan 2002 08:50:30 +0100 Subject: Re: __stderrp error Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v480) Cc: current@freebsd.org To: Julian Elischer From: Emiel Kollof In-Reply-To: Message-Id: <8ABEC4B7-0E43-11D6-9888-000A277C7FDE@hackerheaven.org> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.480) Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Julian Elischer heeft op maandag 21 januari 2002 om 08:34 het volgende geschreven: > > Lots of my old programs get: > /usr/libexec/ld-elf.so.1: /usr/local/lib/libpng.so.3: Undefined symbol > "__stderrp" > > this is NOT the error in UPDATING [...] It isn't? It's related. I've seen it before. Setting COMPAT4X worked for me... Are you sure you made the FreeBSD compat libraries? Setting it in make.conf is one thing, but the libraries must be there too :-) Either a make world with COMPAT4X set, or building the 4.x compat libs (for location, see UPDATING), but I guess you knew that. If I'm wrong, let me know :-) Cheers, Emiel To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 0: 0:30 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc53.attbi.com (rwcrmhc53.attbi.com [204.127.198.39]) by hub.freebsd.org (Postfix) with ESMTP id 4BDD937B402 for ; Mon, 21 Jan 2002 00:00:20 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc53.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020121080019.WDPR10199.rwcrmhc53.attbi.com@InterJet.elischer.org>; Mon, 21 Jan 2002 08:00:19 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id XAA09786; Sun, 20 Jan 2002 23:55:14 -0800 (PST) Date: Sun, 20 Jan 2002 23:55:13 -0800 (PST) From: Julian Elischer To: Emiel Kollof Cc: current@freebsd.org Subject: Re: __stderrp error In-Reply-To: <8ABEC4B7-0E43-11D6-9888-000A277C7FDE@hackerheaven.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 21 Jan 2002, Emiel Kollof wrote: > > Julian Elischer heeft op maandag 21 januari 2002 om 08:34 het volgende > geschreven: > > > > > Lots of my old programs get: > > /usr/libexec/ld-elf.so.1: /usr/local/lib/libpng.so.3: Undefined symbol > > "__stderrp" > > > > this is NOT the error in UPDATING > [...] > > It isn't? It's related. I've seen it before. Setting COMPAT4X worked for > me... Are you sure you made the FreeBSD compat libraries? Setting it in > make.conf is one thing, but the libraries must be there too :-) > > Either a make world with COMPAT4X set, or building the 4.x compat libs > (for location, see UPDATING), but I guess you knew that. Here is my make.conf.. [...] #COMPAT20= yes #COMPAT21= yes #COMPAT22= yes COMPAT4X= yes # # [...] and I've "made world" a lot of times like that. and if I do it by hand as sugested, it doesn;t make any difference either. > > If I'm wrong, let me know :-) > > Cheers, > Emiel > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 0: 3:43 2002 Delivered-To: freebsd-current@freebsd.org Received: from avocet.prod.itd.earthlink.net (avocet.mail.pas.earthlink.net [207.217.120.50]) by hub.freebsd.org (Postfix) with ESMTP id F19B337B404; Mon, 21 Jan 2002 00:03:36 -0800 (PST) Received: from pool0107.cvx22-bradley.dialup.earthlink.net ([209.179.198.107] helo=mindspring.com) by avocet.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SZQR-0006oM-00; Mon, 21 Jan 2002 00:03:31 -0800 Message-ID: <3C4BCB4F.60F1D4FC@mindspring.com> Date: Mon, 21 Jan 2002 00:03:27 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: raman@hello.to Cc: stable@freebsd.org, current@freebsd.org Subject: Re: Extended paging bug in Athlon affect FreeBSD? References: <20020121030018.7425.qmail@web14006.mail.yahoo.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Raman Ng wrote: > I don't know what mailing list this mail should be > posted to, sorry if it is posted to the wrong mailing > list. > > Recently I found Linux 2.4 kernel is affected by the > bug of extended paging in AMD Athlon through the > following link. I don't know if FreeBSD is also > affected. > > http://linuxtoday.com/news_story.php3?ltsn=2002-01-21-001-20-NW-KN I am well aware of this bug. It does not affect FreeBSD, which only uses 4M pages for the first 4M of the kernel itself. I've worked on code that enables 4M pages on other memory used in FreeBSD, that had this problem, but only if you were really stupid in your allocation mechanism. There's a workaround for this problem which is fairly trivial to implement in software, and should probably be done when 4M pages are enabled, if you are using an Athlon, and are adding 4M pages. The problem didn't bite my own application, since I knew about it and used the TLBs in a very specific way to get around the problem, but I'm told that after I left the company, someone went in and used them a different way, not knowing about the problem or the workaround, and broke things. This resulted in about a 14% performance loss. If you are doing heavy networking on a machine with a lot of memory, it's reasonable to move your mbufs into 4M pages, which nets you a 4-14% improvement (depending on whether or not you also change your allocator: 14% if you do). If you do that, knowing how to work around the problem nets you a pretty big win in overall performance, for about 6-10 more machine instructions at startup time. 8-). In any case, this will not be a problem for FreeBSD, and is only a problem for Linux because of the strange way they initialize things. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 1: 7: 8 2002 Delivered-To: freebsd-current@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id E154537B416 for ; Mon, 21 Jan 2002 01:07:02 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g0L96gn21726; Mon, 21 Jan 2002 11:06:42 +0200 (EET) (envelope-from ru) Date: Mon, 21 Jan 2002 11:06:42 +0200 From: Ruslan Ermilov To: Julian Elischer Cc: current@FreeBSD.ORG Subject: Re: __stderrp error Message-ID: <20020121110642.E16527@sunbay.com> References: <8ABEC4B7-0E43-11D6-9888-000A277C7FDE@hackerheaven.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.23i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 11:55:13PM -0800, Julian Elischer wrote: > > > On Mon, 21 Jan 2002, Emiel Kollof wrote: > > > > > Julian Elischer heeft op maandag 21 januari 2002 om 08:34 het volgende > > geschreven: > > > > > > > > Lots of my old programs get: > > > /usr/libexec/ld-elf.so.1: /usr/local/lib/libpng.so.3: Undefined symbol > > > "__stderrp" > > > > > > this is NOT the error in UPDATING > > [...] > > > > It isn't? It's related. I've seen it before. Setting COMPAT4X worked for > > me... Are you sure you made the FreeBSD compat libraries? Setting it in > > make.conf is one thing, but the libraries must be there too :-) > > > > Either a make world with COMPAT4X set, or building the 4.x compat libs > > (for location, see UPDATING), but I guess you knew that. > Here is my make.conf.. > [...] > #COMPAT20= yes > #COMPAT21= yes > #COMPAT22= yes > COMPAT4X= yes > # > # > [...] > > and I've "made world" a lot of times like that. > and if I do it by hand as sugested, it doesn;t make any difference either. > Does ``ldconfig -elf -r'' show the /usr/lib/compat stuff? If it doesn't, you might have screwed the `ldconfig_paths' setting in /etc/rc.conf. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 1:22:15 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc53.attbi.com (rwcrmhc53.attbi.com [204.127.198.39]) by hub.freebsd.org (Postfix) with ESMTP id 5D56637B419 for ; Mon, 21 Jan 2002 01:22:10 -0800 (PST) Received: from rwcrwbc55 ([204.127.198.44]) by rwcrmhc53.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with SMTP id <20020121092209.WZWB10199.rwcrmhc53.attbi.com@rwcrwbc55> for ; Mon, 21 Jan 2002 09:22:09 +0000 Received: from [12.74.96.42] by rwcrwbc55; Mon, 21 Jan 2002 09:22:08 +0000 From: jordan.breeding@attbi.com To: freebsd-current@freebsd.org Subject: Questions about -current Date: Mon, 21 Jan 2002 09:22:08 +0000 X-Mailer: AT&T Message Center Version 1 (Nov 29 2001) Message-Id: <20020121092209.WZWB10199.rwcrmhc53.attbi.com@rwcrwbc55> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, I just upgraded to -current today to get a couple of features including devfs working. In the process I have run into a few questions (mainly things to do with the fact that up until a few days ago I was only using linux 2.4.x): 1) Will either the in kernel or oss sound driver for an SBLive! in FreeBSD be updated to allow multiple accesses to /dev/dsp at the same time and time in the near future? I know that the oss driver have /dev/dsp1..7 or so but they still seem to not like having multiple accesses to any of them at the same time. In linux both the oss/free and alsa drivers fully supported playing multiple (I know I had tried up to six at a time before) streams to /dev/dsp concurrently. 2) Will frame buffers for eithe VESA or more specifically radeon be added and/or documented any time soon to use a frame buffer at a reasonable resolution for the virtual consoles? 3) Will USB keyboards work as the system console keyboard any time soon, right now I can't seem to get my Sun Type 6 USB keyboard to work even though it shows up in dmesg. 4) Is there anyone actively maintaining dri for XFree86 on FreeBSD, I couldn't get my Radeon 7500 to work with dri using a fresh pull of XFree86 CVS, so I ended up making a trivial patch to allow my Radeon to be detected and set up. But this led me to notice that there have been one or two performance and lock up related changes to the linux kernel dri code and wondered whether these fixes would ever make it to FreeBSD? 5) In -current would it be possible to have a few command line switches added to certain userland utilities? I noticed -h made it into `ls` now, but `cp` still doesn't have -a or -x which I used to use all the time in Linux. I know -a isn't a big deal but - x was definitely nice from time to time. `date` having a --date option to tell you when a specified date is in Linux is also very nice. Just some thoughts. 6) I have found the pages for hardware monitoring support in the FreeBSD kernel and have a few questions about it: Will the updated code which supports newer AMD and VIA monitoring chips be rolled into -current soon? And if so what userland utility does one use in FreeBSD to pull values from the driver like lm-sensors does for Linux? Thanks if anyone can help me figure out answers to any of the above questions or provide feedback on any of my comments. So far I love FreeBSD and find it much more efficient and intuitive than Linux, keep up the good work. Please Cc: me as I am not on this list yet. Jordan Breeding To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 2: 1:12 2002 Delivered-To: freebsd-current@freebsd.org Received: from edgemaster.zombie.org (edgemaster.creighton.edu [147.134.112.68]) by hub.freebsd.org (Postfix) with ESMTP id 7CF9637B400 for ; Mon, 21 Jan 2002 02:01:06 -0800 (PST) Received: by edgemaster.zombie.org (Postfix, from userid 1001) id DC99766B04; Mon, 21 Jan 2002 04:01:05 -0600 (CST) Date: Mon, 21 Jan 2002 04:01:05 -0600 From: Sean Kelly To: jordan.breeding@attbi.com Cc: freebsd-current@freebsd.org Subject: Re: Questions about -current Message-ID: <20020121040105.A15270@edgemaster.zombie.org> References: <20020121092209.WZWB10199.rwcrmhc53.attbi.com@rwcrwbc55> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="W/nzBZO5zC0uMSeA" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020121092209.WZWB10199.rwcrmhc53.attbi.com@rwcrwbc55>; from jordan.breeding@attbi.com on Mon, Jan 21, 2002 at 09:22:08AM +0000 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --W/nzBZO5zC0uMSeA Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable First off, you sent this to the wrong list. Most of the questions you bring up in here should have been directed at -questions. On Mon, Jan 21, 2002 at 09:22:08AM +0000, jordan.breeding@attbi.com wrote: > I just upgraded to -current today to get a couple of=20 > features including devfs working. In the process I=20 > have run into a few questions (mainly things to do with=20 > the fact that up until a few days ago I was only using=20 > linux 2.4.x): If you are new to FreeBSD, -CURRENT might not be a wise place to start. > 1) Will either the in kernel or oss sound driver for an=20 =2E.. > 3) Will USB keyboards work as the system console=20 > keyboard any time soon, right now I can't seem to get=20 > my Sun Type 6 USB keyboard to work even though it shows=20 > up in dmesg. If you have both a PS/2 and USB keyboard, you need to make use of `kbdcontrol -k`. > 4) Is there anyone actively maintaining dri for XFree86=20 > on FreeBSD, I couldn't get my Radeon 7500 to work with=20 See /usr/ports/graphics/drm-kmod or http://gladstone.uoregon.edu/~eanholt/d= ri/ =2E.. > 6) I have found the pages for hardware monitoring=20 > support in the FreeBSD kernel and have a few questions=20 > about it: Will the updated code which supports newer=20 > AMD and VIA monitoring chips be rolled into -current=20 > soon? And if so what userland utility does one use in=20 > FreeBSD to pull values from the driver like lm-sensors=20 > does for Linux? I've got /usr/ports/sysutils/xmbmon/ working perfectly with my setup. --=20 Sean Kelly | PGP KeyID: 77042C7B smkelly@zombie.org | http://www.zombie.org For PGP key, send e-mail with subject "send pgp key" --W/nzBZO5zC0uMSeA Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) iD8DBQE8S+bh2aukpHcELHsRAkEkAKCDaNuaDO953UgSgS8v20fLJ3Fl/wCfdzaS 29L42Sut+thttMICfQwI0s8= =vk/q -----END PGP SIGNATURE----- --W/nzBZO5zC0uMSeA-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 2: 2:27 2002 Delivered-To: freebsd-current@freebsd.org Received: from web14002.mail.yahoo.com (web14002.mail.yahoo.com [216.136.175.93]) by hub.freebsd.org (Postfix) with SMTP id BE35537B416 for ; Mon, 21 Jan 2002 02:02:17 -0800 (PST) Message-ID: <20020121100217.81572.qmail@web14002.mail.yahoo.com> Received: from [203.193.106.164] by web14002.mail.yahoo.com via HTTP; Mon, 21 Jan 2002 02:02:17 PST Date: Mon, 21 Jan 2002 02:02:17 -0800 (PST) From: Raman Ng Reply-To: raman@hello.to Subject: Re: Extended paging bug in Athlon affect FreeBSD? To: Terry Lambert , raman@hello.to Cc: stable@freebsd.org, current@freebsd.org In-Reply-To: <3C4BCB4F.60F1D4FC@mindspring.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I am well aware of this bug. > > It does not affect FreeBSD, which only uses 4M pages > for > the first 4M of the kernel itself. > > I've worked on code that enables 4M pages on other > memory > used in FreeBSD, that had this problem, but only if > you > were really stupid in your allocation mechanism. > > There's a workaround for this problem which is > fairly > trivial to implement in software, and should > probably be > done when 4M pages are enabled, if you are using an > Athlon, > and are adding 4M pages. The problem didn't bite my > own > application, since I knew about it and used the TLBs > in a > very specific way to get around the problem, but I'm > told > that after I left the company, someone went in and > used > them a different way, not knowing about the problem > or the > workaround, and broke things. This resulted in > about a > 14% performance loss. > > If you are doing heavy networking on a machine with > a lot > of memory, it's reasonable to move your mbufs into > 4M pages, > which nets you a 4-14% improvement (depending on > whether or > not you also change your allocator: 14% if you do). > If you > do that, knowing how to work around the problem nets > you a > pretty big win in overall performance, for about > 6-10 more > machine instructions at startup time. 8-). > > In any case, this will not be a problem for FreeBSD, > and is > only a problem for Linux because of the strange way > they > initialize things. > > -- Terry Glad to know FreeBSD is not affected. Thanks a lot. Cheers, Raman __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 4:47:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 37BA137B405 for ; Mon, 21 Jan 2002 04:47:40 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 1308D532C; Mon, 21 Jan 2002 13:47:38 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> <20020121025009.GA30673@nagual.pp.ru> <20020121030414.GA30777@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 13:47:38 +0100 In-Reply-To: <20020121030414.GA30777@nagual.pp.ru> Message-ID: Lines: 19 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Please explain two moments: > > 1) What is stack reaction on this option? Is it the same like PAM_AUTH_ERR > reaction or not? Yes. > 2) Can PAM_SYSTEM_ERR be returned by pam_authenticate() ? If yes. login.c > and ftpd.c must be fixed to add this code. All PAM library calls can return PAM_SYSTEM_ERR. ...but I just realized it's the wrong code in this case - modules should return PAM_SERVICE_ERR instead of PAM_SYSTEM_ERR. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 4:54:40 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 3E1F737B419 for ; Mon, 21 Jan 2002 04:54:31 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 11CE8533B; Mon, 21 Jan 2002 13:54:30 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> <20020121025009.GA30673@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 13:54:29 +0100 In-Reply-To: <20020121025009.GA30673@nagual.pp.ru> Message-ID: Lines: 20 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > 1) When OPIE turned on in the system, not neccessary all users are > OPIE-ed, only those who listed in /etc/opiekeys. It means that > pam_opieaccess() module must do something only for valid OPIE users > listed in /etc/opiekeys and do nothing for others. I use opiechallenge() > check for it, and if it fails, return PAM_IGNORE. Umm, you can't use opiechallenge() for that. You're not supposed to call opiechallenge() without also calling opieverify() (plus, I think opiechallenge() "consumes" a challenge). Use opielookup() instead. > 2) opiealways() return just opposite to what you might expect, see > /usr/src/contrib/opie/libopie/accessfile.c comment about it. Fixed by > removing "!" Right, thanks. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 5: 8: 7 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id F075037B402 for ; Mon, 21 Jan 2002 05:07:50 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 83505532C; Mon, 21 Jan 2002 14:07:49 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120220254.GA25886@nagual.pp.ru> <200201202314.g0KNEDt34526@grimreaper.grondar.org> <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> <20020121025009.GA30673@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 14:07:48 +0100 In-Reply-To: Message-ID: Lines: 14 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-=-= Dag-Erling Smorgrav writes: > Umm, you can't use opiechallenge() for that. You're not supposed to > call opiechallenge() without also calling opieverify() (plus, I think > opiechallenge() "consumes" a challenge). Use opielookup() instead. Even better, opie_haskey() (which is a wrapper around opielookup()). New patch attached. DES -- Dag-Erling Smorgrav - des@ofug.org --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=pam_opieaccess.diff Index: Makefile =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/Makefile,v retrieving revision 1.15 diff -u -r1.15 Makefile --- Makefile 5 Dec 2001 15:55:14 -0000 1.15 +++ Makefile 21 Jan 2002 00:46:54 -0000 @@ -34,6 +34,7 @@ .endif SUBDIR+= pam_nologin SUBDIR+= pam_opie +SUBDIR+= pam_opieaccess SUBDIR+= pam_permit SUBDIR+= pam_radius SUBDIR+= pam_rootok Index: pam_opie/pam_opie.8 =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_opie/pam_opie.8,v retrieving revision 1.4 diff -u -r1.4 pam_opie.8 --- pam_opie/pam_opie.8 14 Jul 2001 08:38:24 -0000 1.4 +++ pam_opie/pam_opie.8 21 Jan 2002 01:18:58 -0000 @@ -1,5 +1,13 @@ .\" Copyright (c) 2001 Mark R V Murray .\" All rights reserved. +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" Portions of this software were developed for the FreeBSD Project by +.\" ThinkSec AS and NAI Labs, the Security Research Division of Network +.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. +.\" .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions @@ -9,6 +17,9 @@ .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -47,6 +58,13 @@ .Dq Li auth feature. It also provides a null function for session management. +.Pp +Note that this module does not enforce +.Xr opieaccess 5 +checks. +There is a separate module, +.Xr pam_opieaccess 8 , +for this purpose. .Ss OPIE Authentication Module The OPIE authentication component provides functions to verify the identity of a user Index: pam_opieaccess/Makefile =================================================================== RCS file: pam_opieaccess/Makefile diff -N pam_opieaccess/Makefile --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pam_opieaccess/Makefile 21 Jan 2002 00:53:49 -0000 @@ -0,0 +1,10 @@ +# $FreeBSD$ + +LIB= pam_opieaccess +SHLIB_NAME= ${LIB}.so +SRCS= ${LIB}.c +DPADD= ${LIBOPIE} +LDADD= -lopie +MAN= pam_opieaccess.8 + +.include Index: pam_opieaccess/pam_opieaccess.8 =================================================================== RCS file: pam_opieaccess/pam_opieaccess.8 diff -N pam_opieaccess/pam_opieaccess.8 --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pam_opieaccess/pam_opieaccess.8 21 Jan 2002 13:07:06 -0000 @@ -0,0 +1,116 @@ +.\" Copyright (c) 2001 Mark R V Murray +.\" All rights reserved. +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. +.\" All rights reserved. +.\" +.\" Portions of this software were developed for the FreeBSD Project by +.\" ThinkSec AS and NAI Labs, the Security Research Division of Network +.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 +.\" ("CBOSS"), as part of the DARPA CHATS research program. +.\" +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. The name of the author may not be used to endorse or promote +.\" products derived from this software without specific prior written +.\" permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd January 21, 2002 +.Dt PAM_OPIEACCESS 8 +.Os +.Sh NAME +.Nm pam_opieaccess +.Nd OPIEAccess PAM module +.Sh SYNOPSIS +.Op Ar service-name +.Ar module-type +.Ar control-flag +.Pa pam_self +.Op Ar options +.Sh DESCRIPTION +The +.Nm +module is used in conjunction with the +.Xr pam_opie 8 +PAM module to ascertain that authentication can proceed by other means +(such as the +.Xr pam_unix 8 +module) even if OPIE authentication failed. +To properly use this module, +.Xr pam_opie 8 +should be marked +.Dq Li sufficient , +and +.Nm +should be listed right below it and marked +.Dq Li requisite . +.Pp +The +.Nm +module provides functionality for only one PAM category: +authentication. +In terms of the +.Ar module-type +parameter, this is the +.Dq Li auth +feature. +It also provides null functions for the remaining module types. +.Ss OPIEAccess Authentication Module +The authentication component +.Pq Fn pam_sm_authenticate , +returns +.Dv PAM_IGNORE +in two cases: +.Bl -enum +.It +The user does not have OPIE enabled. +.It +The user has OPIE enabled, and the remote host is listed as a trusted +host in +.Pa /etc/opieaccess , +and the user does not have a file named +.Pa opiealways +in his home directory. +.El +.Pp +Otherwise, it returns +.Dv PAM_AUTH_ERR . +.Pp +The following options may be passed to the authentication module: +.Bl -tag -width ".Cm no_warn" +.It Cm debug +.Xr syslog 3 +debugging information at +.Dv LOG_DEBUG +level. +.It Cm no_warn +suppress warning messages to the user. +These messages include reasons why the user's authentication attempt +was declined. +.El +.Sh SEE ALSO +.Xr opie 4 , +.Xr opieaccess 5 , +.Xr pam_opie 8 , +.Xr pam.conf 5 , +.Xr pam 8 Index: pam_opieaccess/pam_opieaccess.c =================================================================== RCS file: pam_opieaccess/pam_opieaccess.c diff -N pam_opieaccess/pam_opieaccess.c --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pam_opieaccess/pam_opieaccess.c 21 Jan 2002 12:59:31 -0000 @@ -0,0 +1,153 @@ +/*- + * Copyright (c) 2002 Networks Associates Technologies, Inc. + * All rights reserved. + * + * This software was developed for the FreeBSD Project by ThinkSec AS and + * NAI Labs, the Security Research Division of Network Associates, Inc. + * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the + * DARPA CHATS research program. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#include +__FBSDID("$FreeBSD$"); + +#define _BSD_SOURCE + +#include +#include +#include +#include + +#define PAM_SM_AUTH +#define PAM_SM_ACCOUNT +#define PAM_SM_SESSION +#define PAM_SM_PASSWORD + +#include +#include + +PAM_EXTERN int +pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + struct passwd *pwent; + char *luser, *rhost; + int r; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + r = pam_get_item(pamh, PAM_USER, (const void **)&luser); + if (r != PAM_SUCCESS) + PAM_RETURN(r); + if (luser == NULL) + PAM_RETURN(PAM_SERVICE_ERR); + + if ((pwent = getpwnam(luser)) == NULL) + PAM_RETURN(PAM_USER_UNKNOWN); + + if (opie_haskey(luser) != 0) + PAM_RETURN(PAM_IGNORE); + + r = pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); + if (r != PAM_SUCCESS) + PAM_RETURN(r); + if (rhost == NULL) + PAM_RETURN(PAM_SERVICE_ERR); + + if (opieaccessfile(rhost) && opiealways(pwent->pw_dir) != 0) + PAM_RETURN(PAM_IGNORE); + + PAM_VERBOSE_ERROR("Refused; remote host is not in opieaccess"); + + PAM_RETURN(PAM_AUTH_ERR); +} + +PAM_EXTERN int +pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_SUCCESS); +} + +PAM_EXTERN int +pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc ,const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_EXTERN int +pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_EXTERN int +pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_EXTERN int +pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + struct options options; + + pam_std_option(&options, NULL, argc, argv); + + PAM_LOG("Options processed"); + + PAM_RETURN(PAM_IGNORE); +} + +PAM_MODULE_ENTRY("pam_opieaccess"); --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 5:12:13 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 64FFC37B416 for ; Mon, 21 Jan 2002 05:12:03 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LDBfq35445; Mon, 21 Jan 2002 16:11:42 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 16:11:40 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121131139.GA35330@nagual.pp.ru> References: <20020120233050.GA26913@nagual.pp.ru> <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> <20020121025009.GA30673@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 13:54:29 +0100, Dag-Erling Smorgrav wrote: > > Umm, you can't use opiechallenge() for that. You're not supposed to > call opiechallenge() without also calling opieverify() (plus, I think No, it is possible, when opieunlock() called afterwards (as I do). BTW, the same way pam_opie does, see opieunlock() inside prompts loop. > opiechallenge() "consumes" a challenge). No, it is opieverify() who consumes it. You can call opiechallenge() several times with appropriate opieunlock()'s and challenge will not changed. In fact our ftpd does it, first opiechallenge() called to generate prompt in the form pam_opie can't generate and the second is opiechallenge() called from pam_opie (invisible). > Use opielookup() instead. Ok. It will be faster then opiechallenge() for this case. I'll send modified patch. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 5:31: 1 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 637EB37B400 for ; Mon, 21 Jan 2002 05:30:25 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0LDTx717093; Mon, 21 Jan 2002 13:29:59 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0LDSlt39059; Mon, 21 Jan 2002 13:28:47 GMT (envelope-from mark@grondar.za) Message-Id: <200201211328.g0LDSlt39059@grimreaper.grondar.org> To: Dag-Erling Smorgrav Cc: "Andrey A. Chernov" , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: In-Reply-To: ; from Dag-Erling Smorgrav "21 Jan 2002 14:07:48 +0100." Date: Mon, 21 Jan 2002 13:28:46 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is looking good! Please keep a close eye on style (there is at least one assignment in an if () statement that needs to move out. :-) M > --=-=-= > > Dag-Erling Smorgrav writes: > > Umm, you can't use opiechallenge() for that. You're not supposed to > > call opiechallenge() without also calling opieverify() (plus, I think > > opiechallenge() "consumes" a challenge). Use opielookup() instead. > > Even better, opie_haskey() (which is a wrapper around opielookup()). > New patch attached. > > DES > -- > Dag-Erling Smorgrav - des@ofug.org > > > --=-=-= > Content-Type: text/x-patch > Content-Disposition: attachment; filename=pam_opieaccess.diff > > Index: Makefile > =================================================================== > RCS file: /home/ncvs/src/lib/libpam/modules/Makefile,v > retrieving revision 1.15 > diff -u -r1.15 Makefile > --- Makefile 5 Dec 2001 15:55:14 -0000 1.15 > +++ Makefile 21 Jan 2002 00:46:54 -0000 > @@ -34,6 +34,7 @@ > .endif > SUBDIR+= pam_nologin > SUBDIR+= pam_opie > +SUBDIR+= pam_opieaccess > SUBDIR+= pam_permit > SUBDIR+= pam_radius > SUBDIR+= pam_rootok > Index: pam_opie/pam_opie.8 > =================================================================== > RCS file: /home/ncvs/src/lib/libpam/modules/pam_opie/pam_opie.8,v > retrieving revision 1.4 > diff -u -r1.4 pam_opie.8 > --- pam_opie/pam_opie.8 14 Jul 2001 08:38:24 -0000 1.4 > +++ pam_opie/pam_opie.8 21 Jan 2002 01:18:58 -0000 > @@ -1,5 +1,13 @@ > .\" Copyright (c) 2001 Mark R V Murray > .\" All rights reserved. > +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. > +.\" All rights reserved. > +.\" > +.\" Portions of this software were developed for the FreeBSD Project by > +.\" ThinkSec AS and NAI Labs, the Security Research Division of Network > +.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 > +.\" ("CBOSS"), as part of the DARPA CHATS research program. > +.\" > .\" > .\" Redistribution and use in source and binary forms, with or without > .\" modification, are permitted provided that the following conditions > @@ -9,6 +17,9 @@ > .\" 2. Redistributions in binary form must reproduce the above copyright > .\" notice, this list of conditions and the following disclaimer in the > .\" documentation and/or other materials provided with the distribution. > +.\" 3. The name of the author may not be used to endorse or promote > +.\" products derived from this software without specific prior written > +.\" permission. > .\" > .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND > .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > @@ -47,6 +58,13 @@ > .Dq Li auth > feature. > It also provides a null function for session management. > +.Pp > +Note that this module does not enforce > +.Xr opieaccess 5 > +checks. > +There is a separate module, > +.Xr pam_opieaccess 8 , > +for this purpose. > .Ss OPIE Authentication Module > The OPIE authentication component > provides functions to verify the identity of a user > Index: pam_opieaccess/Makefile > =================================================================== > RCS file: pam_opieaccess/Makefile > diff -N pam_opieaccess/Makefile > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ pam_opieaccess/Makefile 21 Jan 2002 00:53:49 -0000 > @@ -0,0 +1,10 @@ > +# $FreeBSD$ > + > +LIB= pam_opieaccess > +SHLIB_NAME= ${LIB}.so > +SRCS= ${LIB}.c > +DPADD= ${LIBOPIE} > +LDADD= -lopie > +MAN= pam_opieaccess.8 > + > +.include > Index: pam_opieaccess/pam_opieaccess.8 > =================================================================== > RCS file: pam_opieaccess/pam_opieaccess.8 > diff -N pam_opieaccess/pam_opieaccess.8 > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ pam_opieaccess/pam_opieaccess.8 21 Jan 2002 13:07:06 -0000 > @@ -0,0 +1,116 @@ > +.\" Copyright (c) 2001 Mark R V Murray > +.\" All rights reserved. > +.\" Copyright (c) 2002 Networks Associates Technologies, Inc. > +.\" All rights reserved. > +.\" > +.\" Portions of this software were developed for the FreeBSD Project by > +.\" ThinkSec AS and NAI Labs, the Security Research Division of Network > +.\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 > +.\" ("CBOSS"), as part of the DARPA CHATS research program. > +.\" > +.\" > +.\" Redistribution and use in source and binary forms, with or without > +.\" modification, are permitted provided that the following conditions > +.\" are met: > +.\" 1. Redistributions of source code must retain the above copyright > +.\" notice, this list of conditions and the following disclaimer. > +.\" 2. Redistributions in binary form must reproduce the above copyright > +.\" notice, this list of conditions and the following disclaimer in the > +.\" documentation and/or other materials provided with the distribution. > +.\" 3. The name of the author may not be used to endorse or promote > +.\" products derived from this software without specific prior written > +.\" permission. > +.\" > +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND > +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE > +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE > +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL > +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS > +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT > +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY > +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF > +.\" SUCH DAMAGE. > +.\" > +.\" $FreeBSD$ > +.\" > +.Dd January 21, 2002 > +.Dt PAM_OPIEACCESS 8 > +.Os > +.Sh NAME > +.Nm pam_opieaccess > +.Nd OPIEAccess PAM module > +.Sh SYNOPSIS > +.Op Ar service-name > +.Ar module-type > +.Ar control-flag > +.Pa pam_self > +.Op Ar options > +.Sh DESCRIPTION > +The > +.Nm > +module is used in conjunction with the > +.Xr pam_opie 8 > +PAM module to ascertain that authentication can proceed by other means > +(such as the > +.Xr pam_unix 8 > +module) even if OPIE authentication failed. > +To properly use this module, > +.Xr pam_opie 8 > +should be marked > +.Dq Li sufficient , > +and > +.Nm > +should be listed right below it and marked > +.Dq Li requisite . > +.Pp > +The > +.Nm > +module provides functionality for only one PAM category: > +authentication. > +In terms of the > +.Ar module-type > +parameter, this is the > +.Dq Li auth > +feature. > +It also provides null functions for the remaining module types. > +.Ss OPIEAccess Authentication Module > +The authentication component > +.Pq Fn pam_sm_authenticate , > +returns > +.Dv PAM_IGNORE > +in two cases: > +.Bl -enum > +.It > +The user does not have OPIE enabled. > +.It > +The user has OPIE enabled, and the remote host is listed as a trusted > +host in > +.Pa /etc/opieaccess , > +and the user does not have a file named > +.Pa opiealways > +in his home directory. > +.El > +.Pp > +Otherwise, it returns > +.Dv PAM_AUTH_ERR . > +.Pp > +The following options may be passed to the authentication module: > +.Bl -tag -width ".Cm no_warn" > +.It Cm debug > +.Xr syslog 3 > +debugging information at > +.Dv LOG_DEBUG > +level. > +.It Cm no_warn > +suppress warning messages to the user. > +These messages include reasons why the user's authentication attempt > +was declined. > +.El > +.Sh SEE ALSO > +.Xr opie 4 , > +.Xr opieaccess 5 , > +.Xr pam_opie 8 , > +.Xr pam.conf 5 , > +.Xr pam 8 > Index: pam_opieaccess/pam_opieaccess.c > =================================================================== > RCS file: pam_opieaccess/pam_opieaccess.c > diff -N pam_opieaccess/pam_opieaccess.c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ pam_opieaccess/pam_opieaccess.c 21 Jan 2002 12:59:31 -0000 > @@ -0,0 +1,153 @@ > +/*- > + * Copyright (c) 2002 Networks Associates Technologies, Inc. > + * All rights reserved. > + * > + * This software was developed for the FreeBSD Project by ThinkSec AS and > + * NAI Labs, the Security Research Division of Network Associates, Inc. > + * under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the > + * DARPA CHATS research program. > + * > + * Redistribution and use in source and binary forms, with or without > + * modification, are permitted provided that the following conditions > + * are met: > + * 1. Redistributions of source code must retain the above copyright > + * notice, this list of conditions and the following disclaimer. > + * 2. Redistributions in binary form must reproduce the above copyright > + * notice, this list of conditions and the following disclaimer in the > + * documentation and/or other materials provided with the distribution. > + * 3. The name of the author may not be used to endorse or promote > + * products derived from this software without specific prior written > + * permission. > + * > + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND > + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE > + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE > + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL > + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS > + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) > + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT > + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY > + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF > + * SUCH DAMAGE. > + * > + * $FreeBSD$ > + */ > + > +#include > +__FBSDID("$FreeBSD$"); > + > +#define _BSD_SOURCE > + > +#include > +#include > +#include > +#include > + > +#define PAM_SM_AUTH > +#define PAM_SM_ACCOUNT > +#define PAM_SM_SESSION > +#define PAM_SM_PASSWORD > + > +#include > +#include > + > +PAM_EXTERN int > +pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) > +{ > + struct options options; > + struct passwd *pwent; > + char *luser, *rhost; > + int r; > + > + pam_std_option(&options, NULL, argc, argv); > + > + PAM_LOG("Options processed"); > + > + r = pam_get_item(pamh, PAM_USER, (const void **)&luser); > + if (r != PAM_SUCCESS) > + PAM_RETURN(r); > + if (luser == NULL) > + PAM_RETURN(PAM_SERVICE_ERR); > + > + if ((pwent = getpwnam(luser)) == NULL) > + PAM_RETURN(PAM_USER_UNKNOWN); > + > + if (opie_haskey(luser) != 0) > + PAM_RETURN(PAM_IGNORE); > + > + r = pam_get_item(pamh, PAM_RHOST, (const void **)&rhost); > + if (r != PAM_SUCCESS) > + PAM_RETURN(r); > + if (rhost == NULL) > + PAM_RETURN(PAM_SERVICE_ERR); > + > + if (opieaccessfile(rhost) && opiealways(pwent->pw_dir) != 0) > + PAM_RETURN(PAM_IGNORE); > + > + PAM_VERBOSE_ERROR("Refused; remote host is not in opieaccess"); > + > + PAM_RETURN(PAM_AUTH_ERR); > +} > + > +PAM_EXTERN int > +pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) > +{ > + struct options options; > + > + pam_std_option(&options, NULL, argc, argv); > + > + PAM_LOG("Options processed"); > + > + PAM_RETURN(PAM_SUCCESS); > +} > + > +PAM_EXTERN int > +pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc ,const char **argv) > +{ > + struct options options; > + > + pam_std_option(&options, NULL, argc, argv); > + > + PAM_LOG("Options processed"); > + > + PAM_RETURN(PAM_IGNORE); > +} > + > +PAM_EXTERN int > +pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) > +{ > + struct options options; > + > + pam_std_option(&options, NULL, argc, argv); > + > + PAM_LOG("Options processed"); > + > + PAM_RETURN(PAM_IGNORE); > +} > + > +PAM_EXTERN int > +pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) > +{ > + struct options options; > + > + pam_std_option(&options, NULL, argc, argv); > + > + PAM_LOG("Options processed"); > + > + PAM_RETURN(PAM_IGNORE); > +} > + > +PAM_EXTERN int > +pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) > +{ > + struct options options; > + > + pam_std_option(&options, NULL, argc, argv); > + > + PAM_LOG("Options processed"); > + > + PAM_RETURN(PAM_IGNORE); > +} > + > +PAM_MODULE_ENTRY("pam_opieaccess"); > > --=-=-=-- -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 5:33:40 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id C478037B416 for ; Mon, 21 Jan 2002 05:33:35 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LDXTO35845; Mon, 21 Jan 2002 16:33:29 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 16:33:27 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: Mark Murray , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121133326.GA35793@nagual.pp.ru> References: <20020121000446.GB27206@nagual.pp.ru> <20020121002557.GB27831@nagual.pp.ru> <20020121004906.GA28231@nagual.pp.ru> <20020121025009.GA30673@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 14:07:48 +0100, Dag-Erling Smorgrav wrote: > Dag-Erling Smorgrav writes: > > Umm, you can't use opiechallenge() for that. You're not supposed to > > call opiechallenge() without also calling opieverify() (plus, I think > > opiechallenge() "consumes" a challenge). Use opielookup() instead. > > Even better, opie_haskey() (which is a wrapper around opielookup()). > New patch attached. Yes, this patch works as expected, but I doubt about opie_haskey() status. It looks like non-standard FreeBSD addition since it is in the local opieextra.c file and not in contrib/opie. If you care about machine independance, better use opielookup() directly. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 5:41:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from boognish.rain.fr (ABoulogne-107-1-2-154.abo.wanadoo.fr [80.13.244.154]) by hub.freebsd.org (Postfix) with ESMTP id 129F137B416; Mon, 21 Jan 2002 05:41:27 -0800 (PST) Received: from rain.fr (localhost [127.0.0.1]) by boognish.rain.fr (8.11.6/8.11.6) with ESMTP id g0LDcut00326; Mon, 21 Jan 2002 14:38:56 +0100 (CET) (envelope-from tfischer@rain.fr) Message-ID: <3C4C19EF.4070603@rain.fr> Date: Mon, 21 Jan 2002 14:38:55 +0100 From: Tom Fischer Organization: Equant User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.7) Gecko/20011226 X-Accept-Language: en-us MIME-Version: 1.0 To: Tom Skoglund Cc: freebsd-mobile@FreeBSD.ORG, freebsd-current@FreeBSD.ORG Subject: Re: NEWCARD and Xircom (RBEM56G-100) References: <006001c1a235$45d778c0$0605800a@chello.no> <200201202058500990.025D693D@smtp.mail.yahoo.com> <00ae01c1a239$077db900$0605800a@chello.no> <200201202117410797.026EA9F1@smtp.mail.yahoo.com> <010d01c1a23c$8d862200$0605800a@chello.no> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi Tom, No, I have this same card running on a Toshiba Tecra 8100, and it does indeed use the dc driver, and the ethernet part of it does indeed work (I'm running Current, last updated yesterday). The dc driver needs the miibus device configured in the kernel in order to work correctly, and it appears as if you haven't configured your kernel with this device- your dmesg is showing: dc0: port 0x1000-0x107f mem 0x84000000-0x840000ff,0x84000100-0x8400017f irq 11 at device 0.0 on cardbus0 dc0: Ethernet address: 00:00:00:00:00:00 dc0: MII without any PHY! while you should in fact be seeing something like: dc0: port 0x1000-0x107f mem 0x84002000-0x840020ff,0x84002100-0x8400217f irq 11 at device 0.0 on cardbus0 dc0: Ethernet address: 2e:29:21:02:06:00 miibus0: on dc0 tdkphy0: on miibus0 tdkphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto I haven't been able to get the modem part of this to work since October. Warner had given us some hints on how to get this working early last year, and it actually did work up until the 'sio' code was broken out from isa and put under sys/dev/sio/. This hadn't really been a problem until yesterday, as I had been using an Alcatel usb ADSL modem with the pppoa port to connect to the internet, but yesterday's cvsup (or most likely earlier- before yesterday, I last upgraded on 11/20/01) broke that as well- now I have no way of connecting :-( Warner, do you have any clues on how to get the modem half of this card working again? best regards, tom tfischer@rain.fr Tom Skoglund wrote: > I'll try contacting him as well if I cannot find a solution "soon". > Thanks, anyway! > > -Tom > > > "Greg Smith" wrote: > > >>Tom, >> >>OK, but I am doubtful. >> >>My feeling was that dc is for some old Dec cards and related, not even >>available in pcmcia/cardbus; and that xe was for various Xircom cards >>and related. I think the same driver often supports 16 and 32 bit >>cards. You might want to ask scott.mitchell@mail.com who seems to try >>single-handedly to keep the xe driver up to date. >> >>Best of luck. >> >>Greg >> >>-----Original Message----- >> >> >>>This encoded message has been converted to an attachment. >>> >>>Remember that this is a cardbus card, and AFAIK it should use the dc >>>driver. Think I actually tried the xe driver by mistake also, but I >>> >>have >> >>>not really played around with it. >>> >>>-Tom >>> >>>----- Original Message ----- >>>From: "Greg Smith" >>>To: "Tom Skoglund" >>> >>> >>>>Tom, >>>> >>>>I'm a little surprised that card is using the dc driver instead of >>>> >>the >> >>>>xe driver. I thought all the Xircom ..em56 cards used xe. Is that >>>> >>how >> >>>>it was set up in pccard.conf? >>>> >>>>Greg >>>> >>>>-----Original Message----- >>>> >>>> >>>>>Hi, >>>>>I have been eager to get my Xircom pcmcia nic to work under >>>>> >>FreeBSD, >> >>>>and >>>> >>>>>have been reading up on the mailing list an so on. My system is a >>>>> >>>>Compaq >>>> >>>>>Armada E500 running 20020119-CURRENT. This weekend I gave it a try, >>>>> >>>>with >>>> >>>>>not >>>>>so good results I might add. I made a new kernel (I have tried many >>>>> >>>>this >>>> >>>>>weekend) built on NEWCARD. I have been fooling around with all the >>>>>different >>>>>config files and kernel parameters I can imagine. >>>>> >>>>>Basically I'm trying to get the dc driver working. I have attached >>>>> >>>>some >>>> >>>>>logs >>>>>(dmesg, kldstat, sysctl, pciconf) for you to look at. When the >>>>> >>driver >> >>>>>module >>>>>fails it also screws up my screen by dividing it in 3 and adding >>>>> >>som >> >>>>random >>>> >>>>>"graphics", so I have to reboot to see anything again. This >>>>> >>behaviour >> >>>>is >>>> >>>>>the >>>>>same if I boot with the card or try to insert it runtime. >>>>> >>>>>What I see in the logs makes me belive it doesn't read the >>>>> >>registers >> >>>>right. >>>> >>>>>So before I start hacking the cardbus/if_dc files can anyone see if >>>>> >>>>there >>>> >>>>>is >>>>>something else I might try? >>>>> >>>>> >>>>>-Tom >>>>> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-mobile" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 5:55:13 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 92DE737B400 for ; Mon, 21 Jan 2002 05:55:10 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0LDt4q17226; Mon, 21 Jan 2002 13:55:04 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0LDqEt39193; Mon, 21 Jan 2002 13:52:14 GMT (envelope-from mark@grondar.za) Message-Id: <200201211352.g0LDqEt39193@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: Dag-Erling Smorgrav , current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020121133326.GA35793@nagual.pp.ru> In-Reply-To: <20020121133326.GA35793@nagual.pp.ru> ; from "Andrey A. Chernov" "Mon, 21 Jan 2002 16:33:27 +0300." Date: Mon, 21 Jan 2002 13:52:13 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Mon, Jan 21, 2002 at 14:07:48 +0100, Dag-Erling Smorgrav wrote: > > Dag-Erling Smorgrav writes: > > > Umm, you can't use opiechallenge() for that. You're not supposed to > > > call opiechallenge() without also calling opieverify() (plus, I think > > > opiechallenge() "consumes" a challenge). Use opielookup() instead. > > > > Even better, opie_haskey() (which is a wrapper around opielookup()). > > New patch attached. > > Yes, this patch works as expected, but I doubt about opie_haskey() status. > It looks like non-standard FreeBSD addition since it is in the local > opieextra.c file and not in contrib/opie. If you care about > machine independance, better use opielookup() directly. No, that is OK. :-) The FreeBSD PAM modules are all written from scratch as BSD PAM modules. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6: 5:19 2002 Delivered-To: freebsd-current@freebsd.org Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 074F537B41B for ; Mon, 21 Jan 2002 06:05:17 -0800 (PST) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 8A2D33A; Mon, 21 Jan 2002 08:05:16 -0600 (CST) Received: (from nectar@localhost) by madman.nectar.cc (8.11.6/8.11.6) id g0LE5G757720; Mon, 21 Jan 2002 08:05:16 -0600 (CST) (envelope-from nectar) Date: Mon, 21 Jan 2002 08:05:16 -0600 From: "Jacques A. Vidrine" To: Terry Lambert Cc: current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121140516.GB57549@madman.nectar.cc> References: <20020120233050.GA26913@nagual.pp.ru> <200201202344.g0KNijt34738@grimreaper.grondar.org> <3C4BC6A0.4078CBA6@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3C4BC6A0.4078CBA6@mindspring.com> User-Agent: Mutt/1.3.25i X-Url: http://www.nectar.cc/ Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, Jan 20, 2002 at 11:43:28PM -0800, Terry Lambert wrote: > Once you guys have this all hammered out, are you going to > integrate PAM and Kerberos? 8-) 8-) 8-). In what way do you mean? -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6:18:36 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id BE8D637B404; Mon, 21 Jan 2002 06:18:34 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 5E33D532C; Mon, 21 Jan 2002 15:18:33 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: ache@freebsd.org, markm@freebsd.org, Cc: current@freebsd.org Subject: pam_opie(8) prompt From: Dag-Erling Smorgrav Date: 21 Jan 2002 15:18:32 +0100 Message-ID: Lines: 8 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Does anybody mind if I change the pam_opie(8) prompt from "Password:" to "Response:"? I think users might be slightly confused when they enter an incorrect or empty response twice and get a new "Password:" prompt and don't realize it's the pam_unix(8) prompt. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6:21: 9 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 01F2F37B41B for ; Mon, 21 Jan 2002 06:20:49 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LEKeJ36581; Mon, 21 Jan 2002 17:20:40 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 17:20:38 +0300 From: "Andrey A. Chernov" To: des@ofug.org, mark@grondar.za, current@FreeBSD.ORG Subject: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121142038.GA36519@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This fixes reflects pam_opieaccess addition. Few comments: ftpd: fallback was a hack and not needed now with new pam_opieaccess login: I believe that there is no authtok change service provided by pam_opie module, so remove #password sufficient pam_opie.so no_warn line --- ftpd.bak Sat Jan 19 21:29:49 2002 +++ ftpd Mon Jan 21 17:11:27 2002 @@ -9,10 +9,9 @@ #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn #auth sufficient pam_ssh.so no_warn try_first_pass -# Uncomment either pam_opie or pam_unix, but not both of them. -# pam_unix can't be simple chained with pam_opie, ftpd provides proper fallback -auth required pam_opie.so no_warn -#auth required pam_unix.so no_warn try_first_pass +#auth sufficient pam_opie.so no_warn +#auth requisite pam_opieaccess.so no_warn +auth required pam_unix.so no_warn try_first_pass # account #account required pam_kerberosIV.so --- login.bak Sat Jan 19 21:29:49 2002 +++ login Mon Jan 21 17:11:27 2002 @@ -6,10 +6,11 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass +#auth sufficient pam_opie.so no_warn +#auth requisite pam_opieaccess.so no_warn auth required pam_unix.so no_warn try_first_pass # account @@ -24,7 +25,6 @@ session required pam_unix.so # password -#password sufficient pam_opie.so no_warn #password sufficient pam_kerberosIV.so no_warn try_first_pass #password sufficient pam_krb5.so no_warn try_first_pass password required pam_unix.so no_warn try_first_pass --- su.bak Sat Jan 19 21:29:49 2002 +++ su Mon Jan 21 17:11:27 2002 @@ -9,13 +9,15 @@ auth requisite pam_wheel.so no_warn auth_as_self noroot_ok #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self -#auth required pam_opie.so no_warn #auth required pam_ssh.so no_warn try_first_pass +#auth sufficient pam_opie.so no_warn +#auth requisite pam_opieaccess.so no_warn auth required pam_unix.so no_warn try_first_pass nullok #auth sufficient pam_rootok.so no_warn ##auth sufficient pam_kerberosIV.so no_warn ##auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn auth_as_self +##auth sufficient pam_opie.so no_warn auth_as_self +##auth requisite pam_opieaccess.so no_warn #auth required pam_unix.so no_warn try_first_pass auth_as_self # account -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6:29: 9 2002 Delivered-To: freebsd-current@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id A0C4937B400; Mon, 21 Jan 2002 06:28:54 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g0LESJj67534; Mon, 21 Jan 2002 16:28:19 +0200 (EET) (envelope-from ru) Date: Mon, 21 Jan 2002 16:28:19 +0200 From: Ruslan Ermilov To: Dag-Erling Smorgrav Cc: ache@FreeBSD.ORG, markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt Message-ID: <20020121162819.C63110@sunbay.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.23i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 03:18:32PM +0100, Dag-Erling Smorgrav wrote: > Does anybody mind if I change the pam_opie(8) prompt from "Password:" > to "Response:"? I think users might be slightly confused when they > enter an incorrect or empty response twice and get a new "Password:" > prompt and don't realize it's the pam_unix(8) prompt. > Why not "OPIE password:" then? Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6:29:13 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id B03C137B419; Mon, 21 Jan 2002 06:29:05 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LET3w36646; Mon, 21 Jan 2002 17:29:03 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 17:29:01 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@freebsd.org, current@freebsd.org Subject: Re: pam_opie(8) prompt Message-ID: <20020121142901.GA36594@nagual.pp.ru> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 15:18:32 +0100, Dag-Erling Smorgrav wrote: > Does anybody mind if I change the pam_opie(8) prompt from "Password:" > to "Response:"? I think users might be slightly confused when they > enter an incorrect or empty response twice and get a new "Password:" > prompt and don't realize it's the pam_unix(8) prompt. Wait... First of all, there (I mean original OPIE) must be 2 prompts in worst case, not 3 prompts: 1) One prompt without echo. 2) One prompt with echo. Thats all. It looks like pam_unix option should be changed from "try_first_pass" to "use_first_pass" to avoid 3rd prompt. Back to your subj.: It breaks, at least, M$ Windows OPIE/Skey generators which do auto-paste when keyword (Password) is found. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6:44:30 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 926AB37B404; Mon, 21 Jan 2002 06:44:26 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0LEiP617648; Mon, 21 Jan 2002 14:44:25 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0LEfTt39535; Mon, 21 Jan 2002 14:41:29 GMT (envelope-from mark@grondar.za) Message-Id: <200201211441.g0LEfTt39535@grimreaper.grondar.org> To: Dag-Erling Smorgrav Cc: ache@freebsd.org, markm@freebsd.org, current@freebsd.org Subject: Re: pam_opie(8) prompt References: In-Reply-To: ; from Dag-Erling Smorgrav "21 Jan 2002 15:18:32 +0100." Date: Mon, 21 Jan 2002 14:41:28 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Does anybody mind if I change the pam_opie(8) prompt from "Password:" > to "Response:"? I think users might be slightly confused when they > enter an incorrect or empty response twice and get a new "Password:" > prompt and don't realize it's the pam_unix(8) prompt. Nope - that sounds good! M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6:45:57 2002 Delivered-To: freebsd-current@freebsd.org Received: from h132-197-179-27.gte.com (h132-197-179-27.gte.com [132.197.179.27]) by hub.freebsd.org (Postfix) with ESMTP id 015E737B402 for ; Mon, 21 Jan 2002 06:45:55 -0800 (PST) Received: from kanpc.gte.com (localhost [127.0.0.1]) by h132-197-179-27.gte.com (8.11.6/8.11.4) with SMTP id g0LEjLZ55805; Mon, 21 Jan 2002 09:45:21 -0500 (EST) (envelope-from ak03@gte.com) Date: Mon, 21 Jan 2002 09:45:21 -0500 From: Alexander Kabaev To: Julian Elischer Cc: current@FreeBSD.ORG Subject: Re: __stderrp error Message-Id: <20020121094521.777d54ec.ak03@gte.com> In-Reply-To: References: <8ABEC4B7-0E43-11D6-9888-000A277C7FDE@hackerheaven.org> Organization: Verizon Data Services X-Mailer: Sylpheed version 0.7.0claws8 (GTK+ 1.2.10; i386--freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > and I've "made world" a lot of times like that. > and if I do it by hand as sugested, it doesn;t make any difference > either. Just a guess - have you removed existing old libraries from /usr/lib? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 6:47:31 2002 Delivered-To: freebsd-current@freebsd.org Received: from rover.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id BEB4437B483 for ; Mon, 21 Jan 2002 06:46:49 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.3/8.11.3) with ESMTP id g0LEkjl48959; Mon, 21 Jan 2002 07:46:45 -0700 (MST) (envelope-from imp@village.org) Received: from localhost (warner@rover2.village.org [10.0.0.1]) by harmony.village.org (8.11.6/8.11.6) with ESMTP id g0LEkix44377; Mon, 21 Jan 2002 07:46:44 -0700 (MST) (envelope-from imp@village.org) Date: Mon, 21 Jan 2002 07:46:27 -0700 (MST) Message-Id: <20020121.074627.60783303.imp@village.org> To: julian@elischer.org Cc: current@FreeBSD.ORG Subject: Re: __stderrp error From: "M. Warner Losh" In-Reply-To: References: X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Some -current binaries can have this, but recompiling usually fixes it. Also, I have some older 3.x binaries that I had to install COMPAT3 to get working. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7: 7:33 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 5327137B42C; Mon, 21 Jan 2002 07:07:19 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LF7GH36999; Mon, 21 Jan 2002 18:07:17 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 18:07:16 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt Message-ID: <20020121150716.GA36954@nagual.pp.ru> References: <20020121142901.GA36594@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121142901.GA36594@nagual.pp.ru> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 17:29:01 +0300, Andrey A. Chernov wrote: > > enter an incorrect or empty response twice and get a new "Password:" > > prompt and don't realize it's the pam_unix(8) prompt. > > Wait... First of all, there (I mean original OPIE) must be 2 prompts in > worst case, not 3 prompts: I can't reproduce your 3 prompts situation (or may I misread what you try to say?) I got only 2 prompts in login and su. > Back to your subj.: It breaks, at least, M$ Windows OPIE/Skey generators > which do auto-paste when keyword (Password) is found. I mean, I object to changing prompt which have well-known for scripts form. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:11:55 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 8D34C37B402; Mon, 21 Jan 2002 07:11:50 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id CE734532C; Mon, 21 Jan 2002 16:11:48 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@freebsd.org, current@freebsd.org Subject: Re: pam_opie(8) prompt References: <20020121142901.GA36594@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 16:11:47 +0100 In-Reply-To: <20020121142901.GA36594@nagual.pp.ru> Message-ID: Lines: 28 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > On Mon, Jan 21, 2002 at 15:18:32 +0100, Dag-Erling Smorgrav wrote: > > Does anybody mind if I change the pam_opie(8) prompt from "Password:" > > to "Response:"? I think users might be slightly confused when they > > enter an incorrect or empty response twice and get a new "Password:" > > prompt and don't realize it's the pam_unix(8) prompt. > Wait... First of all, there (I mean original OPIE) must be 2 prompts in > worst case, not 3 prompts: > > 1) One prompt without echo. > 2) One prompt with echo. I know, I just want to replace "Password" with "Response" in those prompts. > It looks like pam_unix option should be changed from "try_first_pass" to > "use_first_pass" to avoid 3rd prompt. I'll try that, but I'm not convinced it'll help. > Back to your subj.: It breaks, at least, M$ Windows OPIE/Skey generators > which do auto-paste when keyword (Password) is found. Good point. "OPIE Password" might be more appropriate, then. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:14:11 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id DD00937B430; Mon, 21 Jan 2002 07:13:56 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id A8234533B; Mon, 21 Jan 2002 16:13:55 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt References: <20020121142901.GA36594@nagual.pp.ru> <20020121150716.GA36954@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 16:13:54 +0100 In-Reply-To: <20020121150716.GA36954@nagual.pp.ru> Message-ID: Lines: 32 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > I can't reproduce your 3 prompts situation (or may I misread what you try > to say?) I got only 2 prompts in login and su. des@des ~% login des otp-md5 496 de6973 ext Password: otp-md5 496 de6973 ext Password [echo on]: Password: Last login: Mon Jan 21 15:12:03 on ttypj Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.0-CURRENT (DES) #124: Sat Jan 12 19:11:47 CET 2002 You have new mail. des@des ~% des@des ~% login des otp-md5 496 de6973 ext Password: Password: Last login: Mon Jan 21 16:12:16 on ttypi Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.0-CURRENT (DES) #124: Sat Jan 12 19:11:47 CET 2002 You have new mail. des@des ~% DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:16: 1 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 1913737B404 for ; Mon, 21 Jan 2002 07:15:58 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id EF320532C; Mon, 21 Jan 2002 16:15:56 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 16:15:56 +0100 In-Reply-To: <20020121142038.GA36519@nagual.pp.ru> Message-ID: Lines: 10 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > This fixes reflects pam_opieaccess addition. Augh, I just spent about an hour doing just that (and fixing some other stuff too). Thanks anyway, I'll compare your patches to mine to see if we disagree anywhere. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:21:48 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id C4C1337B477; Mon, 21 Jan 2002 07:21:36 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LFLYQ37265; Mon, 21 Jan 2002 18:21:34 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 18:21:34 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt Message-ID: <20020121152134.GA37234@nagual.pp.ru> References: <20020121142901.GA36594@nagual.pp.ru> <20020121150716.GA36954@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 16:13:54 +0100, Dag-Erling Smorgrav wrote: > "Andrey A. Chernov" writes: > > I can't reproduce your 3 prompts situation (or may I misread what you try > > to say?) I got only 2 prompts in login and su. > > des@des ~% login des > otp-md5 496 de6973 ext > Password: > otp-md5 496 de6973 ext > Password [echo on]: > Password: Yes, I see it too now. It is definitely some bug here. When I say "in login" I mean I test it through: telnet -X SRA localhost (only 2 prompts on 2 ) -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:33: 1 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 20C7937B435; Mon, 21 Jan 2002 07:32:48 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LFWje37375; Mon, 21 Jan 2002 18:32:45 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 18:32:43 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@freebsd.org, current@freebsd.org Subject: Re: pam_opie(8) prompt Message-ID: <20020121153242.GB37234@nagual.pp.ru> References: <20020121142901.GA36594@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 16:11:47 +0100, Dag-Erling Smorgrav wrote: > > > Back to your subj.: It breaks, at least, M$ Windows OPIE/Skey generators > > which do auto-paste when keyword (Password) is found. > > Good point. "OPIE Password" might be more appropriate, then. We don't know, what exact pattern they may use. What if it is something like \nPassword? BTW, example of such program is NetNTerm www.securenetterm.com -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:34:13 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 0977537B404 for ; Mon, 21 Jan 2002 07:33:59 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id D2558532C; Mon, 21 Jan 2002 16:33:57 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 16:33:57 +0100 In-Reply-To: <20020121142038.GA36519@nagual.pp.ru> Message-ID: Lines: 21 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-=-= "Andrey A. Chernov" writes: > This fixes reflects pam_opieaccess addition. OK, comments: 1) there's no reason to have pam_opie commented out now, it won't do anything unless OPIE is enabled for the target user. With my patch, any user can use OPIE by simply running opiekey(1), without admin intervention. 2) there are several other PAM config files that refer to pam_opie and need fixing. Patch attached. DES -- Dag-Erling Smorgrav - des@ofug.org --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=pam_d.diff Index: csshd =================================================================== RCS file: /home/ncvs/src/etc/pam.d/csshd,v retrieving revision 1.2 diff -u -r1.2 csshd --- csshd 5 Dec 2001 21:26:00 -0000 1.2 +++ csshd 21 Jan 2002 13:55:24 -0000 @@ -5,4 +5,5 @@ # # auth -auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn +auth requisite pam_opieaccess.so no_warn Index: ftp =================================================================== RCS file: /home/ncvs/src/etc/pam.d/ftp,v retrieving revision 1.2 diff -u -r1.2 ftp --- ftp 5 Dec 2001 21:26:00 -0000 1.2 +++ ftp 21 Jan 2002 14:05:45 -0000 @@ -8,7 +8,8 @@ auth required pam_nologin.so no_warn #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn +auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass Index: ftpd =================================================================== RCS file: /home/ncvs/src/etc/pam.d/ftpd,v retrieving revision 1.12 diff -u -r1.12 ftpd --- ftpd 19 Jan 2002 18:29:49 -0000 1.12 +++ ftpd 21 Jan 2002 14:05:17 -0000 @@ -9,10 +9,9 @@ #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn #auth sufficient pam_ssh.so no_warn try_first_pass -# Uncomment either pam_opie or pam_unix, but not both of them. -# pam_unix can't be simple chained with pam_opie, ftpd provides proper fallback -auth required pam_opie.so no_warn -#auth required pam_unix.so no_warn try_first_pass +auth sufficient pam_opie.so no_warn +auth requisite pam_opieaccess.so no_warn +auth required pam_unix.so no_warn try_first_pass # account #account required pam_kerberosIV.so Index: imap =================================================================== RCS file: /home/ncvs/src/etc/pam.d/imap,v retrieving revision 1.2 diff -u -r1.2 imap --- imap 5 Dec 2001 21:26:00 -0000 1.2 +++ imap 21 Jan 2002 14:04:44 -0000 @@ -6,6 +6,7 @@ # auth #auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +#auth sufficient pam_opie.so no_warn +#auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass #auth required pam_unix.so no_warn try_first_pass Index: kde =================================================================== RCS file: /home/ncvs/src/etc/pam.d/kde,v retrieving revision 1.2 diff -u -r1.2 kde --- kde 5 Dec 2001 21:26:00 -0000 1.2 +++ kde 21 Jan 2002 14:04:21 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn +auth sufficient pam_opie.so no_warn +auth requisite pam_opieaccess.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass Index: login =================================================================== RCS file: /home/ncvs/src/etc/pam.d/login,v retrieving revision 1.5 diff -u -r1.5 login --- login 19 Jan 2002 18:29:49 -0000 1.5 +++ login 21 Jan 2002 15:14:37 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn +auth sufficient pam_opie.so no_warn +auth requisite pam_opieaccess.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass @@ -24,7 +25,6 @@ session required pam_unix.so # password -#password sufficient pam_opie.so no_warn #password sufficient pam_kerberosIV.so no_warn try_first_pass #password sufficient pam_krb5.so no_warn try_first_pass password required pam_unix.so no_warn try_first_pass Index: other =================================================================== RCS file: /home/ncvs/src/etc/pam.d/other,v retrieving revision 1.2 diff -u -r1.2 other --- other 5 Dec 2001 21:26:00 -0000 1.2 +++ other 21 Jan 2002 14:03:48 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn +auth requisite pam_opieaccess.so no_warn auth required pam_unix.so no_warn try_first_pass # account Index: pop3 =================================================================== RCS file: /home/ncvs/src/etc/pam.d/pop3,v retrieving revision 1.2 diff -u -r1.2 pop3 --- pop3 5 Dec 2001 21:26:00 -0000 1.2 +++ pop3 21 Jan 2002 14:03:22 -0000 @@ -6,6 +6,7 @@ # auth #auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +#auth sufficient pam_opie.so no_warn +#auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass #auth required pam_unix.so no_warn try_first_pass Index: su =================================================================== RCS file: /home/ncvs/src/etc/pam.d/su,v retrieving revision 1.5 diff -u -r1.5 su --- su 19 Jan 2002 18:29:49 -0000 1.5 +++ su 21 Jan 2002 14:00:52 -0000 @@ -12,30 +12,41 @@ #auth required pam_opie.so no_warn #auth required pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass nullok -#auth sufficient pam_rootok.so no_warn -##auth sufficient pam_kerberosIV.so no_warn -##auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn auth_as_self -#auth required pam_unix.so no_warn try_first_pass auth_as_self # account #account required pam_kerberosIV.so #account required pam_krb5.so account required pam_unix.so -##account required pam_kerberosIV.so -##account required pam_krb5.so -#account required pam_unix.so # session #session required pam_kerberosIV.so #session required pam_krb5.so #session required pam_ssh.so session required pam_unix.so + +# password +password required pam_permit.so + + +# If you want a "WHEELSU"-type su(1), then comment out the +# above, and uncomment the entries below. +## auth +#auth sufficient pam_rootok.so no_warn +##auth sufficient pam_kerberosIV.so no_warn +##auth sufficient pam_krb5.so no_warn +#auth required pam_opie.so no_warn auth_as_self +#auth required pam_unix.so no_warn try_first_pass auth_as_self + +## account +##account required pam_kerberosIV.so +##account required pam_krb5.so +#account required pam_unix.so + +## session ##session required pam_kerberosIV.so ##session required pam_krb5.so ##session required pam_ssh.so #session required pam_unix.so -# password -password required pam_permit.so +## password #password required pam_permit.so --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:42:56 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 40CF037B402 for ; Mon, 21 Jan 2002 07:42:51 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LFgjE37518; Mon, 21 Jan 2002 18:42:45 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 18:42:44 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121154244.GC37234@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 16:33:57 +0100, Dag-Erling Smorgrav wrote: > > 1) there's no reason to have pam_opie commented out now, it won't do One reason still exist: all users (i.e. non-OPIE too) will see OTP responses when pam_opie will be uncommented. It may leads to confusion or wrong automated scripts processing. I have idea to solve it adding "no_fake_prompts" option to pam_opie to control that per admin choice. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:45:50 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 78E7E37B41B; Mon, 21 Jan 2002 07:45:45 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 0EAA6532C; Mon, 21 Jan 2002 16:45:41 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt References: <20020121142901.GA36594@nagual.pp.ru> <20020121150716.GA36954@nagual.pp.ru> <20020121152134.GA37234@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 16:45:41 +0100 In-Reply-To: <20020121152134.GA37234@nagual.pp.ru> Message-ID: Lines: 12 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Yes, I see it too now. It is definitely some bug here. When I say "in > login" I mean I test it through: The bug is quite simply that pam_opie(8) never sets the AUTHTOK item, so pam_unix(8) doesn't know that the user already entered a password. I believe pam_get_pass() should set PAM_AUTHTOK. Any objections? DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:48: 8 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id B0F2437B400; Mon, 21 Jan 2002 07:48:05 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 7DC61532C; Mon, 21 Jan 2002 16:48:01 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt References: <20020121142901.GA36594@nagual.pp.ru> <20020121150716.GA36954@nagual.pp.ru> <20020121152134.GA37234@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 16:48:00 +0100 In-Reply-To: Message-ID: Lines: 14 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav writes: > The bug is quite simply that pam_opie(8) never sets the AUTHTOK item, > so pam_unix(8) doesn't know that the user already entered a password. > > I believe pam_get_pass() should set PAM_AUTHTOK. Any objections? OK, now I'm really off my rocker; pam_conv_pass() (called by pam_get_pass()) does set PAM_AUTHTOK. I still don't understand why it's NULL by the time pam_unix(8) calls pam_get_pass(). I'll investigate further. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:53:29 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 73DFB37B400 for ; Mon, 21 Jan 2002 07:53:21 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LFrHx37645; Mon, 21 Jan 2002 18:53:17 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 18:53:16 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121155316.GD37234@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 16:33:57 +0100, Dag-Erling Smorgrav wrote: > > Patch attached. I already comment "always turning opie on" in previous message, besides that I don't understand one thing in your patch: why you not enable pam_opie for "su" and not add pam_opieaccess there? It is enough useful for sysadmin logging in as user via unencrypted telnet and then do "su" for root. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 7:55: 4 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id D698937B402 for ; Mon, 21 Jan 2002 07:54:58 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id A2261532C; Mon, 21 Jan 2002 16:54:57 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 16:54:56 +0100 In-Reply-To: <20020121154244.GC37234@nagual.pp.ru> Message-ID: Lines: 16 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > One reason still exist: all users (i.e. non-OPIE too) will see OTP > responses when pam_opie will be uncommented. It may leads to confusion or > wrong automated scripts processing. Ah, I thought pam_opie(8) ignored users that didn't have OPIE set up. Silly me for making assumptions :) > I have idea to solve it adding "no_fake_prompts" option to pam_opie to > control that per admin choice. Yep, excellent idea. I'll get right on it. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8: 0:12 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 3A4EF37B404 for ; Mon, 21 Jan 2002 08:00:06 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id E68FC532C; Mon, 21 Jan 2002 17:00:04 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121155316.GD37234@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 17:00:04 +0100 In-Reply-To: <20020121155316.GD37234@nagual.pp.ru> Message-ID: Lines: 13 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > I already comment "always turning opie on" in previous message, besides > that I don't understand one thing in your patch: why you not enable > pam_opie for "su" and not add pam_opieaccess there? It is enough useful > for sysadmin logging in as user via unencrypted telnet and then do "su" > for root. Hmm? Simple oversight, sorry. I'll post a new patch when I've fixed the "no_fake_prompts" thingy. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8: 4:51 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 2D1A437B400 for ; Mon, 21 Jan 2002 08:04:47 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0LG4gF19508; Mon, 21 Jan 2002 16:04:42 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0LG2Ft42553; Mon, 21 Jan 2002 16:02:16 GMT (envelope-from mark@grondar.za) Message-Id: <200201211602.g0LG2Ft42553@grimreaper.grondar.org> To: "Andrey A. Chernov" Cc: Dag-Erling Smorgrav , current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121154244.GC37234@nagual.pp.ru> In-Reply-To: <20020121154244.GC37234@nagual.pp.ru> ; from "Andrey A. Chernov" "Mon, 21 Jan 2002 18:42:44 +0300." Date: Mon, 21 Jan 2002 16:02:15 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > On Mon, Jan 21, 2002 at 16:33:57 +0100, Dag-Erling Smorgrav wrote: > > > > 1) there's no reason to have pam_opie commented out now, it won't do > > One reason still exist: all users (i.e. non-OPIE too) will see OTP > responses when pam_opie will be uncommented. It may leads to confusion or > wrong automated scripts processing. > > I have idea to solve it adding "no_fake_prompts" option to pam_opie to > control that per admin choice. Yes. That would be a good move. :-) M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8: 5: 5 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id A694337B416; Mon, 21 Jan 2002 08:04:56 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0LG4mN19515; Mon, 21 Jan 2002 16:04:48 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0LG3It42567; Mon, 21 Jan 2002 16:03:18 GMT (envelope-from mark@grondar.za) Message-Id: <200201211603.g0LG3It42567@grimreaper.grondar.org> To: Dag-Erling Smorgrav Cc: "Andrey A. Chernov" , markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt References: In-Reply-To: ; from Dag-Erling Smorgrav "21 Jan 2002 16:45:41 +0100." Date: Mon, 21 Jan 2002 16:03:17 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > "Andrey A. Chernov" writes: > > Yes, I see it too now. It is definitely some bug here. When I say "in > > login" I mean I test it through: > > The bug is quite simply that pam_opie(8) never sets the AUTHTOK item, > so pam_unix(8) doesn't know that the user already entered a password. > > I believe pam_get_pass() should set PAM_AUTHTOK. Any objections? Not from me :-) M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:10:56 2002 Delivered-To: freebsd-current@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id C82E037B416 for ; Mon, 21 Jan 2002 08:10:46 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g0LGA3583459; Mon, 21 Jan 2002 18:10:03 +0200 (EET) (envelope-from ru) Date: Mon, 21 Jan 2002 18:10:03 +0200 From: Ruslan Ermilov To: Alexander Kabaev Cc: Julian Elischer , current@FreeBSD.ORG Subject: Re: __stderrp error Message-ID: <20020121181003.E63110@sunbay.com> References: <8ABEC4B7-0E43-11D6-9888-000A277C7FDE@hackerheaven.org> <20020121094521.777d54ec.ak03@gte.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121094521.777d54ec.ak03@gte.com> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 09:45:21AM -0500, Alexander Kabaev wrote: > > and I've "made world" a lot of times like that. > > and if I do it by hand as sugested, it doesn;t make any difference > > either. > Just a guess - have you removed existing old libraries from /usr/lib? > lib/compact/Makefile.inc takes care of this. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:14:29 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 53F2437B400; Mon, 21 Jan 2002 08:14:26 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 37379532C; Mon, 21 Jan 2002 17:14:25 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt References: <20020121142901.GA36594@nagual.pp.ru> <20020121150716.GA36954@nagual.pp.ru> <20020121152134.GA37234@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 17:14:24 +0100 In-Reply-To: Message-ID: Lines: 13 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav writes: > OK, now I'm really off my rocker; pam_conv_pass() (called by > pam_get_pass()) does set PAM_AUTHTOK. I still don't understand why > it's NULL by the time pam_unix(8) calls pam_get_pass(). I'll > investigate further. I found the bug: login(1) only sets PAM_RHOST if the user is logging in from a remote host, but it should be set to the local hostname if the user is logging in locally. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:15:57 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 71E8637B402 for ; Mon, 21 Jan 2002 08:15:51 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LGFea37921; Mon, 21 Jan 2002 19:15:41 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 19:15:36 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121161534.GE37234@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 16:54:56 +0100, Dag-Erling Smorgrav wrote: > Ah, I thought pam_opie(8) ignored users that didn't have OPIE set up. In fact, there is no consensus about that among standalone OPIE applications, some acts with fake prompts, some - without. One (among others) argument _for_ "no fake prompts" is that standalone application once compiled with OPIE support can't dynamically turn off fake prompts using some configuration. For PAM case it means that pam_opie can't be always turned on without confusion just because its fake prompts and _nothing_else_. The arguments _against_ "no fake prompts" was explained by markm in our previous discussion. > > I have idea to solve it adding "no_fake_prompts" option to pam_opie to > > control that per admin choice. > > Yep, excellent idea. I'll get right on it. Ok, I'll make patch for review. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:19:13 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 1D44437B402; Mon, 21 Jan 2002 08:19:02 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LGJ0K37987; Mon, 21 Jan 2002 19:19:00 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 19:18:58 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt Message-ID: <20020121161858.GF37234@nagual.pp.ru> References: <20020121142901.GA36594@nagual.pp.ru> <20020121150716.GA36954@nagual.pp.ru> <20020121152134.GA37234@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 16:45:41 +0100, Dag-Erling Smorgrav wrote: > The bug is quite simply that pam_opie(8) never sets the AUTHTOK item, > so pam_unix(8) doesn't know that the user already entered a password. > > I believe pam_get_pass() should set PAM_AUTHTOK. Any objections? No objections. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:24:36 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 37F6A37B405 for ; Mon, 21 Jan 2002 08:24:30 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id D285C532C; Mon, 21 Jan 2002 17:24:28 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 17:24:28 +0100 In-Reply-To: <20020121161534.GE37234@nagual.pp.ru> Message-ID: Lines: 37 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > On Mon, Jan 21, 2002 at 16:54:56 +0100, Dag-Erling Smorgrav wrote: > One (among others) argument _for_ "no fake prompts" is that standalone > application once compiled with OPIE support can't dynamically turn off > fake prompts using some configuration. For PAM case it means that pam_opie > can't be always turned on without confusion just because its fake prompts > and _nothing_else_. > > The arguments _against_ "no fake prompts" was explained by markm in our > previous discussion. Yes, information leakage. We have two options: - enable OPIE by default, with the no_fake_prompts option, leaving it up to the admin to enable fake prompts if he so wishes - disable OPIE by default, but do fake prompts by default if it is enabled I think the first alternative increases security in a default installation, because it allows any user to choose to use OPIE without admin intervention. If we go for the second alternative, users can use OPIE only if the admin decides to enable it. > > > I have idea to solve it adding "no_fake_prompts" option to pam_opie to > > > control that per admin choice. > > Yep, excellent idea. I'll get right on it. > Ok, I'll make patch for review. Please, I'm getting paid to do this :) Make yourself a cup of tea or something and put your feet up on the desk for a couple of minutes. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:25:14 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 9D9AF37B405; Mon, 21 Jan 2002 08:25:06 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LGP5N38070; Mon, 21 Jan 2002 19:25:05 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 19:25:04 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt Message-ID: <20020121162504.GG37234@nagual.pp.ru> References: <20020121142901.GA36594@nagual.pp.ru> <20020121150716.GA36954@nagual.pp.ru> <20020121152134.GA37234@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 17:14:24 +0100, Dag-Erling Smorgrav wrote: > Dag-Erling Smorgrav writes: > > OK, now I'm really off my rocker; pam_conv_pass() (called by > > pam_get_pass()) does set PAM_AUTHTOK. I still don't understand why > > it's NULL by the time pam_unix(8) calls pam_get_pass(). I'll > > investigate further. > > I found the bug: login(1) only sets PAM_RHOST if the user is logging > in from a remote host, but it should be set to the local hostname if > the user is logging in locally. Yes. It seems that PAM wants some form of PAM_RHOST in many places. "su", for example, does needed trick here. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:27:47 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 8C32F37B41D for ; Mon, 21 Jan 2002 08:27:34 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LGRTJ38096; Mon, 21 Jan 2002 19:27:29 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 19:27:27 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121162726.GH37234@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 17:24:28 +0100, Dag-Erling Smorgrav wrote: > - enable OPIE by default, with the no_fake_prompts option, leaving it > up to the admin to enable fake prompts if he so wishes I vote for this one. > Please, I'm getting paid to do this :) Make yourself a cup of tea or > something and put your feet up on the desk for a couple of minutes. Ok, ok. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 8:35:18 2002 Delivered-To: freebsd-current@freebsd.org Received: from mail.webjockey.net (mail.webjockey.net [208.141.46.3]) by hub.freebsd.org (Postfix) with ESMTP id 5F8D037B400 for ; Mon, 21 Jan 2002 08:35:12 -0800 (PST) Received: from outloud.org (IDENT:nobody@home.webjockey.net [208.141.46.11]) (authenticated) by mail.webjockey.net (8.11.6/8.11.6) with ESMTP id g0LGXss44749; Mon, 21 Jan 2002 11:34:02 -0500 (EST) (envelope-from gary@outloud.org) Received: from 63.68.129.181 (SquirrelMail authenticated user ancient) by test.outloud.org with HTTP; Mon, 21 Jan 2002 11:33:57 -0500 (EST) Message-ID: <1699.63.68.129.181.1011630837.squirrel@test.outloud.org> Date: Mon, 21 Jan 2002 11:33:57 -0500 (EST) Subject: Re: sudo redu From: "Storms of Perfection" To: In-Reply-To: <20020120041357U.matusita@jp.FreeBSD.org> References: <20020120041357U.matusita@jp.FreeBSD.org> X-Priority: 3 Importance: Normal X-MSMail-Priority: Normal Cc: X-Mailer: SquirrelMail (version 1.2.3 [cvs]) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG The problem(s) with sudo have been fixed in the latest sudo CVS release. This works for me on -CURRENT as of December 16th, 2001 and RELENG_4 --- /tmp/sudo-1.6.5p1/auth/pam.c Mon Dec 31 12:18:12 2001 +++ /home/ancient/test/sudo/auth/pam.c Mon Jan 21 06:54:37 2002 @@ -66,7 +66,7 @@ #include "sudo_auth.h" #ifndef lint -static const char rcsid[] = "$Sudo: pam.c,v 1.23 2001/12/31 17:18:12 millert Exp $"; +static const char rcsid[] = "$Sudo: pam.c,v 1.25 2002/01/20 19:21:33 millert Exp $"; #endif /* lint */ static int sudo_conv __P((int, PAM_CONST struct pam_message **, @@ -163,7 +163,6 @@ struct pam_conv pam_conv; pam_handle_t *pamh; const char *s; - int error; /* We need to setup a new PAM session for the user we are changing *to*. */ pam_conv.conv = sudo_conv; @@ -176,16 +175,19 @@ if (strcmp(user_tty, "unknown")) (void) pam_set_item(pamh, PAM_TTY, user_tty); - /* Set credentials (may include resource limits, device ownership, etc). */ - if ((error = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) { - if ((s = pam_strerror(pamh, error))) - log_error(NO_EXIT|NO_MAIL, "pam_setcred: %s", s); - } + /* + * Set credentials (may include resource limits, device ownership, etc). + * We don't check the return value here because in Linux-PAM 0.75 + * it returns the last saved return code, not the return code + * for the setcred module. Because we haven't called pam_authenticate (), + * this is not set and so pam_setcred() returns PAM_PERM_DENIED. + */ + (void) pam_setcred(pamh, PAM_ESTABLISH_CRED); - if (pam_end(pamh, error) != PAM_SUCCESS) + if (pam_end(pamh, PAM_SUCCESS) == PAM_SUCCESS) + return(PAM_SUCCESS); + else return(AUTH_FAILURE); - - return(error == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE); } /* @@ -219,7 +221,9 @@ /* Read the password. */ pr->resp = estrdup((char *) tgetpass(p, def_ival(I_PASSWD_TIMEOUT) * 60, tgetpass_flags)); - if (pr->resp == NULL || *pr->resp == '\0') + if (pr->resp == NULL) + pr->resp = ""; + if (*pr->resp == '\0') nil_pw = 1; /* empty password */ break; case PAM_TEXT_INFO: > > FYI: pam_setcred() call seems used in OpenSSH, ftpd, rshd, login, and > su already included in FreeBSD source code. > > > > imp> OK. This looks like a problem in 1.6.4p1 of sudo. It isn't a > problem imp> with 1.6.3p7_2. 1.6.4 works on -stable, but not -current. > > I've checked about new sudo's behavior on some OSes: > > Debian (woody) sudo-1.6.4.1 OK (tested on 1 machine) > FreeBSD 2.2.8-RELEASE sudo-1.6.5.1 OK (tested on 1 machine) > FreeBSD 3.4-stable sudo-1.6.5.1 NG (tested on 1 machine) > FreeBSD 4-stable sudo-1.6.5.1 OK (tested on some machines) > FreeBSD 5-current sudo-1.6.5.1 OK / NG (tested on some machines) > > "OK / NG" means that "some machines work fine, but some machines goes > wrong". > > *** > > I don't know what's the real problem, but it seems that sudo doesn't > have the problem IMHO. Anyone has a solution about this problem? > > -- - > Makoto `MAR' Matsushita > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message Gary Stanley Network Security Engineer PRECISIONet, Inc. (877) 595-8570 Tickle us, do we not laugh? Prick us, do we not bleed? Wrong us, shall we not revenge?" (Merchant of Venice II i 56-63, paraphrase) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9: 2: 4 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 5644037B404 for ; Mon, 21 Jan 2002 09:01:48 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id CBFAA532C; Mon, 21 Jan 2002 18:01:46 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 18:01:45 +0100 In-Reply-To: <20020121162726.GH37234@nagual.pp.ru> Message-ID: Lines: 37 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-=-= "Andrey A. Chernov" writes: > On Mon, Jan 21, 2002 at 17:24:28 +0100, Dag-Erling Smorgrav wrote: > > - enable OPIE by default, with the no_fake_prompts option, leaving it > > up to the admin to enable fake prompts if he so wishes > I vote for this one. I agree, for the reasons stated previously. Mark? > > Please, I'm getting paid to do this :) Make yourself a cup of tea or > > something and put your feet up on the desk for a couple of minutes. > Ok, ok. Here are the patches. Comments: 1) if pam_get_pass(), if the current token is non-null but empty, ignore it. This allows a user to just press enter at an OPIE prompt and still get a Unix prompt. 2) in pam_opie(8), clear the previous token before generating a challenge, and ignore use_first_pass or try_first_pass instead of returning PAM_AUTH_ERR if they are set. 3) in pam_opie(8), return PAM_AUTH_ERR if no_fake_prompts was specified and the user hasn't set up OPIE. 4) in pam.d(5), enable OPIE by default (with the no_fake_prompts option) in all policies, and use pam_opieaccess(8) to enforce opieaccess and opiealways checks. DES -- Dag-Erling Smorgrav - des@ofug.org --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=libpam.diff Index: libpam/pam_get_pass.c =================================================================== RCS file: /home/ncvs/src/lib/libpam/libpam/pam_get_pass.c,v retrieving revision 1.3 diff -u -r1.3 pam_get_pass.c --- libpam/pam_get_pass.c 30 Sep 2001 22:10:58 -0000 1.3 +++ libpam/pam_get_pass.c 21 Jan 2002 16:40:40 -0000 @@ -1,6 +1,13 @@ /*- * Copyright 1998 Juniper Networks, Inc. * All rights reserved. + * Copyright (c) 2002 Networks Associates Technologies, Inc. + * All rights reserved. + * + * Portions of this software was developed for the FreeBSD Project by + * ThinkSec AS and NAI Labs, the Security Research Division of Network + * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -10,6 +17,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -78,6 +88,8 @@ retval = pam_get_item(pamh, PAM_AUTHTOK, &item); if (retval != PAM_SUCCESS) return retval; + if (item != NULL && *(const char *)item == '\0') + item = NULL; } if (item == NULL) { Index: modules/pam_opie/pam_opie.8 =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_opie/pam_opie.8,v retrieving revision 1.5 diff -u -r1.5 pam_opie.8 --- modules/pam_opie/pam_opie.8 21 Jan 2002 13:43:52 -0000 1.5 +++ modules/pam_opie/pam_opie.8 21 Jan 2002 17:00:51 -0000 @@ -8,7 +8,6 @@ .\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 .\" ("CBOSS"), as part of the DARPA CHATS research program. .\" -.