From owner-freebsd-arch@freebsd.org Wed Aug 1 10:45:57 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 114F51051FE8; Wed, 1 Aug 2018 10:45:57 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (mail.metricspace.net [IPv6:2001:470:1f11:617::107]) by mx1.freebsd.org (Postfix) with ESMTP id 7665E8D4E1; Wed, 1 Aug 2018 10:45:56 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [172.16.0.23] (unknown [172.16.0.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id 19C6F5CC4; Wed, 1 Aug 2018 10:45:50 +0000 (UTC) To: "freebsd-hackers@freebsd.org" , "freebsd-security@freebsd.org security" , "freebsd-arch@freebsd.org" , freebsd-current From: Eric McCorkle Subject: Status of OpenSSL 1.1.1 Openpgp: preference=signencrypt Autocrypt: addr=eric@metricspace.net; prefer-encrypt=mutual; keydata= mDMEWue2FBYJKwYBBAHaRw8BAQdAP/qVPlXodV6pYO5b1Jw0eFyMhyDD7B5y5eFsciutEfS0 JEVyaWMgTWNDb3JrbGUgPGVyaWNAbWV0cmljc3BhY2UubmV0PoiWBBMWCAA+FiEEDxi/0rkj zd6Uc6cFCN/CKRbBwmwFAlrnthQCGwMFCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA CgkQCN/CKRbBwmyGKAD/XTSBOItCKcYCPTlsaS1aQYVEwWXXFgdjWE+WsNdZUS8A/AhYAbQZ kNZNimE2rQLoklkfTA74qF/V257NuQi4QDcLuDgEWue2FBIKKwYBBAGXVQEFAQEHQKpZVyCG ync/xqejm2C1HKGXLJTUu38RvnrR3UYECz9nAwEIB4h+BBgWCAAmFiEEDxi/0rkjzd6Uc6cF CN/CKRbBwmwFAlrnthQCGwwFCQHhM4AACgkQCN/CKRbBwmyi2wEAmvaGt8QMjGELzm27gP4c jJGUi7oigsLmTiFPkpJqPz0A+QFBSCvxJaxCMyoVru/xB6bunpJ+Wtsj8HD1EuJOn4EJ Message-ID: Date: Wed, 1 Aug 2018 06:45:46 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="uvRxCuPiU4O8rLJUO8gnVepNcNGAYCG8B" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Aug 2018 10:45:57 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --uvRxCuPiU4O8rLJUO8gnVepNcNGAYCG8B Content-Type: multipart/mixed; boundary="5PqJ62IpHtYhdL4HEu7BZ3qbdy4AlIwSY"; protected-headers="v1" From: Eric McCorkle To: "freebsd-hackers@freebsd.org" , "freebsd-security@freebsd.org security" , "freebsd-arch@freebsd.org" , freebsd-current Message-ID: Subject: Status of OpenSSL 1.1.1 --5PqJ62IpHtYhdL4HEu7BZ3qbdy4AlIwSY Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Hi folks, I'm wondering what's the status of OpenSSL 1.1.1 integration into base? More specifically, is there a repo or a branch that's started the integration? I'm aware of the wiki page and the list of port build issues, but that seems to be based on replacing the base OpenSSL with a port build (similar to the way one replaces it with LibreSSL). I have some work I'd like to do that's gating on sorting out the kernel/loader crypto situation, and I'd very much like to see OpenSSL 1.1.1 get merged, so I can start to look into doing that. Incidentally, if there's something I can do to help out with integrating 1.1.1 into base, I'd potentially be interested. --5PqJ62IpHtYhdL4HEu7BZ3qbdy4AlIwSY-- --uvRxCuPiU4O8rLJUO8gnVepNcNGAYCG8B Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQQPGL/SuSPN3pRzpwUI38IpFsHCbAUCW2GPWgAKCRAI38IpFsHC bJePAQCmuLjTR2PAwzbA+l16EUlF5M109QDnv/UGFSBQp0RSngD/fN4NHt3Vfmq3 /dlzLN2yDCJasSCThgN25NbUisHRjQI= =RdGb -----END PGP SIGNATURE----- --uvRxCuPiU4O8rLJUO8gnVepNcNGAYCG8B-- From owner-freebsd-arch@freebsd.org Wed Aug 1 13:02:59 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D43F7105B955 for ; Wed, 1 Aug 2018 13:02:58 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-io0-x232.google.com (mail-io0-x232.google.com [IPv6:2607:f8b0:4001:c06::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6565F72EBB for ; Wed, 1 Aug 2018 13:02:58 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-io0-x232.google.com with SMTP id z19-v6so15965547ioh.4 for ; Wed, 01 Aug 2018 06:02:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=9iFYQcW5bmYSYAKQpPKP2DdPY4RdHvnvxYD2jmtwvjQ=; b=iyxCR24fC4dqI/L954Zn7ydCbmXmQPWvyEqGSkU2iA1UvVmSLAgAnhguZdSynfF0Hq WnivKz3YwNTX4+eiGKzB85hR/dKcOh4WTlqoFhZzxJjA6RZfH2bcqlmxPV+vav6tfT9a NDWWepXvfKN80sApvLfnZ+tuy0+Q8zS4k1mSlzv0mNVoxrrwnLXhgWPzEr1xbdEGfTbv 1GtDqVC8yoB80lwOxr9H8Ceg5NMsz7IRF/y426zU7i/I8TBNcdoxj0j00btdPrN+paNM b3RARY5wgPgyJGZ2pIsUjoffNQ7RI5DtZUTBLSjohLtrFvyaewH55uwLl9GARo94Rn78 DpRA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=9iFYQcW5bmYSYAKQpPKP2DdPY4RdHvnvxYD2jmtwvjQ=; b=LEABEsbcCy5dXpdxSaLgBXeatb18OqJQyeOPXTmqFoiNlf8VrkesOECqQUBDf/ZNVL iNGLspoORg2fJxpEM1hLuXmv+nE5zpX5W9MPkNtcrwHt762GU4uNF3hIJvOiASWx1GOf aN8ZOocZ4RXd8v+LXk6pKfVS5oK3ClOCVOFdIpuaSlAyzYr6HJxSN/qH51JcQhZOY01i mRH19LVAoGpWp9w3ht3M2Qk1Yn+TorfnN6JWNiMrAXdUIR0b/Q40iwoDYRh3+XPdmpNq kRjUzmGgbZ4zZJQteCoAh/idi7H9D6bj6pby0FYuhclGMLEXAmkclr7OjrKWe9n2XPQR bnfw== X-Gm-Message-State: AOUpUlEwZwJLabKpLIxDCyN2NgmHBOlpt5UWWHzGjIC0eoYkHJuRRosy r+FCm6Vbq2vC+jWKjOLsT9OJecPQ3LnpQNuSZSgDkg== X-Google-Smtp-Source: AAOMgpeua2uji37665Jo3KSqhx78c+24h3sP4o9fScVTtTBwXOSp64OteB/mdos3JzjKyjEX3Pu6HBriOS55QEWwyyQ= X-Received: by 2002:a6b:3902:: with SMTP id g2-v6mr3217918ioa.168.1533128577684; Wed, 01 Aug 2018 06:02:57 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Warner Losh Date: Wed, 1 Aug 2018 14:02:46 +0100 Message-ID: Subject: Re: Status of OpenSSL 1.1.1 To: Eric McCorkle Cc: FreeBSD Hackers , freebsd-security , "freebsd-arch@freebsd.org" , freebsd-current Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Aug 2018 13:02:59 -0000 On Wed, Aug 1, 2018, 12:31 PM Eric McCorkle wrote: > Hi folks, > > I'm wondering what's the status of OpenSSL 1.1.1 integration into base? > More specifically, is there a repo or a branch that's started the > integration? I'm aware of the wiki page and the list of port build > issues, but that seems to be based on replacing the base OpenSSL with a > port build (similar to the way one replaces it with LibreSSL). > > I have some work I'd like to do that's gating on sorting out the > kernel/loader crypto situation, and I'd very much like to see OpenSSL > 1.1.1 get merged, so I can start to look into doing that. > There are patches to use bear SSL for the loader. OpenSSL is simply too large to use due to limits the loader operates under. Warner Incidentally, if there's something I can do to help out with integrating > 1.1.1 into base, I'd potentially be interested. > > From owner-freebsd-arch@freebsd.org Wed Aug 1 14:05:34 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 60F1C105D3E4; Wed, 1 Aug 2018 14:05:34 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (static-98-116-200-172.nycmny.fios.verizon.net [98.116.200.172]) by mx1.freebsd.org (Postfix) with ESMTP id 0773B754A8; Wed, 1 Aug 2018 14:05:33 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [192.168.43.57] (mobile-107-107-59-242.mycingular.net [107.107.59.242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id 7B9BF5D4F; Wed, 1 Aug 2018 14:05:32 +0000 (UTC) Subject: Re: Status of OpenSSL 1.1.1 To: Warner Losh Cc: FreeBSD Hackers , freebsd-security , "freebsd-arch@freebsd.org" , freebsd-current References: From: Eric McCorkle Openpgp: preference=signencrypt Autocrypt: addr=eric@metricspace.net; prefer-encrypt=mutual; keydata= mDMEWue2FBYJKwYBBAHaRw8BAQdAP/qVPlXodV6pYO5b1Jw0eFyMhyDD7B5y5eFsciutEfS0 JEVyaWMgTWNDb3JrbGUgPGVyaWNAbWV0cmljc3BhY2UubmV0PoiWBBMWCAA+FiEEDxi/0rkj zd6Uc6cFCN/CKRbBwmwFAlrnthQCGwMFCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA CgkQCN/CKRbBwmyGKAD/XTSBOItCKcYCPTlsaS1aQYVEwWXXFgdjWE+WsNdZUS8A/AhYAbQZ kNZNimE2rQLoklkfTA74qF/V257NuQi4QDcLuDgEWue2FBIKKwYBBAGXVQEFAQEHQKpZVyCG ync/xqejm2C1HKGXLJTUu38RvnrR3UYECz9nAwEIB4h+BBgWCAAmFiEEDxi/0rkjzd6Uc6cF CN/CKRbBwmwFAlrnthQCGwwFCQHhM4AACgkQCN/CKRbBwmyi2wEAmvaGt8QMjGELzm27gP4c jJGUi7oigsLmTiFPkpJqPz0A+QFBSCvxJaxCMyoVru/xB6bunpJ+Wtsj8HD1EuJOn4EJ Message-ID: Date: Wed, 1 Aug 2018 10:05:28 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="JA5mbHlyqvhScI7wZ6R8M1XpZcozqnJpS" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Aug 2018 14:05:34 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --JA5mbHlyqvhScI7wZ6R8M1XpZcozqnJpS Content-Type: multipart/mixed; boundary="MkkRTdgKDiexhqqCfM3q3sy204CtZoNlA"; protected-headers="v1" From: Eric McCorkle To: Warner Losh Cc: FreeBSD Hackers , freebsd-security , "freebsd-arch@freebsd.org" , freebsd-current Message-ID: Subject: Re: Status of OpenSSL 1.1.1 References: In-Reply-To: --MkkRTdgKDiexhqqCfM3q3sy204CtZoNlA Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 08/01/2018 09:02, Warner Losh wrote: >=20 >=20 > On Wed, Aug 1, 2018, 12:31 PM Eric McCorkle > wrote: >=20 > Hi folks, >=20 > I'm wondering what's the status of OpenSSL 1.1.1 integration into b= ase? > More specifically, is there a repo or a branch that's started the > integration?