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -94,7 +93,21 @@ where the user's ability to retype their own password might be deemed sufficient. +.It Cm no_fake_prompts +Do not generate fake challenges for users who do not have an OPIE key. +Note that this can leak information to a hypothetical attacker about +who uses OPIE and who doesn't, but it can be useful on systems where +some users want to use OPIE but most don't. .El +.Pp +Note that +.Nm +ignores the standard options +.Cm try_first_pass +and +.Cm use_first_pass , +since a challenge must be generated before the user can submit a valid +response. .Sh FILES .Bl -tag -width ".Pa /etc/opiekeys" -compact .It Pa /etc/opiekeys Index: modules/pam_opie/pam_opie.c =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_opie/pam_opie.c,v retrieving revision 1.15 diff -u -r1.15 pam_opie.c --- modules/pam_opie/pam_opie.c 20 Jan 2002 20:56:47 -0000 1.15 +++ modules/pam_opie/pam_opie.c 21 Jan 2002 16:34:09 -0000 @@ -4,6 +4,8 @@ * Based upon code Copyright 1998 Juniper Networks, Inc. * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. + * Copyright (c) 2002 Networks Associates Technologies, Inc. + * All rights reserved. * * Portions of this software were developed for the FreeBSD Project by * ThinkSec AS and NAI Labs, the Security Research Division of Network @@ -53,10 +55,14 @@ #include #include "pam_mod_misc.h" -enum { PAM_OPT_AUTH_AS_SELF=PAM_OPT_STD_MAX }; +enum { + PAM_OPT_AUTH_AS_SELF = PAM_OPT_STD_MAX, + PAM_OPT_NO_FAKE_PROMPTS +}; static struct opttab other_options[] = { { "auth_as_self", PAM_OPT_AUTH_AS_SELF }, + { "no_fake_prompts", PAM_OPT_NO_FAKE_PROMPTS }, { NULL, 0 } }; @@ -78,15 +84,6 @@ PAM_LOG("Options processed"); - /* - * It doesn't make sense to use a password that has already been - * typed in, since we haven't presented the challenge to the user - * yet. - */ - if (pam_test_option(&options, PAM_OPT_USE_FIRST_PASS, NULL) || - pam_test_option(&options, PAM_OPT_TRY_FIRST_PASS, NULL)) - PAM_RETURN(PAM_AUTH_ERR); - user = NULL; if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) { if ((pwd = getpwnam(getlogin())) == NULL) @@ -102,11 +99,28 @@ PAM_LOG("Got user: %s", user); /* + * If the no_fake_prompts option was given, and the user + * doesn't have an OPIE key, just fail rather than present the + * user with a bogus OPIE challenge. + */ + /* XXX generates a const warning because of incorrect prototype */ + if (pam_test_option(&options, PAM_OPT_NO_FAKE_PROMPTS, NULL)) + if (opielookup(&opie, user) != 0) + PAM_RETURN(PAM_AUTH_ERR); + + /* * Don't call the OPIE atexit() handler when our program exits, * since the module has been unloaded and we will SEGV. */ opiedisableaeh(); + /* + * It doesn't make sense to use a password that has already been + * typed in, since we haven't presented the challenge to the user + * yet, so clear the stored password. + */ + pam_set_item(pamh, PAM_AUTHTOK, NULL); + opiechallenge(&opie, (char *)user, challenge); for (i = 0; i < 2; i++) { snprintf(prompt, sizeof prompt, promptstr[i], challenge); --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=pam_d.diff Index: csshd =================================================================== RCS file: /home/ncvs/src/etc/pam.d/csshd,v retrieving revision 1.2 diff -u -r1.2 csshd --- csshd 5 Dec 2001 21:26:00 -0000 1.2 +++ csshd 21 Jan 2002 16:41:57 -0000 @@ -5,4 +5,5 @@ # # auth -auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn Index: ftp =================================================================== RCS file: /home/ncvs/src/etc/pam.d/ftp,v retrieving revision 1.2 diff -u -r1.2 ftp --- ftp 5 Dec 2001 21:26:00 -0000 1.2 +++ ftp 21 Jan 2002 16:41:57 -0000 @@ -8,7 +8,8 @@ auth required pam_nologin.so no_warn #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass Index: ftpd =================================================================== RCS file: /home/ncvs/src/etc/pam.d/ftpd,v retrieving revision 1.12 diff -u -r1.12 ftpd --- ftpd 19 Jan 2002 18:29:49 -0000 1.12 +++ ftpd 21 Jan 2002 16:41:57 -0000 @@ -9,10 +9,9 @@ #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn #auth sufficient pam_ssh.so no_warn try_first_pass -# Uncomment either pam_opie or pam_unix, but not both of them. -# pam_unix can't be simple chained with pam_opie, ftpd provides proper fallback -auth required pam_opie.so no_warn -#auth required pam_unix.so no_warn try_first_pass +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn +auth required pam_unix.so no_warn try_first_pass # account #account required pam_kerberosIV.so Index: imap =================================================================== RCS file: /home/ncvs/src/etc/pam.d/imap,v retrieving revision 1.2 diff -u -r1.2 imap --- imap 5 Dec 2001 21:26:00 -0000 1.2 +++ imap 21 Jan 2002 16:41:57 -0000 @@ -6,6 +6,7 @@ # auth #auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +#auth sufficient pam_opie.so no_warn no_fake_prompts +#auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass #auth required pam_unix.so no_warn try_first_pass Index: kde =================================================================== RCS file: /home/ncvs/src/etc/pam.d/kde,v retrieving revision 1.2 diff -u -r1.2 kde --- kde 5 Dec 2001 21:26:00 -0000 1.2 +++ kde 21 Jan 2002 16:41:57 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass Index: login =================================================================== RCS file: /home/ncvs/src/etc/pam.d/login,v retrieving revision 1.5 diff -u -r1.5 login --- login 19 Jan 2002 18:29:49 -0000 1.5 +++ login 21 Jan 2002 16:41:57 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass @@ -24,7 +25,6 @@ session required pam_unix.so # password -#password sufficient pam_opie.so no_warn #password sufficient pam_kerberosIV.so no_warn try_first_pass #password sufficient pam_krb5.so no_warn try_first_pass password required pam_unix.so no_warn try_first_pass Index: other =================================================================== RCS file: /home/ncvs/src/etc/pam.d/other,v retrieving revision 1.2 diff -u -r1.2 other --- other 5 Dec 2001 21:26:00 -0000 1.2 +++ other 21 Jan 2002 16:41:57 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn auth required pam_unix.so no_warn try_first_pass # account Index: pop3 =================================================================== RCS file: /home/ncvs/src/etc/pam.d/pop3,v retrieving revision 1.2 diff -u -r1.2 pop3 --- pop3 5 Dec 2001 21:26:00 -0000 1.2 +++ pop3 21 Jan 2002 16:41:57 -0000 @@ -6,6 +6,7 @@ # auth #auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +#auth sufficient pam_opie.so no_warn no_fake_prompts +#auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass #auth required pam_unix.so no_warn try_first_pass Index: su =================================================================== RCS file: /home/ncvs/src/etc/pam.d/su,v retrieving revision 1.5 diff -u -r1.5 su --- su 19 Jan 2002 18:29:49 -0000 1.5 +++ su 21 Jan 2002 16:41:57 -0000 @@ -9,33 +9,45 @@ auth requisite pam_wheel.so no_warn auth_as_self noroot_ok #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass nullok -#auth sufficient pam_rootok.so no_warn -##auth sufficient pam_kerberosIV.so no_warn -##auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn auth_as_self -#auth required pam_unix.so no_warn try_first_pass auth_as_self # account #account required pam_kerberosIV.so #account required pam_krb5.so account required pam_unix.so -##account required pam_kerberosIV.so -##account required pam_krb5.so -#account required pam_unix.so # session #session required pam_kerberosIV.so #session required pam_krb5.so #session required pam_ssh.so session required pam_unix.so + +# password +password required pam_permit.so + + +# If you want a "WHEELSU"-type su(1), then comment out the +# above, and uncomment the entries below. +## auth +#auth sufficient pam_rootok.so no_warn +##auth sufficient pam_kerberosIV.so no_warn +##auth sufficient pam_krb5.so no_warn +#auth required pam_opie.so no_warn auth_as_self no_fake_prompts +#auth required pam_unix.so no_warn try_first_pass auth_as_self + +## account +##account required pam_kerberosIV.so +##account required pam_krb5.so +#account required pam_unix.so + +## session ##session required pam_kerberosIV.so ##session required pam_krb5.so ##session required pam_ssh.so #session required pam_unix.so -# password -password required pam_permit.so +## password #password required pam_permit.so --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:17:34 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id E507937B405 for ; Mon, 21 Jan 2002 09:17:25 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LHHK038560; Mon, 21 Jan 2002 20:17:20 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 20:17:19 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121171719.GA38390@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 18:01:45 +0100, Dag-Erling Smorgrav wrote: > 3) in pam_opie(8), return PAM_AUTH_ERR if no_fake_prompts was > specified and the user hasn't set up OPIE. We can speed up pam_opie by saving one opielookup() call in this way: /* * Don't call the OPIE atexit() handler when our program exits, * since the module has been unloaded and we will SEGV. */ opiedisableaeh(); /* * If the no_fake_prompts option was given, and the user * doesn't have an OPIE key, just fail rather than present the * user with a bogus OPIE challenge. */ /* XXX generates a const warning because of incorrect prototype */ if (opiechallenge(&opie, (char *)user, challenge) != 0 && pam_test_option(&options, PAM_OPT_NO_FAKE_PROMPTS, NULL)) PAM_RETURN(PAM_AUTH_ERR); /* * It doesn't make sense to use a password that has already been * typed in, since we haven't presented the challenge to the user * yet, so clear the stored password. */ pam_set_item(pamh, PAM_AUTHTOK, NULL); for (i = 0; i < 2; i++) { snprintf(prompt, sizeof prompt, promptstr[i], challenge); -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:25:36 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 8615D37B404 for ; Mon, 21 Jan 2002 09:25:30 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LHPRA38622; Mon, 21 Jan 2002 20:25:27 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 20:25:26 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121172526.GB38390@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 18:01:45 +0100, Dag-Erling Smorgrav wrote: > > 1) if pam_get_pass(), if the current token is non-null but empty, > ignore it. This allows a user to just press enter at an OPIE > prompt and still get a Unix prompt. I am not sure I understand this fully, could you please send two typescripts (in the manner you do for login testing) with and without this change? -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:33:38 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id DDCA737B404 for ; Mon, 21 Jan 2002 09:33:24 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 9D4DC532C; Mon, 21 Jan 2002 18:33:23 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121171719.GA38390@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 18:33:22 +0100 In-Reply-To: <20020121171719.GA38390@nagual.pp.ru> Message-ID: Lines: 8 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > We can speed up pam_opie by saving one opielookup() call in this way: True, except you forgot to call opieunlock() :) DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:39:32 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 75CFC37B405 for ; Mon, 21 Jan 2002 09:39:27 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LHdL038888; Mon, 21 Jan 2002 20:39:22 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 20:39:19 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121173917.GD38390@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121171719.GA38390@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 18:33:22 +0100, Dag-Erling Smorgrav wrote: > "Andrey A. Chernov" writes: > > We can speed up pam_opie by saving one opielookup() call in this way: > > True, except you forgot to call opieunlock() :) No, when opiechallenge() return != 0, no opieunlock() needed because nothing is locked. Look at opiechallenge() sources, it not makes lock on error. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:46:51 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id AECCA37B400 for ; Mon, 21 Jan 2002 09:46:41 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id F081F532C; Mon, 21 Jan 2002 18:46:37 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121172526.GB38390@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 18:46:37 +0100 In-Reply-To: <20020121172526.GB38390@nagual.pp.ru> Message-ID: Lines: 40 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > I am not sure I understand this fully, could you please send two > typescripts (in the manner you do for login testing) with and without this > change? Assuming no ~des/.opiealways, - without the change: des@des ~% login des otp-md5 496 de6973 ext Password: otp-md5 496 de6973 ext Password [echo on]: Login incorrect login: - with the change: des@des ~% login des otp-md5 496 de6973 ext Password: otp-md5 496 de6973 ext Password [echo on]: Password: Last login: Mon Jan 21 17:10:55 on ttypk Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.0-CURRENT (DES) #124: Sat Jan 12 19:11:47 CET 2002 You have new mail. One nit, BTW: pam_opieaccess(8) should return PAM_SERVICE_ERR rather than PAM_USER_UNKNOWN if it can't getpwnam() the user; otherwise, logging in with a nonexistent user name will fail without a fake password prompt. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:50: 6 2002 Delivered-To: freebsd-current@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id C3C1D37B405 for ; Mon, 21 Jan 2002 09:49:57 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id SAA07595 for freebsd-current@freebsd.org; Mon, 21 Jan 2002 18:49:56 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id g0LHlER71974; Mon, 21 Jan 2002 18:47:14 +0100 (MET) (envelope-from j) Date: Mon, 21 Jan 2002 18:47:14 +0100 (MET) Message-Id: <200201211747.g0LHlER71974@uriah.heep.sax.de> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Organization: Private BSD site, Dresden X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E References: <3.0.6.32.20020120182001.00dab7b8@imatowns.com> From: j@uriah.heep.sax.de (Joerg Wunsch) Subject: Re: "Current & Etherboot" X-Original-Newsgroups: local.freebsd.current To: freebsd-current@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Robert Watson wrote: > Most people I know of that netboot boxes on Intel platforms now use > PXE. But well, there are only two NICs that support PXE, aren't there? In particular, there's nothing cheap (i. e. <= USD 10) you could use in conjunction with an old junk ISA NIC people often have in their bit-bucket (i. e. with an NE2k clone or 3C509). -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:54:19 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id DA54D37B405 for ; Mon, 21 Jan 2002 09:53:36 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id BB945533B; Mon, 21 Jan 2002 18:53:35 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121171719.GA38390@nagual.pp.ru> <20020121173917.GD38390@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 18:53:34 +0100 In-Reply-To: <20020121173917.GD38390@nagual.pp.ru> Message-ID: Lines: 18 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-=-= "Andrey A. Chernov" writes: > No, when opiechallenge() return != 0, no opieunlock() needed because > nothing is locked. Look at opiechallenge() sources, it not makes > lock on error. Oh, you're right. I wasn't thinking. Here are the (hopefully) final patches. Any final objections before I commit the lot? DES -- Dag-Erling Smorgrav - des@ofug.org --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=libpam.diff Index: libpam/pam_get_pass.c =================================================================== RCS file: /home/ncvs/src/lib/libpam/libpam/pam_get_pass.c,v retrieving revision 1.3 diff -u -r1.3 pam_get_pass.c --- libpam/pam_get_pass.c 30 Sep 2001 22:10:58 -0000 1.3 +++ libpam/pam_get_pass.c 21 Jan 2002 17:52:24 -0000 @@ -1,6 +1,13 @@ /*- * Copyright 1998 Juniper Networks, Inc. * All rights reserved. + * Copyright (c) 2002 Networks Associates Technologies, Inc. + * All rights reserved. + * + * Portions of this software was developed for the FreeBSD Project by + * ThinkSec AS and NAI Labs, the Security Research Division of Network + * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 + * ("CBOSS"), as part of the DARPA CHATS research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -10,6 +17,9 @@ * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior written + * permission. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE @@ -78,6 +88,8 @@ retval = pam_get_item(pamh, PAM_AUTHTOK, &item); if (retval != PAM_SUCCESS) return retval; + if (item != NULL && *(const char *)item == '\0') + item = NULL; } if (item == NULL) { Index: modules/pam_opie/pam_opie.8 =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_opie/pam_opie.8,v retrieving revision 1.5 diff -u -r1.5 pam_opie.8 --- modules/pam_opie/pam_opie.8 21 Jan 2002 13:43:52 -0000 1.5 +++ modules/pam_opie/pam_opie.8 21 Jan 2002 17:00:51 -0000 @@ -8,7 +8,6 @@ .\" Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 .\" ("CBOSS"), as part of the DARPA CHATS research program. .\" -.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -94,7 +93,21 @@ where the user's ability to retype their own password might be deemed sufficient. +.It Cm no_fake_prompts +Do not generate fake challenges for users who do not have an OPIE key. +Note that this can leak information to a hypothetical attacker about +who uses OPIE and who doesn't, but it can be useful on systems where +some users want to use OPIE but most don't. .El +.Pp +Note that +.Nm +ignores the standard options +.Cm try_first_pass +and +.Cm use_first_pass , +since a challenge must be generated before the user can submit a valid +response. .Sh FILES .Bl -tag -width ".Pa /etc/opiekeys" -compact .It Pa /etc/opiekeys Index: modules/pam_opie/pam_opie.c =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_opie/pam_opie.c,v retrieving revision 1.15 diff -u -r1.15 pam_opie.c --- modules/pam_opie/pam_opie.c 20 Jan 2002 20:56:47 -0000 1.15 +++ modules/pam_opie/pam_opie.c 21 Jan 2002 17:49:51 -0000 @@ -4,6 +4,8 @@ * Based upon code Copyright 1998 Juniper Networks, Inc. * Copyright (c) 2001 Networks Associates Technologies, Inc. * All rights reserved. + * Copyright (c) 2002 Networks Associates Technologies, Inc. + * All rights reserved. * * Portions of this software were developed for the FreeBSD Project by * ThinkSec AS and NAI Labs, the Security Research Division of Network @@ -53,10 +55,14 @@ #include #include "pam_mod_misc.h" -enum { PAM_OPT_AUTH_AS_SELF=PAM_OPT_STD_MAX }; +enum { + PAM_OPT_AUTH_AS_SELF = PAM_OPT_STD_MAX, + PAM_OPT_NO_FAKE_PROMPTS +}; static struct opttab other_options[] = { { "auth_as_self", PAM_OPT_AUTH_AS_SELF }, + { "no_fake_prompts", PAM_OPT_NO_FAKE_PROMPTS }, { NULL, 0 } }; @@ -78,15 +84,6 @@ PAM_LOG("Options processed"); - /* - * It doesn't make sense to use a password that has already been - * typed in, since we haven't presented the challenge to the user - * yet. - */ - if (pam_test_option(&options, PAM_OPT_USE_FIRST_PASS, NULL) || - pam_test_option(&options, PAM_OPT_TRY_FIRST_PASS, NULL)) - PAM_RETURN(PAM_AUTH_ERR); - user = NULL; if (pam_test_option(&options, PAM_OPT_AUTH_AS_SELF, NULL)) { if ((pwd = getpwnam(getlogin())) == NULL) @@ -107,7 +104,23 @@ */ opiedisableaeh(); - opiechallenge(&opie, (char *)user, challenge); + /* + * If the no_fake_prompts option was given, and the user + * doesn't have an OPIE key, just fail rather than present the + * user with a bogus OPIE challenge. + */ + /* XXX generates a const warning because of incorrect prototype */ + if (opiechallenge(&opie, (char *)user, challenge) != 0 && + pam_test_option(&options, PAM_OPT_NO_FAKE_PROMPTS, NULL)) + PAM_RETURN(PAM_AUTH_ERR); + + /* + * It doesn't make sense to use a password that has already been + * typed in, since we haven't presented the challenge to the user + * yet, so clear the stored password. + */ + pam_set_item(pamh, PAM_AUTHTOK, NULL); + for (i = 0; i < 2; i++) { snprintf(prompt, sizeof prompt, promptstr[i], challenge); retval = pam_get_pass(pamh, &response, prompt, &options); --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=pam_d.diff Index: csshd =================================================================== RCS file: /home/ncvs/src/etc/pam.d/csshd,v retrieving revision 1.2 diff -u -r1.2 csshd --- csshd 5 Dec 2001 21:26:00 -0000 1.2 +++ csshd 21 Jan 2002 16:41:57 -0000 @@ -5,4 +5,5 @@ # # auth -auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn Index: ftp =================================================================== RCS file: /home/ncvs/src/etc/pam.d/ftp,v retrieving revision 1.2 diff -u -r1.2 ftp --- ftp 5 Dec 2001 21:26:00 -0000 1.2 +++ ftp 21 Jan 2002 16:41:57 -0000 @@ -8,7 +8,8 @@ auth required pam_nologin.so no_warn #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass Index: ftpd =================================================================== RCS file: /home/ncvs/src/etc/pam.d/ftpd,v retrieving revision 1.12 diff -u -r1.12 ftpd --- ftpd 19 Jan 2002 18:29:49 -0000 1.12 +++ ftpd 21 Jan 2002 16:41:57 -0000 @@ -9,10 +9,9 @@ #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn #auth sufficient pam_ssh.so no_warn try_first_pass -# Uncomment either pam_opie or pam_unix, but not both of them. -# pam_unix can't be simple chained with pam_opie, ftpd provides proper fallback -auth required pam_opie.so no_warn -#auth required pam_unix.so no_warn try_first_pass +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn +auth required pam_unix.so no_warn try_first_pass # account #account required pam_kerberosIV.so Index: imap =================================================================== RCS file: /home/ncvs/src/etc/pam.d/imap,v retrieving revision 1.2 diff -u -r1.2 imap --- imap 5 Dec 2001 21:26:00 -0000 1.2 +++ imap 21 Jan 2002 16:41:57 -0000 @@ -6,6 +6,7 @@ # auth #auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +#auth sufficient pam_opie.so no_warn no_fake_prompts +#auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass #auth required pam_unix.so no_warn try_first_pass Index: kde =================================================================== RCS file: /home/ncvs/src/etc/pam.d/kde,v retrieving revision 1.2 diff -u -r1.2 kde --- kde 5 Dec 2001 21:26:00 -0000 1.2 +++ kde 21 Jan 2002 16:41:57 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass Index: login =================================================================== RCS file: /home/ncvs/src/etc/pam.d/login,v retrieving revision 1.5 diff -u -r1.5 login --- login 19 Jan 2002 18:29:49 -0000 1.5 +++ login 21 Jan 2002 16:41:57 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth sufficient pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth sufficient pam_kerberosIV.so no_warn try_first_pass #auth sufficient pam_krb5.so no_warn try_first_pass #auth required pam_ssh.so no_warn try_first_pass @@ -24,7 +25,6 @@ session required pam_unix.so # password -#password sufficient pam_opie.so no_warn #password sufficient pam_kerberosIV.so no_warn try_first_pass #password sufficient pam_krb5.so no_warn try_first_pass password required pam_unix.so no_warn try_first_pass Index: other =================================================================== RCS file: /home/ncvs/src/etc/pam.d/other,v retrieving revision 1.2 diff -u -r1.2 other --- other 5 Dec 2001 21:26:00 -0000 1.2 +++ other 21 Jan 2002 16:41:57 -0000 @@ -6,7 +6,8 @@ # auth auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn auth required pam_unix.so no_warn try_first_pass # account Index: pop3 =================================================================== RCS file: /home/ncvs/src/etc/pam.d/pop3,v retrieving revision 1.2 diff -u -r1.2 pop3 --- pop3 5 Dec 2001 21:26:00 -0000 1.2 +++ pop3 21 Jan 2002 16:41:57 -0000 @@ -6,6 +6,7 @@ # auth #auth required pam_nologin.so no_warn -#auth required pam_opie.so no_warn +#auth sufficient pam_opie.so no_warn no_fake_prompts +#auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass #auth required pam_unix.so no_warn try_first_pass Index: su =================================================================== RCS file: /home/ncvs/src/etc/pam.d/su,v retrieving revision 1.5 diff -u -r1.5 su --- su 19 Jan 2002 18:29:49 -0000 1.5 +++ su 21 Jan 2002 16:41:57 -0000 @@ -9,33 +9,45 @@ auth requisite pam_wheel.so no_warn auth_as_self noroot_ok #auth sufficient pam_kerberosIV.so no_warn #auth sufficient pam_krb5.so no_warn try_first_pass auth_as_self -#auth required pam_opie.so no_warn +auth sufficient pam_opie.so no_warn no_fake_prompts +auth requisite pam_opieaccess.so no_warn #auth required pam_ssh.so no_warn try_first_pass auth required pam_unix.so no_warn try_first_pass nullok -#auth sufficient pam_rootok.so no_warn -##auth sufficient pam_kerberosIV.so no_warn -##auth sufficient pam_krb5.so no_warn -#auth required pam_opie.so no_warn auth_as_self -#auth required pam_unix.so no_warn try_first_pass auth_as_self # account #account required pam_kerberosIV.so #account required pam_krb5.so account required pam_unix.so -##account required pam_kerberosIV.so -##account required pam_krb5.so -#account required pam_unix.so # session #session required pam_kerberosIV.so #session required pam_krb5.so #session required pam_ssh.so session required pam_unix.so + +# password +password required pam_permit.so + + +# If you want a "WHEELSU"-type su(1), then comment out the +# above, and uncomment the entries below. +## auth +#auth sufficient pam_rootok.so no_warn +##auth sufficient pam_kerberosIV.so no_warn +##auth sufficient pam_krb5.so no_warn +#auth required pam_opie.so no_warn auth_as_self no_fake_prompts +#auth required pam_unix.so no_warn try_first_pass auth_as_self + +## account +##account required pam_kerberosIV.so +##account required pam_krb5.so +#account required pam_unix.so + +## session ##session required pam_kerberosIV.so ##session required pam_krb5.so ##session required pam_ssh.so #session required pam_unix.so -# password -password required pam_permit.so +## password #password required pam_permit.so --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:56:45 2002 Delivered-To: freebsd-current@freebsd.org Received: from beech.FernUni-Hagen.de (beech.fernuni-hagen.de [132.176.114.20]) by hub.freebsd.org (Postfix) with ESMTP id 9679B37B421 for ; Mon, 21 Jan 2002 09:56:04 -0800 (PST) Received: from bonsai.fernuni-hagen.de ([132.176.114.21]) by beech.FernUni-Hagen.de with esmtp (Exim 3.22 #15) id 16SifO-0001ZA-00 for freebsd-current@freebsd.org; Mon, 21 Jan 2002 18:55:34 +0100 Received: (from q5480035@localhost) by bonsai.fernuni-hagen.de (8.8.8+Sun/8.8.8) id SAA22267; Mon, 21 Jan 2002 18:56:03 +0100 (MET) Date: Mon, 21 Jan 2002 18:56:03 +0100 (MET) Message-Id: <200201211756.SAA22267@bonsai.fernuni-hagen.de> From: Marc Ernst Eddy van Woerkom To: freebsd-current@freebsd.org Subject: i4b driver broken for -current? Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello, anyone running a recent -current successfuly with the i4b ISDN drivers? I built -current around christmas, and had to applay a patch posted here in October to make a kernel with i4b drivers. However I don't manage to establish a kernel ppp connection to my provider since then. Regards, Marc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 9:59:58 2002 Delivered-To: freebsd-current@freebsd.org Received: from rover.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id DF46337B402; Mon, 21 Jan 2002 09:59:51 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.3/8.11.3) with ESMTP id g0LHxol49959; Mon, 21 Jan 2002 10:59:50 -0700 (MST) (envelope-from imp@village.org) Received: from localhost (warner@rover2.village.org [10.0.0.1]) by harmony.village.org (8.11.6/8.11.6) with ESMTP id g0LHxmx66037; Mon, 21 Jan 2002 10:59:49 -0700 (MST) (envelope-from imp@village.org) Date: Mon, 21 Jan 2002 10:59:36 -0700 (MST) Message-Id: <20020121.105936.79018035.imp@village.org> To: tfischer@rain.fr Cc: tomsk@chello.no, freebsd-mobile@FreeBSD.ORG, freebsd-current@FreeBSD.ORG Subject: Re: NEWCARD and Xircom (RBEM56G-100) From: "M. Warner Losh" In-Reply-To: <3C4C19EF.4070603@rain.fr> References: <200201202117410797.026EA9F1@smtp.mail.yahoo.com> <010d01c1a23c$8d862200$0605800a@chello.no> <3C4C19EF.4070603@rain.fr> X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In message: <3C4C19EF.4070603@rain.fr> Tom Fischer writes: : Warner, do you have any clues on how to get the modem half of this : card working again? You'd have to a) fix the pci attachment or b) wait until the puc driver hits the tree. Chances are fixing the pci attachment in the short run would be easy enough. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:13:37 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 1357F37B405 for ; Mon, 21 Jan 2002 10:13:27 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LIDKt39469; Mon, 21 Jan 2002 21:13:20 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 21:13:19 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121181318.GA39364@nagual.pp.ru> References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121172526.GB38390@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 18:46:37 +0100, Dag-Erling Smorgrav wrote: > > Assuming no ~des/.opiealways, > > - without the change: > > des@des ~% login des > otp-md5 496 de6973 ext > Password: > otp-md5 496 de6973 ext > Password [echo on]: > Login incorrect > login: It looks like right variant. _By_default_ OPIE user is unable to enter Unix password. You need to add permit 255.255.255.255 line to /etc/opieaccess to _allow_ Unix passwords on your machine. > > - with the change: > > des@des ~% login des > otp-md5 496 de6973 ext > Password: > otp-md5 496 de6973 ext > Password [echo on]: > Password: It looks like wrong variant: 3 prompts instead of 2 ones. There is only 2 prompts for all possible cases in OPIE. Unix password can be entered on first or on second prompt (i.e. with [echo on]), if _allowed_. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:16:26 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 45F5237B400 for ; Mon, 21 Jan 2002 10:16:21 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LIGH439537; Mon, 21 Jan 2002 21:16:17 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 21:16:17 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121181617.GB39364@nagual.pp.ru> References: <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121171719.GA38390@nagual.pp.ru> <20020121173917.GD38390@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 18:53:34 +0100, Dag-Erling Smorgrav wrote: > > Here are the (hopefully) final patches. Any final objections before I > commit the lot? Excepting get_pass() thing cause 3 prompts again, all looks right. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:24:35 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id BAB9537B402 for ; Mon, 21 Jan 2002 10:24:29 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LIOPF39606; Mon, 21 Jan 2002 21:24:25 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 21:24:25 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121182424.GA39559@nagual.pp.ru> References: <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121172526.GB38390@nagual.pp.ru> <20020121181318.GA39364@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121181318.GA39364@nagual.pp.ru> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 21:13:19 +0300, Andrey A. Chernov wrote: > On Mon, Jan 21, 2002 at 18:46:37 +0100, Dag-Erling Smorgrav wrote: > > > > Assuming no ~des/.opiealways, > > > > - without the change: > > > > des@des ~% login des > > otp-md5 496 de6973 ext > > Password: > > otp-md5 496 de6973 ext > > Password [echo on]: > > Login incorrect > > login: > > > It looks like right variant. _By_default_ OPIE user is unable to enter > Unix password. You need to add > permit 255.255.255.255 > line to /etc/opieaccess to _allow_ Unix passwords on your machine. Moreover, you can't do any special processing of "" because "" is valid Unix password. If OPIE is configured to allow Unix passwords on the machine, and you have "" as Unix password, you can login just pressing two times (two instead of one because first time OPIE will think that echo must be on and repeat prompt). -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:34:37 2002 Delivered-To: freebsd-current@freebsd.org Received: from storm.FreeBSD.org.uk (storm.FreeBSD.org.uk [194.242.139.170]) by hub.freebsd.org (Postfix) with ESMTP id 0C2C037B402 for ; Mon, 21 Jan 2002 10:34:35 -0800 (PST) Received: (from uucp@localhost) by storm.FreeBSD.org.uk (8.11.6/8.11.6) with UUCP id g0LIYPb21119; Mon, 21 Jan 2002 18:34:26 GMT (envelope-from mark@grondar.za) Received: from grondar.za (mark@localhost [127.0.0.1]) by grimreaper.grondar.org (8.11.6/8.11.6) with ESMTP id g0LIZ2t44482; Mon, 21 Jan 2002 18:35:02 GMT (envelope-from mark@grondar.za) Message-Id: <200201211835.g0LIZ2t44482@grimreaper.grondar.org> To: Dag-Erling Smorgrav Cc: "Andrey A. Chernov" , current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: In-Reply-To: ; from Dag-Erling Smorgrav "21 Jan 2002 18:53:34 +0100." Date: Mon, 21 Jan 2002 18:35:02 +0000 From: Mark Murray Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Here are the (hopefully) final patches. Any final objections before I > commit the lot? According to EyeBall Mk1, this is fine! :-) I haven't extensively tested the code, but the methods used and the design are very sound, I believe. M -- o Mark Murray \_ FreeBSD Services Limited O.\_ Warning: this .sig is umop ap!sdn To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:40:19 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by hub.freebsd.org (Postfix) with ESMTP id 54EA037B417 for ; Mon, 21 Jan 2002 10:40:11 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020121184011.OUIX26243.rwcrmhc51.attbi.com@InterJet.elischer.org>; Mon, 21 Jan 2002 18:40:11 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id KAA12211; Mon, 21 Jan 2002 10:31:32 -0800 (PST) Date: Mon, 21 Jan 2002 10:31:31 -0800 (PST) From: Julian Elischer To: Alexander Kabaev Cc: current@FreeBSD.ORG Subject: Re: __stderrp error In-Reply-To: <20020121094521.777d54ec.ak03@gte.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG no, should I? On Mon, 21 Jan 2002, Alexander Kabaev wrote: > > and I've "made world" a lot of times like that. > > and if I do it by hand as sugested, it doesn;t make any difference > > either. > Just a guess - have you removed existing old libraries from /usr/lib? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:40:18 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38]) by hub.freebsd.org (Postfix) with ESMTP id 54BB537B402 for ; Mon, 21 Jan 2002 10:40:09 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc51.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020121184008.OUIB26243.rwcrmhc51.attbi.com@InterJet.elischer.org>; Mon, 21 Jan 2002 18:40:08 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id KAA12213; Mon, 21 Jan 2002 10:32:42 -0800 (PST) Date: Mon, 21 Jan 2002 10:32:42 -0800 (PST) From: Julian Elischer To: "M. Warner Losh" Cc: current@FreeBSD.ORG Subject: Re: __stderrp error In-Reply-To: <20020121.074627.60783303.imp@village.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG this machine has never been 3.x. the binaries worked fine up until about 5 months ago. On Mon, 21 Jan 2002, M. Warner Losh wrote: > Some -current binaries can have this, but recompiling usually fixes > it. Also, I have some older 3.x binaries that I had to install > COMPAT3 to get working. > > Warner > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:41:14 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 56DA637B41F for ; Mon, 21 Jan 2002 10:40:27 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LIeJ339774; Mon, 21 Jan 2002 21:40:20 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 21:40:16 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121184015.GA39745@nagual.pp.ru> References: <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121172526.GB38390@nagual.pp.ru> <20020121181318.GA39364@nagual.pp.ru> <20020121182424.GA39559@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121182424.GA39559@nagual.pp.ru> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 21:24:25 +0300, Andrey A. Chernov wrote: > > > - without the change: > > > > > > des@des ~% login des > > > otp-md5 496 de6973 ext > > > Password: > > > otp-md5 496 de6973 ext > > > Password [echo on]: > > > Login incorrect > > > login: > > If OPIE is configured to allow Unix passwords on the machine, and you have > "" as Unix password, you can login just pressing two times (two > instead of one because first time OPIE will think that echo must be on and > repeat prompt). I want to say that your example above have correct meaning: I want to enter with Unix password "" -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:41:14 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id C56AC37B493 for ; Mon, 21 Jan 2002 10:40:42 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 0522D533E; Mon, 21 Jan 2002 19:40:41 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121142038.GA36519@nagual.pp.ru> <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121172526.GB38390@nagual.pp.ru> <20020121181318.GA39364@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 19:40:40 +0100 In-Reply-To: <20020121181318.GA39364@nagual.pp.ru> Message-ID: Lines: 22 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > It looks like right variant. _By_default_ OPIE user is unable to enter > Unix password. You need to add > permit 255.255.255.255 > line to /etc/opieaccess to _allow_ Unix passwords on your machine. Which I do... # grep '^[^#]' /etc/opieaccess permit 127.0.0.1 255.255.255.255 permit 10.0.0.1 255.255.255.0 > It looks like wrong variant: 3 prompts instead of 2 ones. There is only 2 > prompts for all possible cases in OPIE. Unix password can be entered on > first or on second prompt (i.e. with [echo on]), if _allowed_. I understand your point, but I'm still unsure. I'll just leave that part of the patch out for now. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:45: 3 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 4C6C537B404 for ; Mon, 21 Jan 2002 10:44:59 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LIiq639868; Mon, 21 Jan 2002 21:44:53 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 21:44:50 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review Message-ID: <20020121184449.GB39745@nagual.pp.ru> References: <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121172526.GB38390@nagual.pp.ru> <20020121181318.GA39364@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 19:40:40 +0100, Dag-Erling Smorgrav wrote: > > Which I do... > > # grep '^[^#]' /etc/opieaccess > permit 127.0.0.1 255.255.255.255 > permit 10.0.0.1 255.255.255.0 Really there must be only address resolved from gethostname() call, what f.e. "su" sets for PAM_RHOST on localhost. In that case you try to enter with empty Unix password (see my other message) -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:48:35 2002 Delivered-To: freebsd-current@freebsd.org Received: from h132-197-179-27.gte.com (h132-197-179-27.gte.com [132.197.179.27]) by hub.freebsd.org (Postfix) with ESMTP id A23EC37B405 for ; Mon, 21 Jan 2002 10:48:31 -0800 (PST) Received: from kanpc.gte.com (localhost [127.0.0.1]) by h132-197-179-27.gte.com (8.11.6/8.11.4) with SMTP id g0LIlwZ57694; Mon, 21 Jan 2002 13:47:58 -0500 (EST) (envelope-from ak03@gte.com) Date: Mon, 21 Jan 2002 13:47:58 -0500 From: Alexander Kabaev To: Julian Elischer Cc: current@FreeBSD.ORG Subject: Re: __stderrp error Message-Id: <20020121134758.11390f0f.ak03@gte.com> In-Reply-To: References: <20020121094521.777d54ec.ak03@gte.com> Organization: Verizon Data Services X-Mailer: Sylpheed version 0.7.0claws8 (GTK+ 1.2.10; i386--freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > no, should I? Only if you have older libraries with the same names as as ones installed in /usr/lib/compat. As Ruslan pointed out, existing Makefiles in lib/compat should take care of that automatically. The change was added in last September. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 10:55:47 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 2087A37B400 for ; Mon, 21 Jan 2002 10:55:39 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id E940F532C; Mon, 21 Jan 2002 19:55:37 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step6, corresponding /etc/pam.d/* fixes for review References: <20020121154244.GC37234@nagual.pp.ru> <20020121161534.GE37234@nagual.pp.ru> <20020121162726.GH37234@nagual.pp.ru> <20020121172526.GB38390@nagual.pp.ru> <20020121181318.GA39364@nagual.pp.ru> <20020121184449.GB39745@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 19:55:37 +0100 In-Reply-To: <20020121184449.GB39745@nagual.pp.ru> Message-ID: Lines: 19 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > On Mon, Jan 21, 2002 at 19:40:40 +0100, Dag-Erling Smorgrav wrote: > > # grep '^[^#]' /etc/opieaccess > > permit 127.0.0.1 255.255.255.255 > > permit 10.0.0.1 255.255.255.0 > Really there must be only address resolved from gethostname() call, > what f.e. "su" sets for PAM_RHOST on localhost. Sure, but the other hosts on my home LAN (one server, another workstation, and two to three laptops) are considered "trusted" too :) > In that case you try to enter with empty Unix password (see my other > message) Agreed. I didn't see it that way, but you're right. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 11:20: 2 2002 Delivered-To: freebsd-current@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id DB6E437B402 for ; Mon, 21 Jan 2002 11:19:57 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id UAA09361 for freebsd-current@freebsd.org; Mon, 21 Jan 2002 20:19:57 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id g0LJAFO73799; Mon, 21 Jan 2002 20:10:15 +0100 (MET) (envelope-from j) Date: Mon, 21 Jan 2002 20:10:15 +0100 (MET) Message-Id: <200201211910.g0LJAFO73799@uriah.heep.sax.de> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Organization: Private BSD site, Dresden X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E References: <200201211756.SAA22267@bonsai.fernuni-hagen.de> From: j@uriah.heep.sax.de (Joerg Wunsch) Subject: Re: i4b driver broken for -current? X-Original-Newsgroups: local.freebsd.current To: freebsd-current@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Marc Ernst Eddy van Woerkom wrote: > However I don't manage to establish > a kernel ppp connection to my provider > since then. You're using the correct version of sppp? We recently abandoned the private sys/i4b/driver/i4b_ispppsubr.c (finally), and have i4b use sys/net/if_spppsubr.c. This means that you now need to throw away ispppcontrol(8), and use spppcontrol(8) again. Unfortunately, Warner is somewhat offline due to personal matters right now, so my submitted entries for UPDATING aren't commited yet. -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 11:26:32 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id BB12537B402; Mon, 21 Jan 2002 11:26:20 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LJQJ740439; Mon, 21 Jan 2002 22:26:19 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 22:26:18 +0300 From: "Andrey A. Chernov" To: Dag-Erling Smorgrav Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt Message-ID: <20020121192618.GA40393@nagual.pp.ru> References: <20020121142901.GA36594@nagual.pp.ru> <20020121153242.GB37234@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121153242.GB37234@nagual.pp.ru> User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 18:32:43 +0300, Andrey A. Chernov wrote: > On Mon, Jan 21, 2002 at 16:11:47 +0100, Dag-Erling Smorgrav wrote: > > > > > Back to your subj.: It breaks, at least, M$ Windows OPIE/Skey generators > > > which do auto-paste when keyword (Password) is found. > > > > Good point. "OPIE Password" might be more appropriate, then. > > We don't know, what exact pattern they may use. What if it is something > like \nPassword? BTW, example of such program is NetNTerm > www.securenetterm.com The second argument against this change follows: On Password: or Password [echo on]: prompts user can type either OPIE exchange or Unix password (if allowed to do it). If this will be changed to: OPIE Password: or OPIE Password [echo on]: it gives impression that no normal Unix password can be typed at this point. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 11:29:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 0BC5B37B417; Mon, 21 Jan 2002 11:29:38 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id C3CC2533B; Mon, 21 Jan 2002 20:29:36 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt References: <20020121142901.GA36594@nagual.pp.ru> <20020121153242.GB37234@nagual.pp.ru> <20020121192618.GA40393@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 20:29:36 +0100 In-Reply-To: <20020121192618.GA40393@nagual.pp.ru> Message-ID: Lines: 9 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > it gives impression that no normal Unix password can be typed at this > point. ...which I initially thought was the case, but it's not. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 11:31:11 2002 Delivered-To: freebsd-current@freebsd.org Received: from mout0.freenet.de (mout0.freenet.de [194.97.50.131]) by hub.freebsd.org (Postfix) with ESMTP id 96B6137B41E; Mon, 21 Jan 2002 11:30:43 -0800 (PST) Received: from [194.97.50.136] (helo=mx3.freenet.de) by mout0.freenet.de with esmtp (Exim 3.33 #3) id 16Sk9R-0000T7-00; Mon, 21 Jan 2002 20:30:41 +0100 Received: from ae1ac.pppool.de ([213.6.225.172] helo=Magelan.Leidinger.net) by mx3.freenet.de with esmtp (Exim 3.33 #3) id 16Sk9R-0002ks-00; Mon, 21 Jan 2002 20:30:41 +0100 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.6/8.11.6) with ESMTP id g0LJAHG04925; Mon, 21 Jan 2002 20:10:18 +0100 (CET) (envelope-from netchild@Leidinger.net) Message-Id: <200201211910.g0LJAHG04925@Magelan.Leidinger.net> Date: Mon, 21 Jan 2002 20:10:16 +0100 (CET) From: Alexander Leidinger Subject: Re: i4b driver broken for -current? To: Marc.Vanwoerkom@FernUni-Hagen.de Cc: freebsd-current@FreeBSD.ORG, brian@FreeBSD.org In-Reply-To: <200201211756.SAA22267@bonsai.fernuni-hagen.de> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 21 Jan, Marc Ernst Eddy van Woerkom wrote: > anyone running a recent -current > successfuly with the i4b ISDN drivers? Yes. > I built -current around christmas, > and had to applay a patch posted here > in October to make a kernel with i4b > drivers. I think it was my patch. Something with "mtx_initialized()"?. If yes, it's in the tree now. > However I don't manage to establish > a kernel ppp connection to my provider > since then. You have to use rev. 1.60 of /sys/netinet/in.c ("cd /sys/netinet; cvs update -r 1.60 in.c" if you use cvs instead of CVSup). The author of rev 1.61 (brian, CCed) knows already about it, but I don't know what he wants to do and when he has time to do it. If you can't get rev 1.60 (either via cvs or from the web interface at freebsd.org or any other source) you have to use the userland ppp. Bye, Alexander. -- "One world, one web, one program" -- Microsoft promotional ad "Ein Volk, ein Reich, ein Fuehrer" -- Adolf Hitler http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 11:45:24 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id CB19637B405 for ; Mon, 21 Jan 2002 11:45:19 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LJjAG40732; Mon, 21 Jan 2002 22:45:10 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 22:45:07 +0300 From: "Andrey A. Chernov" To: des@ofug.org, mark@grondar.za, current@FreeBSD.ORG Subject: Step7, Conclusion Message-ID: <20020121194507.GA40664@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Well, now almost all things work as they expected to be, only one thing left is promised by Mark srandomdev() fix. Thanks to all, especially to Dag-Erling. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 11:54:54 2002 Delivered-To: freebsd-current@freebsd.org Received: from rover.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 6C18F37B405 for ; Mon, 21 Jan 2002 11:54:52 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.3/8.11.3) with ESMTP id g0LJspl50615; Mon, 21 Jan 2002 12:54:51 -0700 (MST) (envelope-from imp@village.org) Received: from localhost (warner@rover2.village.org [10.0.0.1]) by harmony.village.org (8.11.6/8.11.6) with ESMTP id g0LJsox66956; Mon, 21 Jan 2002 12:54:50 -0700 (MST) (envelope-from imp@village.org) Date: Mon, 21 Jan 2002 12:54:38 -0700 (MST) Message-Id: <20020121.125438.127505600.imp@village.org> To: julian@elischer.org Cc: current@FreeBSD.ORG Subject: Re: __stderrp error From: "M. Warner Losh" In-Reply-To: References: <20020121.074627.60783303.imp@village.org> X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In message: Julian Elischer writes: : this machine has never been 3.x. : the binaries worked fine up until about 5 months ago. All bets are off if it ran -current. You need to rebuild everything. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:12:37 2002 Delivered-To: freebsd-current@freebsd.org Received: from leviathan.inethouston.net (leviathan.inethouston.net [66.64.12.249]) by hub.freebsd.org (Postfix) with ESMTP id 6D79537B41C for ; Mon, 21 Jan 2002 12:12:21 -0800 (PST) Received: by leviathan.inethouston.net (Postfix, from userid 1001) id 27B2B319BD5; Mon, 21 Jan 2002 14:12:19 -0600 (CST) Date: Mon, 21 Jan 2002 14:12:19 -0600 From: "David W. Chapman Jr." To: "M. Warner Losh" Cc: julian@elischer.org, current@FreeBSD.ORG Subject: Re: __stderrp error Message-ID: <20020121201218.GA86031@leviathan.inethouston.net> Reply-To: "David W. Chapman Jr." Mail-Followup-To: "M. Warner Losh" , julian@elischer.org, current@FreeBSD.ORG References: <20020121.074627.60783303.imp@village.org> <20020121.125438.127505600.imp@village.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121.125438.127505600.imp@village.org> User-Agent: Mutt/1.3.26i X-Operating-System: FreeBSD 4.5-RC i386 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 12:54:38PM -0700, M. Warner Losh wrote: > In message: > Julian Elischer writes: > : this machine has never been 3.x. > : the binaries worked fine up until about 5 months ago. > > All bets are off if it ran -current. You need to rebuild everything. > Ah yes, I remember this problem with -current. Something changed and I had to rebuild everything including ports or install the 4.x compat libs. -- David W. Chapman Jr. dwcjr@inethouston.net Raintree Network Services, Inc. dwcjr@freebsd.org FreeBSD Committer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:13:37 2002 Delivered-To: freebsd-current@freebsd.org Received: from rover.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 7E93437B404 for ; Mon, 21 Jan 2002 12:13:32 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.3/8.11.3) with ESMTP id g0LKDVl50801; Mon, 21 Jan 2002 13:13:31 -0700 (MST) (envelope-from imp@village.org) Received: from localhost (warner@rover2.village.org [10.0.0.1]) by harmony.village.org (8.11.6/8.11.6) with ESMTP id g0LKDUx67187; Mon, 21 Jan 2002 13:13:30 -0700 (MST) (envelope-from imp@village.org) Date: Mon, 21 Jan 2002 13:13:19 -0700 (MST) Message-Id: <20020121.131319.89622181.imp@village.org> To: dwcjr@inethouston.net Cc: julian@elischer.org, current@FreeBSD.ORG Subject: Re: __stderrp error From: "M. Warner Losh" In-Reply-To: <20020121201218.GA86031@leviathan.inethouston.net> References: <20020121.125438.127505600.imp@village.org> <20020121201218.GA86031@leviathan.inethouston.net> X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In message: <20020121201218.GA86031@leviathan.inethouston.net> "David W. Chapman Jr." writes: : On Mon, Jan 21, 2002 at 12:54:38PM -0700, M. Warner Losh wrote: : > In message: : > Julian Elischer writes: : > : this machine has never been 3.x. : > : the binaries worked fine up until about 5 months ago. : > : > All bets are off if it ran -current. You need to rebuild everything. : > : : Ah yes, I remember this problem with -current. Something changed and : I had to rebuild everything including ports or install the 4.x compat : libs. If you are using 4.x compat libraries they needed to be reinstalled. If you are using libc from -current, you must rebuild all binaries that use them. Those are the breaks. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:14: 4 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 02FE437B400 for ; Mon, 21 Jan 2002 12:13:59 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LKDk641940; Mon, 21 Jan 2002 23:13:47 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 23:13:44 +0300 From: "Andrey A. Chernov" To: des@ofug.org, mark@grondar.za, current@FreeBSD.ORG Subject: We forget STATIC_MODULES, patch included Message-ID: <20020121201343.GA41917@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --- libpam/Makefile.old Thu Dec 13 12:26:56 2001 +++ libpam/Makefile Mon Jan 21 23:09:16 2002 @@ -80,6 +80,7 @@ .endif STATIC_MODULES+= ${MODOBJDIR}/pam_nologin/libpam_nologin.a STATIC_MODULES+= ${MODOBJDIR}/pam_opie/libpam_opie.a +STATIC_MODULES+= ${MODOBJDIR}/pam_opieaccess/libpam_opieaccess.a STATIC_MODULES+= ${MODOBJDIR}/pam_permit/libpam_permit.a STATIC_MODULES+= ${MODOBJDIR}/pam_radius/libpam_radius.a STATIC_MODULES+= ${MODOBJDIR}/pam_rootok/libpam_rootok.a -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:20: 1 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 9DEDB37B402 for ; Mon, 21 Jan 2002 12:19:52 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 778D6532C; Mon, 21 Jan 2002 21:19:51 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step7, Conclusion References: <20020121194507.GA40664@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 21:19:50 +0100 In-Reply-To: <20020121194507.GA40664@nagual.pp.ru> Message-ID: Lines: 11 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Andrey A. Chernov" writes: > Thanks to all, especially to Dag-Erling. Thanks to *you* for pointing out and explaining the issues, submitting patches, and reviewing and testing mine. I'm sorry we got off on such a bad foot this weekend; I feel that the exchanges we've had yesterday and today have been very constructive and productive. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:20: 8 2002 Delivered-To: freebsd-current@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 166A337B405 for ; Mon, 21 Jan 2002 12:19:56 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id VAA10256 for freebsd-current@freebsd.org; Mon, 21 Jan 2002 21:19:55 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id g0LKDCZ75004; Mon, 21 Jan 2002 21:13:12 +0100 (MET) (envelope-from j) Date: Mon, 21 Jan 2002 21:13:12 +0100 (MET) Message-Id: <200201212013.g0LKDCZ75004@uriah.heep.sax.de> Mime-Version: 1.0 X-Newsreader: knews 1.0b.1 Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Organization: Private BSD site, Dresden X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E References: <200201211756.SAA22267@bonsai.fernuni-hagen.de> <200201211910.g0LJAHG04925@Magelan.Leidinger.net> From: j@uriah.heep.sax.de (Joerg Wunsch) Subject: Re: i4b driver broken for -current? X-Original-Newsgroups: local.freebsd.current To: freebsd-current@freebsd.org Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Alexander Leidinger wrote: > You have to use rev. 1.60 of /sys/netinet/in.c ("cd > /sys/netinet; No, you're wrong. This bug has been fixed as one of the first of my series of committs that brought the i4b version of sppp back into the mainstream version. Otherwise i could not have worked at all. ;-) RCS file: /home/ncvs/src/sys/net/if_spppsubr.c,v Working file: /sys/net/if_spppsubr.c head: 1.91 .... ---------------------------- revision 1.74 date: 2001/12/26 20:28:41; author: joerg; state: Exp; lines: +3 -2 For SIOCSIFADDR, don't call if_up() since it would attempt to add the route to the destination twice. Now that brian has fixed route.c to no longer accept this second route, this long-standing nuisance became a showstopper bug for sppp users. In retrospect, this is the same fix as the one in rev 1.78 of if_sl.c; most likely the original version of sppp has been cloned from SLIP. ;-) -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:20:39 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id B861737B400 for ; Mon, 21 Jan 2002 12:20:19 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020121202019.NUNF3578.rwcrmhc52.attbi.com@InterJet.elischer.org>; Mon, 21 Jan 2002 20:20:19 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA12812; Mon, 21 Jan 2002 12:19:25 -0800 (PST) Date: Mon, 21 Jan 2002 12:19:24 -0800 (PST) From: Julian Elischer To: "M. Warner Losh" Cc: dwcjr@inethouston.net, current@FreeBSD.ORG Subject: Re: __stderrp error In-Reply-To: <20020121.131319.89622181.imp@village.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I reinstalled the 4.x compat libs but it didn't make any difference.:-( On Mon, 21 Jan 2002, M. Warner Losh wrote: > In message: <20020121201218.GA86031@leviathan.inethouston.net> > "David W. Chapman Jr." writes: > : On Mon, Jan 21, 2002 at 12:54:38PM -0700, M. Warner Losh wrote: > : > In message: > : > Julian Elischer writes: > : > : this machine has never been 3.x. > : > : the binaries worked fine up until about 5 months ago. > : > > : > All bets are off if it ran -current. You need to rebuild everything. > : > > : > : Ah yes, I remember this problem with -current. Something changed and > : I had to rebuild everything including ports or install the 4.x compat > : libs. > > If you are using 4.x compat libraries they needed to be reinstalled. > If you are using libc from -current, you must rebuild all binaries > that use them. Those are the breaks. > > Warner > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:20:45 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id E5B3037B41E for ; Mon, 21 Jan 2002 12:20:22 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id CF8EE533C; Mon, 21 Jan 2002 21:20:21 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: "Andrey A. Chernov" Cc: mark@grondar.za, current@FreeBSD.ORG Subject: Re: We forget STATIC_MODULES, patch included References: <20020121201343.GA41917@nagual.pp.ru> From: Dag-Erling Smorgrav Date: 21 Jan 2002 21:20:21 +0100 In-Reply-To: <20020121201343.GA41917@nagual.pp.ru> Message-ID: Lines: 5 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thanks, I'll commit that right away. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:28:40 2002 Delivered-To: freebsd-current@freebsd.org Received: from freebie.xs4all.nl (freebie.xs4all.nl [213.84.32.253]) by hub.freebsd.org (Postfix) with ESMTP id 4195C37B404 for ; Mon, 21 Jan 2002 12:28:36 -0800 (PST) Received: (from wkb@localhost) by freebie.xs4all.nl (8.11.6/8.11.6) id g0LKSMW05134; Mon, 21 Jan 2002 21:28:22 +0100 (CET) (envelope-from wkb) Date: Mon, 21 Jan 2002 21:28:22 +0100 From: Wilko Bulte To: Dag-Erling Smorgrav Cc: "Andrey A. Chernov" , mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step7, Conclusion Message-ID: <20020121212822.B5110@freebie.xs4all.nl> References: <20020121194507.GA40664@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from des@ofug.org on Mon, Jan 21, 2002 at 09:19:50PM +0100 X-OS: FreeBSD 4.5-PRERELEASE X-PGP: finger wilko@freebsd.org Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 09:19:50PM +0100, Dag-Erling Smorgrav wrote: > "Andrey A. Chernov" writes: > > Thanks to all, especially to Dag-Erling. > > Thanks to *you* for pointing out and explaining the issues, submitting > patches, and reviewing and testing mine. I'm sorry we got off on such > a bad foot this weekend; I feel that the exchanges we've had yesterday > and today have been very constructive and productive. hear hear! Good stuff folks.. -- | / o / /_ _ email: wilko@FreeBSD.org |/|/ / / /( (_) Bulte Arnhem, the Netherlands To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:32:17 2002 Delivered-To: freebsd-current@freebsd.org Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by hub.freebsd.org (Postfix) with ESMTP id 4E8C037B402 for ; Mon, 21 Jan 2002 12:32:09 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1192) id 252A610DDF7; Mon, 21 Jan 2002 12:32:09 -0800 (PST) Date: Mon, 21 Jan 2002 12:32:09 -0800 From: Alfred Perlstein To: Dag-Erling Smorgrav Cc: "Andrey A. Chernov" , mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step7, Conclusion Message-ID: <20020121123209.O13686@elvis.mu.org> References: <20020121194507.GA40664@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from des@ofug.org on Mon, Jan 21, 2002 at 09:19:50PM +0100 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Dag-Erling Smorgrav [020121 12:20] wrote: > "Andrey A. Chernov" writes: > > Thanks to all, especially to Dag-Erling. > > Thanks to *you* for pointing out and explaining the issues, submitting > patches, and reviewing and testing mine. I'm sorry we got off on such > a bad foot this weekend; I feel that the exchanges we've had yesterday > and today have been very constructive and productive. Truly commendable the way you all settled and solved the issue, the project is better for it. thank you, -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:40:10 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc53.attbi.com (rwcrmhc53.attbi.com [204.127.198.39]) by hub.freebsd.org (Postfix) with ESMTP id 5FEEB37B416 for ; Mon, 21 Jan 2002 12:40:07 -0800 (PST) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc53.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020121204006.KFGB10199.rwcrmhc53.attbi.com@InterJet.elischer.org>; Mon, 21 Jan 2002 20:40:06 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id MAA12868; Mon, 21 Jan 2002 12:24:46 -0800 (PST) Date: Mon, 21 Jan 2002 12:24:44 -0800 (PST) From: Julian Elischer To: Dag-Erling Smorgrav Cc: "Andrey A. Chernov" , mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step7, Conclusion In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG step 8 a summary for the rest of us? I got lost there in the middle soemwhere. On 21 Jan 2002, Dag-Erling Smorgrav wrote: > "Andrey A. Chernov" writes: > > Thanks to all, especially to Dag-Erling. > > Thanks to *you* for pointing out and explaining the issues, submitting > patches, and reviewing and testing mine. I'm sorry we got off on such > a bad foot this weekend; I feel that the exchanges we've had yesterday > and today have been very constructive and productive. > > DES > -- > Dag-Erling Smorgrav - des@ofug.org > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-current" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:45:35 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 62AF437B405 for ; Mon, 21 Jan 2002 12:45:32 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id B19F2532C; Mon, 21 Jan 2002 21:45:24 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Julian Elischer Cc: "Andrey A. Chernov" , mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step7, Conclusion References: From: Dag-Erling Smorgrav Date: 21 Jan 2002 21:45:24 +0100 In-Reply-To: Message-ID: Lines: 10 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Julian Elischer writes: > step 8 > a summary for the rest of us? > I got lost there in the middle soemwhere. http://people.freebsd.org/~des/diary/2002.html#2002-01-21 DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:48:57 2002 Delivered-To: freebsd-current@freebsd.org Received: from scaup.prod.itd.earthlink.net (scaup.mail.pas.earthlink.net [207.217.120.49]) by hub.freebsd.org (Postfix) with ESMTP id 3DBC337B400 for ; Mon, 21 Jan 2002 12:48:44 -0800 (PST) Received: from pool0452.cvx40-bradley.dialup.earthlink.net ([216.244.43.197] helo=mindspring.com) by scaup.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SlMw-0006mu-00; Mon, 21 Jan 2002 12:48:42 -0800 Message-ID: <3C4C7EA7.66CBFC0D@mindspring.com> Date: Mon, 21 Jan 2002 12:48:39 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: "Jacques A. Vidrine" Cc: current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120233050.GA26913@nagual.pp.ru> <200201202344.g0KNijt34738@grimreaper.grondar.org> <3C4BC6A0.4078CBA6@mindspring.com> <20020121140516.GB57549@madman.nectar.cc> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Jacques A. Vidrine" wrote: > > On Sun, Jan 20, 2002 at 11:43:28PM -0800, Terry Lambert wrote: > > Once you guys have this all hammered out, are you going to > > integrate PAM and Kerberos? 8-) 8-) 8-). > > In what way do you mean? In the way that the author of the PAM architecture from Sun spoke at the Silicon Valley BSD User's Group meeting, and there are just some things that can't be wedged into the PAM framework until the framework is changed. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:50:42 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id DB9FE37B41C for ; Mon, 21 Jan 2002 12:50:13 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LKo3142428; Mon, 21 Jan 2002 23:50:03 +0300 (MSK) (envelope-from ache) Date: Mon, 21 Jan 2002 23:50:02 +0300 From: "Andrey A. Chernov" To: Julian Elischer Cc: Dag-Erling Smorgrav , mark@grondar.za, current@FreeBSD.ORG Subject: Re: Step7, Conclusion Message-ID: <20020121205002.GA42336@nagual.pp.ru> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 12:24:44 -0800, Julian Elischer wrote: > step 8 > a summary for the rest of us? > I got lost there in the middle soemwhere. Most shortest one, I think: 1) OPIE auth now works as required. 2) OPIE is turned on by default. Both cases affects only users registered in OPIE and not affects normal users. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:52:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from scaup.prod.itd.earthlink.net (scaup.mail.pas.earthlink.net [207.217.120.49]) by hub.freebsd.org (Postfix) with ESMTP id 0135537B416; Mon, 21 Jan 2002 12:52:29 -0800 (PST) Received: from pool0452.cvx40-bradley.dialup.earthlink.net ([216.244.43.197] helo=mindspring.com) by scaup.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SlQZ-0004YC-00; Mon, 21 Jan 2002 12:52:27 -0800 Message-ID: <3C4C7F88.60D4E5CA@mindspring.com> Date: Mon, 21 Jan 2002 12:52:24 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Dag-Erling Smorgrav Cc: ache@freebsd.org, markm@freebsd.org, current@freebsd.org Subject: Re: pam_opie(8) prompt References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav wrote: > Does anybody mind if I change the pam_opie(8) prompt from "Password:" > to "Response:"? I think users might be slightly confused when they > enter an incorrect or empty response twice and get a new "Password:" > prompt and don't realize it's the pam_unix(8) prompt. See my patch to the login code to use a string from the /etc/login.conf file for the "Password: " prompt for getty and login. Making yet another string, that was not under the control of the configuration files would damage the ability to rebadge the system. I think unconfusing the user is an administrative problem, and since the confusion would arise as the result of an administrative decision, this only reaffirms my opinion that it should live in the local "policies and how to use this system" documents. Remember that the intent of systems design is to *avoid* dictating policy. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:55:19 2002 Delivered-To: freebsd-current@freebsd.org Received: from scaup.prod.itd.earthlink.net (scaup.mail.pas.earthlink.net [207.217.120.49]) by hub.freebsd.org (Postfix) with ESMTP id 0432137B416; Mon, 21 Jan 2002 12:55:14 -0800 (PST) Received: from pool0452.cvx40-bradley.dialup.earthlink.net ([216.244.43.197] helo=mindspring.com) by scaup.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SlTF-0000gr-00; Mon, 21 Jan 2002 12:55:13 -0800 Message-ID: <3C4C802D.902C49D9@mindspring.com> Date: Mon, 21 Jan 2002 12:55:09 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Ruslan Ermilov Cc: Dag-Erling Smorgrav , ache@FreeBSD.ORG, markm@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: pam_opie(8) prompt References: <20020121162819.C63110@sunbay.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Ruslan Ermilov wrote: > On Mon, Jan 21, 2002 at 03:18:32PM +0100, Dag-Erling Smorgrav wrote: > > Does anybody mind if I change the pam_opie(8) prompt from "Password:" > > to "Response:"? I think users might be slightly confused when they > > enter an incorrect or empty response twice and get a new "Password:" > > prompt and don't realize it's the pam_unix(8) prompt. > > > Why not "OPIE password:" then? If you must do it, then make it an "OPIE " prefix, and let whatever string is there show up. I would really prefer that this be controllable with a policy option (e.g. via pam.conf), assuming it has to be there at all. Presumably, the admin will know the system is using OPIE (having configured it to do so), and the admin will tell the users about this at the time the accounts are granted. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 12:59:43 2002 Delivered-To: freebsd-current@freebsd.org Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 913E737B430 for ; Mon, 21 Jan 2002 12:59:15 -0800 (PST) Received: by gw.nectar.cc (Postfix, from userid 1001) id EEEE33A; Mon, 21 Jan 2002 14:59:14 -0600 (CST) Date: Mon, 21 Jan 2002 14:59:14 -0600 From: "Jacques A. Vidrine" To: Terry Lambert Cc: current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121145914.A91420@hellblazer.nectar.cc> References: <20020120233050.GA26913@nagual.pp.ru> <200201202344.g0KNijt34738@grimreaper.grondar.org> <3C4BC6A0.4078CBA6@mindspring.com> <20020121140516.GB57549@madman.nectar.cc> <3C4C7EA7.66CBFC0D@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3C4C7EA7.66CBFC0D@mindspring.com>; from tlambert2@mindspring.com on Mon, Jan 21, 2002 at 12:48:39PM -0800 X-Url: http://www.nectar.cc/ Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 12:48:39PM -0800, Terry Lambert wrote: > "Jacques A. Vidrine" wrote: > > > > On Sun, Jan 20, 2002 at 11:43:28PM -0800, Terry Lambert wrote: > > > Once you guys have this all hammered out, are you going to > > > integrate PAM and Kerberos? 8-) 8-) 8-). > > > > In what way do you mean? > > In the way that the author of the PAM architecture from Sun > spoke at the Silicon Valley BSD User's Group meeting, Do you have a reference, or do we have to guess what you are talking about? :-) > and > there are just some things that can't be wedged into the > PAM framework until the framework is changed. That is certainly true. It's also true if s/PAM/foo/ for most values of foo. Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 13:56:11 2002 Delivered-To: freebsd-current@freebsd.org Received: from gull.prod.itd.earthlink.net (gull.mail.pas.earthlink.net [207.217.120.84]) by hub.freebsd.org (Postfix) with ESMTP id 47F5337B402 for ; Mon, 21 Jan 2002 13:56:09 -0800 (PST) Received: from pool0452.cvx40-bradley.dialup.earthlink.net ([216.244.43.197] helo=mindspring.com) by gull.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SmQ0-00022Z-00; Mon, 21 Jan 2002 13:55:57 -0800 Message-ID: <3C4C8E69.90DEB78E@mindspring.com> Date: Mon, 21 Jan 2002 13:55:53 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: "Jacques A. Vidrine" Cc: current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review References: <20020120233050.GA26913@nagual.pp.ru> <200201202344.g0KNijt34738@grimreaper.grondar.org> <3C4BC6A0.4078CBA6@mindspring.com> <20020121140516.GB57549@madman.nectar.cc> <3C4C7EA7.66CBFC0D@mindspring.com> <20020121145914.A91420@hellblazer.nectar.cc> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG "Jacques A. Vidrine" wrote: > > In the way that the author of the PAM architecture from Sun > > spoke at the Silicon Valley BSD User's Group meeting, > > Do you have a reference, or do we have to guess what you are talking > about? :-) I have my memory of the talk he gave, which included the idea that Sun was not supporting work to modify the PAM architecture to support Kerberos in the future. Basically, you can use it for authentication and password change, but for little else, and even those uses require going through incredible hoops (e.g. abusing the authentication module API to implement a credential cache). Did you need more? Are you really just fishing for Paul Fronberg's email address? Maybe this release note from HP will explain the limitations satisfactorily: http://docs.hp.com/hpux/onlinedocs/J5849-90001/J5849-90001.html NB: This is just for authentication, mostly preauthentication. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 14:15:40 2002 Delivered-To: freebsd-current@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 9108B37B402; Mon, 21 Jan 2002 14:15:34 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0LMFXD44159; Tue, 22 Jan 2002 01:15:33 +0300 (MSK) (envelope-from ache) Date: Tue, 22 Jan 2002 01:15:31 +0300 From: "Andrey A. Chernov" To: markm@freebsd.org, current@freebsd.org Subject: OPIE little speedup patch for review Message-ID: <20020121221530.GA44147@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.24i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG memset() in opiechallenge() really is not needed because it is the very first thing opielookup() does being entered, i.e. look at this: int opielookup FUNCTION((opie, principal), struct opie *opie AND char *principal) { int i; memset(opie, 0, sizeof(struct opie)); ... And then the patch included: --- challenge.c.bak Tue Apr 11 16:52:01 2000 +++ challenge.c Tue Jan 22 01:07:06 2002 @@ -52,8 +52,6 @@ { int rval = -1; - memset(mp, 0, sizeof(*mp)); - rval = opielookup(mp, name); #if DEBUG if (rval) syslog(LOG_DEBUG, "opiechallenge: opielookup(mp, name=%s) returned %d", name, rval); -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 16: 5:35 2002 Delivered-To: freebsd-current@freebsd.org Received: from mailsrv.otenet.gr (mailsrv.otenet.gr [195.170.0.5]) by hub.freebsd.org (Postfix) with ESMTP id CF44337B400 for ; Mon, 21 Jan 2002 16:05:27 -0800 (PST) Received: from hades.hell.gr (patr530-b165.otenet.gr [212.205.244.173]) by mailsrv.otenet.gr (8.11.5/8.11.5) with ESMTP id g0M05H417547; Tue, 22 Jan 2002 02:05:18 +0200 (EET) Received: by hades.hell.gr (Postfix, from userid 1001) id 02A1036; Mon, 21 Jan 2002 22:39:40 +0200 (EET) Date: Mon, 21 Jan 2002 22:39:40 +0200 From: Giorgos Keramidas To: jordan.breeding@attbi.com Cc: freebsd-current@FreeBSD.org Subject: Re: Questions about -current Message-ID: <20020121203940.GA1526@hades.hell.gr> References: <20020121092209.WZWB10199.rwcrmhc53.attbi.com@rwcrwbc55> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020121092209.WZWB10199.rwcrmhc53.attbi.com@rwcrwbc55> User-Agent: Mutt/1.3.25i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 2002-01-21 09:22:08, jordan.breeding@attbi.com wrote: > 5) In -current would it be possible to have a few command line > switches added to certain userland utilities? I noticed -h made it > into `ls` now, but `cp` still doesn't have -a or -x which I used to > use all the time in Linux. I know -a isn't a big deal but - x was > definitely nice from time to time. What does the -a or -x option do for the ls(1) command of Linux? Perhaps equivalent options do already exist in FreeBSD ls(1). > `date` having a --date option to tell you when a specified date is > in Linux is also very nice. Just some thoughts. If I haven't misunderstood you on this, FreeBSD's date(1) can already do what you want, although I have to admit that it works a bit differently than Linux's date(1). I've recently used date(1) -j and -f options to convert arbitrary dates to the local timezone in a script I wrote to print the modification date of problem reports. You might want to check the scripts at: http://people.FreeBSD.org/~keramida/pr/feedback/ for samples of using date(1) to convert between timezones and date representations. A small example that will probably help you understand how this is done (combined with the description of the -j and -f options in the date(1) manual page) is shown below: hades!charon:[/home/charon]% date '+%s => %T %Z' 1011645430 => 22:37:10 EET hades!charon:[/home/charon]% TZ=UTC date -j -f '%s' 1011645328 '+%s => %T %Z' 1011645328 => 20:35:28 GMT Cheers, -- Giorgos Keramidas . . . . . . . . . keramida@{ceid.upatras.gr,freebsd.org} FreeBSD Documentation Project . . . http://www.freebsd.org/docproj/ FreeBSD: The power to serve . . . . http://www.freebsd.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 17:16:40 2002 Delivered-To: freebsd-current@freebsd.org Received: from femail17.sdc1.sfba.home.com (femail17.sdc1.sfba.home.com [24.0.95.144]) by hub.freebsd.org (Postfix) with ESMTP id A31A137B405 for ; Mon, 21 Jan 2002 17:16:38 -0800 (PST) Received: from dosmonos ([24.249.124.238]) by femail17.sdc1.sfba.home.com (InterMail vM.4.01.03.20 201-229-121-120-20010223) with ESMTP id <20020122011638.LDQK8122.femail17.sdc1.sfba.home.com@dosmonos> for ; Mon, 21 Jan 2002 17:16:38 -0800 Date: Mon, 21 Jan 2002 20:15:22 -0500 (EST) From: Mike Brancato X-Sender: funnyguy@dosmonos To: freebsd-current@freebsd.org Subject: 48bit ATA addressing problems / Promise TX2 ata133 problem? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I'm running -current and have a Maxtor 160GB hdd hooked to the promise ata133 card that came with it.... it will flake out for no apparent reason. any clues? maybe bad hardware? anyone else getting these? ad4: READ command timeout tag=0 serv=0 - resetting ata2: resetting devices .. done ad4: READ command timeout tag=0 serv=0 - resetting ata2: resetting devices .. done ad4: READ command timeout tag=0 serv=0 - resetting ata2: resetting devices .. done ad4: READ command timeout tag=0 serv=0 - resetting ad4: trying fallback to PIO mode ata2: resetting devices .. done mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 18:47:54 2002 Delivered-To: freebsd-current@freebsd.org Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by hub.freebsd.org (Postfix) with ESMTP id B22F537B402 for ; Mon, 21 Jan 2002 18:47:50 -0800 (PST) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.11.6/8.11.5) with SMTP id g0M2leD81905; Mon, 21 Jan 2002 21:47:40 -0500 (EST) (envelope-from robert@fledge.watson.org) Date: Mon, 21 Jan 2002 21:47:39 -0500 (EST) From: Robert Watson X-Sender: robert@fledge.watson.org To: Julian Elischer Cc: current@freebsd.org Subject: Re: __stderrp error In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 20 Jan 2002, Julian Elischer wrote: > has NO effect whatsoever. > > The only thign I can do is recompile any package that has thos problem. > but sometimes it's hard finding which package needs to be recomiled. > > thoughts? You might also need compat3. I was quite surprised at the set of 3.x binaries I had installed :-). Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 20:41:49 2002 Delivered-To: freebsd-current@freebsd.org Received: from rover.village.org (rover.bsdimp.com [204.144.255.66]) by hub.freebsd.org (Postfix) with ESMTP id 9BA4437B402 for ; Mon, 21 Jan 2002 20:41:44 -0800 (PST) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.11.3/8.11.3) with ESMTP id g0M4fhl52510; Mon, 21 Jan 2002 21:41:43 -0700 (MST) (envelope-from imp@village.org) Received: from localhost (warner@rover2.village.org [10.0.0.1]) by harmony.village.org (8.11.6/8.11.6) with ESMTP id g0M4fgx69713; Mon, 21 Jan 2002 21:41:42 -0700 (MST) (envelope-from imp@village.org) Date: Mon, 21 Jan 2002 18:57:53 -0700 (MST) Message-Id: <20020121.185753.96063193.imp@village.org> To: julian@elischer.org Cc: dwcjr@inethouston.net, current@FreeBSD.ORG Subject: Re: __stderrp error From: "M. Warner Losh" In-Reply-To: References: <20020121.131319.89622181.imp@village.org> X-Mailer: Mew version 2.1 on Emacs 21.1 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In message: Julian Elischer writes: : I reinstalled the 4.x compat libs but it didn't make any difference.:-( Then you must have -current binaries that are too old. You will have to rebuild them. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 21:20:46 2002 Delivered-To: freebsd-current@freebsd.org Received: from panzer.kdm.org (panzer.kdm.org [216.160.178.169]) by hub.freebsd.org (Postfix) with ESMTP id EAD4E37B404 for ; Mon, 21 Jan 2002 21:20:39 -0800 (PST) Received: (from ken@localhost) by panzer.kdm.org (8.11.6/8.9.1) id g0M5Kd364142 for current@FreeBSD.org; Mon, 21 Jan 2002 22:20:39 -0700 (MST) (envelope-from ken) Date: Mon, 21 Jan 2002 22:20:39 -0700 From: "Kenneth D. Merry" To: current@FreeBSD.org Subject: making a large RAMdisk? Message-ID: <20020121222038.A64090@panzer.kdm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I've got a machine with 4G of RAM, and I'm trying to test all the RAM out to make sure it's okay. I've tried doing buildworlds, but never end up using more than 1G of RAM on cache, etc. I've got -current and -stable on it, and I've tried making an MFS filesystem under -stable. I can't seem to get more than a 512M MFS filesystem allocated under -stable. (I've got two 2G swap partitions.) I tried using md to make a swap-backed filesystem under -current, but the problem is that it actually seems to back it with swap. (pstat -s shows disk space used, unlike MFS under -stable) Is there a way, under -current or -stable, to make a true RAMdisk that is around 2GB in size? Ken -- Kenneth Merry ken@kdm.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 21:24: 6 2002 Delivered-To: freebsd-current@freebsd.org Received: from ns1.infowest.com (ns1.infowest.com [204.17.177.10]) by hub.freebsd.org (Postfix) with ESMTP id 7200D37B402 for ; Mon, 21 Jan 2002 21:24:01 -0800 (PST) Received: from there (208.186.107.222.dsl.infowest.net [208.186.107.222]) by ns1.infowest.com (Postfix) with SMTP id 4790A2109B; Mon, 21 Jan 2002 22:24:00 -0700 (MST) Content-Type: text/plain; charset="iso-8859-1" From: Samuel J.Greear Organization: GetMegabits, Inc. To: "Kenneth D. Merry" , current@FreeBSD.org Subject: Re: making a large RAMdisk? Date: Tue, 22 Jan 2002 22:18:51 -0700 X-Mailer: KMail [version 1.3] References: <20020121222038.A64090@panzer.kdm.org> In-Reply-To: <20020121222038.A64090@panzer.kdm.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Message-Id: <20020122052400.4790A2109B@ns1.infowest.com> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Monday 21 January 2002 10:20 pm, Kenneth D. Merry wrote: > I've got a machine with 4G of RAM, and I'm trying to test all the RAM out > to make sure it's okay. > > I've tried doing buildworlds, but never end up using more than 1G of RAM on > cache, etc. > > I've got -current and -stable on it, and I've tried making an MFS > filesystem under -stable. I can't seem to get more than a 512M MFS > filesystem allocated under -stable. (I've got two 2G swap partitions.) > > I tried using md to make a swap-backed filesystem under -current, but the > problem is that it actually seems to back it with swap. (pstat -s shows > disk space used, unlike MFS under -stable) > > Is there a way, under -current or -stable, to make a true RAMdisk that is > around 2GB in size? > > Ken If all you want to do is test the RAM: http://www.teresaudio.com/memtest86/ (download the Windows version and use dd to put the binary on a floppy) As far as your other questions, well .... Sam To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 22:12:20 2002 Delivered-To: freebsd-current@freebsd.org Received: from panzer.kdm.org (panzer.kdm.org [216.160.178.169]) by hub.freebsd.org (Postfix) with ESMTP id DC04637B404 for ; Mon, 21 Jan 2002 22:12:14 -0800 (PST) Received: (from ken@localhost) by panzer.kdm.org (8.11.6/8.9.1) id g0M6C1V64590; Mon, 21 Jan 2002 23:12:01 -0700 (MST) (envelope-from ken) Date: Mon, 21 Jan 2002 23:12:01 -0700 From: "Kenneth D. Merry" To: "Samuel J.Greear" Cc: current@FreeBSD.org Subject: Re: making a large RAMdisk? Message-ID: <20020121231201.A64554@panzer.kdm.org> References: <20020121222038.A64090@panzer.kdm.org> <20020122052400.4790A2109B@ns1.infowest.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20020122052400.4790A2109B@ns1.infowest.com>; from dragonk@evilcode.net on Tue, Jan 22, 2002 at 10:18:51PM -0700 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Jan 22, 2002 at 22:18:51 -0700, Samuel J.Greear wrote: > On Monday 21 January 2002 10:20 pm, Kenneth D. Merry wrote: > > I've got a machine with 4G of RAM, and I'm trying to test all the RAM out > > to make sure it's okay. > > > > I've tried doing buildworlds, but never end up using more than 1G of RAM on > > cache, etc. > > > > I've got -current and -stable on it, and I've tried making an MFS > > filesystem under -stable. I can't seem to get more than a 512M MFS > > filesystem allocated under -stable. (I've got two 2G swap partitions.) > > > > I tried using md to make a swap-backed filesystem under -current, but the > > problem is that it actually seems to back it with swap. (pstat -s shows > > disk space used, unlike MFS under -stable) > > > > Is there a way, under -current or -stable, to make a true RAMdisk that is > > around 2GB in size? > > > > Ken > > > If all you want to do is test the RAM: > http://www.teresaudio.com/memtest86/ > (download the Windows version and use > dd to put the binary on a floppy) Thanks for the pointer. Unfortunately it doesn't work with more than 2G of RAM. (The test just hangs up, numlock doesn't work, keyboard input doesn't seem to do anything.) > As far as your other questions, well .... For the archives, Paul Saab pointed out that I need to increase MAXDSIZ. That did the trick, and I now have a ~2G MFS partition: (on -stable) {nargothrond:/usr/home/ken:62:0} df -k /mnt Filesystem 1K-blocks Used Avail Capacity Mounted on mfs:340 2015918 604986 1249660 33% /mnt Ken -- Kenneth Merry ken@kdm.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 22:38: 0 2002 Delivered-To: freebsd-current@freebsd.org Received: from freebsd.dk (fw-rl0.freebsd.dk [212.242.86.114]) by hub.freebsd.org (Postfix) with ESMTP id 6E99E37B404 for ; Mon, 21 Jan 2002 22:37:55 -0800 (PST) Received: (from sos@localhost) by freebsd.dk (8.11.6/8.11.6) id g0M6bam15911; Tue, 22 Jan 2002 07:37:36 +0100 (CET) (envelope-from sos) From: Søren Schmidt Message-Id: <200201220637.g0M6bam15911@freebsd.dk> Subject: Re: 48bit ATA addressing problems / Promise TX2 ata133 problem? In-Reply-To: To: Mike Brancato Date: Tue, 22 Jan 2002 07:37:36 +0100 (CET) Cc: freebsd-current@FreeBSD.ORG Reply-To: sos@freebsd.dk X-Mailer: ELM [version 2.4ME+ PL94b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=ISO-8859-1 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG It seems Mike Brancato wrote: > I'm running -current and have a Maxtor 160GB hdd hooked to the promise > ata133 card that came with it.... it will flake out for no apparent > reason. any clues? maybe bad hardware? anyone else getting these? > > ad4: READ command timeout tag=0 serv=0 - resetting > ata2: resetting devices .. done > ad4: READ command timeout tag=0 serv=0 - resetting > ata2: resetting devices .. done > ad4: READ command timeout tag=0 serv=0 - resetting > ata2: resetting devices .. done > ad4: READ command timeout tag=0 serv=0 - resetting > ad4: trying fallback to PIO mode > ata2: resetting devices .. done I know that the 48bit code works, but the support code for the Promise ATA133 controller hasn't been tested much (I dont have such an animal). However if you move the disk to another controller, does the problem persist ? -Søren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 23: 1: 3 2002 Delivered-To: freebsd-current@freebsd.org Received: from ledzep.dyndns.org (12-237-138-17.client.attbi.com [12.237.138.17]) by hub.freebsd.org (Postfix) with ESMTP id 9D24737B405; Mon, 21 Jan 2002 23:00:58 -0800 (PST) Received: from attbi.com (localhost.dyndns.org [127.0.0.1]) by ledzep.dyndns.org (8.11.6/8.11.6) with ESMTP id g0M70jn68077; Tue, 22 Jan 2002 01:00:45 -0600 (CST) (envelope-from jordan.breeding@attbi.com) Message-ID: <3C4D0E1B.70005@attbi.com> Date: Tue, 22 Jan 2002 01:00:43 -0600 From: Jordan Breeding User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.7) Gecko/20020118 X-Accept-Language: en-us MIME-Version: 1.0 To: Giorgos Keramidas Cc: freebsd-current@FreeBSD.org Subject: Re: Questions about -current References: <20020121092209.WZWB10199.rwcrmhc53.attbi.com@rwcrwbc55> <20020121203940.GA1526@hades.hell.gr> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Giorgos Keramidas wrote: > On 2002-01-21 09:22:08, jordan.breeding@attbi.com wrote: > >>5) In -current would it be possible to have a few command line >>switches added to certain userland utilities? I noticed -h made it >>into `ls` now, but `cp` still doesn't have -a or -x which I used to >>use all the time in Linux. I know -a isn't a big deal but - x was >>definitely nice from time to time. >> > > What does the -a or -x option do for the ls(1) command of Linux? > Perhaps equivalent options do already exist in FreeBSD ls(1). > Sorry for the confusion there :-) The -a and -x options are meant for cp(1). The -a (--archive) option in cp(1) for linux (which I am fairly certain is the gnu version) is essentially an easy way to safely do -dpR automatically. So effectively -a (--archive) preserves links, tries to preserve permissions, and also does a recursive copy. The -x (--one-file-system) option in cp(1) for linux says that if you have multiple file systems mounted on top of / and you do a `cp -ax / /mnt/copy/of/root/.` it should only copy the directory stubs for the mounts instead of the mounts themselves. I have found both of these options to be extremely useful at times. > >>`date` having a --date option to tell you when a specified date is >>in Linux is also very nice. Just some thoughts. >> > > If I haven't misunderstood you on this, FreeBSD's date(1) can already > do what you want, although I have to admit that it works a bit > differently than Linux's date(1). > > I've recently used date(1) -j and -f options to convert arbitrary > dates to the local timezone in a script I wrote to print the > modification date of problem reports. You might want to check the > scripts at: > > http://people.FreeBSD.org/~keramida/pr/feedback/ > > for samples of using date(1) to convert between timezones and date > representations. A small example that will probably help you > understand how this is done (combined with the description of the -j > and -f options in the date(1) manual page) is shown below: > > hades!charon:[/home/charon]% date '+%s => %T %Z' > 1011645430 => 22:37:10 EET > hades!charon:[/home/charon]% TZ=UTC date -j -f '%s' 1011645328 '+%s => %T %Z' > 1011645328 => 20:35:28 GMT > Again, sorry for the misunderstanding and not providing enough information upfront. In linux date(1) is the gnu version of date, which means you can do the following `date --date 'Jan 22 2002'` and it would output the following: Tue Jan 22 00:00:00 CST 2002 Or I could do a `date --date '2 days ago'` and it would output: Sun Jan 20 00:46:30 CST 2002 Again, this option might not be the most useful thing in the world but I know that I have used it many times at home and at work to make scripts less complicated. > Cheers, > > -- > Giorgos Keramidas . . . . . . . . . keramida@{ceid.upatras.gr,freebsd.org} > FreeBSD Documentation Project . . . http://www.freebsd.org/docproj/ > FreeBSD: The power to serve . . . . http://www.freebsd.org/ > > Thank you for the response and let me know if you need any further information to be able to tell what the options I was refering to for cp(1) and date(1) actually do. Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 23:13:10 2002 Delivered-To: freebsd-current@freebsd.org Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by hub.freebsd.org (Postfix) with ESMTP id 3167337B417 for ; Mon, 21 Jan 2002 23:13:08 -0800 (PST) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.11.6/8.11.6) with ESMTP id g0M7AQU35135; Tue, 22 Jan 2002 08:10:26 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: "Kenneth D. Merry" Cc: current@FreeBSD.ORG Subject: Re: making a large RAMdisk? In-Reply-To: Your message of "Mon, 21 Jan 2002 22:20:39 MST." <20020121222038.A64090@panzer.kdm.org> Date: Tue, 22 Jan 2002 08:10:26 +0100 Message-ID: <35133.1011683426@critter.freebsd.dk> From: Poul-Henning Kamp Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In message <20020121222038.A64090@panzer.kdm.org>, "Kenneth D. Merry" writes: >Is there a way, under -current or -stable, to make a true RAMdisk that is >around 2GB in size? Possibly. If you take the detour around a preloaded image for the md(4) driver it should be possible. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Mon Jan 21 23:20:12 2002 Delivered-To: freebsd-current@freebsd.org Received: from arnold.neland.dk (0x3ef31288.albnxx2.adsl.tele.dk [62.243.18.136]) by hub.freebsd.org (Postfix) with ESMTP id C9A8D37B400; Mon, 21 Jan 2002 23:20:07 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by arnold.neland.dk (8.11.6/8.11.6) with ESMTP id g0M7K1B53481; Tue, 22 Jan 2002 08:20:01 +0100 (CET) (envelope-from leifn@neland.dk) Date: Tue, 22 Jan 2002 08:20:01 +0100 (CET) From: Leif Neland To: Jordan Breeding Cc: Giorgos Keramidas , Subject: Re: Questions about -current (Linuxism's) In-Reply-To: <3C4D0E1B.70005@attbi.com> Message-ID: <20020122080244.H48678-100000@arnold.neland.dk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG While I realize you can't emulate the switches on any command on any os, I found a few "linuxism's" missing. Eg: I find it illogical, that "route" can change, and also display the route to a single host, but route can not display the entire route table. In linux it is simply "route", in windows it is "route print", but in FreeBSD it is "netstat -r" It is simple to add an information "Sorry Dave, I can not do that. Try netstat -r instead" for "route print" (I just did), or adding similar information when no proper keyword is given. Similarly on linux "netstat -ap"; the p gives the pid which has the connection open. On FreeBSD, this option is not available, instead sockstat provides similar (better; it shows the path to the command) information. As the -p is not used for netstat, it could print "use sockstat instead". It could help in heterogenious environments. Or perhaps this would just start a slide down a slippery slope... There is always diffence between commands on different os's. Some are even "dangerous". Eg. if you type "hostname -f" on a sun, you change the hostname to "-f"... Leif To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 0:26:13 2002 Delivered-To: freebsd-current@freebsd.org Received: from harrier.prod.itd.earthlink.net (harrier.mail.pas.earthlink.net [207.217.120.12]) by hub.freebsd.org (Postfix) with ESMTP id 65BC237B400; Tue, 22 Jan 2002 00:26:07 -0800 (PST) Received: from pool0016.cvx40-bradley.dialup.earthlink.net ([216.244.42.16] helo=mindspring.com) by harrier.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16SwFl-00058c-00; Tue, 22 Jan 2002 00:26:01 -0800 Message-ID: <3C4D2214.D70EF050@mindspring.com> Date: Tue, 22 Jan 2002 00:25:56 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Leif Neland Cc: Jordan Breeding , Giorgos Keramidas , freebsd-current@FreeBSD.ORG Subject: Re: Questions about -current (Linuxism's) References: <20020122080244.H48678-100000@arnold.neland.dk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Leif Neland wrote: > > While I realize you can't emulate the switches on any command on any os, I > found a few "linuxism's" missing. > > Eg: I find it illogical, that "route" can change, and also display the > route to a single host, but route can not display the entire route table. > In linux it is simply "route", in windows it is "route print", but in > FreeBSD it is "netstat -r" I love the fact that Linux shell scripts aren't portable to UNIX machines because their /bin/sh based scripts end up with bash-isms and Linux-isms out the wazoo. Apparently they never read the 1978 bell labs technical journal article on how you build commands out of lesser commands, rather than jamming all the functionality into every command. On the other hand, I've often found it annoying that the 'ls' command doesn't display 'ps' information, like it does on Linux... not. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 0:55:55 2002 Delivered-To: freebsd-current@freebsd.org Received: from beech.FernUni-Hagen.de (beech.fernuni-hagen.de [132.176.114.20]) by hub.freebsd.org (Postfix) with ESMTP id 8293737B405; Tue, 22 Jan 2002 00:55:53 -0800 (PST) Received: from bonsai.fernuni-hagen.de ([132.176.114.21]) by beech.FernUni-Hagen.de with esmtp (Exim 3.22 #15) id 16SwiA-0002q8-00; Tue, 22 Jan 2002 09:55:22 +0100 Received: (from q5480035@localhost) by bonsai.fernuni-hagen.de (8.8.8+Sun/8.8.8) id JAA16855; Tue, 22 Jan 2002 09:55:50 +0100 (MET) Date: Tue, 22 Jan 2002 09:55:50 +0100 (MET) Message-Id: <200201220855.JAA16855@bonsai.fernuni-hagen.de> From: Marc Ernst Eddy van Woerkom To: Alexander@leidinger.net Cc: Marc.Vanwoerkom@FernUni-Hagen.de, freebsd-current@FreeBSD.ORG, brian@FreeBSD.ORG In-reply-to: <200201211910.g0LJAHG04925@Magelan.Leidinger.net> (message from Alexander Leidinger on Mon, 21 Jan 2002 20:10:16 +0100 (CET)) Subject: Re: i4b driver broken for -current? Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I think it was my patch. Something with "mtx_initialized()"?. Exactly. > /sys/netinet; cvs update -r 1.60 in.c" if you use cvs instead of CVSup). I mirror the cvs repository. 1.60 is from October too, so I should have it. > freebsd.org or any other source) you have to use the userland ppp. I have tried userland ppp, using the example stuff from /share/.., but without success. It either doesn't work for some reason, or I made a mistake with the configuration setup. If anyone could provide me another example configuration I would be grateful. (Would be nice to test the ability to use both ISDN channels too). Regards, Marc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 0:56:21 2002 Delivered-To: freebsd-current@freebsd.org Received: from hotmail.com (f36.law9.hotmail.com [64.4.9.36]) by hub.freebsd.org (Postfix) with ESMTP id B155F37B400; Tue, 22 Jan 2002 00:56:13 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 22 Jan 2002 00:56:13 -0800 Received: from 202.98.16.2 by lw9fd.law9.hotmail.msn.com with HTTP; Tue, 22 Jan 2002 08:56:13 GMT X-Originating-IP: [202.98.16.2] From: "Liu Siwei" To: freebsd-questions@freebsd.org Cc: current@freebsd.org Subject: chinput can't work on KDE2.2.2 Date: Tue, 22 Jan 2002 08:56:13 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 22 Jan 2002 08:56:13.0523 (UTC) FILETIME=[A4FB4230:01C1A322] Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi,all: I have a question about FreeBSD's locale. I use the zh_CN.EUC locale to let my FreeBSD support Simplied Chinese. It's all right in gnome 1.4. But in recent version of KDE(aka. KDE-2.2.2), I can't set zh_CN.EUC locale for it. For I have select the country is Asia-China, language is Simplied Chinese, code is gb2312.1980. I need not set any locale in my environment to display Simplied Chinese at all. But for I have not set locale, I can't use chinput in KDE. So I set my locale to zh_CN.EUC in my $HOME/.xinitrc. But when I restart my KDE, it can't display Chinese word proper! in kedit, kwrite, etc, I can use chinput through I can't input any Chinese word proper. If I set my locale to zh_CN.GB2312, zh_CN.GBK or nothing, the KDE can display Chinese word proper, but I can't use chinput. So, how to set ocale to let chinput work under KDE2.2.2? A very inportant QUESTION is: why FreeBSD want zh_CN.EUC while KDE is not? My machine is AMD-K7 700, FreeBSD-current,all software are installed from ports(sources). _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 1:25:56 2002 Delivered-To: freebsd-current@freebsd.org Received: from cibres-vlrlwu33.Home.www.cibres.com (mail.cibres.com [65.213.219.132]) by hub.freebsd.org (Postfix) with ESMTP id 1C8B037B416 for ; Tue, 22 Jan 2002 01:23:48 -0800 (PST) Received: from mail pickup service by cibres-vlrlwu33.Home.www.cibres.com with Microsoft SMTPSVC; Tue, 22 Jan 2002 04:18:37 -0500 From: To: Subject: =?iso-8859-1?Q?CIBRES_Article:_The_New_Paradigm_In_Project_Scheduling=A0?= Date: Tue, 22 Jan 2002 04:18:37 -0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_AA84_01C1A2FB.DCF9BD50" X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Message-ID: X-OriginalArrivalTime: 22 Jan 2002 09:18:37.0500 (UTC) FILETIME=[C60DDFC0:01C1A325] Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_AA84_01C1A2FB.DCF9BD50 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable =09 Remove Subscription Contact CIBRES CIBRES.COM =20 =09 =09 =09 NEWS =09 CIBRES Announces New E-business Certification Program (CIEB) =20 CIBRES Guarantees CIERP Certification =20 CIBRES "ERP For Dummies" is now shipping =09 =09 EVENTS =09 CIBRES CIERP Seminar =09 8 openings left =09 (Reno, NV Feb 7-9) =09 =09 CIBRES CIERP Exam =09 (World Wide Feb 13) =09 =09 CIBRES CIERP Seminar =09 (San Fran., CA, Apr 4-6) =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 =09 The New Paradigm In Project Scheduling=20 by Marc Weinberg, CFPIM, CIRM, PMP, CIERP =20 Released January 15, 2002 Most people agree that traditional project scheduling needs improvement. One only has to look at some of the major projects that never finished on time and at a high cost, such as the Denver, CO Airport or the Chunnel connecting England and France. With project managers under increased pressure to bring their projects in on time, the traditional project scheduling approach is giving way to a new approach based on the Critical Chain. Using the Critical Chain approach, more projects are completed more quickly and with greater scheduling reliability. Details =20 35 New Forums!------------------------------------------------- Check out the CIBRES forums for information needs. Searchable indexes and easy no registration access make finding information easy! CIBRES offers forums for your networking, educational, and professional development. They may be used for a wide variety of situations including: looking for work, solving a problem, networking, announcements, company advertisements, and more. All free! Details =20 Forum Quick Navigator =20 ERP CIERP Forum E-business CIEB Forum =20 SAP SAP Forum Oracle Oracle Forum Baan Baan Forum PeopleSoft PeopleSoft Forum =20 _____ =20 CIBRES On-Line Dictionary-------------------------------------- What is a BOM? or a CRM? or MRP? or a BLOB field? Find the answers to these and many more terms and definitions in the CIBRES On-Line Dictionary . A great learning tool for students and educators. Searchable indexes and easy no registration access make finding information easy!=20 Details =20 ERP Certification Program (CIERP)-------------- CIERP standing for (C)ertified (I)mplementer of (E)nterprise (R)esource (P)lanning. The proven certification ensures that the basic skill sets necessary to successfully implement and maintain an ERP system are present. These people have the clear distinction of having the best understanding of the people, processes, and technology to make ERP systems successful. More info link . =09 CIBRES CIERP Certification Seminar ( link ) =09 * Reno, NV =20 * Feb 7-9=20 * $574 seminar=20 * $230 exam * 8 openings left=20 The CIERP certification program now comes with a guarantee. For more information follow this link . CIBRES Publications -------------------------------------------- ERP: A-Z Implementer's Guide For Success=20 What has become the best selling book for its category for the last 14 months on Amazon.com? Answer: "ERP: A-Z Implementer's Guide For Success". To find out why follow these links to read all the amazing reviews:=20 * Amazon.com =20 * CIBRES.com =20 Price: $84.95 Travis Anderegg, CFPIM, CIRM, CIERP CIBRES Organization =20 Pages: 750 =20 Review =20 Purchase =20 Janice Knox, CIERP =20 Knox & Associates =20 =09 =09 Customer Service----------------------------------------------- Contact us If you wish to contact a CIBRES representative to discuss seminars or certifications use the contact form on the CIBRES website.=20 About CIBRES For additional information about the CIBRES organization visit the CIBRES website at www.cibres.com =20 =A9 2002 by CIBRES.COM. All rights reserved. Subscription and Removal information To add another e-mail to this distribution list reply and type "ADD [your email]" in the subject line. To prevent further mailings reply and type "REMOVE [your email]" in the subject line. Or use this quick link to be removed: Remove = =20 This email was sent to: current@freebsd.org ------=_NextPart_000_AA84_01C1A2FB.DCF9BD50 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable CIBRES.COM
  = Remove Subscription Contact CIBRES CIBRES.COM
   