=C2=A0 I'm aware of the wiki page and the list of port = build > issues, but that seems to be based on replacing the base OpenSSL wi= th a > port build (similar to the way one replaces it with LibreSSL). >=20 > I have some work I'd like to do that's gating on sorting out the > kernel/loader crypto situation, and I'd very much like to see OpenS= SL > 1.1.1 get merged, so I can start to look into doing that. >=20 >=20 > There are patches to use bear SSL for the loader. OpenSSL is simply too= > large to use due to limits the loader operates under. I was going to look into the feasibility of doing something like what LibreSSL does with portable, where they extract a subset of the full library designed to be embedded in the kernel, loader, etc. I think it ought to be possible to do something like that, but it really ought to be done in a tree with 1.1.1 integrated. --MkkRTdgKDiexhqqCfM3q3sy204CtZoNlA-- --JA5mbHlyqvhScI7wZ6R8M1XpZcozqnJpS Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQQPGL/SuSPN3pRzpwUI38IpFsHCbAUCW2G+KAAKCRAI38IpFsHC bGLuAPwJYpPYYEmpGeu6HQnVaM9iakWHN8vM2OAGNoySUSn01QD/UfTooHun+QlI wvSpvUvJ1rCt+H5m6Ho6w49tHObnUgs= =jIbP -----END PGP SIGNATURE----- --JA5mbHlyqvhScI7wZ6R8M1XpZcozqnJpS-- From owner-freebsd-arch@freebsd.org Wed Aug 1 23:54:15 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1A8C4106CC47; Wed, 1 Aug 2018 23:54:15 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A42948E061; Wed, 1 Aug 2018 23:54:11 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 195A821E09; Wed, 1 Aug 2018 19:54:11 -0400 (EDT) Received: from web4 ([10.202.2.214]) by compute5.internal (MEProxy); Wed, 01 Aug 2018 19:54:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:message-id:mime-version:subject:to:x-me-sender :x-me-sender:x-sasl-enc; s=fm3; bh=4pyUT+QCtMtcmSuw+ZgKpIxq/7SMr 60pB4F0t58SXzQ=; b=YOKuqm2Z7BPl1pNzUIBCwvyizkmEH6Pq2MPjykfMOvFv4 2cPNlesx7LLB5ssWFCgi4hyt2aw8sn5r+E1JtlSk91iga2v0gNsOkBME+NWLJ+c9 LZz6yV1A9jO3tBAZF7wc87vYvkUf83NE7jdSXMQ9VwsfxZ9yYtwTwEHB2CWHd2Yr LLkeyz/hDYa9CHO5ZOUjnur+mCkdJ3Bt5RDoT57b48/aIvf4l6Ic0w+r5Z1d4ch0 d14+vntPMEJY61Wsxzj4hd0mDRrnPYue/4jpxOBYhuUpyGAVOQRLB+mvApP3joCv m/WX0wD/LpKchVibwW1NiBonIMYK8JW927RgRw17Q== X-ME-Proxy: X-ME-Sender: Received: by mailuser.nyi.internal (Postfix, from userid 99) id 9E4A4BA4CF; Wed, 1 Aug 2018 19:54:10 -0400 (EDT) Message-Id: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> From: Brad Davis To: freebsd-arch@FreeBSD.org, freebsd-pkgbase@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" X-Mailer: MessagingEngine.com Webmail Interface - ajax-2be8cd1b Date: Wed, 01 Aug 2018 17:54:10 -0600 Subject: pkgbase: Move of head/etc/ files X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Aug 2018 23:54:15 -0000 Hello, I want to give some information on what is happening to files in head/etc/ and open a discussion. I am trying to move all config files out of head/etc/ and place them with the source files for the particular use. For example, some of these are obvious moves like moving say portsnap.conf to usr.sbin/portsnap/portsnap.conf. The review for this move shows exactly what would happen here: https://reviews.freebsd.org/D16554. For these cases, there are some easy benefits, like: 1) Keeping all files as part of a program together, which makes maintenance for maintainers a little easier. 2) Simplicity, we do not need all the .if ${MK_FOO} lines in etc/Makefile because that is handled a level above the programs Makefile and so one CONFS= line is all that is needed. 3) Easier to avoid bugs where we install things that should not be installed. Like for apmd, we installed apmd.conf on all archs even though it only works on i386. i.e. we don't have to keep knobs in sync in multiple locations. Some of the more complicated things to move like etc/shells and the init scripts. I picked the location of etc/shells based on it being used by getusershell(3) in libc, so it ended up in lib/libc/gen/shells. The move of the init scripts was based on a few things, including the reasons above, but additionally: 1) Isolating a subcomponent, for example work is happening to bring in OpenRC, so we will have multiple init systems with different types of scripts, so moving them away from head/etc/ keeps them isolated. This work was driven by needing to tag these files as config files in the METALOG so that pkg knows what is a config file so that pkg can 3-way merge them. More info on pkgbase: https://wiki.freebsd.org/PkgBase Regards, Brad Davis From owner-freebsd-arch@freebsd.org Thu Aug 2 00:11:20 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7B0D1106D5F8; Thu, 2 Aug 2018 00:11:20 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from mx0b-00273201.pphosted.com (mx0b-00273201.pphosted.com [67.231.152.164]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.pphosted.com", Issuer "thawte SHA256 SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D7AF68E7FC; Thu, 2 Aug 2018 00:11:16 +0000 (UTC) (envelope-from sjg@juniper.net) Received: from pps.filterd (m0108160.ppops.net [127.0.0.1]) by mx0b-00273201.pphosted.com (8.16.0.22/8.16.0.22) with SMTP id w7209aQn016526; Wed, 1 Aug 2018 17:11:15 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=juniper.net; h=to : cc : subject : in-reply-to : references : from : mime-version : content-type : content-id : date : message-id; s=PPS1017; bh=qGwj3Z9KtEiYdjCtov6uSY6al7CCcPpWuMutuBvcvkY=; b=CVtFtiw/NZVIPDKe+1AczBbvZDFFxOsIIfXu5voD1k01M+s8gLPYws8uRPwols4QiubA 8svMI6VmAEoqsHh5J7DCRIFpx82EI4qNrbwaQBp491Jk8U+1Etq5M4GPumZ6SGS9SeU4 GsPT0a5wQ+7IzoTV4Y3ron/0a8wBhchXynpApODu5ff+6H5Re7YzyRFwAUi7zf7WGLK8 ZbHZX+9teePjbDwvjKe4QwW+hCv+dqFE65s9NoDOB3OOePWgiZUs3w9xUe+Hv/lmHY9h dkeATb7aj6PZRRO2PdhT140EM48CtnxTjna8MKC/xwzWQUck7UBF7Dym89F4O5v3j3Za vA== Received: from nam04-sn1-obe.outbound.protection.outlook.com (mail-sn1nam04lp0079.outbound.protection.outlook.com [216.32.180.79]) by mx0b-00273201.pphosted.com with ESMTP id 2kk9r61je3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Wed, 01 Aug 2018 17:11:15 -0700 Received: from SN4PR0501CA0016.namprd05.prod.outlook.com (2603:10b6:803:40::29) by BY2PR05MB2309.namprd05.prod.outlook.com (2a01:111:e400:c50a::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1017.8; Thu, 2 Aug 2018 00:11:13 +0000 Received: from CO1NAM05FT015.eop-nam05.prod.protection.outlook.com (2a01:111:f400:7e50::209) by SN4PR0501CA0016.outlook.office365.com (2603:10b6:803:40::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.1017.8 via Frontend Transport; Thu, 2 Aug 2018 00:11:13 +0000 Received-SPF: SoftFail (protection.outlook.com: domain of transitioning juniper.net discourages use of 66.129.242.12 as permitted sender) Received: from P-EXFEND-EQX-01.jnpr.net (66.129.242.12) by CO1NAM05FT015.mail.protection.outlook.com (10.152.96.122) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.1038.3 via Frontend Transport; Thu, 2 Aug 2018 00:11:12 +0000 Received: from P-EXFEND-EQX-01.jnpr.net (10.104.8.54) by P-EXFEND-EQX-01.jnpr.net (10.104.8.54) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 1 Aug 2018 17:11:12 -0700 Received: from p-emfe01a-sac.jnpr.net (172.24.192.34) by P-EXFEND-EQX-01.jnpr.net (10.104.8.54) with Microsoft SMTP Server (TLS) id 15.0.1367.3 via Frontend Transport; Wed, 1 Aug 2018 17:11:12 -0700 Received: from p-mailhub01.juniper.net (10.47.226.20) by p-emfe01a-sac.jnpr.net (172.24.192.21) with Microsoft SMTP Server (TLS) id 14.3.123.3; Wed, 1 Aug 2018 17:11:11 -0700 Received: from kaos.jnpr.net (kaos.jnpr.net [172.23.50.162]) by p-mailhub01.juniper.net (8.14.4/8.11.3) with ESMTP id w720BBd4023261; Wed, 1 Aug 2018 17:11:11 -0700 (envelope-from sjg@juniper.net) Received: by kaos.jnpr.net (Postfix, from userid 1377) id 51CB212D36; Wed, 1 Aug 2018 17:11:11 -0700 (PDT) Received: from kaos.jnpr.net (localhost [127.0.0.1]) by kaos.jnpr.net (Postfix) with ESMTP id 5056112D35; Wed, 1 Aug 2018 17:11:11 -0700 (PDT) To: Brad Davis CC: , , Subject: Re: pkgbase: Move of head/etc/ files In-Reply-To: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> References: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> Comments: In-reply-to: Brad Davis message dated "Wed, 01 Aug 2018 17:54:10 -0600." From: "Simon J. Gerraty" X-Mailer: MH-E 8.6+git; nmh 1.7.1; GNU Emacs 26.1 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <57873.1533168671.1@kaos.jnpr.net> Date: Wed, 1 Aug 2018 17:11:11 -0700 Message-ID: <61952.1533168671@kaos.jnpr.net> X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-HT: Tenant X-Forefront-Antispam-Report: CIP:66.129.242.12; IPV:CAL; SCL:-1; CTRY:US; EFV:NLI; SFV:NSPM; SFS:(10019020)(346002)(39860400002)(376002)(136003)(396003)(2980300002)(189003)(199004)(81156014)(305945005)(6916009)(97876018)(26826003)(76176011)(7696005)(8936002)(97736004)(23726003)(356003)(50466002)(86362001)(486006)(2810700001)(126002)(5660300001)(8676002)(54906003)(316002)(2906002)(7126003)(478600001)(81166006)(16586007)(476003)(450100002)(53416004)(50226002)(76506005)(97756001)(4326008)(6266002)(106466001)(107886003)(105596002)(53936002)(6246003)(9686003)(11346002)(446003)(90966002)(229853002)(77096007)(47776003)(336012)(117636001)(186003)(26005)(46406003)(55016002)(69596002)(68736007)(42262002); DIR:OUT; SFP:1102; SCL:1; SRVR:BY2PR05MB2309; H:P-EXFEND-EQX-01.jnpr.net; FPR:; SPF:SoftFail; LANG:en; PTR:InfoDomainNonexistent; MX:1; A:1; X-Microsoft-Exchange-Diagnostics: 1; CO1NAM05FT015; 1:j7L19pZKqi7cw1iDt2ipIfX93VTmZxxDvIqr1msT3uDu/nPSktN65BpX4kuxg3T8APB8YV7tWxnSoVNxSYv5d+Rfj1btpI0Z/8nYjdUVqNpClMM2wbmIy4/7YOwhc3+K X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: b818aa38-4b03-4a6a-f992-08d5f80c74fd X-Microsoft-Antispam: BCL:0; PCL:0; RULEID:(7020095)(4652040)(8989117)(5600074)(711020)(4534165)(4627221)(201703031133081)(201702281549075)(8990107)(2017052603328)(7153060); SRVR:BY2PR05MB2309; X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB2309; 3:L/3yBTM7XrF2JInUlFp9tY0GfKsYvi1jOYtiFxivEvKjgSPA9nDodu7UOorF4/BSqrSHwU+8BwhKL6SwmsYEhCK17j+WTqtahUE0cvmlzuGjkkg8LlaFjKh4Jqdc5Yz5tOJbeRshVT/iln0vyQ4WOjRZk/MrjAh+jee/GNl2O0yDNetAUgqmVjKikkl840qpOj5MkDWn6dJuYEKSacdSx/RLi7X8D3Yv+NVxV6AQRmtijtqfRtF/Sufki6b9qHfp7tIlpvWC2IR2GRB+GRzISOuT9uczLRk36LDR583wf23/JVV6T9ypCQUqOfsvQ6+MUV410nnp6NVJpQFqsZR3MRToBkgOW2JyjnOnuK0zXWA=; 25:JmSbfJnIkVpDAVK1rB0NKlf5DzCsyw78AJCuztTbe1UlFcWGiq0FuNNRdJ/fVmkRr15Jb8OMylOtv7HMx6mHZ8CvY2L6q9X2VkSbNO9KD2/8U3UvJV82/XhAYDrLE5niItWDwZxLHwjfiaVMuH57aL810Jaq3VRYzbGnPj7wCaZ87+pwirXneA5p1dKyX7HTIdc3p37VtxbyW+H5SK3bSMrHXooa0dkmaqY9rIZ1dPcw+7lCChMyhGy6FBncvs//1vu51kqIN0a636zVB9CqLmnWKxhdt3g/rXnedqO1fXq+5kg6dt6+oIUdoEoCsQax62TFTHlvyb7cofldC+bFMw== X-MS-TrafficTypeDiagnostic: BY2PR05MB2309: X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB2309; 31:UWHu/MYoKUp5a8iFKB9t8vITS93Yp467/gTq7CnpLl8005JqYmzJF88y58AL8fo8nCyFVFDaMkqVJpAGel7uRA7XG6OJIkQsCSA/IG9mi0Inic2509KZk9C9Ak+wgSbmyxuR0CTjWPQd+fu0G/lArg4djT9OemPo1CrlYFzQXL3qX2VYAyrwBE2gdPXmznUfPic40vEI4kcp/zwurCOcQhY6+t2b4C53A/oZREYJNxE=; 20:YCWcPE9ehK320SUr5gAEB9qqOWvY+pucP4vOPWVenITCUDD0W/IDE0Q1w6bY3doSHeCprh7bTS7Gtaf10svQOrIhB0bwqiQ8n615ExjqRV/3GnkS7wKt+eAkNbcz+5qUKfExutrjnJuUZte+pE36TBst1H3GfuTAvTlkxyhdJrr7XFOgfj31R58Yn8h2LeCyUhj9m5SfiMxGAqd3jFPPYbK5KZw3ENvcWOy5qJS6y+DHtUg8mhSMWuNEDTWUPcj1vLTL8Gy64tkqRsM6DqIEFff9yIu470SJMmFoIvjwYFZSH5OOpTOEypXuGEYCc952/jVDSQyEfcziEX/XIo1Eo1TYFXjN1K0l93GDatuZTJxGu1wDkXN0sSTVXO8Kc24vNB6zmJFvT7foUE2y7x3YOD9ZDT2UmQ2cGDgAO6O5b33w3jXzV474+3DG47KFKxOHIYFRNjBAvrBfT4MSwcy0MmthNl0XuB67DhlGgpM9oJO/nZO2loKBFu1bo+89A+P+ X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-MS-Exchange-SenderADCheck: 1 X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(93006095)(93003095)(10201501046)(3002001)(3231311)(944501410)(52105095)(6055026)(149027)(150027)(6041310)(20161123560045)(20161123562045)(20161123564045)(20161123558120)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(6072148)(201708071742011)(7699016); SRVR:BY2PR05MB2309; BCL:0; PCL:0; RULEID:; SRVR:BY2PR05MB2309; X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB2309; 4:pLmb5D4isqd8RylUS1t5wJ2ROpjfNBLTfMsMUU4uqA2OAYfykYTHGn8FgnsHxj4j/J0GQ923SQngkkDMGCbf+A+UQ1kblELjnT4Zc9S2L/9mcfrV13B2WWhvYiyfmWkfjbyDtnNJfEww/uWoMp+GeIv9DaMnEJjRYpe+qRFbA7cqvh3htmEjkVWwin68dP7+dGGbXrsTj+0HuaMLumb+P6NM1LR14YvN7OkTb0pdPQdoVYAThuS/wNBiJtcywwx7OdYD1R2TiA2jEgYkUIkcSQ== X-Forefront-PRVS: 07521929C1 X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; BY2PR05MB2309; 23:uIz+M1upyh/S2A8GOcx4YP/YsDjTKXfGvxIi9UGrh?= =?us-ascii?Q?ebJKZzEFA1ql0qYh3Y2H44emA5RUMCkhS2CVcFTAV/7jQfXjg/rkMzu0IblH?= =?us-ascii?Q?0VXJHchT4H59KeM3NyFbxZWV7o4UAsyR0XUyFF+lVCZq9/a1Xf/sYPHCIKlp?= =?us-ascii?Q?vtTjUN19qNpgDlj2aAAqDLpgr5b0wdZjkAzq2swgRnqNUYpavpqUQtnB/2FW?= =?us-ascii?Q?TA+VDsib58wqYWOYzeBlbhyy3MsQvLLobeF2v35CMHEZTOLL2Bs18IUgGw3E?= =?us-ascii?Q?ik5pXqWZs96kpOjdVeIBIDSNT6ZydqpCO3xoF6ZaTxIOOvXcqcTBza5TIGmS?= =?us-ascii?Q?WN/pK5/YBcKqXM8xwUakfWyvauE+CrDOwbE95R3y9wl9Sl95uEXHgB61Me9b?= =?us-ascii?Q?EgLeghX6L72c3TsctlXIUvKV9Lb80Epb82gM7L9kOtHJpdkRvcYAFK3DzcTK?= =?us-ascii?Q?BNfvSvMXUvHdXgSzQxDH4t4I1GJtKhjN5xeDAKH11jwbsKrcVFawevNfxdJT?= =?us-ascii?Q?hJZ1TGMSkW6p18RNP81bU0vPPNzhSMw4UWTQg7W0CWVw/aCNFgsU32orBBi7?= =?us-ascii?Q?TKB12d3adIA10E1b90ZgKrEPvC0LFgk1zsLqcZvPSn5D6VMr1j1hx/2/RgHP?= =?us-ascii?Q?x/qRcl7dOZaSCrFWCsJ1kAVP13DKNlIQo789ca7Gdxd1SuixO67UNePFZuoO?= =?us-ascii?Q?KvlyDVvJ4O0Vo0JFalsBQiicXa8E3Z3GVC132sojO8OgdM7XFoCpCkPRuZqa?= =?us-ascii?Q?PYB2Rpba2W4kTlhZfZWInD/AEjfFG/8XPUxvQ3SCppB2XfH91Y6S/TMnoq/z?= =?us-ascii?Q?Xmfhddl3ieYwMXfbNLThbMrgMGlARQAK4MpcmjQp46U8d8K/sGB62taS3t7t?= =?us-ascii?Q?eKye/dcg35DuoEhcVjRsbXCJ4pkiLYQH75MuNaPnBR2kFj0jbC6wnM4nkG2a?= =?us-ascii?Q?hNNJ8HBeK+1CsjyYlI/Bdl7h2hBn25fRtvH6MCglgPdBMcDRgYNJau/ALSkD?= =?us-ascii?Q?9VilaJZMqU1UV9SwhlDi79wV5L/m1b2Ud0jTKgTAViq5l9l2ocvENXfbrwW5?= =?us-ascii?Q?lJTDyh2W+HqZf+p2yR+iyy3g3SHse34XcpMXgGl0Mbq57Z5NNmdJI9u8QtuF?= =?us-ascii?Q?tlDp+zC/SfG/NVKa32T89XzKzCgRzmbSDhvSG12BQ26C1tK+4yiQJj+x7PSj?= =?us-ascii?Q?3TEk+pC1m2hNIst65CLUnp6G+VNTNnsXRQmFuDJcxGB5+IYP5nYiaztxm0kb?= =?us-ascii?Q?siV9uxVo/GkfA8akPWKd4QDKHocpVkMXBl+tZHmn4d6pMKOeZShtdwp6VAYS?= =?us-ascii?Q?efxPorqHz+0+5zpT2DWxdOY+qJQtt3OWz6XAkyZMSg9KSE/VGKrDyaz0EY0d?= =?us-ascii?Q?62rwdColmDhOBNQ1+WO9Zd1XC8=3D?