NEWS 
CIBRES Announces New E-business Certification Program = (CIEB) 

CIBRES Guarantees CIERP Certification 

CIBRES "ERP For Dummies" is now shipping
EVENTS 
CIBRES CIERP Seminar
8 openings left
(Reno, NV Feb 7-9)
CIBRES CIERP Exam
(World Wide Feb 13)
CIBRES CIERP Seminar
(San Fran., CA, Apr 4-6)

The New Paradigm In Project Scheduling 

by Marc Weinberg, CFPIM, CIRM, = PMP,  CIERP
Released January 15, 2002

Most people agree that traditional project scheduling needs improvement. = One only has to look at some of the major projects that never finished on = time and at a high cost, such as the Denver, CO Airport or the Chunnel = connecting England and France. With project managers under increased pressure = to bring their projects in on time, the traditional project scheduling = approach is giving way to a new approach based on the Critical Chain. Using the = Critical Chain approach, more projects are completed more quickly and with = greater scheduling reliability. Details

35 New = Forums!-------------------------------------------------

Check out the CIBRES forums for information needs. Searchable indexes = and easy no registration access make finding information easy! CIBRES = offers forums for your networking, educational, and professional development. = They may be used for a wide variety of situations including: looking for = work, solving a problem, networking, announcements, company = advertisements, and more. All free! Details

Forum Quick Navigator 
ERP  CIERP Forum
E-business  CIEB Forum
SAP  SAP Forum
Oracle  Oracle Forum
Baan  Baan Forum
PeopleSoft  PeopleSoft Forum

CIBRES On-Line = Dictionary--------------------------------------

What is a BOM? or a CRM? or MRP? or a BLOB field? Find the answers to = these and many more terms and definitions in the CIBRES On-Line Dictionary. A great learning tool for students and = educators. Searchable indexes and easy no registration access make finding information = easy! 

Details

ERP Certification Program (CIERP)--------------

CIERP standing for (C)ertified = (I)mplementer of (E)nterprise (R)esource (P)lanning. The proven certification = ensures that the basic skill sets necessary to successfully implement and = maintain an ERP system are present. These people have the clear distinction of = having the best understanding of the people, processes, and technology to make = ERP systems successful.  More info link.

=
CIBRES CIERP Certification Seminar (link)
  • Reno, NV 
  • Feb 7-9
  • $574 seminar
  • $230 exam
  • 8 openings left 

The CIERP certification program = now comes with a guarantee. For more information follow this link.

CIBRES Publications = --------------------------------------------

  ERP: A-Z Implementer's Guide For = Success

What has become the best selling book for its category for the last = 14 months on Amazon.com? Answer: "ERP: A-Z = Implementer's Guide For Success". To find out why follow = these links to read all the amazing reviews:
Price: $84.95 Travis Anderegg, CFPIM, CIRM, CIERP CIBRES Organization
Pages: 750
Review
Purchase<= /b>
Janice Knox, CIERP
Knox & Associates
 

Customer = Service-----------------------------------------------<= /p>

Contact us
If you wish to contact a CIBRES representative to discuss seminars or certifications use the contact form on the CIBRES website.

About CIBRES
For additional information about the CIBRES  organization visit the CIBRES website at www.cibres.com 

=

=A9 2002 by CIBRES.COM. All rights reserved.

Subscription and = Removal information
To add another e-mail = to this distribution list reply and type "ADD [your email]" = in the subject line.

To prevent further mailings reply and type = "REMOVE [your email]" in the subject line.

Or use this quick link to be removed:

Remove

This email was sent to: current@freebsd.org ------=_NextPart_000_AA84_01C1A2FB.DCF9BD50-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 2:55: 4 2002 Delivered-To: freebsd-current@freebsd.org Received: from Awfulhak.org (gw.Awfulhak.org [217.204.245.18]) by hub.freebsd.org (Postfix) with ESMTP id 6E1B337B400 for ; Tue, 22 Jan 2002 02:54:53 -0800 (PST) Received: from hak.lan.Awfulhak.org (root@hak.lan.Awfulhak.org [fec0::1:12]) by Awfulhak.org (8.11.6/8.11.6) with ESMTP id g0MAsoM01301; Tue, 22 Jan 2002 10:54:51 GMT (envelope-from brian@freebsd-services.com) Received: from hak.lan.Awfulhak.org (brian@localhost [127.0.0.1]) by hak.lan.Awfulhak.org (8.11.6/8.11.6) with ESMTP id g0MAkor48086; Tue, 22 Jan 2002 10:46:50 GMT (envelope-from brian@freebsd-services.com) Message-Id: <200201221046.g0MAkor48086@hak.lan.Awfulhak.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: "Glenn Gombert" Cc: freebsd-current@FreeBSD.ORG, brian@freebsd-services.com Subject: Re: PPP Dial of External Modem Fails in 'Current' In-Reply-To: Message from "Glenn Gombert" of "Mon, 17 Dec 2001 12:23:12 PST." <20011217202312.TRAG16107.mta08.onebox.com@onebox.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 22 Jan 2002 10:46:50 +0000 From: Brian Somers Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > I rebuilt 'Current' over the weekend with a make buildworld/install world > and make buildkernel/install kernel and 'ppp -ddial papchap' gives the > following error(s) when trying to dial an external modem: > > Warning set ifadr: Invalid command > Warning set ifadr: Falied 1 > > > Does anyone know what might be causing this ?? Sorry I'm a bit late in replying. The above command is ``set ifaddr'', not ``set ifadr'' :) > Thanks, > Glenn G. -- Brian http://www.freebsd-services.com/ Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 3:21:56 2002 Delivered-To: freebsd-current@freebsd.org Received: from mout1.freenet.de (mout1.freenet.de [194.97.50.132]) by hub.freebsd.org (Postfix) with ESMTP id 5A29F37B41B for ; Tue, 22 Jan 2002 03:21:43 -0800 (PST) Received: from [194.97.50.138] (helo=mx0.freenet.de) by mout1.freenet.de with esmtp (Exim 3.33 #3) id 16Syzm-0005Ce-00; Tue, 22 Jan 2002 12:21:42 +0100 Received: from ae0ac.pppool.de ([213.6.224.172] helo=Magelan.Leidinger.net) by mx0.freenet.de with esmtp (Exim 3.33 #3) id 16Syzl-0005FZ-00; Tue, 22 Jan 2002 12:21:41 +0100 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.6/8.11.6) with ESMTP id g0MB8p902220; Tue, 22 Jan 2002 12:08:52 +0100 (CET) (envelope-from netchild@Leidinger.net) Message-Id: <200201221108.g0MB8p902220@Magelan.Leidinger.net> Date: Tue, 22 Jan 2002 12:08:49 +0100 (CET) From: Alexander Leidinger Subject: Re: i4b driver broken for -current? To: joerg_wunsch@uriah.heep.sax.de Cc: freebsd-current@FreeBSD.ORG In-Reply-To: <200201212013.g0LKDCZ75004@uriah.heep.sax.de> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 21 Jan, Joerg Wunsch wrote: >> You have to use rev. 1.60 of /sys/netinet/in.c ("cd >> /sys/netinet; > > No, you're wrong. This bug has been fixed as one of the first of my Yeah! I love to be proven wrong in such situations. :-) > series of committs that brought the i4b version of sppp back into the > mainstream version. Otherwise i could not have worked at all. ;-) [revision 1.74 of if_spppsubr.c] I did read the commit message in cvs-all, but wasn't able to add a relationship to Brian's commit to in.c, which I backed out locally every time since then without testing if it works now. Bye, Alexander (compiling a new kernel now). -- There's no place like ~ http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 4:47:53 2002 Delivered-To: freebsd-current@freebsd.org Received: from mout0.freenet.de (mout0.freenet.de [194.97.50.131]) by hub.freebsd.org (Postfix) with ESMTP id B332137B416; Tue, 22 Jan 2002 04:47:48 -0800 (PST) Received: from [194.97.50.135] (helo=mx2.freenet.de) by mout0.freenet.de with esmtp (Exim 3.33 #3) id 16T0L0-0004e8-00; Tue, 22 Jan 2002 13:47:42 +0100 Received: from b8331.pppool.de ([213.7.131.49] helo=Magelan.Leidinger.net) by mx2.freenet.de with esmtp (Exim 3.33 #3) id 16T0L0-0001Hb-00; Tue, 22 Jan 2002 13:47:42 +0100 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.6/8.11.6) with ESMTP id g0MCaFw00647; Tue, 22 Jan 2002 13:36:16 +0100 (CET) (envelope-from netchild@Leidinger.net) Message-Id: <200201221236.g0MCaFw00647@Magelan.Leidinger.net> Date: Tue, 22 Jan 2002 13:36:14 +0100 (CET) From: Alexander Leidinger Subject: Re: i4b driver broken for -current? To: Marc.Vanwoerkom@FernUni-Hagen.de Cc: freebsd-current@FreeBSD.ORG, brian@FreeBSD.ORG, isdn@freebsd.org In-Reply-To: <200201220855.JAA16855@bonsai.fernuni-hagen.de> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-MIME-Autoconverted: from 8bit to quoted-printable by Magelan.Leidinger.net id g0MCaFw00647 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 22 Jan, Marc Ernst Eddy van Woerkom wrote: >> /sys/netinet; cvs update -r 1.60 in.c" if you use cvs instead of CVSup= ). >=20 > I mirror the cvs repository. 1.60 is from October too, so I should > have it. As J=F6rg already pointed out, a recent -current (I use one from Jan 20) works with 1.61 too (ispppcontrol -> spppcontrol), I write this with a kernel with rev 1.61 of in.c >> freebsd.org or any other source) you have to use the userland ppp. >=20 > I have tried userland ppp, using the example stuff from /share/.., > but without success. It either doesn't work for some reason, or=20 > I made a mistake with the configuration setup. >=20 > If anyone could provide me another example configuration I > would be grateful. (Would be nice to test the ability to > use both ISDN channels too). Update to a recent -current and try again with sppp, it works for me. Bye, Alexander. --=20 I believe the technical term is "Oops!" http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint =3D C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 6:35:23 2002 Delivered-To: freebsd-current@freebsd.org Received: from smtpproxy2.mitre.org (smtpproxy2.mitre.org [128.29.154.90]) by hub.freebsd.org (Postfix) with ESMTP id 4605037B41B; Tue, 22 Jan 2002 06:35:12 -0800 (PST) Received: from avsrv2.mitre.org (avsrv2.mitre.org [128.29.154.4]) by smtpproxy2.mitre.org (8.11.3/8.11.3) with ESMTP id g0MEZAc08425; Tue, 22 Jan 2002 09:35:10 -0500 (EST) Received: from MAILHUB1 (mailhub1.mitre.org [129.83.20.31]) by smtpsrv2.mitre.org (8.11.3/8.11.3) with ESMTP id g0MEZ8i05482; Tue, 22 Jan 2002 09:35:08 -0500 (EST) Received: from dhcp-105-164.mitre.org (128.29.105.164) by mailhub1.mitre.org with SMTP id 8914058; Tue, 22 Jan 2002 09:34:43 -0500 Message-ID: <3C4D788E.CE483AF0@mitre.org> Date: Tue, 22 Jan 2002 09:34:54 -0500 From: Jason Andresen Organization: The MITRE Corporation X-Mailer: Mozilla 4.75 [en]C-20000818M (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Terry Lambert Cc: Alp Atici , freebsd-hackers@freebsd.org, freebsd-current@freebsd.org Subject: Re: FreeBSD 5.x References: <3C4A53EE.B882356C@mindspring.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Terry Lambert wrote: > > Alp Atici wrote: > > Is gcc 3.x going to be the default compiler starting from > > FBSD 5.x series? Is the development on current branch > > compiled using gcc 3.0 (or up)? > > I think that the cut over will happen after the compiler > no longer core dumps on: Odd, I can't reproduce that under RedHat: RedHat (5 ~): cat gcctest.c main() { int i; i = foo(); switch( i) { default: printf( "hello, stupid compiler!\n"); break; } } int foo() { return( 6); } RedHat (6 ~): gcc3 -v Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/3.0.2/specs Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --disable-checking --host=i386-redhat-linux Thread model: posix gcc version 3.0.2 20010905 (Red Hat Linux 7.1 3.0.1-3) RedHat (7 ~): gcc3 -Wall -pedantic -o gcctest gcctest.c gcctest.c:2: warning: return type defaults to `int' gcctest.c: In function `main': gcctest.c:5: warning: implicit declaration of function `foo' gcctest.c:9: warning: implicit declaration of function `printf' gcctest.c:12: warning: control reaches end of non-void function RedHat (8 ~): ./gcctest hello, stupid compiler! -- \ |_ _|__ __|_ \ __| Jason Andresen jandrese@mitre.org |\/ | | | / _| Network and Distributed Systems Engineer _| _|___| _| _|_\___| Office: 703-883-7755 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 6:43:10 2002 Delivered-To: freebsd-current@freebsd.org Received: from squall.waterspout.com (squall.waterspout.com [208.13.56.12]) by hub.freebsd.org (Postfix) with ESMTP id 00F2C37B404; Tue, 22 Jan 2002 06:43:02 -0800 (PST) Received: by squall.waterspout.com (Postfix, from userid 1050) id DA0BB9B19; Tue, 22 Jan 2002 09:42:41 -0500 (EST) Date: Tue, 22 Jan 2002 09:42:41 -0500 From: Will Andrews To: Liu Siwei Cc: freebsd-questions@freebsd.org, kde@FreeBSD.org Subject: Re: chinput can't work on KDE2.2.2 Message-ID: <20020122094241.J18609@squall.waterspout.com> Reply-To: Will Andrews Mail-Followup-To: Will Andrews , Liu Siwei , freebsd-questions@freebsd.org, kde@FreeBSD.org References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.3.22.1i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Jan 22, 2002 at 08:56:13AM +0000, Liu Siwei wrote: This question is not appropriate for the -current list. I'm expanding this to include the maintainers of the KDE ports to see if anyone else has an idea what's going on. > I have a question about FreeBSD's locale. I use the zh_CN.EUC locale to > let my FreeBSD support Simplied Chinese. It's all right in gnome 1.4. But in > > recent version of KDE(aka. KDE-2.2.2), I can't set zh_CN.EUC locale for it. > For I have select the country is Asia-China, language is Simplied Chinese, > code is gb2312.1980. I need not set any locale in my environment to display > Simplied Chinese at all. But for I have not set locale, I can't use chinput > in KDE. So I set my locale to zh_CN.EUC in my $HOME/.xinitrc. But when I > restart my KDE, it can't display Chinese word proper! in kedit, kwrite, etc, > > I can use chinput through I can't input any Chinese word proper. If I set my > > locale to zh_CN.GB2312, zh_CN.GBK or nothing, the KDE can display Chinese > word proper, but I can't use chinput. > So, how to set ocale to let chinput work under KDE2.2.2? > A very inportant QUESTION is: why FreeBSD want zh_CN.EUC while KDE is > not? > My machine is AMD-K7 700, FreeBSD-current,all software are installed > from ports(sources). I'm sorry but I can't help with this specific problem since I do not use any locale other than the default. :( -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 7:50:21 2002 Delivered-To: freebsd-current@freebsd.org Received: from gw.nectar.cc (gw.nectar.cc [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 1AAE837B417 for ; Tue, 22 Jan 2002 07:50:12 -0800 (PST) Received: from madman.nectar.cc (madman.nectar.cc [10.0.1.111]) by gw.nectar.cc (Postfix) with ESMTP id 95CCE62; Tue, 22 Jan 2002 09:50:11 -0600 (CST) Received: (from nectar@localhost) by madman.nectar.cc (8.11.6/8.11.6) id g0MFoBc94612; Tue, 22 Jan 2002 09:50:11 -0600 (CST) (envelope-from nectar) Date: Tue, 22 Jan 2002 09:50:11 -0600 From: "Jacques A. Vidrine" To: Terry Lambert Cc: current@FreeBSD.ORG Subject: PAM/Kerberos `integration'? (was Re: Step5, pam_opie OPIE auth fix for review) Message-ID: <20020122155011.GA94467@madman.nectar.cc> References: <20020120233050.GA26913@nagual.pp.ru> <200201202344.g0KNijt34738@grimreaper.grondar.org> <3C4BC6A0.4078CBA6@mindspring.com> <20020121140516.GB57549@madman.nectar.cc> <3C4C7EA7.66CBFC0D@mindspring.com> <20020121145914.A91420@hellblazer.nectar.cc> <3C4C8E69.90DEB78E@mindspring.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3C4C8E69.90DEB78E@mindspring.com> User-Agent: Mutt/1.3.25i X-Url: http://www.nectar.cc/ Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, Jan 21, 2002 at 01:55:53PM -0800, Terry Lambert wrote: > "Jacques A. Vidrine" wrote: > > > In the way that the author of the PAM architecture from Sun > > > spoke at the Silicon Valley BSD User's Group meeting, > > > > Do you have a reference, or do we have to guess what you are talking > > about? :-) > > I have my memory of the talk he gave, which included the idea > that Sun was not supporting work to modify the PAM architecture > to support Kerberos in the future. The PAM architecture doesn't need any modifications to support Kerberos. It supports Kerberos today. > Basically, you can use it for authentication and password change, > but for little else, and even those uses require going through > incredible hoops (e.g. abusing the authentication module API to > implement a credential cache). > > Did you need more? I guess so. There are many Kerberos 5 PAM modules in existence today, and they support interactive authentication pretty well. There is even some agreement among the authors of related modules on how the credentials cache can be exported for stacking (e.g. for DCE). I can't imagine what `incredible hoops' or `abuse' you might be talking about. The PAM API already includes entry points specificially for the management of credentials. Put another way, in your first sentence above, what might you mean by `for little else'? > Are you really just fishing for Paul Fronberg's email address? No. I'm probably just wasting my time :-) You have stood up and asked for something, but have not given any indication of what it is you want to accomplish. Curiousity has the better of me. > Maybe this release note from HP will explain the limitations > satisfactorily: > > http://docs.hp.com/hpux/onlinedocs/J5849-90001/J5849-90001.html > > NB: This is just for authentication, mostly preauthentication. These seem to be limitations of HP's pam_krb5 module, not of PAM. And again, it is unclear what limitations you might be concerned about. No account management? Well, that's not Kerberos's job. No credentials management? That's a problem with HP's implementation -- see /usr/ports/security/pam_krb5 or pam_krb5 in our base system (they are closely related) for one way it can be done. Limited preauthentication choices? That has to do with the Kerberos implementation, not PAM. I feel like I'm having my leg pulled. Cheers, -- Jacques A. Vidrine http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 8:21:40 2002 Delivered-To: freebsd-current@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 156F037B400 for ; Tue, 22 Jan 2002 08:21:36 -0800 (PST) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.9.3/8.8.7) with ESMTP id DAA30012; Wed, 23 Jan 2002 03:21:31 +1100 Date: Wed, 23 Jan 2002 03:23:06 +1100 (EST) From: Bruce Evans X-X-Sender: To: k Macy Cc: Subject: Re: profiled kernel build fails was Re: -CURRENT AIO bug In-Reply-To: <20020121002635.39089.qmail@web14001.mail.yahoo.com> Message-ID: <20020123032217.B15516-100000@gamplex.bde.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 20 Jan 2002, k Macy wrote: > Should I file a PR to track this or is that overkill? Yes, it would be overkill. Remind me if it's not fixed in a week or two. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 9: 0:43 2002 Delivered-To: freebsd-current@freebsd.org Received: from bunrab.catwhisker.org (adsl-63-193-123-122.dsl.snfc21.pacbell.net [63.193.123.122]) by hub.freebsd.org (Postfix) with ESMTP id 2B8FF37B41A for ; Tue, 22 Jan 2002 09:00:22 -0800 (PST) Received: (from david@localhost) by bunrab.catwhisker.org (8.11.6/8.11.6) id g0MH0Lb14131 for current@freebsd.org; Tue, 22 Jan 2002 09:00:21 -0800 (PST) (envelope-from david) Date: Tue, 22 Jan 2002 09:00:21 -0800 (PST) From: David Wolfskill Message-Id: <200201221700.g0MH0Lb14131@bunrab.catwhisker.org> To: current@freebsd.org Subject: sudo gets "sudo: pam_authenticate: Module is unknown" Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG OK; I saw the discussion about OPIE-related PAM things yesterday, but I didn't recall seeing anything about sudo. And I'm using a recent sudo (I run "portupgrade -a" daily, under -STABLE); until today, I don't recall this approach being a problem. But after booting today's -CURRENT, I see: freebeast(5.0-CUR)[6] sudo whoami sudo: pam_authenticate: Module is unknown freebeast(5.0-CUR)[7] Now, there's a man page (in section 3) for pam_authenticate, but in looking through the typescript from my "cvs update" and the "make buildworld" (& friends), I see very few references to "pam_authenticate": freebeast(5.0-CUR)[9] grep -nC pam_authenticate current 25877-gzip -cn /usr/src/lib/libpam/modules/pam_wheel/pam_wheel.8 > pam_wheel.8.gz 25878-===> lib/libpam/libpam 25879:gzip -cn /usr/src/lib/libpam/libpam/../../../contrib/libpam/doc/man/pam_authenticate.3 > pam_authenticate.3.gz 25880-gzip -cn /usr/src/lib/libpam/libpam/../../../contrib/libpam/doc/man/pam_chauthtok.3 > pam_chauthtok.3.gz 25881-gzip -cn /usr/src/lib/libpam/libpam/../../../contrib/libpam/doc/man/pam_fail_delay.3 > pam_fail_delay.3.gz -- 44203-install -c -s -o root -g wheel -m 444 libpam.so.1 /usr/lib 44204-ln -sf libpam.so.1 /usr/lib/libpam.so 44205:install -c -o root -g wheel -m 444 pam_authenticate.3.gz /usr/share/man/man3 44206-install -c -o root -g wheel -m 444 pam_chauthtok.3.gz /usr/share/man/man3 44207-install -c -o root -g wheel -m 444 pam_fail_delay.3.gz /usr/share/man/man3 freebeast(5.0-CUR)[10] Indeed, it appears that the only thing left of it is a man page. :-} In case it's of interest, recent CVSup activity was: freebeast(5.0-CUR)[10] tail /var/log/cvsup-history.log CVSup begin from cvsup14.freebsd.org at Fri Jan 18 03:47:02 PST 2002 CVSup ended from cvsup14.freebsd.org at Fri Jan 18 03:53:28 PST 2002 CVSup begin from cvsup14.freebsd.org at Sat Jan 19 03:47:07 PST 2002 CVSup ended from cvsup14.freebsd.org at Sat Jan 19 03:54:14 PST 2002 CVSup begin from cvsup14.freebsd.org at Sun Jan 20 03:47:02 PST 2002 CVSup ended from cvsup14.freebsd.org at Sun Jan 20 03:53:23 PST 2002 CVSup begin from cvsup14.freebsd.org at Mon Jan 21 03:47:03 PST 2002 CVSup ended from cvsup14.freebsd.org at Mon Jan 21 03:53:19 PST 2002 CVSup begin from cvsup14.freebsd.org at Tue Jan 22 03:47:02 PST 2002 CVSup ended from cvsup14.freebsd.org at Tue Jan 22 03:53:36 PST 2002 freebeast(5.0-CUR)[11] Or is pam_authenticate something that I'm supposed to be creating? Thanks, david -- David H. Wolfskill david@catwhisker.org I believe it would be irresponsible (and thus, unethical) for me to advise, recommend, or support the use of any product that is or depends on any Microsoft product for any purpose other than personal amusement. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 10:13:26 2002 Delivered-To: freebsd-current@freebsd.org Received: from updraft.jp.freebsd.org (updraft.jp.FreeBSD.ORG [210.157.158.42]) by hub.freebsd.org (Postfix) with ESMTP id 8E77E37B405; Tue, 22 Jan 2002 10:13:19 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by updraft.jp.freebsd.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g0MID9b71521; Wed, 23 Jan 2002 03:13:11 +0900 (JST) (envelope-from matusita@jp.FreeBSD.org) Cc: sos@FreeBSD.org X-User-Agent: Mew/1.94.2 XEmacs/21.5 (alfalfa) X-FaceAnim: (-O_O-)(O_O- )(_O- )(O- )(- -)( -O)( -O_)( -O_O)(-O_O-) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Dispatcher: imput version 20000228(IM140) Lines: 22 From: Makoto Matsushita To: current@FreeBSD.org Subject: ATAPI CD doesn't listed up to 'kern.disks' kernel MIB Date: Wed, 23 Jan 2002 03:12:56 +0900 Message-Id: <20020123031256K.matusita@jp.FreeBSD.org> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I found that acd, ATAPI CD device, doesn't listed up to 'kern.disks' kernel MIB which should list all disks in the running system. Here is a sample: ringo % sysctl kern.disks kern.disks: ad0 ringo % grep acd /var/run/dmesg.boot acd0: CDROM at ata1-master PIO4 ringo % I've investigated that this is because ATAPI CD driver doesn't call disk_create() when detecting CD device. Other disks, including SCSI CD or RAID HDD calls this function. http://snapshots.jp.freebsd.org/tour/current/cgi-bin/global.cgi?pattern=disk_create&id=&type=reference Is it a feature or something forgotten to add it? -- - Makoto `MAR' Matsushita To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 10:53:17 2002 Delivered-To: freebsd-current@freebsd.org Received: from freebsd.dk (fw-rl0.freebsd.dk [212.242.86.114]) by hub.freebsd.org (Postfix) with ESMTP id 3B5D237B402; Tue, 22 Jan 2002 10:53:04 -0800 (PST) Received: (from sos@localhost) by freebsd.dk (8.11.6/8.11.6) id g0MIpec79156; Tue, 22 Jan 2002 19:51:40 +0100 (CET) (envelope-from sos) From: Søren Schmidt Message-Id: <200201221851.g0MIpec79156@freebsd.dk> Subject: Re: ATAPI CD doesn't listed up to 'kern.disks' kernel MIB In-Reply-To: <20020123031256K.matusita@jp.FreeBSD.org> To: Makoto Matsushita Date: Tue, 22 Jan 2002 19:51:39 +0100 (CET) Cc: current@FreeBSD.ORG, sos@FreeBSD.ORG Reply-To: sos@freebsd.dk X-Mailer: ELM [version 2.4ME+ PL94b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=ISO-8859-1 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG It seems Makoto Matsushita wrote: > > I found that acd, ATAPI CD device, doesn't listed up to 'kern.disks' > kernel MIB which should list all disks in the running system. > > Here is a sample: > > ringo % sysctl kern.disks > kern.disks: ad0 > ringo % grep acd /var/run/dmesg.boot > acd0: CDROM at ata1-master PIO4 > ringo % > > I've investigated that this is because ATAPI CD driver doesn't call > disk_create() when detecting CD device. Other disks, including SCSI > CD or RAID HDD calls this function. > > Is it a feature or something forgotten to add it? The ATAPI CDROM driver doesn't use the disk layer because that wouldn't allow for some of the things the driver supports (odd sector sizes etc). At any rate I wouldn't expect a CDROM to show up as a disk, unless it has a R/W medium formatted for random R/W inserted (which we at this time doesn't support). -Søren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 12: 8: 8 2002 Delivered-To: freebsd-current@freebsd.org Received: from ns.altadena.net (ns.altadena.net [206.126.144.2]) by hub.freebsd.org (Postfix) with ESMTP id E765837B402; Tue, 22 Jan 2002 12:08:04 -0800 (PST) Received: (from pete@localhost) by ns.altadena.net (8.11.6/8.8.8) id g0MK7HG28810; Tue, 22 Jan 2002 12:07:17 -0800 (PST) (envelope-from pete) From: Pete Carah Message-Id: <200201222007.g0MK7HG28810@ns.altadena.net> Subject: Current on SuperMicro SMP To: current@freebsd.org, dillon@freebsd.org Date: Tue, 22 Jan 2002 12:07:17 -0800 (PST) X-Mailer: ELM [version 2.4ME+ PL68 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=iso8859-1 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Supermicro P3TDDE (I think; may be a TDDA, but it does have the promise chip). This board is Via-based and not Intel. Could easily be my problem :-( Don't know about the APIC. Stable runs just fine on the same motherboard (dual-boot, stable on ad0 and current on ad1) including reboot (see below about current's reboot). Not running setiathome at all may or may not have helped; it still died in the middle of a "make -j5 world" (j5 is the best make time on this system) (but did make it through one such make world; died on the second). When it runs, make -j5 world takes about 31.5 minutes for stable and somewhat longer (around 40 minutes) for current without invariants/witness; with invariants and witness make -j4 world is the fastest at just over 2 hours. The hang happens the same with or without invariants and/or witness. Still allowing ACPI; haven't yet tried disabling it. I need to figure out how to get NMI; there are no ISA slots so that isn't a useful way (like an *old* debugger card which I think I still have one of). Another hint (may be more useful) is that either reboot or halt ends up: ------------------------------------- Waiting .... for vnlru Wa ---------------------------------- Sometimes the second line is just "W" and sometimes "Wa", never longer. This appears independent of which cpu says "boot() called on cpu 0 (or 1)" This (like the other hang) is a hard hang, needs reset button to get out. -- Pete To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 14:40:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from swan.prod.itd.earthlink.net (swan.mail.pas.earthlink.net [207.217.120.123]) by hub.freebsd.org (Postfix) with ESMTP id 1422137B405; Tue, 22 Jan 2002 14:40:33 -0800 (PST) Received: from pool0657.cvx21-bradley.dialup.earthlink.net ([209.179.194.147] helo=mindspring.com) by swan.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16T9ad-0006k4-00; Tue, 22 Jan 2002 14:40:27 -0800 Message-ID: <3C4DEA57.A7EEF3A2@mindspring.com> Date: Tue, 22 Jan 2002 14:40:23 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Jason Andresen Cc: Alp Atici , freebsd-hackers@freebsd.org, freebsd-current@freebsd.org Subject: Re: FreeBSD 5.x References: <3C4A53EE.B882356C@mindspring.com> <3C4D788E.CE483AF0@mitre.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Jason Andresen wrote: > Odd, I can't reproduce that under RedHat: I guess you are saying there is a conspiracy to make GCC work only on RedHat? I could believe that... 8-) 8-) 8-). Actually, that was against 3.0 at -O2. If that's been fixed, I guess we can cut over, as soom as the non-x86 code generation for our other supported platforms works again (tried compiling your RedHat for Alpha lately?). -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 17:21:20 2002 Delivered-To: freebsd-current@freebsd.org Received: from updraft.jp.freebsd.org (updraft.jp.FreeBSD.ORG [210.157.158.42]) by hub.freebsd.org (Postfix) with ESMTP id E954D37B41E for ; Tue, 22 Jan 2002 17:21:14 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by updraft.jp.freebsd.org (8.11.6+3.4W/8.11.3) with ESMTP/inet id g0N1L7b75034; Wed, 23 Jan 2002 10:21:08 +0900 (JST) (envelope-from matusita@jp.FreeBSD.org) Cc: current@FreeBSD.ORG In-Reply-To: <200201221851.g0MIpec79156@freebsd.dk> References: <20020123031256K.matusita@jp.FreeBSD.org> <200201221851.g0MIpec79156@freebsd.dk> X-User-Agent: Mew/1.94.2 XEmacs/21.5 (alfalfa) X-FaceAnim: (-O_O-)(O_O- )(_O- )(O- )(- -)( -O)( -O_)( -O_O)(-O_O-) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Dispatcher: imput version 20000228(IM140) Lines: 10 From: Makoto Matsushita To: sos@freebsd.dk Subject: Re: ATAPI CD doesn't listed up to 'kern.disks' kernel MIB Date: Wed, 23 Jan 2002 10:21:04 +0900 Message-Id: <20020123102104Y.matusita@jp.FreeBSD.org> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG sos> At any rate I wouldn't expect a CDROM to show up as a disk, unless sos> it has a R/W medium formatted for random R/W inserted (which we at sos> this time doesn't support). But SCSI CD drive is listed to kern.disks MIB even if the drive is just a CD-ROM (not a CD-R/CD-RW) drive. How do you think about this? -- - Makoto `MAR' Matsushita To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Tue Jan 22 23:33:50 2002 Delivered-To: freebsd-current@freebsd.org Received: from freebsd.dk (fw-rl0.freebsd.dk [212.242.86.114]) by hub.freebsd.org (Postfix) with ESMTP id D6FF837B43C for ; Tue, 22 Jan 2002 23:33:18 -0800 (PST) Received: (from sos@localhost) by freebsd.dk (8.11.6/8.11.6) id g0N7XAc57117; Wed, 23 Jan 2002 08:33:10 +0100 (CET) (envelope-from sos) From: Søren Schmidt Message-Id: <200201230733.g0N7XAc57117@freebsd.dk> Subject: Re: ATAPI CD doesn't listed up to 'kern.disks' kernel MIB In-Reply-To: <20020123102104Y.matusita@jp.FreeBSD.org> To: Makoto Matsushita Date: Wed, 23 Jan 2002 08:33:10 +0100 (CET) Cc: current@FreeBSD.ORG Reply-To: sos@freebsd.dk X-Mailer: ELM [version 2.4ME+ PL94b (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=ISO-8859-1 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG It seems Makoto Matsushita wrote: > > sos> At any rate I wouldn't expect a CDROM to show up as a disk, unless > sos> it has a R/W medium formatted for random R/W inserted (which we at > sos> this time doesn't support). > > But SCSI CD drive is listed to kern.disks MIB even if the drive is > just a CD-ROM (not a CD-R/CD-RW) drive. How do you think about this? I think its wrong... -Søren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 0:31: 2 2002 Delivered-To: freebsd-current@freebsd.org Received: from mass.dis.org (dhcp45-21.dis.org [216.240.45.21]) by hub.freebsd.org (Postfix) with ESMTP id 3235A37B428 for ; Wed, 23 Jan 2002 00:29:32 -0800 (PST) Received: from mass.dis.org (localhost [127.0.0.1]) by mass.dis.org (8.11.6/8.11.6) with ESMTP id g0MMw3d02861; Tue, 22 Jan 2002 14:58:03 -0800 (PST) (envelope-from msmith@mass.dis.org) Message-Id: <200201222258.g0MMw3d02861@mass.dis.org> X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: freebsd-current@freebsd.org Subject: Re: "Current & Etherboot" In-reply-to: Your message of "Mon, 21 Jan 2002 18:47:14 +0100." <200201211747.g0LHlER71974@uriah.heep.sax.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 22 Jan 2002 14:58:03 -0800 From: Michael Smith Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Robert Watson wrote: > > > Most people I know of that netboot boxes on Intel platforms now use > > PXE. > > But well, there are only two NICs that support PXE, aren't there? In > particular, there's nothing cheap (i. e. <= USD 10) you could use in > conjunction with an old junk ISA NIC people often have in their > bit-bucket (i. e. with an NE2k clone or 3C509). You can't put an ISA NIC into a modern computer. But you can get PXE bootroms for most NICs, including those ISA fossils, from Bootix. And since the specification is open, you could always simply fix etherboot to provide the PXE interface and then you'd be back in business. -- Go where you may, search where you will, roam throughout all the monarchies and despotisms of the Old World, travel through South America, search out every abuse and when you have found the last, lay your facts by the everyday practices of this nation, and you will say with me that, for revolting barbarity and shameless hypocrisy, America reigns without a rival... - Frederic Douglass, Independence Day Address, 1852 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 1:34:55 2002 Delivered-To: freebsd-current@freebsd.org Received: from hawk.prod.itd.earthlink.net (hawk.mail.pas.earthlink.net [207.217.120.22]) by hub.freebsd.org (Postfix) with ESMTP id D0F2B37B41A; Wed, 23 Jan 2002 01:34:51 -0800 (PST) Received: from pool0042.cvx40-bradley.dialup.earthlink.net ([216.244.42.42] helo=mindspring.com) by hawk.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16TJnp-0001Cd-00; Wed, 23 Jan 2002 01:34:45 -0800 Message-ID: <3C4E83B1.62E79017@mindspring.com> Date: Wed, 23 Jan 2002 01:34:41 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Michael Smith Cc: Joerg Wunsch , freebsd-current@freebsd.org Subject: Re: "Current & Etherboot" References: <200201222258.g0MMw3d02861@mass.dis.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Michael Smith wrote: > You can't put an ISA NIC into a modern computer. > > But you can get PXE bootroms for most NICs, including those ISA fossils, > from Bootix. For $40 a pop, plus international shipping charges from Germany. > And since the specification is open, you could always simply fix > etherboot to provide the PXE interface and then you'd be back in business. A much more attractive option. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 2: 9:43 2002 Delivered-To: freebsd-current@freebsd.org Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by hub.freebsd.org (Postfix) with ESMTP id 2595737B400; Wed, 23 Jan 2002 02:09:40 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.9.3/8.9.3) with UUCP id LAA05350; Wed, 23 Jan 2002 11:09:38 +0100 (CET) Received: (from j@localhost) by uriah.heep.sax.de (8.11.6/8.11.6) id g0NA7XJ19245; Wed, 23 Jan 2002 11:07:33 +0100 (MET) (envelope-from j) Date: Wed, 23 Jan 2002 11:07:33 +0100 From: Joerg Wunsch To: Michael Smith Cc: freebsd-current@freebsd.org Subject: Re: "Current & Etherboot" Message-ID: <20020123110733.A19226@uriah.heep.sax.de> Reply-To: Joerg Wunsch Mail-Followup-To: Joerg Wunsch , Michael Smith , freebsd-current@freebsd.org References: <200201211747.g0LHlER71974@uriah.heep.sax.de> <200201222258.g0MMw3d02861@mass.dis.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200201222258.g0MMw3d02861@mass.dis.org>; from msmith@freebsd.org on Tue, Jan 22, 2002 at 02:58:03PM -0800 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG As Michael Smith wrote: > > But well, there are only two NICs that support PXE, aren't there? In > > particular, there's nothing cheap (i. e. <= USD 10) you could use in > > conjunction with an old junk ISA NIC people often have in their > > bit-bucket (i. e. with an NE2k clone or 3C509). > > You can't put an ISA NIC into a modern computer. Netbooting is (for me and many other people) most interesting to connect old junk computers to a fileserver that is usually much more modern. My most modern machine is the server itself, so i don't need netbooting for it (in fact, the PXE junk even annoys me since it cannot be turned off and only adds an additional boot delay). > But you can get PXE bootroms for most NICs, including those ISA fossils, > from Bootix. See Terrys reply, they are anything else but cheap; usually their price exceeds the total value of such a computer. > And since the specification is open, you could always simply fix > etherboot to provide the PXE interface and then you'd be back > in business. Except of the word `simply', this is the option i'd most agree with. -- cheers, J"org .-.-. --... ...-- -.. . DL8DTL http://www.sax.de/~joerg/ NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 4:43:54 2002 Delivered-To: freebsd-current@freebsd.org Received: from r220-1.rz.RWTH-Aachen.DE (r220-1.rz.RWTH-Aachen.DE [134.130.3.31]) by hub.freebsd.org (Postfix) with ESMTP id 2CD9C37B400; Wed, 23 Jan 2002 04:43:50 -0800 (PST) Received: from r220-1.rz.RWTH-Aachen.DE (relay2.RWTH-Aachen.DE [134.130.3.1]) by r220-1.rz.RWTH-Aachen.DE (8.10.1/8.11.3-2) with ESMTP id g0NChgq01645; Wed, 23 Jan 2002 13:43:42 +0100 (MET) Received: from kawoserv.kawo2.rwth-aachen.de (root@kawoserv.kawo2.RWTH-Aachen.DE [134.130.180.1]) by r220-1.rz.RWTH-Aachen.DE (8.10.1/8.11.3/6) with ESMTP id g0NChfv01641; Wed, 23 Jan 2002 13:43:41 +0100 (MET) Received: from fump.kawo2.rwth-aachen.de (root@fump.kawo2.rwth-aachen.de [134.130.181.148]) by kawoserv.kawo2.rwth-aachen.de (8.9.3/8.9.3) with ESMTP id NAA16310; Wed, 23 Jan 2002 13:43:42 +0100 Received: (from alex@localhost) by fump.kawo2.rwth-aachen.de (8.11.3/8.11.3) id g0NChj412821; Wed, 23 Jan 2002 13:43:45 +0100 (CET) (envelope-from alex) Date: Wed, 23 Jan 2002 13:43:45 +0100 From: Alexander Langer To: freebsd-current@FreeBSD.org Cc: orion@FreeBSD.org Subject: pcm: cracking noise for CMedia driver Message-ID: <20020123134345.C3272@fump.kawo2.rwth-aachen.de> Mail-Followup-To: Alexander Langer , freebsd-current@FreeBSD.org, orion@FreeBSD.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-PGP-Fingerprint: 44 28 CA 4C 46 5B D3 A8 A8 E3 BA F3 4E 60 7D 7F X-PGP-at: finger alex@big.endian.de X-Verwirrung: Dieser Header dient der allgemeinen Verwirrung. Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi! I own an ASUS A7V266-E motherboard with onboard-sound. With this kernel: FreeBSD zerogravity.kawo2.rwth-aachen.de 5.0-CURRENT FreeBSD 5.0-CURRENT #1: Thu Dec 20 00:34:04 CET 2001 alex@zerogravity.kawo2.rwth-aachen.de:/storage/zerogravity/obj/usr/src/sys/CICHLIDS i386 Sound works fine, as it should (ok, I can't get line-in/mic to work, but that's another issue). alex@zerogravity ~dir $ cat /dev/sndstat FreeBSD Audio Driver (newpcm) Installed devices: pcm0: at io 0xd800 irq 10 (1p/1r/0v channels duplex default) With a kernel starting January 18th or so I always get a cracking noise on tones with high loudness, e.g. on MP3s with much bass. I can't see any changes to the cmi-driver in that timespan, though, so I wonder what might have changed. Any idea? Thanks Alex PS: lock order reversal 1st 0xc66e7b00 pcm0 @ /usr/src/sys/dev/sound/pcm/sound.c:132 2nd 0xc66e7940 pcm0:play:0 @ /usr/src/sys/dev/sound/pcm/sound.c:189 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 4:58: 0 2002 Delivered-To: freebsd-current@freebsd.org Received: from arg1.demon.co.uk (arg1.demon.co.uk [62.49.12.213]) by hub.freebsd.org (Postfix) with ESMTP id 2F5FD37B404; Wed, 23 Jan 2002 04:57:52 -0800 (PST) Received: by arg1.demon.co.uk (Postfix, from userid 1002) id C14FE9B13; Wed, 23 Jan 2002 12:57:47 +0000 (GMT) Received: from localhost (localhost [127.0.0.1]) by arg1.demon.co.uk (Postfix) with ESMTP id B88405D25; Wed, 23 Jan 2002 12:57:47 +0000 (GMT) Date: Wed, 23 Jan 2002 12:57:47 +0000 (GMT) From: Andrew Gordon X-X-Sender: To: Michael Smith Cc: Subject: Re: "Current & Etherboot" In-Reply-To: <200201222258.g0MMw3d02861@mass.dis.org> Message-ID: <20020123125010.T7078-100000@server.arg.sj.co.uk> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 22 Jan 2002, Michael Smith wrote: > > But well, there are only two NICs that support PXE, aren't there? In > > particular, there's nothing cheap (i. e. <= USD 10) you could use in > > conjunction with an old junk ISA NIC people often have in their > > bit-bucket (i. e. with an NE2k clone or 3C509). > > You can't put an ISA NIC into a modern computer. True, but ancient computers can often be given a new lease of life by netbooting (eg. discless X-terminals made out of 486s). > But you can get PXE bootroms for most NICs, including those ISA fossils, > from Bootix. Most modern NICs certainly, but there doesn't appear to be support for PXE on any ISA cards, at least not according to: http://www.bootix.com/us/products/promtypes.shtml > And since the specification is open, you could always simply fix > etherboot to provide the PXE interface and then you'd be back in business. I've always assumed that the lack of PXE roms for ISA cards was that the code size is too big to fit in the 16 or 32Kbyte that you get on an ISA card. Of course, the full PXE spec includes lots of stuff that isn't used by FreeBSD's pxeboot, so a subset may be a plausible way to go. Alternatively, adding direct NE2000 support to a version of pxeboot that can be loaded with existing etherboot may be an easier way to go? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 6: 8:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from mout1.freenet.de (mout1.freenet.de [194.97.50.132]) by hub.freebsd.org (Postfix) with ESMTP id 8C77837B402; Wed, 23 Jan 2002 06:08:35 -0800 (PST) Received: from [194.97.50.136] (helo=mx3.freenet.de) by mout1.freenet.de with esmtp (Exim 3.33 #3) id 16TO4n-0008GY-00; Wed, 23 Jan 2002 15:08:33 +0100 Received: from ae375.pppool.de ([213.6.227.117] helo=Magelan.Leidinger.net) by mx3.freenet.de with esmtp (Exim 3.33 #3) id 16TO4n-0002BK-00; Wed, 23 Jan 2002 15:08:33 +0100 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.6/8.11.6) with ESMTP id g0NDNea03567; Wed, 23 Jan 2002 14:23:41 +0100 (CET) (envelope-from netchild@Leidinger.net) Message-Id: <200201231323.g0NDNea03567@Magelan.Leidinger.net> Date: Wed, 23 Jan 2002 14:23:39 +0100 (CET) From: Alexander Leidinger Subject: Re: FreeBSD 5.x To: tlambert2@mindspring.com Cc: jandrese@mitre.org, aa878@columbia.edu, freebsd-hackers@FreeBSD.ORG, freebsd-current@FreeBSD.ORG In-Reply-To: <3C4DEA57.A7EEF3A2@mindspring.com> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 22 Jan, Terry Lambert wrote: [gcc 3.0.x bug] > Actually, that was against 3.0 at -O2. > > If that's been fixed, I guess we can cut over, as soom as the > non-x86 code generation for our other supported platforms > works again (tried compiling your RedHat for Alpha lately?). gcc 3.0.3 has problems with "-O3 -funroll-loops", "-O -funroll-loops" or "-O3" without "-funroll-loops" seems to work. Someone told me the CVS version of gcc has a fix for this. Bye, Alexander. -- There's no place like ~ http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 6:40:56 2002 Delivered-To: freebsd-current@freebsd.org Received: from smluc.org (smluc.org [206.138.44.17]) by hub.freebsd.org (Postfix) with ESMTP id 44FC137B404 for ; Wed, 23 Jan 2002 06:40:41 -0800 (PST) Received: (from erik@localhost) by smluc.org (8.9.3/8.9.3) id DAA02818 for freebsd-current@freebsd.org; Wed, 23 Jan 2002 03:37:58 -0600 Date: Wed, 23 Jan 2002 03:37:58 -0600 From: Erik Greenwald Message-Id: <200201230937.DAA02818@smluc.org> To: freebsd-current@freebsd.org Subject: Re: pcm: cracking noise for CMedia driver Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > Hi! > > I own an ASUS A7V266-E motherboard with onboard-sound. > > With this kernel: > FreeBSD zerogravity.kawo2.rwth-aachen.de 5.0-CURRENT FreeBSD 5.0-CURRENT #1: Thu Dec 20 00:34:04 CET 2001 alex@zerogravity.kawo2.rwth-aachen.de:/storage/zerogravity/obj/usr/src/sys/CICHLIDS i386 > > Sound works fine, as it should (ok, I can't get line-in/mic to work, but > that's another issue). > > alex@zerogravity ~dir $ cat /dev/sndstat > FreeBSD Audio Driver (newpcm) > Installed devices: > pcm0: at io 0xd800 irq 10 (1p/1r/0v channels duplex default) I've about the same setup, an iwill kk266 mb with a cmi 8738 on the mb pcm0: at io 0xe000 irq 9 (1p/1r/0v channels duplex default) FreeBSD fenris 5.0-CURRENT FreeBSD 5.0-CURRENT #6: Sun Jan 20 17:14:31 CST 2002 root@fenris:/usr/src/sys/i386/compile/FENRIS i386 > > With a kernel starting January 18th or so I always get a cracking noise > on tones with high loudness, e.g. on MP3s with much bass. hrm, I started getting it a lot earlier, but the same problem... I did a lot of experimenting, including de-evolving the driver back to the 4.x level where it didn't have any problems (just meant removing the locking), and trying to interface the audio system in different ways. I usually use 'esd' to do audio, and the popping is only roughly a couple times a second with a 512 byte audio buffer, but with straight 'oss', it puts almost a buzz over the sound, that's a 4k buffer I think It still seems to be there when the volume isn't very high, but much less noticable... some songs are smoove enough to really show it off. Certain operations cause it to really static out so it sounds like random noise, um, a long sequence of stat() calls one right after another, scrolling with the arrow keys in a mozilla widget (the mozilla widged also seems a whole lot slower on these kernels, so I have a feeling that the flaw is a system call or kernel component that suddenly has more latency due to new locking or something? I d'no, I'm guessing). I've also noticed that the pop is inserted into the sound stream, not overlaid, so if a clip takes 10 seconds and there's a lot of popping, it pushes it up to 12 or whatever. > > I can't see any changes to the cmi-driver in that timespan, though, so > I wonder what might have changed. > > Any idea? > > Thanks > > Alex > > PS: > lock order reversal > 1st 0xc66e7b00 pcm0 @ /usr/src/sys/dev/sound/pcm/sound.c:132 > 2nd 0xc66e7940 pcm0:play:0 @ /usr/src/sys/dev/sound/pcm/sound.c:189 -Erik [http://math.smsu.edu/~erik] The opinions expressed by me are not necessarily opinions. In all probability, they are random rambling, and to be ignored. Failure to ignore may result in severe boredom or confusion. Shake well before opening. Keep Refrigerated. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 10:11: 8 2002 Delivered-To: freebsd-current@freebsd.org Received: from rwcrmhc52.attbi.com (rwcrmhc52.attbi.com [216.148.227.88]) by hub.freebsd.org (Postfix) with ESMTP id 33AC437B402 for ; Wed, 23 Jan 2002 10:10:53 -0800 (PST) Received: from peter3.wemm.org ([12.232.27.13]) by rwcrmhc52.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020123181052.EGUM3578.rwcrmhc52.attbi.com@peter3.wemm.org> for ; Wed, 23 Jan 2002 18:10:52 +0000 Received: from overcee.wemm.org (overcee.wemm.org [10.0.0.3]) by peter3.wemm.org (8.11.0/8.11.0) with ESMTP id g0NIAqs19855 for ; Wed, 23 Jan 2002 10:10:52 -0800 (PST) (envelope-from peter@wemm.org) Received: from wemm.org (localhost [127.0.0.1]) by overcee.wemm.org (Postfix) with ESMTP id 9F0EE3A9A; Wed, 23 Jan 2002 10:10:52 -0800 (PST) (envelope-from peter@wemm.org) X-Mailer: exmh version 2.5 07/13/2001 with nmh-1.0.4 To: Julian Elischer Cc: current@FreeBSD.ORG Subject: Re: __stderrp error In-Reply-To: Date: Wed, 23 Jan 2002 10:10:52 -0800 From: Peter Wemm Message-Id: <20020123181052.9F0EE3A9A@overcee.wemm.org> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Julian Elischer wrote: > > Lots of my old programs get: > /usr/libexec/ld-elf.so.1: /usr/local/lib/libpng.so.3: Undefined symbol > "__stderrp" > > this is NOT the error in UPDATING > and doing what it says for a similar problem: > 20010924: > The buildworld has been fixed. You may need to install > the 4.x compatibility libraries for some old binaries > to work. Add COMPAT4X=true to your /etc/make.conf to > get them installed on every installworld, or execute the > following to get them installed only once: > cd src/lib/compat/compat4x. > make all install > You will see ``__stdoutp undefined'' until you do this. > > has NO effect whatsoever. > > The only thign I can do is recompile any package that has thos problem. > but sometimes it's hard finding which package needs to be recomiled. > > thoughts? Yes, you have only provided part of the required information. How about a 'ldd programname' output of one of the affected programs for starters.. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 11:50:27 2002 Delivered-To: freebsd-current@freebsd.org Received: from nelly.internal.irrelevant.org (irrelevant.demon.co.uk [158.152.220.121]) by hub.freebsd.org (Postfix) with ESMTP id 360B937B400 for ; Wed, 23 Jan 2002 11:50:24 -0800 (PST) Received: from simond by nelly.internal.irrelevant.org with local (Exim 3.34 #1) id 16TTOk-000GID-00; Wed, 23 Jan 2002 19:49:30 +0000 Date: Wed, 23 Jan 2002 19:49:30 +0000 From: Simon Dick To: Peter Wemm Cc: Julian Elischer , current@FreeBSD.ORG Subject: Re: __stderrp error Message-ID: <20020123194930.GK441@irrelevant.org> References: <20020123181052.9F0EE3A9A@overcee.wemm.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020123181052.9F0EE3A9A@overcee.wemm.org> User-Agent: Mutt/1.3.26i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Jan 23, 2002 at 10:10:52AM -0800, Peter Wemm wrote: > Julian Elischer wrote: > > > > Lots of my old programs get: > > /usr/libexec/ld-elf.so.1: /usr/local/lib/libpng.so.3: Undefined symbol > > "__stderrp" > > > > this is NOT the error in UPDATING > > and doing what it says for a similar problem: > > 20010924: > > The buildworld has been fixed. You may need to install > > the 4.x compatibility libraries for some old binaries > > to work. Add COMPAT4X=true to your /etc/make.conf to > > get them installed on every installworld, or execute the > > following to get them installed only once: > > cd src/lib/compat/compat4x. > > make all install > > You will see ``__stdoutp undefined'' until you do this. > > > > has NO effect whatsoever. > > > > The only thign I can do is recompile any package that has thos problem. > > but sometimes it's hard finding which package needs to be recomiled. > > > > thoughts? > > Yes, you have only provided part of the required information. How about a > 'ldd programname' output of one of the affected programs for starters.. Sounds like he should recompile the graphics/png port (from my reading of that error message anyway :) -- Simon Dick simond@irrelevant.org "Why do I get this urge to go bowling everytime I see Tux?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 16: 8:52 2002 Delivered-To: freebsd-current@freebsd.org Received: from aol.com (ACBDA386.ipt.aol.com [172.189.163.134]) by hub.freebsd.org (Postfix) with SMTP id 27BE937B402 for ; Wed, 23 Jan 2002 16:06:40 -0800 (PST) From: "kriss rolo" To: Subject: SOME ITEMS THAT YOU MAY BE INTERESTED IN OR BE ABLE TO ADVISE ME ON Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Date: Wed, 23 Jan 2002 23:53:45 -0000 Reply-To: "kriss rolo" X-Priority: 1 (Highest) Content-Transfer-Encoding: 8bit Message-Id: <20020124000640.27BE937B402@hub.freebsd.org> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG These are the items that iam interested in selling.. Could you help me with some details on the goods, history, origin etc. are these worth anything and if so who would i contact with regards to selling them? and the best way to sell them ie auction etc APOLOGISE IF YOU HAVE ALREADY RECEIVED THIS E-MAIL JPEGS ARE AVAILABLE AT YOUR REQUEST MANY THANX kriss rolo tel: 0044 182760393 office (uk) 0044 1216864211 home (uk) 0044 7814294018 mobile (uk) return e-mail address krissrolo@aol.com UK ONLY VEHICLE REGISTRATION NUMBER N64 CON NINTENDO 64 CONSOLE item 1 hand carved round table with metal chain link in the middle item 2 magnum laurent perrier vintage 1988 champagne item 3 miniture football on stand from euro96 signed by pele and bobby charlton item 4 is a bit more interesting. its a protana minifon attache, as u will see ive enclosed notes from a web site regarding this and you will see back in the 50's it cost $340.00 so i could imagine this to be worth a bit. it also has an original tape inside i do not know what is on this tape, but judging by who made it and the cost of the machine, the tape could have some important information on it. heres the note..... The Minifon, developed in the early 1950s by Monske GMBH of Hanover(or by Protona GMBH- I'm not certain), was an ultra-miniaturized, battery operated magnetic recording device. It could not (initially at least) record the full range of sounds and was thus limited to voice recording, but it did offer easy portability in a very small package. The idea of offering a pocket dictating machine was novel, since dictation had previously been done in the office. However, it was thought that people like salesmen could take the machine "on the road" with them. Once on the market, the Minifon's promoters discovered that many people took advantage of the recorder's small size to make secret recordings to be used as evidence, as in court.