= X-Microsoft-Antispam-Message-Info: NaHCpgUglKYk5HvScUytQrjJeM+MKyiNsLornCfiYcTQgRJNGAk0Z3cS6DJw03F1bsQEga8xOnPe+iNxn/q3oefTmb8iJqsBz0zLE+nritbQMdYBfJP8y8VQJbR7qLGJrLCvdLx0V5J40rxQbeLBPz8eSOTEn4J5O27l/16unX7qzWHE1Zm6OWUSE9lalMgj1kZr4vH1U2wjV2szffYCwuwSolYDbk3kOhsi0Psz5CrO43/sTZoBFRaw4r8uL2UsTk1z5l/6HzEO/T+NcjiMD3PKibK2Fs/6z922gK8QTi8YQ3VkJHUui9YCH0kiJft2D4nAqxrJkW7WCjcIyTiOBJHPdBUcnDm+fucDQ9+stwYdo/rTw3WKJ8eByVEdLj+TNDyU7UMncjT7x6BEmqNSAg== X-Microsoft-Exchange-Diagnostics: 1; BY2PR05MB2309; 6:Kvj346o7tOs8vYcgqRkZ0FwnlAqnOkJCG1w1cpbzoNjcTueQso1pQR461snQ2MFjsoMHxm6SClP92K3q3w3UZALvF1CSY0AwNQ7YM5i2kqwQFJzjWsY/s0m2Yf3LdIeU0jDR5PyzUFQ2Er549Y2XmNV979nbplOEvhKLmJGezvnInfwyTsBvMYZCgR131Ynm/Bf93hhkg+Hxy6p1nJvLrfg6ySSt7l4XaEBHrEoSjfGzvkb2F+/1I4tBTQNV3vzMtcIlYlrjekSTU26erUQhccdH70M0QMIeVTQHFQtYFFDMhVYwrRa4Iwx5OOZ7RNa5xiz28NsrJpPEO9LC+SLL6eXqlpIuCCpHN92yQknL6T52Hd8AJ51LlUJp17lU7zBssNGk3poEl90kCkTjSIFaHQJGSSy3D9Mu1ps/tFLWEnKera+jGHYqs+4Ek7PuuP+vn779N20QX5N3Z7/R8kOdqA==; 5:McrKcXP7Avf6dvhm2xFX0/p46CNnpiZtrv3+QkTH8l4e7j8dpGSekcP8XiPa7f4fmpI07iMj9VJFJ8NplMM9E2X1gnJktQoEECou4Jkee16p52WvpxoFk3bHnW4tQiWgs1aTAQeT2LjlJKH1awDKuNX9W8zXqm0ULFyWtSDe3vA=; 7:GvcMZoxYqCVzSTJwGM0w0Wy7zwed9iRas60mQcYaqVvmrE6LIfuY/vTNuGiM8unrLOolEy+4SWR1OR0A2KAoov+oZ8jhzAfgJxyloj/+ZWyQls+a52pgmVaSpA0q9nsIWqigRQ9CsADvKeppkASFeiBB5zR47vkFx+6k0OJCg3G/tw8/BkGk/9/S+xv1VthxwfQh3RYOKFfqlfedeW5UnO9D7/eWBGULNRyUoL28IarxuHrt5HvPARTJiTKe5Z5H SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: juniper.net X-MS-Exchange-CrossTenant-OriginalArrivalTime: 02 Aug 2018 00:11:12.7171 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: b818aa38-4b03-4a6a-f992-08d5f80c74fd X-MS-Exchange-CrossTenant-Id: bea78b3c-4cdb-4130-854a-1d193232e5f4 X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=bea78b3c-4cdb-4130-854a-1d193232e5f4; Ip=[66.129.242.12]; Helo=[P-EXFEND-EQX-01.jnpr.net] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY2PR05MB2309 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-08-01_09:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_spam_notspam policy=outbound_spam score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=815 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1806210000 definitions=main-1808020001 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Aug 2018 00:11:20 -0000 Brad Davis wrote: > I am trying to move all config files out of head/etc/ and place them > with the source files for the particular use. For example, some of > these are obvious moves like moving say portsnap.conf to > usr.sbin/portsnap/portsnap.conf. The review for this move shows In the case of foo.conf for foo, this is a reasonable approach. There are however many files in etc/ that do not fit that model. IMO one of the nice things about the BSD src tree, is that the location of a file in the src tree can generally be inferred from its installed location on the system. This property should not be lost without substantial countervailing benefit. From owner-freebsd-arch@freebsd.org Thu Aug 2 00:30:12 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 77F1D106DC7D; Thu, 2 Aug 2018 00:30:12 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 29AA38F0C1; Thu, 2 Aug 2018 00:30:12 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id B7FAB2144B; Wed, 1 Aug 2018 20:30:11 -0400 (EDT) Received: from web4 ([10.202.2.214]) by compute5.internal (MEProxy); Wed, 01 Aug 2018 20:30:11 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=lLcZN+ FKa89nd861D2uVM/odRyc4tPX3hLfY5eg+CRE=; b=YqyXHlsyWrMANZLH0V2xsn 00Qq+xw22VC62Js4qezH41VULCWDFymThHmXc29yAmTxU8Cz05xI6Hye+P/U3+ZU lQWGZdDPrqW7MXyY1mdK/Fm33f390SYtOJwctOZJPQDqdigqo1H+q0tawrFPljQW 4E6vq+jKKRYMJnJ69yg4gg5Q1CAAlFnqveoiaJ9fyIQsMWYZv74ABXdBndSZto59 4p52748nm6sEv4eldrMi7saZ/Wn7Z/XOceeyze2PeH4q74SLe4QFFrpBjcNhOjAd 6PZXLgy6fHFO5yMRNddcQfV9IPEAtMNO0GRQZpo/SQxN5mOSPmLIobkOquOv1pHA == X-ME-Proxy: X-ME-Sender: Received: by mailuser.nyi.internal (Postfix, from userid 99) id 41AD9BA4CF; Wed, 1 Aug 2018 20:30:11 -0400 (EDT) Message-Id: <1533169811.2574803.1460590864.5015724C@webmail.messagingengine.com> From: Brad Davis To: "Simon J. Gerraty" Cc: freebsd-arch@FreeBSD.org, freebsd-pkgbase@FreeBSD.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" X-Mailer: MessagingEngine.com Webmail Interface - ajax-2be8cd1b In-Reply-To: <61952.1533168671@kaos.jnpr.net> Date: Wed, 01 Aug 2018 18:30:11 -0600 References: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> <61952.1533168671@kaos.jnpr.net> Subject: Re: pkgbase: Move of head/etc/ files X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Aug 2018 00:30:12 -0000 On Wed, Aug 1, 2018, at 6:11 PM, Simon J. Gerraty wrote: > Brad Davis wrote: > > > I am trying to move all config files out of head/etc/ and place them > > with the source files for the particular use. For example, some of > > these are obvious moves like moving say portsnap.conf to > > usr.sbin/portsnap/portsnap.conf. The review for this move shows > > In the case of foo.conf for foo, this is a reasonable approach. > > There are however many files in etc/ that do not fit that model. > > IMO one of the nice things about the BSD src tree, is that the location > of a file in the src tree can generally be inferred from its installed > location on the system. > This property should not be lost without substantial countervailing > benefit. Hi Simon, I generally agree with you, but I think where to draw that line is different based on who is looking at it at the moment. Lots, not all, but lots, of our config files have the $FreeBSD$ line that shows the path of where the file came from in the source tree, so that helps some. Using /etc/shells as an example, the first line is: # $FreeBSD: head/lib/libc/gen/shells 336840 2018-07-28 20:21:23Z brd $ Regards, Brad Davis From owner-freebsd-arch@freebsd.org Thu Aug 2 23:45:41 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2551F1054D29; Thu, 2 Aug 2018 23:45:41 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from dmz-mailsec-scanner-5.mit.edu (dmz-mailsec-scanner-5.mit.edu [18.7.68.34]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 53D9F8421B; Thu, 2 Aug 2018 23:45:40 +0000 (UTC) (envelope-from kaduk@mit.edu) X-AuditID: 12074422-887ff7000000681f-63-5b63979bc4e7 Received: from mailhub-auth-2.mit.edu ( [18.7.62.36]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-5.mit.edu (Symantec Messaging Gateway) with SMTP id 4A.FF.26655.C97936B5; Thu, 2 Aug 2018 19:45:32 -0400 (EDT) Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-2.mit.edu (8.13.8/8.9.2) with ESMTP id w72NjQE6006707; Thu, 2 Aug 2018 19:45:27 -0400 Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w72NjJkH013976 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 2 Aug 2018 19:45:22 -0400 Date: Thu, 2 Aug 2018 18:45:19 -0500 From: Benjamin Kaduk To: Eric McCorkle Cc: Warner Losh , FreeBSD Hackers , "freebsd-arch@freebsd.org" , freebsd-current , freebsd-security Subject: Re: Status of OpenSSL 1.1.1 Message-ID: <20180802234519.GD68224@kduck.kaduk.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.9.1 (2017-09-22) X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrOKsWRmVeSWpSXmKPExsUixG6nojtnenK0wd3zxhbfpv9lsZg9fRqT xZw3H5gstm/+x2jRs+kJm8XTrcsZHdg8Puz+yuox49N8Fo97OyYwBTBHcdmkpOZklqUW6dsl cGW8vLyOueASd8WBD6/YGhifcnQxcnJICJhI7F+4gamLkYtDSGAxk8SypiPMEM4GRomdjXOh MleYJD5sPsAO0sIioCLx49NBVhCbDchu6L4M1MHBISKgITF/tyBIPbNAF5PEr0lnWUBqhIFq ui/dB6vhBVp3cHY5xMxDjBL7N/eA1fAKCEqcnPkEzGYW0JHYufUOG0g9s4C0xPJ/HBBheYnm rbPBxnAKOEtM+uMDEhYVUJbY23eIfQKj4Cwkg2YhGTQLYdAsJIMWMLKsYpRNya3SzU3MzClO TdYtTk7My0st0jXVy80s0UtNKd3ECI4DF6UdjBP/eR1iFOBgVOLh1dBIjhZiTSwrrsw9xCjJ waQkystfDhTiS8pPqcxILM6ILyrNSS0Geo+DWUmE920nUI43JbGyKrUoHyYlzcGiJM57vyY8 WkggPbEkNTs1tSC1CCYrw8GhJMG7cRpQo2BRanpqRVpmTglCmomDE2Q4D9BwFZAa3uKCxNzi zHSI/ClGXY4/76dOYhZiycvPS5US5xUCKRIAKcoozYObA0pfEtn7a14xigO9Jcw7DaSKB5j6 4Ca9AlrCBLQk2zERZElJIkJKqoExo2f2n3aLPr2M1OT57Lez/KVzyjUd35uV/b75wlLp3TGt uKQA82sNTP/uv1r+7Mss5ap1dTcjthhHBzo/rth1emmdBnNrzr0+x+nx7+WL1XYUbipimPQr rTU838O3dlE//6QJr4WWvThrk1nl0lN0xHGt3YMpn5hdclg7Lu1aLRd+/NYqzT4lluKMREMt 5qLiRABbGPrYOgMAAA== X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Aug 2018 23:45:41 -0000 On Wed, Aug 01, 2018 at 10:05:28AM -0400, Eric McCorkle wrote: > On 08/01/2018 09:02, Warner Losh wrote: > > > > > > On Wed, Aug 1, 2018, 12:31 PM Eric McCorkle > > wrote: > > > > Hi folks, > > > > I'm wondering what's the status of OpenSSL 1.1.1 integration into base? > > More specifically, is there a repo or a branch that's started the > > integration?  I'm aware of the wiki page and the list of port build > > issues, but that seems to be based on replacing the base OpenSSL with a > > port build (similar to the way one replaces it with LibreSSL). > > > > I have some work I'd like to do that's gating on sorting out the > > kernel/loader crypto situation, and I'd very much like to see OpenSSL > > 1.1.1 get merged, so I can start to look into doing that. > > > > > > There are patches to use bear SSL for the loader. OpenSSL is simply too > > large to use due to limits the loader operates under. > > I was going to look into the feasibility of doing something like what > LibreSSL does with portable, where they extract a subset of the full > library designed to be embedded in the kernel, loader, etc. > > I think it ought to be possible to do something like that, but it really > ought to be done in a tree with 1.1.1 integrated. > It wouldn't be terribly easy or effective, IMO. OpenSSL wasn't designed with such modularity in mind. -Ben From owner-freebsd-arch@freebsd.org Fri Aug 3 08:44:11 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6AC1710623FE for ; Fri, 3 Aug 2018 08:44:11 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-io0-x22b.google.com (mail-io0-x22b.google.com [IPv6:2607:f8b0:4001:c06::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8B8737719B for ; Fri, 3 Aug 2018 08:44:10 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-io0-x22b.google.com with SMTP id r15-v6so4381790ioa.3 for ; Fri, 03 Aug 2018 01:44:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=BAiAO4BN65wamN90CtGrC3g8xn03btAGQa9snL4okZQ=; b=AgMTGXLK+Jm7fyXoAok+LfpFrN9+zmvWAB8v6GV1RWkMUIfzUd4+da10WpE+aPBBgu zbsUXqKSs/e3aDV1giQLrA7ElR+OFj8z2087t1FF9Eaol0cYIeDW509p2cAuVP3EZ2mN 8arVoYI9ax8IB78J4rSQebSB2plZOVvrOZZAoPxSjMtuZb/OBzEUnjfPkL1ucAge4R1O wNEy9mapC8fyfnonYrcDEb0GdFnfY1KU/YkoQc4a5IDHYhDcx64AFF/aDg0B6SsNy4dw 1BSDXVc8p8JhB0LA9tjvWFI+kQ4Oad6MaXpQV75Qy6gqq6xpSRS8c/xM/5zuwYJBu9sg XJwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=BAiAO4BN65wamN90CtGrC3g8xn03btAGQa9snL4okZQ=; b=e+M+eKgqqYGfBD73jTaI0v9bXEKAcDucmiPyPEpv9VGHxNu7s/N2KONUm4Sj3e1f6Q lX1mKHG1RM0+dXI5H8fEn9VIXUS1k/WjCwT2M0B985awvHQoOjhLAnpHz2JwVOuXRQW4 6PkRUKnscP2P08ugaPk3yCq3iPCOa6HEhkO4MYZnbgi8QAhzfYEaOrOSvkqViMAAuF5M 8SyQDFwan+JSQ51/eHqZZ1v77wklaHgGNll9yyk2gQ1+tv+9dCyOgZ2CPycgurLStis7 blgegYiJHF7fr6/MksjpAac6focN6vA8uE9x7QT7IfK6psWJ71ZHA47ijQPCySWf4Fxb aFbw== X-Gm-Message-State: AOUpUlH4XwVrm3alKQ/VRXXnCwGoljd6KNUVwZQSz7/UDekKyP3212gQ /OX4kIcyvxX4KyYihmnqtNHMEPeCySlEWobQBVQShQ== X-Google-Smtp-Source: AA+uWPxRtETiA0vQuvKOkan73dUmhjbC72QhIOzEYkHQ5bQhRNSsT2bApwIbofxOY4mxJwvfamQK9l4tbkP2Pn85yKQ= X-Received: by 2002:a6b:d004:: with SMTP id x4-v6mr5064998ioa.299.1533285849927; Fri, 03 Aug 2018 01:44:09 -0700 (PDT) MIME-Version: 1.0 Sender: wlosh@bsdimp.com Received: by 2002:a4f:4485:0:0:0:0:0 with HTTP; Fri, 3 Aug 2018 01:44:09 -0700 (PDT) X-Originating-IP: [86.153.210.77] In-Reply-To: <20180802234519.GD68224@kduck.kaduk.org> References: <20180802234519.GD68224@kduck.kaduk.org> From: Warner Losh Date: Fri, 3 Aug 2018 02:44:09 -0600 X-Google-Sender-Auth: ij_u90ZUmAUGxcJSfLBylG5FCvM Message-ID: Subject: Re: Status of OpenSSL 1.1.1 To: Benjamin Kaduk Cc: Eric McCorkle , FreeBSD Hackers , "freebsd-arch@freebsd.org" , freebsd-current , freebsd-security Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Aug 2018 08:44:11 -0000 On Thu, Aug 2, 2018 at 5:45 PM, Benjamin Kaduk wrote: > On Wed, Aug 01, 2018 at 10:05:28AM -0400, Eric McCorkle wrote: > > On 08/01/2018 09:02, Warner Losh wrote: > > > > > > > > > On Wed, Aug 1, 2018, 12:31 PM Eric McCorkle > > > wrote: > > > > > > Hi folks, > > > > > > I'm wondering what's the status of OpenSSL 1.1.1 integration into > base? > > > More specifically, is there a repo or a branch that's started the > > > integration? I'm aware of the wiki page and the list of port build > > > issues, but that seems to be based on replacing the base OpenSSL > with a > > > port build (similar to the way one replaces it with LibreSSL). > > > > > > I have some work I'd like to do that's gating on sorting out the > > > kernel/loader crypto situation, and I'd very much like to see > OpenSSL > > > 1.1.1 get merged, so I can start to look into doing that. > > > > > > > > > There are patches to use bear SSL for the loader. OpenSSL is simply too > > > large to use due to limits the loader operates under. > > > > I was going to look into the feasibility of doing something like what > > LibreSSL does with portable, where they extract a subset of the full > > library designed to be embedded in the kernel, loader, etc. > > > > I think it ought to be possible to do something like that, but it really > > ought to be done in a tree with 1.1.1 integrated. > > > > It wouldn't be terribly easy or effective, IMO. OpenSSL wasn't designed > with such modularity in mind. > Others that have tried have found OpenSSL to be way too large for the boot loader and a completely impossible to subset enough to get things small enough due to the intertwingled nature of things. Warner From owner-freebsd-arch@freebsd.org Fri Aug 3 10:43:17 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 811951065758; Fri, 3 Aug 2018 10:43:17 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1654A7B9DC; Fri, 3 Aug 2018 10:43:17 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from marvin.madpilot.net (host109-130-dynamic.20-87-r.retail.telecomitalia.it [87.20.130.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: madpilot/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 7913AE1BC; Fri, 3 Aug 2018 10:43:16 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Subject: Re: pkgbase: Move of head/etc/ files To: Brad Davis , freebsd-arch@FreeBSD.org, freebsd-pkgbase@freebsd.org References: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> From: Guido Falsi Openpgp: preference=signencrypt Autocrypt: addr=madpilot@FreeBSD.org; prefer-encrypt=mutual; keydata= xsBNBE+G+l0BCADi/WBQ0aRJfnE7LBPsM0G3m/m3Yx7OPu4iYFvS84xawmRHtCNjWIntsxuX fptkmEo3Rsw816WUrek8dxoUAYdHd+EcpBcnnDzfDH5LW/TZ4gbrFezrHPdRp7wdxi23GN80 qPwHEwXuF0X4Wy5V0OO8B6VT/nA0ADYnBDhXS52HGIJ/GCUjgqJn+phDTdCFLvrSFdmgx4Wl c0W5Z1p5cmDF9l8L/hc959AeyNf7I9dXnjekGM9gVv7UDUYzCifR3U8T0fnfdMmS8NeI9NC+ wuREpRO4lKOkTnj9TtQJRiptlhcHQiAlG1cFqs7EQo57Tqq6cxD1FycZJLuC32bGbgalABEB AAHNHkd1aWRvIEZhbHNpIDxtYWRAbWFkcGlsb3QubmV0PsLAeQQTAQgAIwIbAwIeAQIXgAUL CQgHAwUVCgkICwQWAgMBBQJS79AgAhkBAAoJEBrmhg5Wy9KTc0kH/RO64ORBlTbTHaUaOj8F Je5O5NU2Pt9Cyt5ZWBRvxntr1zPTJGKRPS9ihlIfqT4ZvEngQGp57EUyFbCpI0UWasTerImM tt5WACnGmCzUTB39UXx8Oy4b1EgWeTJQ747e/F1mQLXTNa6ijRBE9fYlTb4gAkPN88/wVV9v 3PZozKLTg16ghBzHM/P7Lk8L7clPEZChX1FTa/6eSt3nvzfCuTMZbBPJF/ph+q1KyPqRgVfh tyhu5dvgMoPz/ni41IfeSrkJTD5RXzdyGR9q4Z1NYeBsLkRjC4LxKAP5KqUsvlOUjKvO1byj ApYdMarol+IGkaSk9e3zVYAJkWKjn/ni8XbOwU0EUxB7QQEQAKFhrDceoPdK/IHDSmoj6SQY isvM7VdhcleS7E9DoEAVt7yMbf6HbbMVTTY6ckvwTWQssywLBXNVqxgc4WLJjzfUhgef+WE7 5M3+WFYlOVQLGZY/zEVgma1raYnOHNAOzeHLDmEXjbZP6vGAeDyBbGfQPpE7qGYZ7ubeT3Xw QO+PklcCrvOPj2ZPcAxGNS2xVU/LzONqCrJqLMJSIcCdsbiSP4G5PnDFHtMokaTY6OEr8OEQ fOAerhcHUa/z7Uu8YtmaqKH+QGkE/WEgaRqSiTnv0JOTD+DxehaqvoKPPZ++2NpCZMHB2i6A /xifmQwEiIjEXtcueBRzkNUQkxhqZyS13SrhocL9ydtaVPBzZatAEjUDDEJmAMLVFs45qfyh MiNapHJo2n3MW/E5omqCvEkDdWX/en3P7CK2TemeaDghMsgkNKax/z0wNo5UZCkOPOz0xpNi UilOVbkuezZZNg65741qee2lfXhQIaZ66yT7hphc/N/z3PIAtLeze4u1VR2EXAuZ2sWAdlKC NTlJMsaU/x70BV11Wd/ypnVzM68dfdQIIAj1iMFAD/lXGlEUmKXg5Ov2VQDlTntQoanCYrAg +8CttPzjrydgLZFq3hrtQmfc0se5yv1WHS69+BsUOG09RvvawUDZxUjW19kyeN9THaNRgow3 kSuArUp6zSmJABEBAAHCwF8EGAEIAAkFAlMQe0ECGwwACgkQGuaGDlbL0pMN5wgA4bCkX/qw EVC06ToeR6C2putmSWQMgpDaqrv65Hubo+QGmg2P4ewTYQQ4g6oYWS03qHxqVVWhKz7FjfrV +dH8qbCLfSgIcvdBha7ayGZVrsiuMLKGbw36fcmkZPpSDOfHcP0XH8Z+u9CWj0xUkTxAlZ/7 i6gYSUpG2JWNtdmE/X8VVEyXusCLwy0K0BI60A/4dRTIX3C4QKrJ3ZbUXegz70ynjHf+lQMZ 9IZKASoRMuS5FozPQh6abvmwZEPdf5I9riUElzvHrqJ8Bx0t3Pujdoth+yNHpnBxrtO8LkQd rQ58P0SwcaIX33T2U9pG8bhu5YVR88FQ8OQ0cEsPBpDncg== Message-ID: <13a0c161-5646-1a71-c958-909829fdb6d2@FreeBSD.org> Date: Fri, 3 Aug 2018 12:43:12 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.0 MIME-Version: 1.0 In-Reply-To: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Aug 2018 10:43:17 -0000 On 8/2/18 1:54 AM, Brad Davis wrote: > Hello, > > I want to give some information on what is happening to files in head/etc/ and open a discussion. > Today while updating a pkgbase machine I got this error(with trimmed debug output): The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: FreeBSD-runtime: 12.0.s20180725172903 -> 12.0.s20180803092917 [mpnet-base] Number of packages to be upgraded: 1 Proceed with this action? [y/N]: y DBG(1)[71153]> want to upgrade advisory to exclusive lock [1/1] Upgrading FreeBSD-runtime from 12.0.s20180725172903 to 12.0.s20180803092917... [1/1] Extracting FreeBSD-runtime-12.0.s20180803092917: 1% DBG(1)[71153]> Populating config_file /etc/blacklistd.conf [1/1] Extracting FreeBSD-runtime-12.0.s20180803092917: 1% DBG(1)[71153]> Populating config_file /etc/defaults/rc.conf Segmentation fault (core dumped) I'm not sure if it's related to r336845 and r336847, but since those are the only one touching rc.conf recently it looks possible. Anyone has an idea what I've stumbled upon? I'm investigating this, but if I can't fix it shortly I'll revert to my previous pkg set and try again at another time. If some tests are needed I'll try to perform them as requested. Thanks in advance! BTW I have no objection to moving the configuration files if it's needed for code maintainability. -- Guido Falsi From owner-freebsd-arch@freebsd.org Fri Aug 3 11:02:24 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 03AB31065CDE; Fri, 3 Aug 2018 11:02:24 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (static-98-116-200-172.nycmny.fios.verizon.net [98.116.200.172]) by mx1.freebsd.org (Postfix) with ESMTP id A0FD67C467; Fri, 3 Aug 2018 11:02:23 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [172.16.0.23] (unknown [172.16.0.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id 89930619A; Fri, 3 Aug 2018 11:02:22 +0000 (UTC) Subject: Re: Status of OpenSSL 1.1.1 To: Warner Losh , Benjamin Kaduk Cc: FreeBSD Hackers , "freebsd-arch@freebsd.org" , freebsd-current , freebsd-security References: <20180802234519.GD68224@kduck.kaduk.org> From: Eric McCorkle Openpgp: preference=signencrypt Autocrypt: addr=eric@metricspace.net; prefer-encrypt=mutual; keydata= mDMEWue2FBYJKwYBBAHaRw8BAQdAP/qVPlXodV6pYO5b1Jw0eFyMhyDD7B5y5eFsciutEfS0 JEVyaWMgTWNDb3JrbGUgPGVyaWNAbWV0cmljc3BhY2UubmV0PoiWBBMWCAA+FiEEDxi/0rkj zd6Uc6cFCN/CKRbBwmwFAlrnthQCGwMFCQHhM4AFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA CgkQCN/CKRbBwmyGKAD/XTSBOItCKcYCPTlsaS1aQYVEwWXXFgdjWE+WsNdZUS8A/AhYAbQZ kNZNimE2rQLoklkfTA74qF/V257NuQi4QDcLuDgEWue2FBIKKwYBBAGXVQEFAQEHQKpZVyCG ync/xqejm2C1HKGXLJTUu38RvnrR3UYECz9nAwEIB4h+BBgWCAAmFiEEDxi/0rkjzd6Uc6cF CN/CKRbBwmwFAlrnthQCGwwFCQHhM4AACgkQCN/CKRbBwmyi2wEAmvaGt8QMjGELzm27gP4c jJGUi7oigsLmTiFPkpJqPz0A+QFBSCvxJaxCMyoVru/xB6bunpJ+Wtsj8HD1EuJOn4EJ Message-ID: Date: Fri, 3 Aug 2018 07:02:18 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.9.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="3Jlf5EtgHrBUwuVED8RcynGXM8EBmN3FH" X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Aug 2018 11:02:24 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --3Jlf5EtgHrBUwuVED8RcynGXM8EBmN3FH Content-Type: multipart/mixed; boundary="SgFMOIbWT0nMndG6NllvpPpohfXOlolaP"; protected-headers="v1" From: Eric McCorkle To: Warner Losh , Benjamin Kaduk Cc: FreeBSD Hackers , "freebsd-arch@freebsd.org" , freebsd-current , freebsd-security Message-ID: Subject: Re: Status of OpenSSL 1.1.1 References: <20180802234519.GD68224@kduck.kaduk.org> In-Reply-To: --SgFMOIbWT0nMndG6NllvpPpohfXOlolaP Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 08/03/2018 04:44, Warner Losh wrote: >=20 >=20 > On Thu, Aug 2, 2018 at 5:45 PM, Benjamin Kaduk > wrote: >=20 > On Wed, Aug 01, 2018 at 10:05:28AM -0400, Eric McCorkle wrote: > > On 08/01/2018 09:02, Warner Losh wrote: > > > > > > > > > On Wed, Aug 1, 2018, 12:31 PM Eric McCorkle > > > > >> wr= ote: > > > > > >=C2=A0 =C2=A0 =C2=A0Hi folks, > > > > > >=C2=A0 =C2=A0 =C2=A0I'm wondering what's the status of OpenSSL 1= =2E1.1 integration > into base? > > >=C2=A0 =C2=A0 =C2=A0More specifically, is there a repo or a bran= ch that's > started the > > >=C2=A0 =C2=A0 =C2=A0integration?=C2=A0 I'm aware of the wiki pag= e and the list of > port build > > >=C2=A0 =C2=A0 =C2=A0issues, but that seems to be based on replac= ing the base > OpenSSL with a > > >=C2=A0 =C2=A0 =C2=A0port build (similar to the way one replaces = it with LibreSSL). > > > > > >=C2=A0 =C2=A0 =C2=A0I have some work I'd like to do that's gatin= g on sorting out the > > >=C2=A0 =C2=A0 =C2=A0kernel/loader crypto situation, and I'd very= much like to > see OpenSSL > > >=C2=A0 =C2=A0 =C2=A01.1.1 get merged, so I can start to look int= o doing that. > > > > > > > > > There are patches to use bear SSL for the loader. OpenSSL is > simply too > > > large to use due to limits the loader operates under. > > > > I was going to look into the feasibility of doing something like = what > > LibreSSL does with portable, where they extract a subset of the f= ull > > library designed to be embedded in the kernel, loader, etc. > > > > I think it ought to be possible to do something like that, but it= > really > > ought to be done in a tree with 1.1.1 integrated. > > >=20 > It wouldn't be terribly easy or effective, IMO.=C2=A0 OpenSSL wasn'= t designed > with such modularity in mind. >=20 >=20 > Others that have tried have found OpenSSL to be way too large for the > boot loader and a completely impossible to subset enough to get things > small enough due to the intertwingled nature of things. To what extent, if any, does this change in 1.1.1, though? --SgFMOIbWT0nMndG6NllvpPpohfXOlolaP-- --3Jlf5EtgHrBUwuVED8RcynGXM8EBmN3FH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYIAB0WIQQPGL/SuSPN3pRzpwUI38IpFsHCbAUCW2Q2OgAKCRAI38IpFsHC bHx7AQCF1Yu898/tbKfMJvXrPaJmDmV2wf66gtK5k+KJ1ulKmgEAuuXdSuUriYuK n3pc4P82OqfT9LnymaHfY6T9KM/6QAg= =tWx/ -----END PGP SIGNATURE----- --3Jlf5EtgHrBUwuVED8RcynGXM8EBmN3FH-- From owner-freebsd-arch@freebsd.org Sat Aug 4 09:43:29 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CA7A0106475A; Sat, 4 Aug 2018 09:43:29 +0000 (UTC) (envelope-from bsd-lists@BSDforge.com) Received: from udns.ultimatedns.net (static-24-113-41-81.wavecable.com [24.113.41.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5AEFE8DBAD; Sat, 4 Aug 2018 09:43:28 +0000 (UTC) (envelope-from bsd-lists@BSDforge.com) Received: from udns.ultimatedns.net (localhost [127.0.0.1]) by udns.ultimatedns.net (8.14.9/8.14.9) with ESMTP id w749hctJ038285; Sat, 4 Aug 2018 02:43:44 -0700 (PDT) (envelope-from bsd-lists@BSDforge.com) X-Mailer: UDNSMS MIME-Version: 1.0 Cc: , "Brad Davis" In-Reply-To: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> From: "Chris H" Reply-To: bsd-lists@BSDforge.com To: Subject: Re: pkgbase: Move of head/etc/ files Date: Sat, 04 Aug 2018 02:43:44 -0700 Message-Id: <9e28add9809e7d19c3b0d14880df62d8@udns.ultimatedns.