The "legitimate" use of the Minifon, as a dictating machine, was somewhat problematical. Recordings made on regular dictating equipment were usually letters, and thus were normally sent almost immediately to a typist. The Minifon offered no obvious advantages over standard dictation equipment for office use, but its developers hoped to cultivate new uses for dictation equipment, such as stock taking in warehouses, or the use of the machine as a substitute for note-taking by reporters, insurance adjusters, salesmen, and others. In its original form, the Minifon was a wire recorder, using a type of wire medium developed by the Armour Research Foundation of Chicago and employed in many similar devices since the late 1940s. The machine at its introduction in 1952 had a recording time of one hour, which was remarkably long, and weighed only about 3 pounds at a time when a typical office dictating machine weighed upwards of 10 pounds. It accomplished this small size and light weight in part through the use of miniature tubes and clever mechanical design. The basic machine cost $289.50-- a price that sounds high today but was very much in line with competing office dictating machines. The parent company attempted to set up distribution, sales and service networks in the United States. It established a business office called the Minifon Export Corp in New York, and an existing company, Harvey Radio in New York City became the main distributor. Although smaller tape recorders appeared at about the same time, the main competition in the voice recording field was from an American company, Mohawk, which made a small, battery-operated cartridge tape recorder called the Migetape. Both products sold less than 10,000 units per year in the U.S.
After a few years, the Minifon was modified to use transistors and magnetic tape, further lowering its weight and cost. By 1962 the basic machine weighed in at only 1.5 pounds. Competition by this time had helped bring the cost down to $249.50. The Minifon after about 1962 was distributed by the international conglomerate ITT through its subsidiary in the U.S., Federal Electric Corp. A little later, distribution was taken over by the ITT Distributor Products Division in Lodi, New Jersey. (I don't know whether these were the same company with different names) By the time ITT became associated with this product, it had taken on the name of Minifon "Attache," and a new line of models and options appeared. These included a hi-fi model, the 978H, which sold for $330.50.Usinga two-track, 1/4 inch tape cartridge operating at 1 7/8 inches per second, the machine claimed a frequency response of up to 12,000 Hz, plus or minus 3db. The coming of magnetic tape did not completely displace wire. The Model 240 series of recorders introduced in the early 1960s were probably the last wire recorders in regular production. The 240L, at a price of $269.50 used a special long-playing wire cartridge that held 4 hours of wire. Otherwise it looked like both the tape model and the 240S, which used a 2-hour wire cartridge and sold for $249.50. Another innovation was the introduction of more conventional recorders. After years of offering only "half" of a complete dictation system, Minifon finally developed a restyled, non-portable "office" machine, mainly for use by a transcriber, with pedal controls. By the mid-1960s, Minifon was trying to market its machines as multi-purpose devices suitable for nearly any recording need. In addition to the hi-fi and long-playing machines, the company offered an astounding variety of optional equipment such as foot controls, microphones, external amplifiers and loudspeakers, headsets, external power supplies, telephone recording attachments, conference recording adapters. One of the most interesting options were the miniature microphones intended to allow users to make "spy" recordings. In addition to a small tie-clip microphone, the Minifon could be equipped with a microphone disguised as a wrist- watch. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 16:33:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from albatross.prod.itd.earthlink.net (albatross.mail.pas.earthlink.net [207.217.120.120]) by hub.freebsd.org (Postfix) with ESMTP id 0B66937B400; Wed, 23 Jan 2002 16:33:41 -0800 (PST) Received: from pool0159.cvx40-bradley.dialup.earthlink.net ([216.244.42.159] helo=mindspring.com) by albatross.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16TXpZ-00062p-00; Wed, 23 Jan 2002 16:33:30 -0800 Message-ID: <3C4F5656.8E1E4960@mindspring.com> Date: Wed, 23 Jan 2002 16:33:26 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Alexander Leidinger Cc: jandrese@mitre.org, aa878@columbia.edu, freebsd-hackers@FreeBSD.ORG, freebsd-current@FreeBSD.ORG Subject: Re: FreeBSD 5.x References: <200201231323.g0NDNea03567@Magelan.Leidinger.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Alexander Leidinger wrote: > [gcc 3.0.x bug] > > Actually, that was against 3.0 at -O2. > > > > If that's been fixed, I guess we can cut over, as soom as the > > non-x86 code generation for our other supported platforms > > works again (tried compiling your RedHat for Alpha lately?). > > gcc 3.0.3 has problems with "-O3 -funroll-loops", "-O -funroll-loops" or > "-O3" without "-funroll-loops" seems to work. Someone told me the CVS > version of gcc has a fix for this. Someone told me that the only place you can get CVS versions of GCC are by installing RedHat Linux. 8-) 8-) 8-). Why don't we wait until there is a GCC release that actually works? -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 17:35:22 2002 Delivered-To: freebsd-current@freebsd.org Received: from aol.com (ACBDA889.ipt.aol.com [172.189.168.137]) by hub.freebsd.org (Postfix) with SMTP id 63EE137B400 for ; Wed, 23 Jan 2002 17:34:29 -0800 (PST) From: "kriss rolo" To: Subject: SOME ITEMS THAT YOU MAY BE INTERESTED IN OR BE ABLE TO ADVISE ME ON Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Date: Thu, 24 Jan 2002 01:21:33 -0000 Reply-To: "kriss rolo" X-Priority: 1 (Highest) Content-Transfer-Encoding: 8bit Message-Id: <20020124013429.63EE137B400@hub.freebsd.org> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG These are the items that iam interested in selling.. Could you help me with some details on the goods, history, origin etc. are these worth anything and if so who would i contact with regards to selling them? and the best way to sell them ie auction etc APOLOGISE IF YOU HAVE ALREADY RECEIVED THIS E-MAIL JPEGS ARE AVAILABLE AT YOUR REQUEST MANY THANX kriss rolo tel: 0044 182760393 office (uk) 0044 1216864211 home (uk) 0044 7814294018 mobile (uk) return e-mail address krissrolo@aol.com UK ONLY VEHICLE REGISTRATION NUMBER N64 CON NINTENDO 64 CONSOLE item 1 hand carved round table with metal chain link in the middle item 2 magnum laurent perrier vintage 1988 champagne item 3 miniture football on stand from euro96 signed by pele and bobby charlton item 4 is a bit more interesting. its a protana minifon attache, as u will see ive enclosed notes from a web site regarding this and you will see back in the 50's it cost $340.00 so i could imagine this to be worth a bit. it also has an original tape inside i do not know what is on this tape, but judging by who made it and the cost of the machine, the tape could have some important information on it. heres the note..... The Minifon, developed in the early 1950s by Monske GMBH of Hanover(or by Protona GMBH- I'm not certain), was an ultra-miniaturized, battery operated magnetic recording device. It could not (initially at least) record the full range of sounds and was thus limited to voice recording, but it did offer easy portability in a very small package. The idea of offering a pocket dictating machine was novel, since dictation had previously been done in the office. However, it was thought that people like salesmen could take the machine "on the road" with them. Once on the market, the Minifon's promoters discovered that many people took advantage of the recorder's small size to make secret recordings to be used as evidence, as in court.