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Aug 2018 09:43:30 -0000 On Wed, 01 Aug 2018 17:54:10 -0600 "Brad Davis" said > Hello, >=20 > I want to give some information on what is happening to files in head/etc= / > and open a discussion=2E >=20 > I am trying to move all config files out of head/etc/ and place them with= the > source files for the particular use=2E For example, some of these are obvi= ous > moves like moving say portsnap=2Econf to usr=2Esbin/portsnap/portsnap=2Econf=2E = The > review for this move shows exactly what would happen here: > https://reviews=2Efreebsd=2Eorg/D16554=2E For these cases, there are some easy > benefits, like: > 1) Keeping all files as part of a program together, which makes maintenan= ce > for maintainers a little easier=2E > 2) Simplicity, we do not need all the =2Eif ${MK_FOO} lines in etc/Makefile > because that is handled a level above the programs Makefile and so one CO= NFS=3D > line is all that is needed=2E > 3) Easier to avoid bugs where we install things that should not be instal= led=2E > Like for apmd, we installed apmd=2Econf on all archs even though it only wo= rks > on i386=2E i=2Ee=2E we don't have to keep knobs in sync in multiple locations=2E >=20 > Some of the more complicated things to move like etc/shells and the init > scripts=2E I picked the location of etc/shells based on it being used by > getusershell(3) in libc, so it ended up in lib/libc/gen/shells=2E The move= of > the init scripts was based on a few things, including the reasons above, = but > additionally: > 1) Isolating a subcomponent, for example work is happening to bring in > OpenRC, so we will have multiple init systems with different types of > scripts, so moving them away from head/etc/ keeps them isolated=2E Is the current rc(8) broken? Is OpenRC an intended replacement? How is this going to work? >=20 > This work was driven by needing to tag these files as config files in the > METALOG so that pkg knows what is a config file so that pkg can 3-way mer= ge > them=2E >=20 > More info on pkgbase: https://wiki=2Efreebsd=2Eorg/PkgBase >=20 >=20 > Regards, > Brad Davis --Chris From owner-freebsd-arch@freebsd.org Sat Aug 4 16:50:53 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D83E81070787; Sat, 4 Aug 2018 16:50:52 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 890757F5FA; Sat, 4 Aug 2018 16:50:52 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id D059E21F1A; Sat, 4 Aug 2018 12:50:45 -0400 (EDT) Received: from web6 ([10.202.2.216]) by compute5.internal (MEProxy); Sat, 04 Aug 2018 12:50:45 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=Xytpzw iuVdBkDYHYj04rBujnXhgXzEt8X3CELGvWZMw=; b=Pk4lF9woPgV0hukIJcnsEO vqDz3K0dE8V9s2awfZKJMn+h1KB+MkYTHsA6rHq1ix2/k5u+BFL5qqKIri6vfOf0 ogejXfNVVVwQarDP/InMQuacRuYf0bCvgPOzaMnBu7Loy8PmykVY9qv3X5r+EblH pud/QWSmB7FBIy4WB5K/YAa2hI009CXcZ+0OTbqEGpop/slqPKOdxJworLVdHidr eKrjd+1mEfVjOP8ovsZeTNvkI/zqBBPP/kRdA5DrBOvZ/oTeMFby0XywA98xSSMJ sV1vplpCQiYtSmuKzmCwnP4kAWKPZQUUum3bmWOXF1UeDsmQAFvhQvEho5KIbyaw == X-ME-Proxy: X-ME-Sender: Received: by mailuser.nyi.internal (Postfix, from userid 99) id 58AB74143; Sat, 4 Aug 2018 12:50:45 -0400 (EDT) Message-Id: <1533401445.1155223.1463427888.4C7D62DA@webmail.messagingengine.com> From: Brad Davis To: Guido Falsi , freebsd-arch@FreeBSD.org, freebsd-pkgbase@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" X-Mailer: MessagingEngine.com Webmail Interface - ajax-2be8cd1b Date: Sat, 04 Aug 2018 10:50:45 -0600 Subject: Re: pkgbase: Move of head/etc/ files References: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> <13a0c161-5646-1a71-c958-909829fdb6d2@FreeBSD.org> In-Reply-To: <13a0c161-5646-1a71-c958-909829fdb6d2@FreeBSD.org> X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Aug 2018 16:50:53 -0000 On Fri, Aug 3, 2018, at 4:43 AM, Guido Falsi wrote: > On 8/2/18 1:54 AM, Brad Davis wrote: > > Hello, > > > > I want to give some information on what is happening to files in head/etc/ and open a discussion. > > > > Today while updating a pkgbase machine I got this error(with trimmed > debug output): > > The following 1 package(s) will be affected (of 0 checked): > > Installed packages to be UPGRADED: > FreeBSD-runtime: 12.0.s20180725172903 -> 12.0.s20180803092917 > [mpnet-base] > > Number of packages to be upgraded: 1 > > Proceed with this action? [y/N]: y > DBG(1)[71153]> want to upgrade advisory to exclusive lock > [1/1] Upgrading FreeBSD-runtime from 12.0.s20180725172903 to > 12.0.s20180803092917... > [1/1] Extracting FreeBSD-runtime-12.0.s20180803092917: 1% > DBG(1)[71153]> Populating config_file /etc/blacklistd.conf > [1/1] Extracting FreeBSD-runtime-12.0.s20180803092917: 1% > DBG(1)[71153]> Populating config_file /etc/defaults/rc.conf > Segmentation fault (core dumped) > > I'm not sure if it's related to r336845 and r336847, but since those are > the only one touching rc.conf recently it looks possible. > > Anyone has an idea what I've stumbled upon? > > I'm investigating this, but if I can't fix it shortly I'll revert to my > previous pkg set and try again at another time. If some tests are needed > I'll try to perform them as requested. This is a bug in pkg and has to do with these files transitioning from normal files to config files. I will try and work on this in the next week. Regards, Brad Davis From owner-freebsd-arch@freebsd.org Sat Aug 4 16:51:41 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2B08310707D4; Sat, 4 Aug 2018 16:51:41 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from out1-smtp.messagingengine.com (out1-smtp.messagingengine.com [66.111.4.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C64B77F833; Sat, 4 Aug 2018 16:51:40 +0000 (UTC) (envelope-from brd@FreeBSD.org) Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.nyi.internal (Postfix) with ESMTP id 7A8002144B; Sat, 4 Aug 2018 12:51:40 -0400 (EDT) Received: from web6 ([10.202.2.216]) by compute5.internal (MEProxy); Sat, 04 Aug 2018 12:51:40 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=kejvDg kH0es35doQ1Hhed/u85N/efG/IzSwDACSSHPg=; b=QoJKzIPEVOpA5/HoonCyzj BU/weMfLT2a4C37qiiZRuDTBLoMMlmi1h2rgCil8wAIzOgLnb0Js9e+PK64raG8P lC/K0tUL8r5Xy3q5MNLWyJ3TxWSTNdsiNHPuzFQPdrAi+MdAi19mUMxN+8iusNWu cAnogR9an211vHBSrkTI3YrwQnmZbk4N3cxTNRCnXveX3kLqHseWJap8EI3L3Zcx Z2m22LKabKMV0nPDuU+T0+AK80u1Be7KHCJf9wSU4PjOWi16mNDJhTHsxQJkr3lt e2rI1pWPGdFnZPMiIk/kkdpPF8QBIgTQKlAnO9pI1K+z1cA3McCUbjME5PlHg50w == X-ME-Proxy: X-ME-Sender: Received: by mailuser.nyi.internal (Postfix, from userid 99) id F04DB4143; Sat, 4 Aug 2018 12:51:39 -0400 (EDT) Message-Id: <1533401499.1192219.1463428312.4AE8091D@webmail.messagingengine.com> From: Brad Davis To: Chris H , freebsd-pkgbase@freebsd.org Cc: freebsd-arch@FreeBSD.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" X-Mailer: MessagingEngine.com Webmail Interface - ajax-2be8cd1b In-Reply-To: <9e28add9809e7d19c3b0d14880df62d8@udns.ultimatedns.net> Date: Sat, 04 Aug 2018 10:51:39 -0600 Subject: Re: pkgbase: Move of head/etc/ files References: <9e28add9809e7d19c3b0d14880df62d8@udns.ultimatedns.net> X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Aug 2018 16:51:41 -0000 On Sat, Aug 4, 2018, at 3:43 AM, Chris H wrote: > On Wed, 01 Aug 2018 17:54:10 -0600 "Brad Davis" said > > > Hello, > > > > I want to give some information on what is happening to files in head/etc/ > > and open a discussion. > > > > I am trying to move all config files out of head/etc/ and place them with the > > source files for the particular use. For example, some of these are obvious > > moves like moving say portsnap.conf to usr.sbin/portsnap/portsnap.conf. The > > review for this move shows exactly what would happen here: > > https://reviews.freebsd.org/D16554. For these cases, there are some easy > > benefits, like: > > 1) Keeping all files as part of a program together, which makes maintenance > > for maintainers a little easier. > > 2) Simplicity, we do not need all the .if ${MK_FOO} lines in etc/Makefile > > because that is handled a level above the programs Makefile and so one CONFS= > > line is all that is needed. > > 3) Easier to avoid bugs where we install things that should not be installed. > > Like for apmd, we installed apmd.conf on all archs even though it only works > > on i386. i.e. we don't have to keep knobs in sync in multiple locations. > > > > Some of the more complicated things to move like etc/shells and the init > > scripts. I picked the location of etc/shells based on it being used by > > getusershell(3) in libc, so it ended up in lib/libc/gen/shells. The move of > > the init scripts was based on a few things, including the reasons above, but > > additionally: > > 1) Isolating a subcomponent, for example work is happening to bring in > > OpenRC, so we will have multiple init systems with different types of > > scripts, so moving them away from head/etc/ keeps them isolated. > > Is the current rc(8) broken? Is OpenRC an intended replacement? How is this > going to work? I am not sure what the status or progress is for this. Probably worth contacting Kris Moore. Regards, Brad Davis From owner-freebsd-arch@freebsd.org Sat Aug 4 17:21:59 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9D514104C821; Sat, 4 Aug 2018 17:21:59 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 54A2880E98; Sat, 4 Aug 2018 17:21:59 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Received: from tommy.madpilot.net (host109-130-dynamic.20-87-r.retail.telecomitalia.it [87.20.130.109]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: madpilot/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id BD12119C23; Sat, 4 Aug 2018 17:21:58 +0000 (UTC) (envelope-from madpilot@FreeBSD.org) Subject: Re: pkgbase: Move of head/etc/ files To: Brad Davis , freebsd-arch@FreeBSD.org, freebsd-pkgbase@freebsd.org References: <1533167650.2567721.1460524472.3AC8CC35@webmail.messagingengine.com> <13a0c161-5646-1a71-c958-909829fdb6d2@FreeBSD.org> <1533401445.1155223.1463427888.4C7D62DA@webmail.messagingengine.com> From: Guido Falsi Message-ID: Date: Sat, 4 Aug 2018 19:21:55 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.0 MIME-Version: 1.0 In-Reply-To: <1533401445.1155223.1463427888.4C7D62DA@webmail.messagingengine.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Aug 2018 17:21:59 -0000 On 8/4/18 6:50 PM, Brad Davis wrote: > On Fri, Aug 3, 2018, at 4:43 AM, Guido Falsi wrote: >> On 8/2/18 1:54 AM, Brad Davis wrote: >>> Hello, >>> >>> I want to give some information on what is happening to files in head/etc/ and open a discussion. >>> >> >> Today while updating a pkgbase machine I got this error(with trimmed >> debug output): >> >> The following 1 package(s) will be affected (of 0 checked): >> >> Installed packages to be UPGRADED: >> FreeBSD-runtime: 12.0.s20180725172903 -> 12.0.s20180803092917 >> [mpnet-base] >> >> Number of packages to be upgraded: 1 >> >> Proceed with this action? [y/N]: y >> DBG(1)[71153]> want to upgrade advisory to exclusive lock >> [1/1] Upgrading FreeBSD-runtime from 12.0.s20180725172903 to >> 12.0.s20180803092917... >> [1/1] Extracting FreeBSD-runtime-12.0.s20180803092917: 1% >> DBG(1)[71153]> Populating config_file /etc/blacklistd.conf >> [1/1] Extracting FreeBSD-runtime-12.0.s20180803092917: 1% >> DBG(1)[71153]> Populating config_file /etc/defaults/rc.conf >> Segmentation fault (core dumped) >> >> I'm not sure if it's related to r336845 and r336847, but since those are >> the only one touching rc.conf recently it looks possible. >> >> Anyone has an idea what I've stumbled upon? >> >> I'm investigating this, but if I can't fix it shortly I'll revert to my >> previous pkg set and try again at another time. If some tests are needed >> I'll try to perform them as requested. > > This is a bug in pkg and has to do with these files transitioning from normal files to config files. > > I will try and work on this in the next week. Thanks in advance! For me there's no hurry. I have reverted my machine and will not be updating for at least a full week anyway. If you need testing I'm available though. -- Guido Falsi From owner-freebsd-arch@freebsd.org Sat Aug 4 22:09:03 2018 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8811D1054952; Sat, 4 Aug 2018 22:09:03 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from dmz-mailsec-scanner-3.mit.edu (dmz-mailsec-scanner-3.mit.edu [18.9.25.14]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1367D8A914; Sat, 4 Aug 2018 22:09:03 +0000 (UTC) (envelope-from kaduk@mit.edu) X-AuditID: 1209190e-57fff70000007f9c-29-5b6622cb2425 Received: from mailhub-auth-3.mit.edu ( [18.9.21.43]) (using TLS with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by dmz-mailsec-scanner-3.mit.edu (Symantec Messaging Gateway) with SMTP id 85.A9.32668.CC2266B5; Sat, 4 Aug 2018 18:03:56 -0400 (EDT) Received: from outgoing.mit.edu (OUTGOING-AUTH-1.MIT.EDU [18.9.28.11]) by mailhub-auth-3.mit.edu (8.13.8/8.9.2) with ESMTP id w74M3rZD021204; Sat, 4 Aug 2018 18:03:54 -0400 Received: from kduck.kaduk.org (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.8/8.12.4) with ESMTP id w74M3nrs010151 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Sat, 4 Aug 2018 18:03:51 -0400 Date: Sat, 4 Aug 2018 17:03:49 -0500 From: Benjamin Kaduk To: Eric McCorkle Cc: Warner Losh , FreeBSD Hackers , "freebsd-arch@freebsd.org" , freebsd-current , freebsd-security Subject: Re: Status of OpenSSL 1.1.1 Message-ID: <20180804220349.GJ68224@kduck.kaduk.org> References: <20180802234519.GD68224@kduck.kaduk.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: User-Agent: Mutt/1.9.1 (2017-09-22) X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFlrOKsWRmVeSWpSXmKPExsUixCmqrXtGKS3aYE+PoMW36X9ZLGZPn8Zk MefNByaL7Zv/MVr0bHrCZvF063JGBzaPD7u/snrM+DSfxePejglMAcxRXDYpqTmZZalF+nYJ XBmbWqQKdghXbLh5lrmB8SVvFyMnh4SAicSzTx8Zuxi5OIQEFjNJLNw4EcrZwChx9OgLZgjn CpPEv642li5GDg4WARWJ2WcVQLrZgMyG7svMIGERAQ2J+bsFQcqZBbqYJH5NOssCUiMMVNN9 6T4ziM0LtO3BqitQM98ySTzZ8oQNIiEocXLmE7AGZgEdiZ1b77CBDGUWkJZY/o8DIiwv0bx1 NtgcTgFnibe7v7KD2KICyhJ7+w6xT2AUnIVk0iwkk2YhTJqFZNICRpZVjLIpuVW6uYmZOcWp ybrFyYl5ealFusZ6uZkleqkppZsYwXEgybeDcVKD9yFGAQ5GJR7eEzxp0UKsiWXFlbmHGCU5 mJREeU0vp0QL8SXlp1RmJBZnxBeV5qQWH2KU4GBWEuH935AaLcSbklhZlVqUD5OS5mBREue9 VxMeLSSQnliSmp2aWpBaBJOV4eBQkuA9oQi0R7AoNT21Ii0zpwQhzcTBCTKcB2i4H0gNb3FB Ym5xZjpE/hSjLsef91MnMQux5OXnpUqJ81aBFAmAFGWU5sHNAaUviez9Na8YxYHeEuaVASYz IR5g6oOb9ApoCRPQkmoTkA+KSxIRUlINjOq3b4TMurCu6EJmaMvyo/0P3f9kfuZ9+fvwzDUf /Sbu1PjxjC3xj/O8kIeWGk9fROzpnvBS5JjzliaRPT5ZTUqz08+GsaTdkNgr1vU45NJhX/Oo KGcJUZfm2tmbLARzrm7devDNwTYdoeOZBiJKBzlWFn3plK0MY376uubx9EnN5ue7/x6J01Fi Kc5INNRiLipOBACMabjjOgMAAA== X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Aug 2018 22:09:03 -0000 On Fri, Aug 03, 2018 at 07:02:18AM -0400, Eric McCorkle wrote: > On 08/03/2018 04:44, Warner Losh wrote: > > > > > > On Thu, Aug 2, 2018 at 5:45 PM, Benjamin Kaduk > > wrote: > > > > On Wed, Aug 01, 2018 at 10:05:28AM -0400, Eric McCorkle wrote: > > > On 08/01/2018 09:02, Warner Losh wrote: > > > > > > > > > > > > On Wed, Aug 1, 2018, 12:31 PM Eric McCorkle > > > > > > >> wrote: > > > > > > > >     Hi folks, > > > > > > > >     I'm wondering what's the status of OpenSSL 1.1.1 integration > > into base? > > > >     More specifically, is there a repo or a branch that's > > started the > > > >     integration?  I'm aware of the wiki page and the list of > > port build > > > >     issues, but that seems to be based on replacing the base > > OpenSSL with a > > > >     port build (similar to the way one replaces it with LibreSSL). > > > > > > > >     I have some work I'd like to do that's gating on sorting out the > > > >     kernel/loader crypto situation, and I'd very much like to > > see OpenSSL > > > >     1.1.1 get merged, so I can start to look into doing that. > > > > > > > > > > > > There are patches to use bear SSL for the loader. OpenSSL is > > simply too > > > > large to use due to limits the loader operates under. > > > > > > I was going to look into the feasibility of doing something like what > > > LibreSSL does with portable, where they extract a subset of the full > > > library designed to be embedded in the kernel, loader, etc. > > > > > > I think it ought to be possible to do something like that, but it > > really > > > ought to be done in a tree with 1.1.1 integrated. > > > > > > > It wouldn't be terribly easy or effective, IMO.  OpenSSL wasn't designed > > with such modularity in mind. > > > > > > Others that have tried have found OpenSSL to be way too large for the > > boot loader and a completely impossible to subset enough to get things > > small enough due to the intertwingled nature of things. > > To what extent, if any, does this change in 1.1.1, though? > Probably not enough -- while libssl got a bit reorganized, libcrypto hasn't changed much. -Ben