The "legitimate" use of the Minifon, as a dictating machine, was somewhat problematical. Recordings made on regular dictating equipment were usually letters, and thus were normally sent almost immediately to a typist. The Minifon offered no obvious advantages over standard dictation equipment for office use, but its developers hoped to cultivate new uses for dictation equipment, such as stock taking in warehouses, or the use of the machine as a substitute for note-taking by reporters, insurance adjusters, salesmen, and others. In its original form, the Minifon was a wire recorder, using a type of wire medium developed by the Armour Research Foundation of Chicago and employed in many similar devices since the late 1940s. The machine at its introduction in 1952 had a recording time of one hour, which was remarkably long, and weighed only about 3 pounds at a time when a typical office dictating machine weighed upwards of 10 pounds. It accomplished this small size and light weight in part through the use of miniature tubes and clever mechanical design. The basic machine cost $289.50-- a price that sounds high today but was very much in line with competing office dictating machines. The parent company attempted to set up distribution, sales and service networks in the United States. It established a business office called the Minifon Export Corp in New York, and an existing company, Harvey Radio in New York City became the main distributor. Although smaller tape recorders appeared at about the same time, the main competition in the voice recording field was from an American company, Mohawk, which made a small, battery-operated cartridge tape recorder called the Migetape. Both products sold less than 10,000 units per year in the U.S.
After a few years, the Minifon was modified to use transistors and magnetic tape, further lowering its weight and cost. By 1962 the basic machine weighed in at only 1.5 pounds. Competition by this time had helped bring the cost down to $249.50. The Minifon after about 1962 was distributed by the international conglomerate ITT through its subsidiary in the U.S., Federal Electric Corp. A little later, distribution was taken over by the ITT Distributor Products Division in Lodi, New Jersey. (I don't know whether these were the same company with different names) By the time ITT became associated with this product, it had taken on the name of Minifon "Attache," and a new line of models and options appeared. These included a hi-fi model, the 978H, which sold for $330.50.Usinga two-track, 1/4 inch tape cartridge operating at 1 7/8 inches per second, the machine claimed a frequency response of up to 12,000 Hz, plus or minus 3db. The coming of magnetic tape did not completely displace wire. The Model 240 series of recorders introduced in the early 1960s were probably the last wire recorders in regular production. The 240L, at a price of $269.50 used a special long-playing wire cartridge that held 4 hours of wire. Otherwise it looked like both the tape model and the 240S, which used a 2-hour wire cartridge and sold for $249.50. Another innovation was the introduction of more conventional recorders. After years of offering only "half" of a complete dictation system, Minifon finally developed a restyled, non-portable "office" machine, mainly for use by a transcriber, with pedal controls. By the mid-1960s, Minifon was trying to market its machines as multi-purpose devices suitable for nearly any recording need. In addition to the hi-fi and long-playing machines, the company offered an astounding variety of optional equipment such as foot controls, microphones, external amplifiers and loudspeakers, headsets, external power supplies, telephone recording attachments, conference recording adapters. One of the most interesting options were the miniature microphones intended to allow users to make "spy" recordings. In addition to a small tie-clip microphone, the Minifon could be equipped with a microphone disguised as a wrist- watch. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Wed Jan 23 20: 0:20 2002 Delivered-To: freebsd-current@freebsd.org Received: from mail.netranking.jp (ns.netranking.jp [202.224.198.202]) by hub.freebsd.org (Postfix) with ESMTP id D7ECB37B417 for ; Wed, 23 Jan 2002 19:59:32 -0800 (PST) Received: from mag (192.168.1.54) by mail.netranking.jp with SMTP (Eudora Internet Mail Server 1.3.1); Thu, 24 Jan 2002 11:14:41 +0900 From: "2525do" To: "freebsd-current@freebsd.org" Subject: =?ISO-2022-JP?B?IRskQjktOXAbKEIhIBskQiVRJT0lMyVzISYbKEJPQRskQiROJE0kQyRIRExITiFWJEskMyRLJDNGOyFXJSohPCVXJXMkTiQ0MEZGYhsoQg==?= X-Mailer: A-1 Mail SOHO Ver1.02 Copyright(c) 2001 INGRAM inc. Reply-To: "2525do" Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-2022-JP Content-Transfer-Encoding: 7bit Date: Thu, 24 Jan 2002 11:14:41 +0900 Message-ID: <1200251615-67823264@mail.netranking.jp> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG $B$*5RMM3F0L(B $B!|J8>O$NJ8;zG[Ns$,Mp$l$k>l9g$O%5%$%:$rD4@0$7$F$4Mw2<$5$$!|(B $B$*$9$9$a>&IJ$rK~:\CW$7$^$7$?%[!<%`%Z!<%8$,$3$NEY3+@_CW$7$^$7$?$N$G(B $B$40FFbCW$7$^$9!#I,MW$J$$J}$KFO$$$F$7$^$C$?>l9g$O@?$K?=$7Lu$4$6$$$^$;$s!#(B ===$B!}!!(BPR$B!!!}(B================================================== $B!!!!!!?k$K%*!<%W%s!*!*%Q%=%3%s!&(BOA$B$N$M$C$HDLHN!V$K$3$K$3F;!W!*(B $B!!!!!!(Bhttp://www.2525do.com/ ============================================================== $B!&!&!E!E!D!D(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,!D!D!E!E!&!&(B $B!!!!!!!!!!!!!z!y!z!!!V$K$3$K$3F;!W%*!<%W%s$N$40FFb!!!z!y!z(B $B!&!&!E!E!D!D(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,(,!D!D!E!E!&!&(B $B!!!!!!!!!&!&!E!E!D!D(,(,(,!y!!%a%K%e!&IJ>pJs!*(B $B!!!!!Z!o![FC2A>&IJ>pJs!*(B $B!!!!!Z!)![$K$3$K$3F;>pJs!*(B ---------------------------------------------------$B!z!y!z!y!z(B $B"#!Z"v!["."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!!!"#%*!<%W%s5-G0%W%l%<%s%H!*(B $B"#"."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!"""#$K$3$K$3F;$G$O%*!<%W%s$r5-G0$7$F!"%G%9%/%H%C%W%Q%=%3%s$^$?$O(B $B!!!!!!%N!<%H%Q%=%3%s$r$*Gc$$>e$2$N$*5RMM$K!"7HBS%0%C%:!V%l%7!<%P!<%m%\!W(B $B!!!!!!$r%W%l%<%s%HCW$7$^$9!*(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B $B!!!!!!!|%l%7!<%P!<%m%\!&!&!&!&!&(B $B!!!!!!%l%7!<%P!<%m%\$O!"7HBSEEOC$NCe?.$r%-%c%C%A$7$F!"2;!&8w!&F0$-$G(B $B!!!!!!CN$i$;$F$/$l$k7HBS%0%C%:$G$9!*(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B $B"#!Z!y!["."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!!!"#$*$9$9$a>&IJ>pJs!*(B $B"#"."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!"""#$K$3$K$3F;$N$*$9$9$a>&IJ$O%3%A%i!*"-"-"-(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B $B!!!T#1!U%5%V%&!<%U%!IU%9%F%l%*%9%T!<%+!<%;%C%H!J(B7,480$B1_!K(B $B!!!!!!"d$*$7$c$l$J%9%1%k%H%s7?!*(B $B!!!T#2!U3Z!9@\B3(B2$B!J(B1,980$B1_!K(B $B!!!!!!"d(BPC$B$NN"B&$K$"$k3F%]!<%H$r!"K\BN$NA0LL$K=P$9;v$,$G$-$k(B $B!!!!!!!!%1!<%V%k%;%C%H$G$9!#(B $B!!!T#3!U(BPS$B%8%g%$%Q%C%I(B mini$B!J(B2,480$B1_!K(B $B!!!!!!"d(BPlayStation$BMQ$N(BDualShock$B%3%s%H%m!<%i$,(BDOS/V$B%Q%=%3%s$G(B $B!!!!!!!!;HMQ2DG=!#?6F05!G=BP1~!*(B $B!!!!!'(B $B!!$3$NB>!"$*$9$9$a>&IJ$O$^$@$^$@$"$j$^$9!*(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B $B"#!Z!o!["."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!!!"#FC2A>&IJ>pJs!*(B $B"#"."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!"""#$K$3$K$3F;$NFC2A>&IJ$O%3%A%i!*"-"-"-(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B $B!!!T#1!U%$%s%?!<%M%C%H%a%G%#%"%-!<%\!<%I!J(B980$B1_!K(B $B!!!!!!"d%$%s%?!<%M%C%H$NA`:n$,2wE,$K9T$($k!"(B8$B$D$N5!G=3HD%%\%?%s$rEk:\(B $B!!!!!!!!$7$?F|K\8l%-!<%\!<%I!*C&Ce2DG=$J%Q!<%`%l%9%HIU!*(B $B!!!T#2!U%O%s%G%#!<%H%i%C%/%\!<%k%^%&%9!J(B1,580$B1_!K(B $B!!!!!!"dJRe$KBf$,!"FC2A>&IJ$O@9$jBt;3!*(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B $B"#!Z!)!["."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!!!"#$K$3$K$3F;>pJs!*(B $B"#"."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."."#(B $B!!"""#$K$3$K$3F;$H$O!&!&!&!&!&!&(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B $B!!!!!|KG0W>&HN%5%$%H$G$9!*(B $B!!!!!|%Q%=%3%s!&(BOA$B>&IJ$rCf?4$H$7$?DL?.HNGd!*(B $B!!!!!|$Q$=$3$sMQ%1!<%V%k(B1$BK\$+$iM"F~HNGdCW$7$^$9!*(B $B!!!!!|$*5RMM>pJs$r(BID$B4IM}$9$k;v$K$h$C$F!"0BA4$K$*Gc$$J*$r$7$FD:$1$^$9!*(B $B!!!!!!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(!(B ---------------------------------------------------$B!z!y!z!y!z(B $B!!(B_/_/ $B$K$3$K$3F;$N@=IJ7G:\$K$D$$$F$N$*Ld$$9g$o$;(B $B!!!!!!(BE-Mail$B!'(Binfo@2525do.com $B!!(B_/_/$B$K$3$K$3F;$N9XF~Ey$K$D$$$F$N$*Ld$$9g$o$;(B $B!!!!!!(BE-Mail$B!'(Border@2525do.com $B!!(B_/_/E-mail$B%"%I%l%9$NJQ99!"G[?.$NCf;_(B $B!!!!!!K\%a!<%k$O!"3Fl$5$lEPO?$5$l$?J}!9$K(BE$B%a!<%k$GH/Aw$5(B $B!!!!!!$;$F$$$?$@$$$F$*$j$^$9!#(BE-mail$B%"%I%l%9$NJQ99!"G[?.$NCf;_$N$40MMj$O(B $B!!!!!!(Bmag@2525do.com$B$^$G$4O"Mm2<$5$$!#(B $B!!(B_/_/$BH/9T!?JT=8!!$K$3$K$3F;;vL36I(B $B!!!!!!(Bhttp://www.2525do.com/ $B!!!!(B------------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 4:58:12 2002 Delivered-To: freebsd-current@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 4DA0637B400; Thu, 24 Jan 2002 04:58:06 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 521F0532C; Thu, 24 Jan 2002 13:58:04 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: current@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_self pam_self.c References: <200201241247.g0OClhE68114@freefall.freebsd.org> From: Dag-Erling Smorgrav Date: 24 Jan 2002 13:58:03 +0100 In-Reply-To: <200201241247.g0OClhE68114@freefall.freebsd.org> Message-ID: Lines: 25 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav writes: > des 2002/01/24 04:47:43 PST > > Modified files: > lib/libpam/modules/pam_self pam_self.c > Log: > Don't let root through unless the "even_root" option was specified. > > Sponsored by: DARPA, NAI Labs > > Revision Changes Path > 1.3 +16 -2 src/lib/libpam/modules/pam_self/pam_self.c > If you had a "sufficient" entry for pam_self(8) in any of your PAM policies, and you built world in the last twenty hours, you should remove pam_self(8) from your PAM config until you've built and installed this fix. Note that pam_self(8) is not listed in any of the stock PAM policies, so if you haven't modified your PAM config, you're OK. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 5:53:17 2002 Delivered-To: freebsd-current@freebsd.org Received: from mout0.freenet.de (mout0.freenet.de [194.97.50.131]) by hub.freebsd.org (Postfix) with ESMTP id 1A34837B400; Thu, 24 Jan 2002 05:53:10 -0800 (PST) Received: from [194.97.50.136] (helo=mx3.freenet.de) by mout0.freenet.de with esmtp (Exim 3.33 #3) id 16TkJP-00078W-00; Thu, 24 Jan 2002 14:53:07 +0100 Received: from b8204.pppool.de ([213.7.130.4] helo=Magelan.Leidinger.net) by mx3.freenet.de with esmtp (Exim 3.33 #3) id 16TkJP-0000Hn-00; Thu, 24 Jan 2002 14:53:07 +0100 Received: from Leidinger.net (netchild@localhost [127.0.0.1]) by Magelan.Leidinger.net (8.11.6/8.11.6) with ESMTP id g0OCnlc20786; Thu, 24 Jan 2002 13:49:48 +0100 (CET) (envelope-from netchild@Leidinger.net) Message-Id: <200201241249.g0OCnlc20786@Magelan.Leidinger.net> Date: Thu, 24 Jan 2002 13:49:46 +0100 (CET) From: Alexander Leidinger Subject: Re: FreeBSD 5.x To: tlambert2@mindspring.com Cc: jandrese@mitre.org, aa878@columbia.edu, freebsd-hackers@FreeBSD.ORG, freebsd-current@FreeBSD.ORG In-Reply-To: <3C4F5656.8E1E4960@mindspring.com> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 23 Jan, Terry Lambert wrote: >> [gcc 3.0.x bug] >> > Actually, that was against 3.0 at -O2. >> > >> > If that's been fixed, I guess we can cut over, as soom as the >> > non-x86 code generation for our other supported platforms >> > works again (tried compiling your RedHat for Alpha lately?). >> >> gcc 3.0.3 has problems with "-O3 -funroll-loops", "-O -funroll-loops" or >> "-O3" without "-funroll-loops" seems to work. Someone told me the CVS >> version of gcc has a fix for this. > > > Someone told me that the only place you can get CVS versions > of GCC are by installing RedHat Linux. 8-) 8-) 8-). :-) > Why don't we wait until there is a GCC release that actually > works? It wasn't my intention to suggest to use a CVS version of GCC. Bye, Alexander. -- It is easier to fix Unix than to live with NT. http://www.Leidinger.net Alexander @ Leidinger.net GPG fingerprint = C518 BC70 E67F 143F BE91 3365 79E2 9C60 B006 3FE7 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 6:24: 0 2002 Delivered-To: freebsd-current@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 6B8E737B41C; Thu, 24 Jan 2002 06:23:51 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g0OE1FF54905; Thu, 24 Jan 2002 16:01:15 +0200 (EET) (envelope-from ru) Date: Thu, 24 Jan 2002 16:01:15 +0200 From: Ruslan Ermilov To: David Malone , Bruce Evans Cc: current@FreeBSD.org Subject: Re: cvs commit: src/include unistd.h src/lib/libc/sys brk.2 src/libexec/rtld-aout rtld.c src/libexec/rtld-elf malloc.c Message-ID: <20020124160115.A47299@sunbay.com> References: <20020124141737.D38822@sunbay.com> <200201241325.aa07239@salmon.maths.tcd.ie> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201241325.aa07239@salmon.maths.tcd.ie> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jan 24, 2002 at 01:25:54PM +0000, David Malone wrote: > > Cool, thanks! > > Bruch pointed out that we still have a small problem with the man > page. Both brk and sbrk are now library functions, but their man > page is still in section 2. > Hmm, I see. The proper fix would be to repo-copy libc/${arch}/sys/*brk.S to libc/${arch}/gen, and then repo-copy libc/sys/brk.2 to libc/gen/brk.3. I will order the necessary repo-copies after I test this works. Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 7:30: 7 2002 Delivered-To: freebsd-current@freebsd.org Received: from smtpproxy2.mitre.org (smtpproxy2.mitre.org [128.29.154.90]) by hub.freebsd.org (Postfix) with ESMTP id 8C54637B400; Thu, 24 Jan 2002 07:29:50 -0800 (PST) Received: from avsrv2.mitre.org (avsrv2.mitre.org [128.29.154.4]) by smtpproxy2.mitre.org (8.11.3/8.11.3) with ESMTP id g0OFTmc20239; Thu, 24 Jan 2002 10:29:48 -0500 (EST) Received: from MAILHUB1 (mailhub1.mitre.org [129.83.20.31]) by smtpsrv2.mitre.org (8.11.3/8.11.3) with ESMTP id g0OFTki18898; Thu, 24 Jan 2002 10:29:46 -0500 (EST) Received: from dhcp-105-164.mitre.org (128.29.105.164) by mailhub1.mitre.org with SMTP id 8948631; Thu, 24 Jan 2002 10:28:08 -0500 Message-ID: <3C502822.61B07D9D@mitre.org> Date: Thu, 24 Jan 2002 10:28:34 -0500 From: Jason Andresen Organization: The MITRE Corporation X-Mailer: Mozilla 4.75 [en]C-20000818M (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Terry Lambert Cc: Alp Atici , freebsd-hackers@freebsd.org, freebsd-current@freebsd.org Subject: Re: FreeBSD 5.x References: <3C4A53EE.B882356C@mindspring.com> <3C4D788E.CE483AF0@mitre.org> <3C4DEA57.A7EEF3A2@mindspring.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Terry Lambert wrote: > > Jason Andresen wrote: > > Odd, I can't reproduce that under RedHat: > > I guess you are saying there is a conspiracy to make GCC work > only on RedHat? > > I could believe that... 8-) 8-) 8-). > > Actually, that was against 3.0 at -O2. > > If that's been fixed, I guess we can cut over, as soom as the > non-x86 code generation for our other supported platforms > works again (tried compiling your RedHat for Alpha lately?). Hmm: RedHat (6 ~): gcc3 -O3 -funroll-loops -Wall -pedantic -o gcctest gcctest.c gcctest.c:2: warning: return type defaults to `int' gcctest.c: In function `main': gcctest.c:5: warning: implicit declaration of function `foo' gcctest.c:9: warning: implicit declaration of function `printf' gcctest.c:12: warning: control reaches end of non-void function RedHat (7 ~): ./gcctest hello, stupid compiler! RedHat 24 (8 ~): gcc3 -O2 -funroll-loops -Wall -pedantic -o gcctest gcctest.c gcctest.c:2: warning: return type defaults to `int' gcctest.c: In function `main': gcctest.c:5: warning: implicit declaration of function `foo' gcctest.c:9: warning: implicit declaration of function `printf' gcctest.c:12: warning: control reaches end of non-void function RedHat (9 ~): ./gcctest hello, stupid compiler! RedHat 24 (10 ~): gcc3 -O2 -Wall -pedantic -o gcctest gcctest.c gcctest.c:2: warning: return type defaults to `int' gcctest.c: In function `main': gcctest.c:5: warning: implicit declaration of function `foo' gcctest.c:9: warning: implicit declaration of function `printf' gcctest.c:12: warning: control reaches end of non-void function RedHat (11 ~): uname -a Linux rogue 2.4.7-10 #1 Thu Sep 6 17:27:27 EDT 2001 i686 unknown RedHat (12 ~): gcc3 -v Reading specs from /usr/lib/gcc-lib/i386-redhat-linux/3.0.2/specs Configured with: ../configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --enable-shared --enable-threads=posix --disable-checking --host=i386-redhat-linux Thread model: posix gcc version 3.0.2 20010905 (Red Hat Linux 7.1 3.0.1-3) RedHat (13 ~): Hmm, I can't reproduce the problem with any setting... Maybe it is time to look into upgrading GCC. -- \ |_ _|__ __|_ \ __| Jason Andresen jandrese@mitre.org |\/ | | | / _| Network and Distributed Systems Engineer _| _|___| _| _|_\___| Office: 703-883-7755 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 10: 7:39 2002 Delivered-To: freebsd-current@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-131.dsl.lsan03.pacbell.net [63.207.60.131]) by hub.freebsd.org (Postfix) with ESMTP id 28FC237B404; Thu, 24 Jan 2002 10:07:33 -0800 (PST) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id B8AD966D7A; Thu, 24 Jan 2002 10:07:32 -0800 (PST) Date: Thu, 24 Jan 2002 10:07:32 -0800 From: Kris Kennaway To: current@FreeBSD.org Cc: mckusick@freebsd.org Subject: panic: ufs_dirbad: bad dir Message-ID: <20020124100732.A52223@xor.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="UugvWAfsgieZRqgk" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --UugvWAfsgieZRqgk Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Is anyone else seeing this? Kris GNU gdb 4.18 Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-freebsd"... IdlePTD at phsyical address 0x004c7000 initial pcb at physical address 0x003f83a0 panicstr: from debugger panic messages: --- panic: ufs_dirbad: bad dir panic: from debugger Uptime: 23h58m10s dumping to dev ad0s1b, offset 262272 dump ata0: resetting devices .. done 127 126 125 124 123 122 121 120 119 118 117 116 115 114 113 112 111 110 109= 108 107 106 105 104 103 102 101 100 99 98 97 96 95 94 93 92 91 90 89 88 87= 86 85 84 83 82 81 80 79 78 77 76 75 74 73 72 71 70 69 68 67 66 65 64 63 62= 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37= 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12= 11 10 9 8 7 6 5 4 3 2 1 0=20 --- #0 dumpsys () at ../../../kern/kern_shutdown.c:504 504 if (!dodump) (kgdb) bt #0 dumpsys () at ../../../kern/kern_shutdown.c:504 #1 0xc01f9a6f in boot (howto=3D260) at ../../../kern/kern_shutdown.c:336 #2 0xc01f9ef9 in panic (fmt=3D0xc03431ea "from debugger") at ../../../kern/kern_shutdown.c:646 #3 0xc015ac35 in db_panic (addr=3D-1070514536, have_addr=3D0, count=3D-1,= =20 modif=3D0xcee52930 "") at ../../../ddb/db_command.c:452 #4 0xc015abd3 in db_command (last_cmdp=3D0xc0398a04, cmd_table=3D0xc039882= 4,=20 aux_cmd_tablep=3D0xc038ec4c, aux_cmd_tablep_end=3D0xc038ec50) at ../../../ddb/db_command.c:348 #5 0xc015ac9f in db_command_loop () at ../../../ddb/db_command.c:474 #6 0xc015d01f in db_trap (type=3D3, code=3D0) at ../../../ddb/db_trap.c:72 #7 0xc0313c26 in kdb_trap (type=3D3, code=3D0, regs=3D0xcee52a30) at ../../../i386/i386/db_interface.c:167 #8 0xc03202f8 in trap (frame=3D{tf_fs =3D 24, tf_es =3D 16, tf_ds =3D 16,= =20 tf_edi =3D -819039872, tf_esi =3D 256, tf_ebp =3D -823842180,=20 tf_isp =3D -823842212, tf_ebx =3D 514, tf_edx =3D -1072984320, tf_ecx= =3D 32,=20 tf_eax =3D 18, tf_trapno =3D 3, tf_err =3D 0, tf_eip =3D -1070514536,= tf_cs =3D 8,=20 tf_eflags =3D 70, tf_esp =3D -1070050049, tf_ss =3D -1070215717}) at ../../../i386/i386/trap.c:585 #9 0xc0313e98 in Debugger (msg=3D0xc035cddb "panic") at machine/cpufunc.h:= 66 #10 0xc01f9ee4 in panic (fmt=3D0xc037c027 "ufs_dirbad: bad dir") at ../../../kern/kern_shutdown.c:633 #11 0xc02df44e in ufs_dirbad (ip=3D0xc2475900, offset=3D0,=20 how=3D0xc037bfcf "mangled entry") at ../../../ufs/ufs/ufs_lookup.c:643 ---Type to continue, or q to quit--- #12 0xc02dec68 in ufs_lookup (ap=3D0xcee52b68) at ../../../ufs/ufs/ufs_lookup.c:294 #13 0xc02e3fcd in ufs_vnoperate (ap=3D0xcee52b68) at ../../../ufs/ufs/ufs_vnops.c:2657 #14 0xc022eb62 in vfs_cache_lookup (ap=3D0xcee52bc0) at vnode_if.h:66 #15 0xc02e3fcd in ufs_vnoperate (ap=3D0xcee52bc0) at ../../../ufs/ufs/ufs_vnops.c:2657 #16 0xc0232495 in lookup (ndp=3D0xcee52c40) at vnode_if.h:45 #17 0xc0231f84 in namei (ndp=3D0xcee52c40) at ../../../kern/vfs_lookup.c:171 #18 0xc0239529 in lstat (td=3D0xcee2ad04, uap=3D0xcee52d20) at ../../../kern/vfs_syscalls.c:2069 #19 0xc0320c2b in syscall (frame=3D{tf_fs =3D 47, tf_es =3D 47, tf_ds =3D 4= 7,=20 tf_edi =3D 134574080, tf_esi =3D 134574272, tf_ebp =3D -1077937428,= =20 tf_isp =3D -823841420, tf_ebx =3D 672200872, tf_edx =3D 134557696, tf= _ecx =3D 0,=20 tf_eax =3D 190, tf_trapno =3D 0, tf_err =3D 2, tf_eip =3D 671799847, = tf_cs =3D 31,=20 tf_eflags =3D 647, tf_esp =3D -1077937568, tf_ss =3D 47}) at ../../../i386/i386/trap.c:1034 #20 0xc0314b7d in syscall_with_err_pushed () #21 0x280a9e01 in ?? () #22 0x280a968a in ?? () #23 0x8049732 in ?? () #24 0x804b6f0 in ?? () #25 0x80493c1 in ?? () (kgdb) --UugvWAfsgieZRqgk Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8UE1iWry0BWjoQKURAsdEAJ9IQfxn7Bf8t3/3BDhgD58aTM6kCACdHuhL mCWDeymZ1EyXJGVvGuGR7HM= =RARl -----END PGP SIGNATURE----- --UugvWAfsgieZRqgk-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 13:44:14 2002 Delivered-To: freebsd-current@freebsd.org Received: from alcatraz.iptelecom.net.ua (alcatraz.iptelecom.net.ua [212.9.224.15]) by hub.freebsd.org (Postfix) with ESMTP id C40F537B417; Thu, 24 Jan 2002 13:43:42 -0800 (PST) Received: from ipcard.iptcom.net (ipcard.iptcom.net [212.9.224.5]) by alcatraz.iptelecom.net.ua (8.9.3/8.9.3) with ESMTP id XAA41624; Thu, 24 Jan 2002 23:43:40 +0200 (EET) (envelope-from sobomax@FreeBSD.org) Received: from h2.229.dialup.iptcom.net (h2.229.dialup.iptcom.net [212.9.229.2]) by ipcard.iptcom.net (8.9.3/8.9.3) with ESMTP id XAA59415; Thu, 24 Jan 2002 23:43:37 +0200 (EET) (envelope-from sobomax@FreeBSD.org) Subject: Panic in ufs_dirbad() From: Maxim Sobolev To: mckusick@FreeBSD.org Cc: current@FreeBSD.org Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-MwDfGsg/Fi/52f0JJ15H" Message-Id: <1011908495.304.11.camel@notebook> Mime-Version: 1.0 X-Mailer: Evolution/1.0.1 Date: 24 Jan 2002 23:43:17 +0200 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-MwDfGsg/Fi/52f0JJ15H Content-Type: multipart/mixed; boundary="=-dj7WkMHH1GMuc17V0hdY" --=-dj7WkMHH1GMuc17V0hdY Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Any ideas? This is a reasonably recent 5-CURRENT (last makeworld/makekernel 7 days ago). -Maxim --=-dj7WkMHH1GMuc17V0hdY Content-Disposition: attachment; filename=panic.log Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: quoted-printable Script started on Thu Jan 24 23:27:51 2002 root@notebook# gdb -k /boot/kernel/kernel vmcore.0=20 GNU gdb 4.18 Copyright 1998 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you ar= e welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-freebsd"... (no debugging symbols found)... IdlePTD at phsyical address 0x00372000 initial pcb at physical address 0x002ba460 panicstr: bdwrite: buffer is not busy panic messages: --- Fatal trap 12: page fault while in kernel mode fault virtual address =3D 0xa4 fault code =3D supervisor read, page not present instruction pointer =3D 0x8:0xc01ba320 stack pointer =3D 0x10:0xc66ac8a8 frame pointer =3D 0x10:0xc66ac8a8 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, def32 1, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 739 (groff) trap number =3D 12 panic: page fault syncing disks... panic: bdwrite: buffer is not busy Uptime: 2h11m5s dumping to dev ad0s1b, offset 71680 dump ata0: resetting devices .. done 64 63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 = 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 = 14 13 12 11 10 9 8 7 6 5 4 3 2 1=20 --- #0 0xc017234a in dumpsys () (kgdb) bt #0 0xc017234a in dumpsys () #1 0xc01720e0 in boot () #2 0xc0172567 in panic () #3 0xc01a5807 in bdwrite () #4 0xc01f973e in ffs_update () #5 0xc0206bde in ffs_fsync () #6 0xc020512e in ffs_sync () #7 0xc01b24a6 in sync () #8 0xc0171cf6 in boot () #9 0xc0172567 in panic () #10 0xc024a89a in trap_fatal () #11 0xc024a5f1 in trap_pfault () #12 0xc0249f84 in trap () #13 0xc01ba320 in strlen () #14 0xc0188595 in kvprintf () #15 0xc0187d94 in printf () #16 0xc02081ff in ufs_dirbad () #17 0xc0207a00 in ufs_lookup () #18 0xc020d2fd in ufs_vnoperate () #19 0xc01a92b2 in vfs_cache_lookup () #20 0xc020d2fd in ufs_vnoperate () #21 0xc01acda1 in lookup () #22 0xc01ac88c in namei () #23 0xc01b85f7 in vn_open_cred () #24 0xc01b83ba in vn_open () #25 0xc01b3134 in open () #26 0xc024acbd in syscall () #27 0xc023eedd in syscall_with_err_pushed () #28 0x804edfe in ?? () #29 0x804e9b2 in ?? () #30 0x804ced2 in ?? () #31 0x804933d in ?? () #32 0x8048dcd in ?? () (kgdb) root@notebook# exit Script done on Thu Jan 24 23:29:18 2002 --=-dj7WkMHH1GMuc17V0hdY-- --=-MwDfGsg/Fi/52f0JJ15H Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQA8UH+PoNu5t4iCBa8RAo94AJ9gGUow3prSnifWiAk088ZmfLKFkgCbB9dU IJPmGK4lQYdemHzJKgGU9lg= =EH5y -----END PGP SIGNATURE----- --=-MwDfGsg/Fi/52f0JJ15H-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 14:11:48 2002 Delivered-To: freebsd-current@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id B122B37B9B5 for ; Thu, 24 Jan 2002 14:06:24 -0800 (PST) Received: from mailhost.feral.com (mjacob@mailhost.feral.com [192.67.166.1]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id g0OM6MO98834 for ; Thu, 24 Jan 2002 14:06:23 -0800 (PST) (envelope-from mjacob@feral.com) Date: Thu, 24 Jan 2002 14:06:22 -0800 (PST) From: Matthew Jacob X-Sender: mjacob@beppo Reply-To: mjacob@feral.com To: current@freebsd.org Subject: loopback nfs broken? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG linking kernel.debug nfs server nellie:/space/compiles: not responding 10 > 9 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 14:54: 0 2002 Delivered-To: freebsd-current@freebsd.org Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by hub.freebsd.org (Postfix) with ESMTP id 2ABA937B41B; Thu, 24 Jan 2002 14:53:33 -0800 (PST) Received: by elvis.mu.org (Postfix, from userid 1192) id 03E3310DDF7; Thu, 24 Jan 2002 14:53:33 -0800 (PST) Date: Thu, 24 Jan 2002 14:53:32 -0800 From: Alfred Perlstein To: Maxim Sobolev Cc: mckusick@FreeBSD.org, current@FreeBSD.org Subject: Re: Panic in ufs_dirbad() Message-ID: <20020124145332.D13686@elvis.mu.org> References: <1011908495.304.11.camel@notebook> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <1011908495.304.11.camel@notebook>; from sobomax@FreeBSD.org on Thu, Jan 24, 2002 at 11:43:17PM +0200 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Maxim Sobolev [020124 13:44] wrote: > Any ideas? This is a reasonably recent 5-CURRENT (last > makeworld/makekernel 7 days ago). This may be fallout from my initial fdlocking work, please try an update or get a debug traceback and we'll see. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Thu Jan 24 20:27:25 2002 Delivered-To: freebsd-current@freebsd.org Received: from li.xdsl.ne.jp (li.xdsl.ne.jp [211.15.33.132]) by hub.freebsd.org (Postfix) with ESMTP id D69F637B402 for ; Thu, 24 Jan 2002 20:27:22 -0800 (PST) Received: from Geteway (xdsl046003.061200.metallic.ne.jp [61.200.46.3]) by li.xdsl.ne.jp (Postfix) with SMTP id ED70D13C190 for ; Fri, 25 Jan 2002 13:27:21 +0900 (JST) From: =?ISO-2022-JP?B?GyRCJCIkKCReJDkkTSRDJEgbKEI=?= To: Subject: =?ISO-2022-JP?B?GyRCIiMkRyQiJCQkTjdoRGpIRyIjJCIkKCReJDkkTSRDGyhC?= =?ISO-2022-JP?B?GyRCJEgiIxsoQg==?= MIME-Version: 1.0 Content-Type: text/plain; charset="ISO-2022-JP" Content-Transfer-Encoding: 7bit Message-Id: <20020125042722.ED70D13C190@li.xdsl.ne.jp> Date: Fri, 25 Jan 2002 13:27:22 +0900 (JST) Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG $B$44uK>$KE:$o$:$3$N%a!<%k$,FO$$$F$7$^$$$^$7$?$i$* To: Alfred Perlstein Cc: Maxim Sobolev , mckusick@FreeBSD.org, current@FreeBSD.org Subject: Re: Panic in ufs_dirbad() Message-ID: <20020124223013.B59586@xor.obsecurity.org> References: <1011908495.304.11.camel@notebook> <20020124145332.D13686@elvis.mu.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="H1spWtNR+x+ondvy" Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020124145332.D13686@elvis.mu.org>; from bright@mu.org on Thu, Jan 24, 2002 at 02:53:32PM -0800 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --H1spWtNR+x+ondvy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 24, 2002 at 02:53:32PM -0800, Alfred Perlstein wrote: > * Maxim Sobolev [020124 13:44] wrote: > > Any ideas? This is a reasonably recent 5-CURRENT (last > > makeworld/makekernel 7 days ago). >=20 > This may be fallout from my initial fdlocking work, please try > an update or get a debug traceback and we'll see. See my message of this morning with the same panic. Kris --H1spWtNR+x+ondvy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8UPt0Wry0BWjoQKURAjqeAJ4hia4+oAVt2CGlmI+HPMPdxE8/vACfUB8I q2oikoReWOdQZHVsp45rQyE= =9BT9 -----END PGP SIGNATURE----- --H1spWtNR+x+ondvy-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 0:51:42 2002 Delivered-To: freebsd-current@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 50D7A37B400; Fri, 25 Jan 2002 00:51:07 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.6/8.11.2) id g0P8owd64521; Fri, 25 Jan 2002 10:50:58 +0200 (EET) (envelope-from ru) Date: Fri, 25 Jan 2002 10:50:58 +0200 From: Ruslan Ermilov To: "David O'Brien" , Bruce Evans Cc: current@FreeBSD.ORG, alpha@FreeBSD.ORG Subject: alpha cross-compiler hosed Message-ID: <20020125105058.C57703@sunbay.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="6c2NcOVqGQ03X4Wi" Content-Disposition: inline User-Agent: Mutt/1.3.23i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi! Some background first. I am currently working on cleaning up the "false dependencies" issue for secure/. The attached patch p1 fixes this. This is done by moving the false dependencies from secure/ utilities directly to libssh.so. This also requires a alight re-ordering in `libraries' target of Makefile.inc1, which is done by the attached patch p2. So far it's OK. Now the problem. I was testing these patches on an i386 -CURRENT box that does nightly "make world"s for both i386 and alpha. i386 world built OK, alpha cross-world broke trying to link secure/libexec/sftp-server as follows: : Script started on Fri Jan 25 10:09:41 2002 : -------------------------------------------------------------- : >>> Building everything.. : -------------------------------------------------------------- : cd /usr/src; MAKEOBJDIRPREFIX=/usr/obj/alpha MACHINE_ARCH=alpha MACHINE=alpha COMPILER_PATH=/usr/obj/alpha/usr/src/i386/usr/libexec:/usr/obj/alpha/usr/src/i386/usr/bin LIBRARY_PATH=/usr/obj/alpha/usr/src/i386/usr/lib:/usr/obj/alpha/usr/src/i386/usr/lib OBJFORMAT_PATH=/usr/obj/alpha/usr/src/i386/usr/libexec CINCLUDES="-nostdinc" CXXINCLUDES="-nostdinc++" PERL5LIB=/usr/obj/alpha/usr/src/i386/usr/libdata/perl/5.6.0 GROFF_BIN_PATH=/usr/obj/alpha/usr/src/i386/usr/bin GROFF_FONT_PATH=/usr/obj/alpha/usr/src/i386/usr/share/groff_font GROFF_TMAC_PATH=/usr/obj/alpha/usr/src/i386/usr/share/tmac DESTDIR=/usr/obj/alpha/usr/src/i386 INSTALL="sh /usr/src/tools/install.sh" PATH=/usr/obj/alpha/usr/src/i386/usr/sbin:/usr/obj/alpha/usr/src/i386/usr/bin:/usr/obj/alpha/usr/src/i386/usr/games:/sbin:/bin:/usr/sbin:/usr/bin make -f Makefile.inc1 all : ===> secure/libexec/sftp-server : cc -O -pipe -nostdinc -mcpu=ev4 -DNO_IDEA -I/usr/obj/alpha/usr/src/i386/usr/include -o sftp-server sftp-server.o sftp-common.o -lssh -lcrypto : /usr/obj/alpha/usr/src/i386/usr/libexec/elf/ld: warning: libz.so.2, needed by /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so, not found (try using -rpath or -rpath-link) : /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so: undefined reference to `deflate' : /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so: undefined reference to `inflate' : /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so: undefined reference to `inflateInit_' : /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so: undefined reference to `deflateInit_' : /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so: undefined reference to `inflateEnd' : /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so: undefined reference to `deflateEnd' : *** Error code 1 : : Stop in /usr/src/secure/libexec/sftp-server. : *** Error code 1 : : Script done on Fri Jan 25 10:09:42 2002 The ld(1) error message above says (formatted by fmt(1)): : /usr/obj/alpha/usr/src/i386/usr/libexec/elf/ld: warning: libz.so.2, : needed by /usr/obj/alpha/usr/src/i386/usr/lib/libssh.so, not found : (try using -rpath or -rpath-link) But the library _is_ there, and it was built even earlier than libssh: : # cd /usr/obj/alpha/usr/src/i386/usr/lib : # ls -l libssh.so* libz.so* : lrwxr-xr-x 1 root wheel 11 Jan 25 06:19 libssh.so -> libssh.so.2 : -rwxr-xr-x 1 root wheel 295859 Jan 25 06:19 libssh.so.2 : lrwxr-xr-x 1 root wheel 9 Jan 25 06:34 libz.so -> libz.so.2 : -rwxr-xr-x 1 root wheel 80017 Jan 25 06:11 libz.so.2 Now about the bug. Here's the interesting output from both i386 and alpha versions of cross-compiler built tonight: : # /usr/obj/usr/src/i386/usr/bin/gcc -print-search-dirs : install: /usr/obj/usr/src/i386/usr/libexec/(null) : programs: /usr/obj/usr/src/i386/usr/libexec/elf/:/usr/obj/usr/src/i386/usr/libexec/ : libraries: /usr/obj/usr/src/i386/usr/libexec/:/usr/obj/usr/src/i386/usr/lib/ : # /usr/obj/alpha/usr/src/i386/usr/bin/gcc -print-search-dirs : install: /usr/obj/alpha/usr/src/i386/usr/libexec/(null) : programs: /usr/obj/alpha/usr/src/i386/usr/libexec/elf/ : libraries: Note the empty "libraries:" for the alpha version. I think this is the bug. I will see if I can fix this bug myself, but I thought David could fix it quicker than me. :-) Cheers, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age --6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=p1 Index: secure/lib/libssh/Makefile =================================================================== RCS file: /home/ncvs/src/secure/lib/libssh/Makefile,v retrieving revision 1.12 diff -u -r1.12 Makefile --- secure/lib/libssh/Makefile 2002/01/23 15:54:09 1.12 +++ secure/lib/libssh/Makefile 2002/01/25 08:16:18 @@ -24,6 +24,9 @@ CFLAGS+= -DKRB5 .endif # MAKE_KERBEROS5 +DPADD= ${LIBCRYPTO} ${LIBZ} +LDADD= -lcrypto -lz + .include .PATH: ${SSHDIR} ${SSHDIR}/lib Index: secure/libexec/sftp-server/Makefile =================================================================== RCS file: /home/ncvs/src/secure/libexec/sftp-server/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- secure/libexec/sftp-server/Makefile 2002/01/23 15:54:09 1.4 +++ secure/libexec/sftp-server/Makefile 2002/01/25 08:16:18 @@ -5,8 +5,8 @@ SRCS= sftp-server.c sftp-common.c MAN= sftp-server.8 -LDADD+= -lssh -lcrypto -lz -DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} +LDADD+= -lssh -lcrypto +DPADD+= ${LIBSSH} ${LIBCRYPTO} .include Index: secure/usr.bin/scp/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/scp/Makefile,v retrieving revision 1.6 diff -u -r1.6 Makefile --- secure/usr.bin/scp/Makefile 2002/01/23 15:54:10 1.6 +++ secure/usr.bin/scp/Makefile 2002/01/25 08:16:18 @@ -4,8 +4,8 @@ PROG= scp SRCS= scp.c scp-common.c -LDADD+= -lssh -lcrypto -lutil -lz -DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBUTIL} ${LIBZ} +DPADD= ${LIBSSH} +LDADD= -lssh .include Index: secure/usr.bin/sftp/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/sftp/Makefile,v retrieving revision 1.2 diff -u -r1.2 Makefile --- secure/usr.bin/sftp/Makefile 2002/01/23 15:54:10 1.2 +++ secure/usr.bin/sftp/Makefile 2002/01/25 08:16:18 @@ -4,8 +4,8 @@ PROG= sftp SRCS= sftp.c sftp-client.c sftp-int.c sftp-common.c sftp-glob.c scp-common.c -LDADD+= -lssh -lcrypto -lz -DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} +LDADD= -lssh -lcrypto +DPADD= ${LIBSSH} ${LIBCRYPTO} .include Index: secure/usr.bin/ssh-add/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-add/Makefile,v retrieving revision 1.6 diff -u -r1.6 Makefile --- secure/usr.bin/ssh-add/Makefile 2002/01/23 15:54:14 1.6 +++ secure/usr.bin/ssh-add/Makefile 2002/01/25 08:16:18 @@ -4,8 +4,8 @@ PROG= ssh-add SRCS= ssh-add.c -LDADD+= -lssh -lcrypto -lz -DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} +LDADD+= -lssh -lcrypto +DPADD+= ${LIBSSH} ${LIBCRYPTO} .include Index: secure/usr.bin/ssh-agent/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-agent/Makefile,v retrieving revision 1.6 diff -u -r1.6 Makefile --- secure/usr.bin/ssh-agent/Makefile 2002/01/23 15:54:14 1.6 +++ secure/usr.bin/ssh-agent/Makefile 2002/01/25 08:16:18 @@ -4,8 +4,8 @@ PROG= ssh-agent SRCS= ssh-agent.c -LDADD+= -lssh -lcrypto -lz -DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} +LDADD+= -lssh -lcrypto +DPADD+= ${LIBSSH} ${LIBCRYPTO} .include Index: secure/usr.bin/ssh-keygen/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-keygen/Makefile,v retrieving revision 1.7 diff -u -r1.7 Makefile --- secure/usr.bin/ssh-keygen/Makefile 2002/01/23 15:54:17 1.7 +++ secure/usr.bin/ssh-keygen/Makefile 2002/01/25 08:16:18 @@ -4,8 +4,8 @@ PROG= ssh-keygen SRCS= ssh-keygen.c -LDADD+= -lssh -lcrypto -lz -DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} +LDADD+= -lssh -lcrypto +DPADD+= ${LIBSSH} ${LIBCRYPTO} .include Index: secure/usr.bin/ssh-keyscan/Makefile =================================================================== RCS file: /home/ncvs/src/secure/usr.bin/ssh-keyscan/Makefile,v retrieving revision 1.2 diff -u -r1.2 Makefile --- secure/usr.bin/ssh-keyscan/Makefile 2002/01/23 15:54:17 1.2 +++ secure/usr.bin/ssh-keyscan/Makefile 2002/01/25 08:16:18 @@ -4,8 +4,8 @@ PROG= ssh-keyscan SRCS= ssh-keyscan.c -LDADD+= -lssh -lcrypto -lz -DPADD+= ${LIBSSH} ${LIBCRYPTO} ${LIBZ} +LDADD+= -lssh -lcrypto +DPADD+= ${LIBSSH} ${LIBCRYPTO} .include Index: lib/libpam/modules/pam_ssh/Makefile =================================================================== RCS file: /home/ncvs/src/lib/libpam/modules/pam_ssh/Makefile,v retrieving revision 1.8 diff -u -r1.8 Makefile --- lib/libpam/modules/pam_ssh/Makefile 2002/01/23 15:54:08 1.8 +++ lib/libpam/modules/pam_ssh/Makefile 2002/01/25 08:16:18 @@ -7,8 +7,8 @@ SHLIB_NAME= pam_ssh.so SRCS= pam_ssh.c CFLAGS+= -I${SSHSRC} -DPADD= ${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} ${LIBUTIL} ${LIBZ} -LDADD= -lssh -lcrypto -lcrypt -lutil -lz +DPADD= ${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} ${LIBUTIL} +LDADD= -lssh -lcrypto -lcrypt -lutil MAN= pam_ssh.8 .include --6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=p2 Index: Makefile.inc1 =================================================================== RCS file: /home/ncvs/src/Makefile.inc1,v retrieving revision 1.235 diff -u -r1.235 Makefile.inc1 --- Makefile.inc1 2001/12/28 11:53:18 1.235 +++ Makefile.inc1 2002/01/25 08:22:50 @@ -731,6 +731,7 @@ # librpcsvc libtacplus libutil libz libssh # libradius: libmd # libreadline: libncurses +# libssh: libcrypto libz # libstc++: msun # libtacplus: libmd # @@ -740,7 +741,7 @@ # kerberosIV/lib kerberos5/lib: lib/libcrypt # lib/libpam: secure/lib/libcrypto kerberosIV/lib/libkrb \ # secure/lib/libssh lib/libz -# secure/lib: lib/libmd +# secure/lib: secure/lib/libcrypto lib/libmd lib/libz # .if exists(${.CURDIR}/lib/csu/${MACHINE_ARCH}.pcc) _csu= lib/csu/${MACHINE_ARCH}.pcc @@ -750,8 +751,11 @@ _csu= lib/csu/${MACHINE_ARCH} .endif -.if !defined(NOSECURE) && !defined(NOCRYPT) +.if exists(${.CURDIR}/secure) && !defined(NOCRYPT) && !defined(NOSECURE) _secure_lib= secure/lib +.if exists(${.CURDIR}/secure/lib/libcrypto) +_libcrypto= secure/lib/libcrypto +.endif .endif .if !defined(NOCRYPT) && defined(MAKE_KERBEROS4) @@ -772,10 +776,10 @@ libraries: .for _lib in ${_csu} gnu/lib/csu gnu/lib/libgcc lib/libmd lib/libcrypt \ - ${_secure_lib} ${_kerberosIV_lib} \ + lib/libz ${_libcrypto} ${_secure_lib} ${_kerberosIV_lib} \ ${_kerberos5_lib} lib/libcom_err lib/libkvm lib/msun lib/libncurses \ lib/libopie lib/libradius lib/librpcsvc lib/libsbuf lib/libtacplus \ - lib/libutil lib/libz lib gnu/lib ${_libperl} usr.bin/lex/lib ${_libkeycap} + lib/libutil lib gnu/lib ${_libperl} usr.bin/lex/lib ${_libkeycap} .if exists(${.CURDIR}/${_lib}) cd ${.CURDIR}/${_lib}; \ ${MAKE} depend; \ --6c2NcOVqGQ03X4Wi-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 1: 9:44 2002 Delivered-To: freebsd-current@freebsd.org Received: from web11403.mail.yahoo.com (web11403.mail.yahoo.com [216.136.131.233]) by hub.freebsd.org (Postfix) with SMTP id D54C137B400 for ; Fri, 25 Jan 2002 01:09:42 -0800 (PST) Message-ID: <20020125090942.41014.qmail@web11403.mail.yahoo.com> Received: from [202.167.61.228] by web11403.mail.yahoo.com via HTTP; Fri, 25 Jan 2002 01:09:42 PST Date: Fri, 25 Jan 2002 01:09:42 -0800 (PST) From: Shizuka Kudo Subject: No buffer space available To: freebsd-current@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Is anyone still seeing the "No buffer space availabe" message in 5.0-CURRENT? I have checked the mail archieve and saw several replies, but none worked in my case. I have a Thinkpad 600X with a Melco cardbus 10/100 ethernet card (a Realtek 8139B) running 5.0 NEWCARD kernel with NMBCLUSTERS=16384. "No buffer space available" occurred when I tried to ftp a file in my Thinkpad from other client. "ifconfig rl0 down" and then "ifconfig rl0 up" resumed the operation for awhile until the error happened again. Setting media to 10baseT/UTP did not suffer from this error and got about 900Kbytes/s throughput. Would that be a bug in the driver that ftp server is delivering too much traffic to the NIC? Any suggestion that I can try? Thanks __________________________________________________ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 1:19:36 2002 Delivered-To: freebsd-current@freebsd.org Received: from axl.seasidesoftware.co.za (axl.seasidesoftware.co.za [196.31.7.201]) by hub.freebsd.org (Postfix) with ESMTP id 42D9A37B400 for ; Fri, 25 Jan 2002 01:19:32 -0800 (PST) Received: from sheldonh (helo=axl.seasidesoftware.co.za) by axl.seasidesoftware.co.za with local-esmtp (Exim 3.33 #1) id 16U2Yg-000Ej0-00; Fri, 25 Jan 2002 11:22:06 +0200 From: Sheldon Hearn To: k Macy Cc: freebsd-current@freebsd.org Subject: Re: GDB maintainer? In-reply-to: Your message of "Sun, 20 Jan 2002 17:18:30 PST." <20020121011830.26777.qmail@web14003.mail.yahoo.com> Date: Fri, 25 Jan 2002 11:22:06 +0200 Message-ID: <56605.1011950526@axl.seasidesoftware.co.za> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 20 Jan 2002 17:18:30 PST, k Macy wrote: > Who is the current GDB maintainer? Not sure there's a single maintainer, but I know these two gentlemen take a keen interest in the beast: Bruce Evans Brian Dean Ciao, Sheldon. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 1:29: 0 2002 Delivered-To: freebsd-current@freebsd.org Received: from scaup.prod.itd.earthlink.net (scaup.mail.pas.earthlink.net [207.217.120.49]) by hub.freebsd.org (Postfix) with ESMTP id C9AF737B400 for ; Fri, 25 Jan 2002 01:28:33 -0800 (PST) Received: from pool0092.cvx22-bradley.dialup.earthlink.net ([209.179.198.92] helo=mindspring.com) by scaup.prod.itd.earthlink.net with esmtp (Exim 3.33 #1) id 16U2eu-0001H2-00; Fri, 25 Jan 2002 01:28:33 -0800 Message-ID: <3C51253C.6F59A4D4@mindspring.com> Date: Fri, 25 Jan 2002 01:28:28 -0800 From: Terry Lambert X-Mailer: Mozilla 4.7 [en]C-CCK-MCD {Sony} (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Shizuka Kudo Cc: freebsd-current@freebsd.org Subject: Re: No buffer space available References: <20020125090942.41014.qmail@web11403.mail.yahoo.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Shizuka Kudo wrote: > Is anyone still seeing the "No buffer space availabe" > message in 5.0-CURRENT? I have checked the mail > archieve and saw several replies, but none worked in > my case. > > I have a Thinkpad 600X with a Melco cardbus 10/100 > ethernet card (a Realtek 8139B) running 5.0 NEWCARD > kernel with NMBCLUSTERS=16384. > "No buffer space available" occurred when I tried to > ftp a file in my Thinkpad from other client. "ifconfig > rl0 down" and then "ifconfig rl0 up" resumed the > operation for awhile until the error happened again. > Setting media to 10baseT/UTP did not suffer from this > error and got about 900Kbytes/s throughput. > > Would that be a bug in the driver that ftp server is > delivering too much traffic to the NIC? Any suggestion > that I can try? That downing and reupping it worked indicates that you are losing a transmit interrupt draining the write queue. I'm pretty sure that this has to be related to the use of "interrupt threads" in -current, as I do not have the problem with the 8139B's I have, with an older, stable version of FreeBSD. The downing and reupping it resets the card (this is an intentional side effect, designed to make Tigon II cards suck^W^W^W^W^Wallow recovery from a hosed driver that people would rather hack around than fix^W^W^W^W^W^W^W^W, which should never happen in practice). The "normal" workaround for this is to have a software "watchdog" timer that resets the card when it loses its mind like this (transmit interrupt pending, no transmit interrupt seen for timeout period). You could add similar code the the RealTek driver pretty easily, using the Tigon II or another driver as a template, if you wanted to work around the problem instead of actually fixing it^W^W^W^W^W. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 4:58:10 2002 Delivered-To: freebsd-current@freebsd.org Received: from pegasus.freibergnet.de (pegasus.freibergnet.de [194.123.255.9]) by hub.freebsd.org (Postfix) with ESMTP id B9E7237B400 for ; Fri, 25 Jan 2002 04:58:05 -0800 (PST) Received: (from holm@localhost) by pegasus.freibergnet.de (8.11.6/8.11.6) id g0PCvxq42120 for freebsd-current@freebsd.org; Fri, 25 Jan 2002 13:57:59 +0100 (CET) (envelope-from holm) Date: Fri, 25 Jan 2002 13:57:59 +0100 From: Holm Tiffe To: freebsd-current@freebsd.org Subject: Problems with Apache1.3.22+php4 Message-ID: <20020125135759.A41616@pegasus.freibergnet.de> Reply-To: holm@freibergnet.de Mail-Followup-To: Holm Tiffe , freebsd-current@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i Organization: FreibergNet Internet Services X-Phone: +49-3731-781279 X-Fax: +49-3731-781377 X-PGP-fingerprint: 86 EC A5 63 B5 28 78 13 8B FC E9 09 04 6E 86 FC Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, since around mid of december I have problems to get an apache with mod_ssl and php4 running on -current. With php4 loaded, apache is in a fcntl loop after executing an primitive cgi-script. The output of a simple printenv cgi is printed to the screen (netscape or telnet on 80) and then the connection don't get closed, it hangs around for 15 minutes finally reaching the timeout. There are no surch problems on our -stable machines, but three -current boxes are all doing the same. On my workstation, current is from today, apache is 1.3.23+modssl for the 1.3.22 (no difference in the behavior here). The mod_php is 4.1.1 Is anyone seeing something like this too, or it's only me ? Have I missed something ? I can provide more informaion if you wish, TIA, Holm -- FreibergNet Systemhaus GbR Holm Tiffe * Administration, Development Systemhaus für Daten- und Netzwerktechnik phone +49 3731 781279 Unternehmensgruppe Liebscher & Partner fax +49 3731 781377 D-09599 Freiberg * Am St. Niclas Schacht 13 http://www.freibergnet.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 6:18: 2 2002 Delivered-To: freebsd-current@freebsd.org Received: from encontacto.net (adsl-64-173-182-158.dsl.mtry01.pacbell.net [64.173.182.158]) by hub.freebsd.org (Postfix) with ESMTP id 30E8837B400 for ; Fri, 25 Jan 2002 06:17:56 -0800 (PST) Received: (from root@localhost) by encontacto.net (8.11.6/8.11.4) id g0PELUo74372 for current@FreeBSD.Org; Fri, 25 Jan 2002 06:21:30 -0800 (PST) (envelope-from eculp@encontacto.net) Received: from 64.173.182.155 ( [64.173.182.155]) as user eculp@EnContacto.Net by Mail.SavvyWorld.Net with HTTP; Fri, 25 Jan 2002 06:21:30 -0800 Message-ID: <1011968490.3c5169ea6be66@Mail.SavvyWorld.Net> Date: Fri, 25 Jan 2002 06:21:30 -0800 From: Edwin Culp To: current@FreeBSD.Org Subject: snd_maestro3 on Current laptop begining on Wednesday morning. MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 4.0-cvs X-Originating-IP: 64.173.182.155 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG My laptop sound seems to have quit working after some changes that were submitted, between my Tuesday morning +-4:30 am PST and wednesday 4:30 am PST. I assumed that I had not cvsuped all the changes but today's build still doesn't work. The module loads but no sound. /root # cat /dev/sndstat FreeBSD Audio Driver (newpcm) Installed devices: pcm0: at io 0x1800 irq 5 (4p/1r/0v channels duplex default) and pciconf shows: pcm0@pci0:10:0: class=0x040100 card=0x002e0e11 chip=0x1988125d rev=0x12 hdr=0x00 vendor = 'ESS Technology' device = 'ES1989 Allegro-1 Audiodrive' class = multimedia subclass = audio if I try a cat file.au>/dev/audioX.X, I get a cannot create /dev/audioX.X I really looks like it should work but it doesn't. I can boot with Tuesdays kernel and it works fine. Is anyone else seeing this? Thanks, ed --- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 6:41:49 2002 Delivered-To: freebsd-current@freebsd.org Received: from nimbus.elecard.net.ru (nimbus.elecard.net.ru [217.106.120.47]) by hub.freebsd.org (Postfix) with ESMTP id 0769737B402 for ; Fri, 25 Jan 2002 06:41:40 -0800 (PST) Received: from nimbus.elecard.net.ru (localhost [127.0.0.1]) by nimbus.elecard.net.ru (8.12.1/8.12.1) with ESMTP id g0PEfcbp056070 for ; Fri, 25 Jan 2002 21:41:38 +0700 (KRAT) Received: (from root@localhost) by nimbus.elecard.net.ru (8.12.1/8.12.1/Submit) id g0PEfcdS056069 for freebsd-current@FreeBSD.org.KAV; Fri, 25 Jan 2002 21:41:38 +0700 (KRAT) Received: from geek.moonlight.elecard.net.ru (geek.moonlight.elecard.net.ru [192.168.1.13]) by nimbus.elecard.net.ru (8.12.1/8.12.1) with ESMTP id g0PEfcbp056057 for ; Fri, 25 Jan 2002 21:41:38 +0700 (KRAT) Received: from serg ([192.168.1.52]) by geek.moonlight.elecard.net.ru (Netscape Messaging Server 4.15) with ESMTP id GQI0TD00.B2H for ; Fri, 25 Jan 2002 21:41:37 +0700 From: "Roman Chernushkin" To: Subject: Date: Fri, 25 Jan 2002 21:41:37 +0700 Message-ID: <014701c1a5ae$64eef900$3401a8c0@moonlight.elecard.net.ru> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0148_01C1A5E9.114DD100" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_0148_01C1A5E9.114DD100 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit ------=_NextPart_000_0148_01C1A5E9.114DD100 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

 

------=_NextPart_000_0148_01C1A5E9.114DD100-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 15:51:16 2002 Delivered-To: freebsd-current@freebsd.org Received: from w250.z064001178.sjc-ca.dsl.cnc.net (w250.z064001178.sjc-ca.dsl.cnc.net [64.1.178.250]) by hub.freebsd.org (Postfix) with SMTP id 95CEC37B41D for ; Fri, 25 Jan 2002 15:51:09 -0800 (PST) Received: (qmail 69347 invoked by uid 1000); 25 Jan 2002 23:51:30 -0000 Date: Fri, 25 Jan 2002 15:51:08 -0800 From: Jos Backus To: freebsd-current@freebsd.org Subject: Processes hanging in ``inode' state Message-ID: <20020125235130.GA69092@lizzy.bugworks.com> Reply-To: Jos Backus Mail-Followup-To: freebsd-current@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.3.26i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Recent -current on my system at work exhibits processes getting stuck in the ``inode'' state, causing the system to become unusable and requiring a reboot. I have been seeing this for about a week now; anyone else? -- Jos Backus _/ _/_/_/ Santa Clara, CA _/ _/ _/ _/ _/_/_/ _/ _/ _/ _/ josb@cncdsl.com _/_/ _/_/_/ use Std::Disclaimer; To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message From owner-freebsd-current Fri Jan 25 16:45:31 2002 Delivered-To: freebsd-current@freebsd.org Received: from mw1.texas.net (mw1.texas.net [206.127.30.11]) by hub.freebsd.org (Postfix) with ESMTP id D7E2C37B417; Fri, 25 Jan 2002 16:45:21 -0800 (PST) Received: from staff3.texas.net (staff3.texas.net [207.207.0.40]) by mw1.texas.net (8.11.6/8.11.6) with ESMTP id g0Q0jDA19405; Fri, 25 Jan 2002 18:45:13 -0600 (CST) Received: (from doug@localhost) by staff3.texas.net (8.11.6/8.11.6) id g0Q0jCV64642; Fri, 25 Jan 2002 18:45:12 -0600 (CST) (envelope-from doug) Date: Fri, 25 Jan 2002 18:45:12 -0600 From: Doug Swarin To: freebsd-current@freebsd.org Cc: bright@mu.org, sobomax@freebsd.org, kris@obsecurity.org Subject: Re: Panic in ufs_dirbad() Message-ID: <20020125184512.A64502@staff.texas.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jan 24, 2002 at 02:53:32PM -0800, Alfred Perlstein wrote: > * Maxim Sobolev [020124 13:44] wrote: > > Any ideas? This is a reasonably recent 5-CURRENT (last > > makeworld/makekernel 7 days ago). > > This may be fallout from my initial fdlocking work, please try > an update or get a debug traceback and we'll see. I have actually seen this panic very recently on -STABLE. Matt Dillon suspected an issue with the RAID controller I was using (aac) after some debugging work. I am still waiting on the results of diagnostic testing on the RAID controller, but I just wanted to offer an additional data point. I have attached dmesg and some of the results of our debugging session below. The panic occurred during heavy file create/delete activity. I referred to PR kern/13150, which may or may not be related. We determined that *ep in ufs_lookup contained garbage (from a file name). ep->d_name contained file data. Doug Swarin doug@texas.net (kgdb) back #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:473 #1 0xc01705df in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:313 #2 0xc0170a01 in panic (fmt=0xc0276207 "ufs_dirbad: bad dir") at /usr/src/sys/kern/kern_shutdown.c:581 #3 0xc01e8ef6 in ufs_dirbad (ip=0xc8154200, offset=31, how=0xc02761b0 "mangled entry") at /usr/src/sys/ufs/ufs/ufs_lookup.c:641 #4 0xc01e8714 in ufs_lookup (ap=0xef25ad14) at /usr/src/sys/ufs/ufs/ufs_lookup.c:291 #5 0xc01ed715 in ufs_vnoperate (ap=0xef25ad14) at /usr/src/sys/ufs/ufs/ufs_vnops.c:2423 #6 0xc019a04a in vfs_cache_lookup (ap=0xef25ad6c) at vnode_if.h:77 #7 0xc01ed715 in ufs_vnoperate (ap=0xef25ad6c) at /usr/src/sys/ufs/ufs/ufs_vnops.c:2423 #8 0xc019cfb9 in lookup (ndp=0xef25aec4) at vnode_if.h:52 #9 0xc019cab4 in namei (ndp=0xef25aec4) at /usr/src/sys/kern/vfs_lookup.c:153 #10 0xc01a580a in vn_open (ndp=0xef25aec4, fmode=514, cmode=420) at /usr/src/sys/kern/vfs_vnops.c:99 #11 0xc01a1a8c in open (p=0xef1b8560, uap=0xef25af80) at /usr/src/sys/kern/vfs_syscalls.c:999 #12 0xc023ebbd in syscall2 (frame={tf_fs = -1078001617, tf_es = 47, tf_ds = -1078001617, tf_edi = 513, tf_esi = 134645918, tf_ebp = -1077945588, tf_isp = -282742828, tf_ebx = -1077946616, tf_edx = 68, tf_ecx = -1077946780, tf_eax = 5, tf_trapno = 0, tf_err = 2, tf_eip = 672953588, tf_cs = 31, tf_eflags = 663, tf_esp = -1077946656, tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1157 #13 0xc022b8eb in Xint0x80_syscall () (kgdb) frame 4 (kgdb) print ep->d_reclen $4 = 0x6f63 (kgdb) print entryoffsetinblock $5 = 0x1f (kgdb) print dirchk $6 = 0x0 (kgdb) print *ep $7 = { d_ino = 0x2e797567, d_reclen = 0x6f63, d_type = 0x6d, d_namlen = 0x3e, d_name = '\000' , "Assorted -"... } Copyright (c) 1992-2002 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.5-RC #0: Wed Jan 16 11:37:55 CST 2002 root@localhost:/usr/obj/usr/src/sys/NEWS2450 Timecounter "i8254" frequency 1193182 Hz CPU: Pentium III/Pentium III Xeon/Celeron (993.33-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0x686 Stepping = 6 Features=0x383fbff real memory = 2147475456 (2097144K bytes) config> q avail memory = 2088914944 (2039956K bytes) Changing APIC ID for IO APIC #0 from 2 to 0 in MP table Changing APIC ID for IO APIC #1 from 0 to 3 on chip Programming 16 pins in IOAPIC #0 Programming 16 pins in IOAPIC #1 FreeBSD/SMP: Multiprocessor motherboard cpu0 (BSP): apic id: 1, version: 0x00040011, at 0xfee00000 io0 (APIC): apic id: 0, version: 0x000f0011, at 0xfec00000 io1 (APIC): apic id: 3, version: 0x000f0011, at 0xfec01000 Preloaded elf kernel "kernel" at 0xc032b000. Preloaded userconfig_script "/boot/kernel.conf" at 0xc032b09c. Pentium Pro MTRR support enabled md0: Malloc disk Using $PIR table, 7 entries at 0xc00fc2c0 npx0: on motherboard npx0: INT 16 interface pcib0: on motherboard pci0: on pcib0 pci0: at 14.0 isab0: at device 15.0 on pci0 isa0: on isab0 atapci0: port 0x8b0-0x8bf at device 15.1 on pci0 ata0: at 0x1f0 irq 14 on atapci0 ata1: at 0x170 irq 15 on atapci0 pci0: at 15.2 irq 11 pcib1: on motherboard IOAPIC #1 intpin 15 -> irq 2 IOAPIC #1 intpin 0 -> irq 5 pci1: on pcib1 pcib2: at device 2.0 on pci1 IOAPIC #1 intpin 14 -> irq 10 pci2: on pcib2 pci2: (vendor=0x9005, dev=0x00c5) at 4.0 irq 2 ahc0: port 0xd800-0xd8ff mem 0xf7ffe000-0xf7ffefff irq 10 at device 4.1 on pci2 aic7899: Ultra160 Wide Channel B, SCSI Id=7, 32/255 SCBs aac0: mem 0xf0000000-0xf3ffffff irq 2 at device 2.1 on pci1 aac0: i960RX 100MHz, 54MB cache memory, no battery support aac0: Kernel 2.1-3, Build 2951, S/N 4c20d0 fxp0: port 0xccc0-0xccff mem 0xf9000000-0xf90fffff,0xf9100000-0xf9100fff irq 5 at device 8.0 on pci1 fxp0: Ethernet address 00:b0:d0:49:46:31 inphy0: on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto orm0: