From owner-freebsd-stable@freebsd.org Sun Jan 20 09:41:53 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6CFDE14AC7FD for ; Sun, 20 Jan 2019 09:41:53 +0000 (UTC) (envelope-from petefrench@ingresso.co.uk) Received: from constantine.ingresso.co.uk (unknown [IPv6:2a02:b90:3002:411::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0B3448E0D4 for ; Sun, 20 Jan 2019 09:41:51 +0000 (UTC) (envelope-from petefrench@ingresso.co.uk) Received: from [82.47.240.30] (helo=foula.drayhouse.twisted.org.uk) by constantine.ingresso.co.uk with esmtpsa (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.91 (FreeBSD)) (envelope-from ) id 1gl9bx-0008bS-UT; Sun, 20 Jan 2019 09:41:49 +0000 Subject: Re: More CARP issues under 12 (maybe not CARP after all) To: Kevin Oberman Cc: FreeBSD-STABLE Mailing List References: From: Pete French Message-ID: <3d452e3e-d723-e1a6-62af-9a1def83dacf@ingresso.co.uk> Date: Sun, 20 Jan 2019 09:42:07 +0000 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:65.0) Gecko/20100101 Thunderbird/65.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 0B3448E0D4 X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dmarc=pass (policy=none) header.from=ingresso.co.uk; spf=pass (mx1.freebsd.org: domain of petefrench@ingresso.co.uk designates 2a02:b90:3002:411::3 as permitted sender) smtp.mailfrom=petefrench@ingresso.co.uk X-Spamd-Result: default: False [1.38 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a02:b90:3002:411::3]; NEURAL_HAM_LONG(-0.95)[-0.954,0]; MIME_GOOD(-0.10)[text/plain]; IP_SCORE(-0.02)[country: GB(-0.09)]; RDNS_NONE(1.00)[]; NEURAL_SPAM_SHORT(0.22)[0.217,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[ingresso-co-uk.mail.protection.outlook.com,ingresso-co-uk.mail.protection.outlook.com]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[ingresso.co.uk,none]; NEURAL_HAM_MEDIUM(-0.56)[-0.558,0]; FREEMAIL_TO(0.00)[gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[30.240.47.82.zen.spamhaus.org : 127.0.0.11]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:16082, ipnet:2a02:b90::/32, country:GB]; HFILTER_HOSTNAME_UNKNOWN(2.50)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jan 2019 09:41:53 -0000 > To point  out the obvious, booting a 12.0 kernel with 11  userland to > multiuser mode is seriously unsupported. You really need to boot to > single user and install 12.0 userland to really expect things to work. Yes, good point. This has worked on every other machine I have upgraded from 11 to 12, which is why I didnt think of that, but then all the motherboards are slightly different. > Is there a reason that a standalone boot is not possible? Sort of - I am on a serial console to do this, which works in the BIOS, and works after the kernel has started booting, but does not work in the loader for some reason, so I can't select single user. So I go to single user by booting multi user and the shutting down. Of course I could use nextboot, so its just lazyness on my part actually. Thanks for pointing this out, I immediately jumped to the CARP conclusion due to last weeks experiences on the other machine, but actually this is far more likely to be the issue. -pete. PS: apparently I have been playing fast and loose with this - and bothering the mailing list about it - since 2005... :-) http://freebsd.1045724.x6.nabble.com/upgrading-5-4-gt-6-0-without-reinstalling-safe-td3932902.html Time to change my ways I think! From owner-freebsd-stable@freebsd.org Sun Jan 20 21:00:53 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DACC214A64D4 for ; Sun, 20 Jan 2019 21:00:53 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 78B4C823D2 for ; Sun, 20 Jan 2019 21:00:53 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: by mailman.ysv.freebsd.org (Postfix) id 3D07614A64D1; Sun, 20 Jan 2019 21:00:53 +0000 (UTC) Delivered-To: stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2B0B614A64D0 for ; Sun, 20 Jan 2019 21:00:53 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from mxrelay.ysv.freebsd.org (mxrelay.ysv.freebsd.org [IPv6:2001:1900:2254:206a::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.ysv.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C0E17823C6 for ; Sun, 20 Jan 2019 21:00:52 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.ysv.freebsd.org (Postfix) with ESMTPS id EE0851EB4A for ; Sun, 20 Jan 2019 21:00:51 +0000 (UTC) (envelope-from bugzilla-noreply@FreeBSD.org) Received: from kenobi.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id x0KL0pQv066518 for ; Sun, 20 Jan 2019 21:00:51 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id x0KL0pUQ066509 for stable@FreeBSD.org; Sun, 20 Jan 2019 21:00:51 GMT (envelope-from bugzilla-noreply@FreeBSD.org) Message-Id: <201901202100.x0KL0pUQ066509@kenobi.freebsd.org> X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@FreeBSD.org using -f From: bugzilla-noreply@FreeBSD.org To: stable@FreeBSD.org Subject: Problem reports for stable@FreeBSD.org that need special attention Date: Sun, 20 Jan 2019 21:00:51 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jan 2019 21:00:54 -0000 To view an individual PR, use: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=(Bug Id). The following is a listing of current problems submitted by FreeBSD users, which need special attention. These represent problem reports covering all versions including experimental development code and obsolete releases. Status | Bug Id | Description ------------+-----------+--------------------------------------------------- New | 230620 | "install -d" issue 1 problems total for which you should take action. From owner-freebsd-stable@freebsd.org Sun Jan 20 23:00:51 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 19B2614AC125 for ; Sun, 20 Jan 2019 23:00:51 +0000 (UTC) (envelope-from admin@nmrdist.cf) Received: from server.nmrdist.cf (nmrdist.cf [159.89.231.201]) by mx1.freebsd.org (Postfix) with ESMTP id 52C9E88827 for ; Sun, 20 Jan 2019 23:00:50 +0000 (UTC) (envelope-from admin@nmrdist.cf) Received: from nmrdist.cf (unknown [185.29.8.20]) (Authenticated sender: admin) by server.nmrdist.cf (Postfix) with ESMTPA id 5482AFE8F5 for ; Sun, 20 Jan 2019 20:59:20 -0200 (-02) Reply-To: info@shellonlines.com From: Shell Petroleum USA To: freebsd-stable@freebsd.org Subject: Shell Thailand USA. Date: 21 Jan 2019 00:58:21 +0200 Message-ID: <20190121005821.F8EDBFA6C3F1A77F@nmrdist.cf> X-Rspamd-Queue-Id: 52C9E88827 X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.75 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[info@shellonlines.com]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; REPLYTO_DOM_NEQ_FROM_DOM(0.00)[]; MX_GOOD(-0.01)[cached: nmrdist.cf]; DMARC_POLICY_ALLOW(-0.50)[nmrdist.cf,quarantine]; NEURAL_HAM_SHORT(-0.95)[-0.955,0]; MIME_HTML_ONLY(0.20)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; IP_SCORE(-2.38)[ip: (-9.75), ipnet: 159.89.224.0/20(-4.88), asn: 14061(2.80), country: US(-0.08)]; ASN(0.00)[asn:14061, ipnet:159.89.224.0/20, country:US]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[] MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jan 2019 23:00:51 -0000 From owner-freebsd-stable@freebsd.org Sun Jan 20 23:01:47 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 62EBB14AC31D for ; Sun, 20 Jan 2019 23:01:47 +0000 (UTC) (envelope-from admin@nmrdist.cf) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id C7BDD88B10 for ; Sun, 20 Jan 2019 23:01:46 +0000 (UTC) (envelope-from admin@nmrdist.cf) Received: by mailman.ysv.freebsd.org (Postfix) id 8BB7E14AC318; Sun, 20 Jan 2019 23:01:46 +0000 (UTC) Delivered-To: stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7A0DE14AC317 for ; Sun, 20 Jan 2019 23:01:46 +0000 (UTC) (envelope-from admin@nmrdist.cf) Received: from server.nmrdist.cf (nmrdist.cf [159.89.231.201]) by mx1.freebsd.org (Postfix) with ESMTP id B557688B06 for ; Sun, 20 Jan 2019 23:01:45 +0000 (UTC) (envelope-from admin@nmrdist.cf) Received: from nmrdist.cf (unknown [185.29.8.20]) (Authenticated sender: admin) by server.nmrdist.cf (Postfix) with ESMTPA id 0FDC1EB0EC for ; Sun, 20 Jan 2019 20:59:45 -0200 (-02) Reply-To: info@shellonlines.com From: Shell Petroleum USA To: stable@freebsd.org Subject: Shell Thailand USA. Date: 21 Jan 2019 00:58:47 +0200 Message-ID: <20190121005846.656E55ED4383572D@nmrdist.cf> X-Rspamd-Queue-Id: B557688B06 X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.75 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[info@shellonlines.com]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; REPLYTO_DOM_NEQ_FROM_DOM(0.00)[]; MX_GOOD(-0.01)[cached: nmrdist.cf]; DMARC_POLICY_ALLOW(-0.50)[nmrdist.cf,quarantine]; NEURAL_HAM_SHORT(-0.95)[-0.955,0]; MIME_HTML_ONLY(0.20)[]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; IP_SCORE(-2.38)[ip: (-9.75), ipnet: 159.89.224.0/20(-4.88), asn: 14061(2.80), country: US(-0.08)]; ASN(0.00)[asn:14061, ipnet:159.89.224.0/20, country:US]; RCVD_COUNT_TWO(0.00)[2]; MID_RHS_MATCH_FROM(0.00)[] MIME-Version: 1.0 Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Jan 2019 23:01:47 -0000 From owner-freebsd-stable@freebsd.org Mon Jan 21 01:36:15 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 28E6A14B1004 for ; Mon, 21 Jan 2019 01:36:15 +0000 (UTC) (envelope-from darius@dons.net.au) Received: from ipmail03.adl2.internode.on.net (ipmail03.adl2.internode.on.net [150.101.137.141]) by mx1.freebsd.org (Postfix) with ESMTP id 120A78E412 for ; Mon, 21 Jan 2019 01:36:13 +0000 (UTC) (envelope-from darius@dons.net.au) Received: from ppp118-210-245-94.bras1.adl4.internode.on.net (HELO midget.dons.net.au) ([118.210.245.94]) by ipmail03.adl2.internode.on.net with ESMTP; 21 Jan 2019 12:00:56 +1030 Received: from midget.dons.net.au (localhost [127.0.0.1]) by midget.dons.net.au (8.15.2/8.15.2) with ESMTPS id x0L1Uio0043882 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Mon, 21 Jan 2019 12:00:50 +1030 (ACDT) (envelope-from darius@dons.net.au) Received: (from mailnull@localhost) by midget.dons.net.au (8.15.2/8.15.2/Submit) id x0L1NwEx036890 for ; Mon, 21 Jan 2019 11:53:58 +1030 (ACDT) (envelope-from darius@dons.net.au) X-Authentication-Warning: midget.dons.net.au: mailnull set sender to using -f Received: from maelstrom.gsoft.com.au (Maelstrom.gsoft.com.au [203.31.81.59]) by ppp118-210-245-94.bras1.adl4.internode.on.net (envelope-sender ) (MIMEDefang) with ESMTP id x0L1NqsK036886; Mon, 21 Jan 2019 11:53:58 +1030 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Subject: Re: zfs on hardware raid array From: "O'Connor, Daniel" In-Reply-To: <713C7A3D-93A2-4542-8221-24DDFA0C533E@freebsd.org> Date: Mon, 21 Jan 2019 11:53:51 +1030 Cc: freebsd-stable Content-Transfer-Encoding: quoted-printable Message-Id: References: <2021985079.63423.1547910450967.JavaMail.zimbra@gausus.net> <5108B64F-2DB8-41F7-A7EC-FEAF007ECB16@orbdesigns.com> <713C7A3D-93A2-4542-8221-24DDFA0C533E@freebsd.org> To: Daniel Eischen X-Mailer: Apple Mail (2.3445.102.3) X-Spam-Score: 0 () No, score=0.0 required=5.0 tests=none autolearn=unavailable autolearn_force=no version=3.4.1 X-Scanned-By: MIMEDefang 2.83 on 10.0.2.1 X-Rspamd-Queue-Id: 120A78E412 X-Spamd-Bar: ++++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [4.67 / 15.00]; MV_CASE(0.50)[]; HAS_XAW(0.00)[]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: midget.dons.net.au]; RCPT_COUNT_TWO(0.00)[2]; RCVD_NO_TLS_LAST(0.10)[]; RCVD_IN_DNSWL_LOW(-0.10)[141.137.101.150.list.dnswl.org : 127.0.5.1]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:4739, ipnet:150.101.0.0/16, country:AU]; MIME_TRACE(0.00)[0:+]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[94.245.210.118.zen.spamhaus.org : 127.0.0.11]; ARC_NA(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; IP_SCORE(0.42)[ipnet: 150.101.0.0/16(1.69), asn: 4739(0.45), country: AU(-0.03)]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.89)[0.893,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.99)[0.992,0]; DMARC_NA(0.00)[dons.net.au]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.98)[0.977,0]; R_SPF_NA(0.00)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jan 2019 01:36:15 -0000 > On 20 Jan 2019, at 06:28, Daniel Eischen wrote: > We thought it strange that Oracle would spec hardware (I think it's an = LSI controller) that didn't allow JBOD when they themselves recommend = not using hardware RAID for ZFS, and also don't support booting from = anything other than ZFS (starting with Solaris 11). FWIW you can cross flash a lot of LSI controllers with IT firmware. eg https://nguvu.org/freenas/Convert-LSI-HBA-card-to-IT-mode/ Of course that may void your warranty or carry some risk you don't want = but it does work :) -- Daniel O'Connor "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum From owner-freebsd-stable@freebsd.org Mon Jan 21 16:26:43 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 993C814AE4A4; Mon, 21 Jan 2019 16:26:43 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A42C369C07; Mon, 21 Jan 2019 16:26:41 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id DB25528460; Mon, 21 Jan 2019 11:26:40 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Mon, 21 Jan 2019 11:26:40 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zyxst.net; h= date:from:to:cc:subject:message-id:mime-version:content-type; s= fm1; bh=CLMMr7khjBwfOCE0ep2i281c2PbOUvbOjE46DbfSddg=; b=tWaDoUkN BC4GKg+FDW46XSPhGypUPK5wXBMafQhNLGo+ZI7vgwtqDjkIb3VVryAGywNnDde3 WwB4IVi6LDFMGx2capXf7x/BsEpvv7ujmQmdVFA4YM2wwCc5NjV9aK4NriUzkMEE zkd/tB4YKVCeAERFe69eo69QS6/5hPuvowUDfJX32dTWYvohuMDQWINT0Ypn0+8y G3zLlqZ+tAIJQX0MD+9J880lSsNibq3MIR57sV5BqoTV+54gHQ0j2ThLEavThjcc TV/6sqmeBnMFjdfn1liZ7tmWBFrlaHoBzcqkgz6QK0Pl+DjKQeQR84JOGrndaSwG bwhegFdB4xgAaA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=CLMMr7khjBwfOCE0ep2i281c2PbOU vbOjE46DbfSddg=; b=KSJT60J+vmSIO+NhLWRP399yYRThXK161ODt+i+JdhNFL jKdIQS3Cf7l9bZTDP8C1xSE/XWXIfVjXh+8aOEdICBseK8mA0F7ymEgQIZs85KH2 M9YLdjoRQeKItt9YXkx0U9WmE4aZjfQ2nv/5bETORxPgFxQPjACZrniEeNdYtFxG Rdw5xC5N3/5xz2rW9YCSPOBEQYskbv/Eo+9Z40od5mXqZ/gHJaTsnxhqgrQ8/jiJ Ry43+8YKLjrQLjkAV041QGDGPDLI89WCfrzmHDgnfEInTBUIGHgftowjPBu8De/G lrOJtxB7/Y83Jdo0J1KKcB+Y9R4KKZsDF1goP3Xvw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrheeigdeltdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthenuceurghilhhouhhtmecufedt tdenucenucfjughrpeffhffvuffkgggtuggfsehttdertddtredvnecuhfhrohhmpehtvg gthhdqlhhishhtshcuoehtvggthhdqlhhishhtshesiiihgihsthdrnhgvtheqnecukfhp peekvddrjedtrdeluddruddtudenucfrrghrrghmpehmrghilhhfrhhomhepthgvtghhqd hlihhsthhsseiihiigshhtrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from rpi3.zyxst.net (rpi3.zyxst.net [82.70.91.101]) by mail.messagingengine.com (Postfix) with ESMTPA id 000FD100E4; Mon, 21 Jan 2019 11:26:39 -0500 (EST) Date: Mon, 21 Jan 2019 16:26:37 +0000 From: tech-lists To: freebsd-stable@freebsd.org Cc: freebsd-ports@freebsd.org Subject: which port installed what other port Message-ID: <20190121162634.GA30993@rpi3.zyxst.net> Mail-Followup-To: freebsd-stable@freebsd.org, freebsd-ports@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline User-Agent: Mutt/1.11.2 (2019-01-07) X-Rspamd-Queue-Id: A42C369C07 X-Spamd-Bar: ------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=zyxst.net header.s=fm1 header.b=tWaDoUkN; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=KSJT60J+; spf=pass (mx1.freebsd.org: domain of tech-lists@zyxst.net designates 66.111.4.29 as permitted sender) smtp.mailfrom=tech-lists@zyxst.net X-Spamd-Result: default: False [-7.20 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[zyxst.net:s=fm1,messagingengine.com:s=fm1]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.29]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[zyxst.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[zyxst.net:+,messagingengine.com:+]; RCPT_COUNT_TWO(0.00)[2]; MX_GOOD(-0.01)[in2-smtp.messagingengine.com,in1-smtp.messagingengine.com,in2-smtp.messagingengine.com,in1-smtp.messagingengine.com]; NEURAL_HAM_SHORT(-0.98)[-0.978,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; IP_SCORE(-3.62)[ip: (-9.67), ipnet: 66.111.4.0/24(-4.66), asn: 11403(-3.68), country: US(-0.08)]; RCVD_IN_DNSWL_LOW(-0.10)[29.4.111.66.list.dnswl.org : 127.0.5.1] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jan 2019 16:26:43 -0000 Hi, Is there a command (or a port) I can use which, when fed an installed port name, can tell me what installed it? I don't mean libraries. I mean the actual port name. thanks, -- J. From owner-freebsd-stable@freebsd.org Mon Jan 21 16:35:37 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0174114AE9C5; Mon, 21 Jan 2019 16:35:37 +0000 (UTC) (envelope-from asomers@gmail.com) Received: from mail-lf1-f52.google.com (mail-lf1-f52.google.com [209.85.167.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5256F6A382; Mon, 21 Jan 2019 16:35:35 +0000 (UTC) (envelope-from asomers@gmail.com) Received: by mail-lf1-f52.google.com with SMTP id p6so15996929lfc.1; Mon, 21 Jan 2019 08:35:35 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=sbTh0dORFxeJH0rHDtJv5sxHY5foRgl/WSBHv1Cq4Ys=; b=JDb1/IA03NeVsspC25r/6Y5N2TbN/fuQ0V7D6XKYKfUa3ALnpU4jCrVl1naejxNySx YXDE8S+QYB0fzowgAwhRBCi6sfUNXNWyEtNJsvh41/vSJdsNIS8BKEHUuPL70EAagSs6 OTy6CYoOp4OZKREYMvAjmyd+6W2g/fz/Ox92dBFfJ65EGGRWvJzN9p+eB68mv7XXFcHM xdDdjNPM/3J2+NCxnAR+c0ncljCOsg/dqNJyuO4o4xR7eRdxrB8IMJB7crinyKaTLUOu Vvj2apsilT82noHp1Ileov4X2h4VbqkggLvxu4OcFgpGm/vOM0RdYCRd7JkPdD7lM9DK rUhA== X-Gm-Message-State: AJcUukf6Go5+7Si+HFgvppKWXfHOm5YAMnxFudIrgFpikY1IrzYj2WGD qbUD5iCsVuLqBaTllhDNRQEXR/kgziZyElo1sEs/Jg== X-Google-Smtp-Source: ALg8bN5ymaBHV7HSpSj2aduKvA8Qqj3dlQum+r4BY36yCKF25dQBcN7Inuujuh6V8W06SI6hOTc6A3qM1hjxRGk2a4I= X-Received: by 2002:a19:660a:: with SMTP id a10mr19892642lfc.146.1548088532866; Mon, 21 Jan 2019 08:35:32 -0800 (PST) MIME-Version: 1.0 References: <20190121162634.GA30993@rpi3.zyxst.net> In-Reply-To: <20190121162634.GA30993@rpi3.zyxst.net> From: Alan Somers Date: Mon, 21 Jan 2019 09:35:20 -0700 Message-ID: Subject: Re: which port installed what other port To: FreeBSD , freebsd-ports@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 5256F6A382 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of asomers@gmail.com designates 209.85.167.52 as permitted sender) smtp.mailfrom=asomers@gmail.com X-Spamd-Result: default: False [-4.05 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.98)[-0.984,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[freebsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; IP_SCORE(-1.14)[ipnet: 209.85.128.0/17(-3.75), asn: 15169(-1.86), country: US(-0.08)]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[52.167.85.209.list.dnswl.org : 127.0.5.0]; NEURAL_HAM_SHORT(-0.92)[-0.916,0]; FORGED_SENDER(0.30)[asomers@freebsd.org,asomers@gmail.com]; MIME_TRACE(0.00)[0:+]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[asomers@freebsd.org,asomers@gmail.com]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jan 2019 16:35:37 -0000 Try "pkg info -r ". And to go the other direction, use "pkg info -d ". -Alan On Mon, Jan 21, 2019 at 9:27 AM tech-lists wrote: > > Hi, > > Is there a command (or a port) I can use which, when fed an installed > port name, can tell me what installed it? > > I don't mean libraries. I mean the actual port name. > > thanks, > -- > J. > _______________________________________________ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@freebsd.org Mon Jan 21 16:39:27 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 42C7214AEC15; Mon, 21 Jan 2019 16:39:27 +0000 (UTC) (envelope-from mad@madpilot.net) Received: from mail.madpilot.net (vogon.madpilot.net [159.69.1.99]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 01A796A62B; Mon, 21 Jan 2019 16:39:24 +0000 (UTC) (envelope-from mad@madpilot.net) Received: from mail (mail [192.168.254.3]) by mail.madpilot.net (Postfix) with ESMTP id 43jy1c4Dd2z6dPD; Mon, 21 Jan 2019 17:39:16 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=madpilot.net; h= content-transfer-encoding:content-language:content-type :content-type:in-reply-to:mime-version:user-agent:date:date :message-id:from:from:references:subject:subject:received :received; s=mail; t=1548088754; x=1549903155; bh=2iIZxeArrhTx2j 9mL19J2au7r/3w9i/Fj/tRNvmyK+w=; b=g7lmUc/TQqriu/FY6OT4ocJglN5x8V +qTp0GVUQAtc2a44FADcDBmh5qTKzq4Ixd3S0+9Gb26xbSaWnHPujlc/Hd6qkKk1 aGP3dTCOdniVlQgmXn+FtcrM6ZiIye+spm7riAhnit5nkJLcqoPKKs0mnJwjm7yZ awmkSkBTvLfQU= Received: from mail.madpilot.net ([192.168.254.3]) by mail (mail.madpilot.net [192.168.254.3]) (amavisd-new, port 10026) with ESMTP id iJnylWZhpCS8; Mon, 21 Jan 2019 17:39:14 +0100 (CET) Received: from marvin.madpilot.net (unknown [87.13.153.156]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.madpilot.net (Postfix) with ESMTPSA; Mon, 21 Jan 2019 17:39:14 +0100 (CET) Subject: Re: which port installed what other port To: freebsd-stable@freebsd.org, freebsd-ports@freebsd.org References: <20190121162634.GA30993@rpi3.zyxst.net> From: Guido Falsi Openpgp: preference=signencrypt Autocrypt: addr=mad@madpilot.net; prefer-encrypt=mutual; keydata= mQENBE+G+l0BCADi/WBQ0aRJfnE7LBPsM0G3m/m3Yx7OPu4iYFvS84xawmRHtCNjWIntsxuX fptkmEo3Rsw816WUrek8dxoUAYdHd+EcpBcnnDzfDH5LW/TZ4gbrFezrHPdRp7wdxi23GN80 qPwHEwXuF0X4Wy5V0OO8B6VT/nA0ADYnBDhXS52HGIJ/GCUjgqJn+phDTdCFLvrSFdmgx4Wl c0W5Z1p5cmDF9l8L/hc959AeyNf7I9dXnjekGM9gVv7UDUYzCifR3U8T0fnfdMmS8NeI9NC+ wuREpRO4lKOkTnj9TtQJRiptlhcHQiAlG1cFqs7EQo57Tqq6cxD1FycZJLuC32bGbgalABEB AAG0Hkd1aWRvIEZhbHNpIDxtYWRAbWFkcGlsb3QubmV0PokBOQQTAQgAIwIbAwIeAQIXgAUL CQgHAwUVCgkICwQWAgMBBQJS79AgAhkBAAoJEBrmhg5Wy9KTc0kH/RO64ORBlTbTHaUaOj8F Je5O5NU2Pt9Cyt5ZWBRvxntr1zPTJGKRPS9ihlIfqT4ZvEngQGp57EUyFbCpI0UWasTerImM tt5WACnGmCzUTB39UXx8Oy4b1EgWeTJQ747e/F1mQLXTNa6ijRBE9fYlTb4gAkPN88/wVV9v 3PZozKLTg16ghBzHM/P7Lk8L7clPEZChX1FTa/6eSt3nvzfCuTMZbBPJF/ph+q1KyPqRgVfh tyhu5dvgMoPz/ni41IfeSrkJTD5RXzdyGR9q4Z1NYeBsLkRjC4LxKAP5KqUsvlOUjKvO1byj ApYdMarol+IGkaSk9e3zVYAJkWKjn/ni8Xa5Ag0EUxB7QQEQAKFhrDceoPdK/IHDSmoj6SQY isvM7VdhcleS7E9DoEAVt7yMbf6HbbMVTTY6ckvwTWQssywLBXNVqxgc4WLJjzfUhgef+WE7 5M3+WFYlOVQLGZY/zEVgma1raYnOHNAOzeHLDmEXjbZP6vGAeDyBbGfQPpE7qGYZ7ubeT3Xw QO+PklcCrvOPj2ZPcAxGNS2xVU/LzONqCrJqLMJSIcCdsbiSP4G5PnDFHtMokaTY6OEr8OEQ fOAerhcHUa/z7Uu8YtmaqKH+QGkE/WEgaRqSiTnv0JOTD+DxehaqvoKPPZ++2NpCZMHB2i6A /xifmQwEiIjEXtcueBRzkNUQkxhqZyS13SrhocL9ydtaVPBzZatAEjUDDEJmAMLVFs45qfyh MiNapHJo2n3MW/E5omqCvEkDdWX/en3P7CK2TemeaDghMsgkNKax/z0wNo5UZCkOPOz0xpNi UilOVbkuezZZNg65741qee2lfXhQIaZ66yT7hphc/N/z3PIAtLeze4u1VR2EXAuZ2sWAdlKC NTlJMsaU/x70BV11Wd/ypnVzM68dfdQIIAj1iMFAD/lXGlEUmKXg5Ov2VQDlTntQoanCYrAg +8CttPzjrydgLZFq3hrtQmfc0se5yv1WHS69+BsUOG09RvvawUDZxUjW19kyeN9THaNRgow3 kSuArUp6zSmJABEBAAGJAR8EGAEIAAkFAlMQe0ECGwwACgkQGuaGDlbL0pMN5wgA4bCkX/qw EVC06ToeR6C2putmSWQMgpDaqrv65Hubo+QGmg2P4ewTYQQ4g6oYWS03qHxqVVWhKz7FjfrV +dH8qbCLfSgIcvdBha7ayGZVrsiuMLKGbw36fcmkZPpSDOfHcP0XH8Z+u9CWj0xUkTxAlZ/7 i6gYSUpG2JWNtdmE/X8VVEyXusCLwy0K0BI60A/4dRTIX3C4QKrJ3ZbUXegz70ynjHf+lQMZ 9IZKASoRMuS5FozPQh6abvmwZEPdf5I9riUElzvHrqJ8Bx0t3Pujdoth+yNHpnBxrtO8LkQd rQ58P0SwcaIX33T2U9pG8bhu5YVR88FQ8OQ0cEsPBpDncg== Message-ID: <31d638c5-1cf5-8f80-97b3-c332c7cb50a7@madpilot.net> Date: Mon, 21 Jan 2019 17:39:14 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: <20190121162634.GA30993@rpi3.zyxst.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 01A796A62B X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=madpilot.net header.s=mail header.b=g7lmUc/T; spf=pass (mx1.freebsd.org: domain of mad@madpilot.net designates 159.69.1.99 as permitted sender) smtp.mailfrom=mad@madpilot.net X-Spamd-Result: default: False [-6.21 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[madpilot.net:s=mail]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[madpilot.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[4]; IP_SCORE(-2.73)[ip: (-9.58), ipnet: 159.69.0.0/16(-1.72), asn: 24940(-2.35), country: DE(-0.01)]; DKIM_TRACE(0.00)[madpilot.net:+]; RCPT_COUNT_TWO(0.00)[2]; MX_GOOD(-0.01)[eddie.gfratio.it,vogon.madpilot.net]; NEURAL_HAM_SHORT(-0.97)[-0.969,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:24940, ipnet:159.69.0.0/16, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[156.153.13.87.zen.spamhaus.org : 127.0.0.10] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jan 2019 16:39:27 -0000 On 21/01/19 17:26, tech-lists wrote: > Hi, > > Is there a command (or a port) I can use which, when fed an installed > port name, can tell me what installed it? > > I don't mean libraries. I mean the actual port name. > Not sure what you're looking for anyway pkg has such functionality for run time dependencies: pkg info -d '*name*' shows packages on which any package matching '*name*' depends. You also have pkg info -r '*name*' which shows all packages requiring a specific package. This works only for run time dependencies (libraries and other), not for build time dependencies, which are not registered in the pkg database. Such information is not saved anywhere and is registered only in the port Makefiles. Check pkg-info(8) for further reference. Hope this helps. -- Guido Falsi From owner-freebsd-stable@freebsd.org Mon Jan 21 16:41:05 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6A8BA14AED97; Mon, 21 Jan 2019 16:41:05 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C6EDB6A87D; Mon, 21 Jan 2019 16:41:04 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 4663B28488; Mon, 21 Jan 2019 11:41:04 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Mon, 21 Jan 2019 11:41:04 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zyxst.net; h= date:from:to:subject:message-id:references:mime-version :content-type:in-reply-to; s=fm1; bh=0x1N5nJuuNxYPDsOnGKqWVrimlP +Lnci4cVNX4C9IjU=; b=KrNwQMCY8xRGRFe62TbRBenCtkHgD/oLRZkaomEJlRg ENTEV4fpY+30qroYvyxVba7myi2WGQh1usbeX+Tc6Dt9+j5r4+RMqv/8h5GekA9Y j76kpxrgDk6mnGdPPUO7Sx+8XfUVWlF7UNqZRw0j5pUs7htvmGD6ZRXDAuOagWKl fOhU1LKdw1IQ2KO+/dURCCg8cN5dDsDa3Ic8IR4zYdckyAUGw15YIX7d8Ym9VCXE cI0/UlpkalKJDE+qjM9zB6ZNqR4of6wIbp/plMKy5pROhDZ/hneYCMjMXpxpaYgE aSrnqeTYk9d8xci+E+WmFZPaPn8eW7HRwHs91Sg/KoA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=0x1N5n JuuNxYPDsOnGKqWVrimlP+Lnci4cVNX4C9IjU=; b=b2T/lkbJaLcJxORFZ5VGCf PT9lZG0oOLQklzjCmgSm8EveAu9zWNWdLf7w+pltCrr0nBz5uzFObEyKhz87Pa7j tMe3r1kBsPD1b4s3dI61/bKTBj0uUUX7kyCMuqoMqOy60xjCaj13YSJ8IUUk8Qkx XXBGy1O4IgGeOJ5VQWfE+QM6jHKvC7vtDLi1u/AhsXCiV3mntmvRXN7Fvpy0z4du KTo1hPa1XlzXtZg9bZSq1HpHy7D1uhCKxfFy7w+b8JbBcNo0xZul3CWbujsp1hzW Kal9EXOrttuE7x3wYQAbGa1LXg11PGbRrIMN2fa/GLzzpvExwkeVbOsc/R4DyRCw == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrheeigdelgecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthenuceurghilhhouhhtmecufedt tdenucenucfjughrpeffhffvuffkfhggtggujggfsehttdertddtredvnecuhfhrohhmpe htvggthhdqlhhishhtshcuoehtvggthhdqlhhishhtshesiiihgihsthdrnhgvtheqnecu kfhppeekvddrjedtrdeluddruddtudenucfrrghrrghmpehmrghilhhfrhhomhepthgvtg hhqdhlihhsthhsseiihiigshhtrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from rpi3.zyxst.net (rpi3.zyxst.net [82.70.91.101]) by mail.messagingengine.com (Postfix) with ESMTPA id 717B6E453B; Mon, 21 Jan 2019 11:41:03 -0500 (EST) Date: Mon, 21 Jan 2019 16:41:01 +0000 From: tech-lists To: freebsd-stable@freebsd.org, freebsd-ports@freebsd.org Subject: Re: which port installed what other port Message-ID: <20190121164100.GB30993@rpi3.zyxst.net> Mail-Followup-To: freebsd-stable@freebsd.org, freebsd-ports@freebsd.org References: <20190121162634.GA30993@rpi3.zyxst.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.11.2 (2019-01-07) X-Rspamd-Queue-Id: C6EDB6A87D X-Spamd-Bar: ------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=zyxst.net header.s=fm1 header.b=KrNwQMCY; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=b2T/lkbJ; spf=pass (mx1.freebsd.org: domain of tech-lists@zyxst.net designates 66.111.4.29 as permitted sender) smtp.mailfrom=tech-lists@zyxst.net X-Spamd-Result: default: False [-7.17 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[zyxst.net:s=fm1,messagingengine.com:s=fm1]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.29]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[zyxst.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[zyxst.net:+,messagingengine.com:+]; RCPT_COUNT_TWO(0.00)[2]; MX_GOOD(-0.01)[cached: in2-smtp.messagingengine.com]; NEURAL_HAM_SHORT(-0.95)[-0.947,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; IP_SCORE(-3.62)[ip: (-9.68), ipnet: 66.111.4.0/24(-4.66), asn: 11403(-3.68), country: US(-0.08)]; RCVD_IN_DNSWL_LOW(-0.10)[29.4.111.66.list.dnswl.org : 127.0.5.1] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jan 2019 16:41:05 -0000 On Mon, Jan 21, 2019 at 09:35:20AM -0700, Alan Somers wrote: >Try "pkg info -r ". And to go the other direction, use "pkg >info -d ". >-Alan > OK thank you, I'll try that -- J. From owner-freebsd-stable@freebsd.org Tue Jan 22 04:44:30 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0615714ACDC7; Tue, 22 Jan 2019 04:44:30 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9DB6171191; Tue, 22 Jan 2019 04:44:29 +0000 (UTC) (envelope-from lwhsu@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 1129) id 802AB970D; Tue, 22 Jan 2019 04:44:29 +0000 (UTC) Date: Tue, 22 Jan 2019 04:44:29 +0000 From: Li-Wen Hsu To: freebsd-testing@freebsd.org Subject: FreeBSD CI Weekly Report 2018-01-20 Message-ID: <20190122044429.GA32825@freefall.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) X-Rspamd-Queue-Id: 9DB6171191 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.90 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-0.97)[-0.969,0]; NEURAL_HAM_LONG(-1.00)[-0.997,0]; TAGGED_RCPT(0.00)[]; NEURAL_HAM_SHORT(-0.94)[-0.936,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Mailman-Approved-At: Tue, 22 Jan 2019 11:53:32 +0000 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 04:44:30 -0000 (bcc -current and -stable for more audience) FreeBSD CI Weekly Report 2018-01-20 =================================== Here's a summary of the FreeBSD Continuous Integration results for the period from 2018-01-14 to 2018-01-20 (and some older results because this is the first report). During this period, we have 1961 builds (89.8% pass, 8.7% failed, 1.5% exception) were executed on aarch64, amd64, armv6, armv7, i386, mips, mips64, powerpc, powerpc64, powerpcspe, riscv64, sparc64 architectures; and 496 test runs (51% pass, 49% unstable) were executed on amd64, i386, riscv64 architectures. If any of the issues found by CI are in your area of interest or expertise please investigate the PRs listed below. Web version and archive are available at http://hackfoldr.org/freebsd-ci-report/ Any help and suggestion are welcome. ## Failing Jobs * https://ci.freebsd.org/job/FreeBSD-head-amd64-test/ Test VM panics because of memory modified after free, see https://bugs.freebsd.org/235097 for more details. * https://ci.freebsd.org/job/FreeBSD-head-i386-test/ See https://bugs.freebsd.org/235097 * https://ci.freebsd.org/job/FreeBSD-head-amd64-gcc/ GCC reports: `error: floating constant exceeds range of 'long double' [-Werror=overflow]` ## Failing Tests * https://ci.freebsd.org/job/FreeBSD-head-amd64-test/ * lib.msun.cbrt_test.cbrtl_powl * lib.msun.trig_test.reduction See https://bugs.freebsd.org/234040 for detail * https://ci.freebsd.org/job/FreeBSD-head-i386-test/ * sys.netmap.ctrl-api-test.main * sys.opencrypto.runtests.main * lib.libc.regex.exhaust_test.regcomp_too_big * lib.libregex.exhaust_test.regcomp_too_big * sys.kern.coredump_phnum_test.coredump_phnum * https://ci.freebsd.org/job/FreeBSD-head-amd64-test_zfs/ There are 63 failing cases, see https://ci.freebsd.org/job/FreeBSD-head-amd64-test_zfs/lastCompletedBuild/testReport/ for more details * https://ci.freebsd.org/job/FreeBSD-head-amd64-dtrace_test/ * common.buffering.t_dtrace_contrib.tst_switch1_d * common.drops.t_dtrace_contrib.drp_DTRACEDROP_PRINCIPAL_d * common.syscall.t_dtrace_contrib.tst_args_d * common.usdt.t_dtrace_contrib.tst_dlclose1_ksh * common.rates.t_dtrace_contrib.tst_switchrate_dl * common.misc.t_dtrace_contrib.tst_dynopt_d * common.ip.t_dtrace_contrib.tst_ipv4localsctp_ksh * common.ip.t_dtrace_contrib.tst_localsctpstate_ksh * https://ci.freebsd.org/job/FreeBSD-stable-12-i386-test/ * sys.netmap.ctrl-api-test.main * sys.opencrypto.runtests.main * sbin.bectl.bectl_test.bectl_mount * lib.libc.regex.exhaust_test.regcomp_too_big * lib.libregex.exhaust_test.regcomp_too_big * sys.kern.coredump_phnum_test.coredump_phnum * https://ci.freebsd.org/job/FreeBSD-stable-11-amd64-test/ * usr.bin.procstat.procstat_test.kernel_stacks * https://ci.freebsd.org/job/FreeBSD-stable-11-i386-test/ * sys.netmap.ctrl-api-test.main * sys.opencrypto.runtests.main * usr.bin.procstat.procstat_test.kernel_stacks * local.kyua.* (31 cases) * local.lutok.* (3 cases) ## Disabled Tests * lib.libc.sys.mmap_test.mmap_truncate_signal https://bugs.freebsd.org/211924 * sys.fs.tmpfs.mount_test.large https://bugs.freebsd.org/212862 * sys.fs.tmpfs.link_test.kqueue https://bugs.freebsd.org/213662 * sys.kqueue.libkqueue.kqueue_test.main https://bugs.freebsd.org/233586 * usr.bin.procstat.procstat_test.command_line_arguments https://bugs.freebsd.org/233587 * usr.bin.procstat.procstat_test.environment https://bugs.freebsd.org/233588 ## Open Issues ### New * 235097: ci runs failing with panic in IPv6 code with use-after-free in epair/pfctl when running sys/netpfil/pf/nat tests https://bugs.freebsd.org/235097 ### Cause build fails * 233339: genassym.o build race https://bugs.freebsd.org/233339 ### Others Tickets related to testing@: https://preview.tinyurl.com/y9maauwg ## Other news * We've started working on integrating FreeBSD CI into upstream projects via hosted services (in particular, to date that's Cirrus-CI). Progress is tracked on https://wiki.freebsd.org/HostedCI * Result of daily Clang scan build: https://ci.freebsd.org/job/FreeBSD-head-scan_build/lastCompletedBuild/clangScanBuildBugs/ -- Li-Wen Hsu https://lwhsu.org From owner-freebsd-stable@freebsd.org Tue Jan 22 16:29:04 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7EAE014A74FB for ; Tue, 22 Jan 2019 16:29:04 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: from mail-ua1-x92d.google.com (mail-ua1-x92d.google.com [IPv6:2607:f8b0:4864:20::92d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 997F893232 for ; Tue, 22 Jan 2019 16:29:03 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: by mail-ua1-x92d.google.com with SMTP id n7so8257460uao.7 for ; Tue, 22 Jan 2019 08:29:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:mime-version:to:from:subject:date:importance; bh=GVpt8n/qUmxhYQ1f8CZuJ4j9rmNFHoVxpN5/9pIeEb4=; b=YrLhRmnl7qjB7wgA2vgg4XQ5agqjeTk3uNtI4kgFK5Sdd37J1GHjTG1n4DialMztWe 4jeIt6zcEcwCdWgx+sacbrYxnvpApB3qr6mxxtmoGeKYKA4K7EjcoKFQAMWljIvX4MGn Y3u3SxtgLGuNFFsKRnW2CkACb68TvypkN0hJObtr0u7ll6QgiAFp2Mmmzj+NeTqbUXCH oCozOlz+leAmTbMR+ntZyFzCpLginisbpubjfC8zygaSxTEDXgCOMXtrljo5DYdNiQmM XPaEqjj33f2OQqX3ZWNqzENZGs9lchIrFJpg5xpyk/o4HEn3r1R1kar4fv36pk/7lb/L G5Yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:mime-version:to:from:subject:date :importance; bh=GVpt8n/qUmxhYQ1f8CZuJ4j9rmNFHoVxpN5/9pIeEb4=; b=SBzywdEVmkz8EB2kfFiFSRSusFVZzzoGvuNizwaw+OMCrMaaL+nyDal/GP5W6CwV4a rFatvqdLmDOHpyIx+fLuv/0Wyhry9F2yIYazTkF+6p3Vi1D83rgagQgQj7a0mHadzV1d y/rHrgQDOfsQTlAXieCEdTLhUxU6N/sLUL2SBPOjrjVUdvy4H6YIi9Ygo6tZVQ5mrP+C h9Ttdv4xRCGvhwuoXOa3ARQX4KvGszCkXJTIR8k3e7fGBVmuK3gAsqSqI8v20N/xPZL8 6HD9fVaGOVv3esmKaX9Tn577uAm8UGpTW7Md9OmvNNwLLQnmfVJ++eitQNsHRqNsYIS6 p0tA== X-Gm-Message-State: AJcUukc1udd63OkOzwxN1eqHK9eUFneMpljt/uwOkSbWSB1JslXEy5nu ClsYp6/xn9mLQhO69+heRWns3V9i X-Google-Smtp-Source: ALg8bN5suf0ZLx+T3YdaXiSEOublDHcGiN0wJl1CK3u41xzdjdv+Jq3XiClsuMonlW1CFKbOpDKNVQ== X-Received: by 2002:ab0:7013:: with SMTP id k19mr14173728ual.18.1548174542693; Tue, 22 Jan 2019 08:29:02 -0800 (PST) Received: from ?IPv6:::ffff:192.10.1.165? (git.mayberryinv.com. [63.143.111.202]) by smtp.gmail.com with ESMTPSA id k123sm18377770vkk.19.2019.01.22.08.29.01 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Jan 2019 08:29:01 -0800 (PST) Message-ID: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> MIME-Version: 1.0 To: " freebsd-stable@freebsd.org" From: SoftwareInforJam Subject: Issue with mod_security3 Date: Tue, 22 Jan 2019 11:29:01 -0500 Importance: normal X-Priority: 3 X-Rspamd-Queue-Id: 997F893232 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=YrLhRmnl; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of softwareinforjam@gmail.com designates 2607:f8b0:4864:20::92d as permitted sender) smtp.mailfrom=softwareinforjam@gmail.com X-Spamd-Result: default: False [-3.83 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[1]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; HAS_X_PRIO_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.94)[-0.936,0]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-0.89)[ipnet: 2607:f8b0::/32(-2.46), asn: 15169(-1.89), country: US(-0.08)]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[d.2.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 16:29:04 -0000 Hi All I am have a queer problem with the port mod_security3. I actually want to s= et it up to work with NGINX. The port /usr/ports/www/mod_security3 exists b= ut when I do a=20 # pkg install mod_security3=20 I get=20 =E2=80=9Cpkg: No packages available to install matching 'mod_security3' hav= e been found in the repositories=E2=80=9D When I do a pkg search =E2=80=9Cmod_security*=E2=80=9D only ap24-mod_securi= ty-2.9.2_3 Intrusion detection and prevention engine. So only version = 2.9 shows up. Not sure why this is happening. Can anyone shed some light on= this please? Sent from Mail for Windows 10 From owner-freebsd-stable@freebsd.org Tue Jan 22 17:19:35 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9D01B14A9047 for ; Tue, 22 Jan 2019 17:19:35 +0000 (UTC) (envelope-from danfe@regency.nsu.ru) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 037D494FE9 for ; Tue, 22 Jan 2019 17:19:35 +0000 (UTC) (envelope-from danfe@regency.nsu.ru) Received: by mailman.ysv.freebsd.org (Postfix) id BAA6214A9045; Tue, 22 Jan 2019 17:19:34 +0000 (UTC) Delivered-To: stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A77A914A9044 for ; Tue, 22 Jan 2019 17:19:34 +0000 (UTC) (envelope-from danfe@regency.nsu.ru) Received: from mx.nsu.ru (mx.nsu.ru [84.237.50.39]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 568E794FE8 for ; Tue, 22 Jan 2019 17:19:26 +0000 (UTC) (envelope-from danfe@regency.nsu.ru) Received: from [84.237.50.47] (helo=regency.nsu.ru) by mx.nsu.ru with esmtp (Exim 4.72) (envelope-from ) id 1glzhl-0002l8-KD for stable@freebsd.org; Wed, 23 Jan 2019 00:19:17 +0700 Received: from regency.nsu.ru (localhost [127.0.0.1]) by regency.nsu.ru (8.14.2/8.14.2) with ESMTP id x0MHovtc027029 for ; Tue, 22 Jan 2019 23:50:57 +0600 (NOVT) (envelope-from danfe@regency.nsu.ru) Received: (from danfe@localhost) by regency.nsu.ru (8.14.2/8.14.2/Submit) id x0MHoqPu027008 for stable@freebsd.org; Wed, 23 Jan 2019 00:50:52 +0700 (+07) (envelope-from danfe) Date: Wed, 23 Jan 2019 00:50:52 +0700 From: Alexey Dokuchaev To: stable@freebsd.org Subject: 12.0-RELEASE kernel hangs on Dell Precision 7920 Message-ID: <20190122175052.GA21336@regency.nsu.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-KLMS-Rule-ID: 3 X-KLMS-Message-Action: skipped X-KLMS-AntiSpam-Status: not scanned, whitelist X-KLMS-AntiPhishing: not scanned, whitelist X-KLMS-AntiVirus: Kaspersky Security 8.0 for Linux Mail Server, version 8.0.1.705, not scanned, whitelist X-Rspamd-Queue-Id: 568E794FE8 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of danfe@regency.nsu.ru designates 84.237.50.39 as permitted sender) smtp.mailfrom=danfe@regency.nsu.ru X-Spamd-Result: default: False [0.23 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.36)[-0.364,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+a:mx.nsu.ru]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-0.10)[-0.101,0]; RCVD_COUNT_THREE(0.00)[4]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MX_GOOD(-0.01)[mx.nsu.ru]; DMARC_NA(0.00)[nsu.ru]; NEURAL_SPAM_SHORT(0.20)[0.200,0]; IP_SCORE(0.00)[country: RU(0.00)]; FORGED_SENDER(0.30)[danfe@nsu.ru,danfe@regency.nsu.ru]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:3335, ipnet:84.237.48.0/21, country:RU]; FROM_NEQ_ENVFROM(0.00)[danfe@nsu.ru,danfe@regency.nsu.ru] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 17:19:35 -0000 Hi there, I've installed FreeBSD/amd64 12.0-RELEASE on this beefy Dell Precision 7920 Tower workstation, but it does not boot unless I disable "Memory Map IO above 4GB" option in BIOS (UEFI): the kernel hangs right after "ACPI APIC Table: " line. Interestingly, it also won't boot if I disable NUMA (Non-Uniform Memory Access). This is for vanilla GENERIC kernel. Is this something known? Any ideas? I'd happily test patches, etc. ./danfe P.S. Ubuntu 16.04 LTS boots just fine on this box with default settings. From owner-freebsd-stable@freebsd.org Tue Jan 22 18:54:48 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A4C9414AB761 for ; Tue, 22 Jan 2019 18:54:48 +0000 (UTC) (envelope-from byshenknet@byshenk.net) Received: from v1.leiden.byshenk.net (v1.leiden.byshenk.net [37.97.209.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 77C2E6A1D3 for ; Tue, 22 Jan 2019 18:54:47 +0000 (UTC) (envelope-from byshenknet@byshenk.net) Received: by v1.leiden.byshenk.net (Postfix, from userid 1002) id 0DBC175934; Tue, 22 Jan 2019 19:54:39 +0100 (CET) Date: Tue, 22 Jan 2019 19:54:39 +0100 From: Gregory Byshenk To: "freebsd-stable@freebsd.org" , SoftwareInforJam Subject: Re: Issue with mod_security3 Message-ID: <20190122185438.GC85865@v1.leiden.byshenk.net> References: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> User-Agent: Mutt/1.11.1 (2018-12-01) X-Rspamd-Queue-Id: 77C2E6A1D3 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [0.65 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.28)[-0.277,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.39)[0.392,0]; NEURAL_HAM_LONG(-0.38)[-0.383,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[byshenk.net]; AUTH_NA(1.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[v2.leiden.byshenk.net,v1.leiden.byshenk.net]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[]; FORGED_SENDER(0.30)[freebsd@byshenk.net,byshenknet@byshenk.net]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:20857, ipnet:37.97.128.0/17, country:NL]; FROM_NEQ_ENVFROM(0.00)[freebsd@byshenk.net,byshenknet@byshenk.net]; IP_SCORE(-0.28)[asn: 20857(-1.40), country: NL(0.02)]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 18:54:48 -0000 On Tue, Jan 22, 2019 at 11:29:01AM -0500, SoftwareInforJam wrote: > I am have a queer problem with the port mod_security3. I > actually want to set it up to work with NGINX. The port > /usr/ports/www/mod_security3 exists but when I do a > # pkg install mod_security3 > I get > ???pkg: No packages available to install matching 'mod_security3' > have been found in the repositories??? > > When I do a pkg search ???mod_security*??? only > ap24-mod_security-2.9.2_3 Intrusion detection and prevention > engine. So only version 2.9 shows up. Not sure why this is > happening. Can anyone shed some light on this please? I'm no expert on mod_security, but my guess, based on reading https://www.linuxjournal.com/content/modsecurity-and-nginx, is that previous (to v3) versions of mod_security worked _only_ with apache. And it seems likely that the port has not yet been updated to the newest v3. Also based on the article, it seems that getting even mod_security v3 to work with nginx is slightly complicated, as building it depends on the specific version of nginx that is installed. -- gregory byshenk - gbyshenk@byshenk.net - Leiden, NL From owner-freebsd-stable@freebsd.org Tue Jan 22 19:03:06 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B8B7E14ABCCE for ; Tue, 22 Jan 2019 19:03:05 +0000 (UTC) (envelope-from matt.garber@gmail.com) Received: from mail-qt1-x843.google.com (mail-qt1-x843.google.com [IPv6:2607:f8b0:4864:20::843]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DA51E6ABD1 for ; Tue, 22 Jan 2019 19:03:04 +0000 (UTC) (envelope-from matt.garber@gmail.com) Received: by mail-qt1-x843.google.com with SMTP id l11so28965488qtp.0 for ; Tue, 22 Jan 2019 11:03:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=CTOPJJ2ofKV56adK53AH9nejyu2lcbk1BQWbDDrI8eY=; b=VM0dutVQ2LZeZdAGsLeDDpYmQC8W9Fvm+brJ+JuA6xXnadZADo7YfoOV5wxiud6F7q TLaq4L+YN5+6Ko/fx3d07rOTPAbps+8bUJw5O6KmV0XoHkvUUqdadESdBUpWCh6wrWER LFwz0uSiKZFKUeldw2Xb8KL6ge6kgunROtyU3PQ9FBF+XkaFWA7CSa5qrF2PAD1+HT+K vbk1Mqa9nHzBBvPvsZZu/v28AObtpJXUzj9ADhiZdsDMgwO5qIxEAgvFiW4NbLCzRd4s A1HZ+/UyqdLQvvi7m5S1WVBn/96tLpA0SoHyWqvxv3VuSCrJ0LG2ZGSPK0qWou0e1mra s64Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=CTOPJJ2ofKV56adK53AH9nejyu2lcbk1BQWbDDrI8eY=; b=D0yqlDsxY2bwPk2baceEaJPBJ7KG9YTqLwtdgHju0QEQRRIlbp9bMOfF6Pt0FJH52t 70geoe3NSN/hZjIMIWTCY2BI0wm0t+VpVR8cNdPr9yZBGAMKQJh8MR1TCzihY/StkD1D 8ln83r1SoXgzrflziB8tHkZHpVjORMI1uv8flOHiEsRlhSI+aT4GoesG8Y3K/3vUg1Gv lLY/jmyeAWLLlStQEO7iA5Skx5aqPhirj8jXkfrCilIayQtVTQRLSYMoSxR0vFvFuQcB k93Tu6DfoKMVJm6OZu0aHYo4LT1TvP9ZRbsIjIvwA6l2KZERpTFhxkcHrjRVSAbG6LAD ZO8Q== X-Gm-Message-State: AJcUukctG0NTgtIIoZrau/zUirRmZjk0b/Ex91bjFHFl6Vbq46w0WnRe z4fLaAmQmmuF/oW6HqqZbERFem+2 X-Google-Smtp-Source: ALg8bN509uhAlqsfJJldgQMcXEqWKgn3E55f58JrC27mYWGf2+wNsAdSl9ZKSkd3oihsDxOCtRr+gQ== X-Received: by 2002:aed:242e:: with SMTP id r43mr33418247qtc.128.1548183784410; Tue, 22 Jan 2019 11:03:04 -0800 (PST) Received: from [10.137.65.250] ([216.151.191.251]) by smtp.gmail.com with ESMTPSA id t5sm43507642qkl.14.2019.01.22.11.03.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Jan 2019 11:03:03 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Subject: Re: Issue with mod_security3 From: Matt Garber In-Reply-To: <20190122185438.GC85865@v1.leiden.byshenk.net> Date: Tue, 22 Jan 2019 14:03:02 -0500 Cc: "freebsd-stable@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: <6F9FCA4E-1368-4122-8EBC-5389B90C7FFB@gmail.com> References: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> <20190122185438.GC85865@v1.leiden.byshenk.net> To: Gregory Byshenk , SoftwareInforJam X-Mailer: Apple Mail (2.3445.102.3) X-Rspamd-Queue-Id: DA51E6ABD1 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=VM0dutVQ; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of mattgarber@gmail.com designates 2607:f8b0:4864:20::843 as permitted sender) smtp.mailfrom=mattgarber@gmail.com X-Spamd-Result: default: False [-4.10 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MV_CASE(0.50)[]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.98)[-0.976,0]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[3.4.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-0.61)[ip: (1.38), ipnet: 2607:f8b0::/32(-2.48), asn: 15169(-1.89), country: US(-0.08)] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 19:03:06 -0000 On Jan 22, 2019, at 1:54 PM, Gregory Byshenk = wrote: >=20 > On Tue, Jan 22, 2019 at 11:29:01AM -0500, SoftwareInforJam wrote: >=20 >> I am have a queer problem with the port mod_security3. I >> actually want to set it up to work with NGINX. The port >> /usr/ports/www/mod_security3 exists but when I do a=20 >> # pkg install mod_security3=20 >> I get=20 >> ???pkg: No packages available to install matching 'mod_security3' >> have been found in the repositories??? >>=20 >> When I do a pkg search ???mod_security*??? only >> ap24-mod_security-2.9.2_3 Intrusion detection and prevention >> engine. So only version 2.9 shows up. Not sure why this is >> happening. Can anyone shed some light on this please? >=20 > I'm no expert on mod_security, but my guess, based on reading > https://www.linuxjournal.com/content/modsecurity-and-nginx, > is that previous (to v3) versions of mod_security worked > _only_ with apache. >=20 > And it seems likely that the port has not yet been updated to > the newest v3. >=20 > Also based on the article, it seems that getting even mod_security > v3 to work with nginx is slightly complicated, as building it > depends on the specific version of nginx that is installed. ModSecurity 3 =E2=80=93 working natively with nginx =E2=80=93 is = significantly different than prior versions, although in this case I = think it=E2=80=99s merely a matter of not searching for the correct = package name: here are the two packages (not ports) available =E2=80=93 = note the name change for v3. You=E2=80=99ll need to install = =E2=80=98modsecurity3=E2=80=99 via packages for that version. (Your = search for mod_security* was too restrictive and didn=E2=80=99t show you = the v3 package, since it omits the underscore.) $ pkg search mod | grep security ap24-mod_security-2.9.2_3 Intrusion detection and prevention engine modsecurity3-3.0.3_1 Intrusion detection and prevention engine Thanks, =E2=80=94 Matt Garber From owner-freebsd-stable@freebsd.org Tue Jan 22 19:14:52 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 929DC14AC67A for ; Tue, 22 Jan 2019 19:14:52 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: from mail-ua1-x932.google.com (mail-ua1-x932.google.com [IPv6:2607:f8b0:4864:20::932]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 858DD6B523 for ; Tue, 22 Jan 2019 19:14:51 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: by mail-ua1-x932.google.com with SMTP id d2so8486251ual.2 for ; Tue, 22 Jan 2019 11:14:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:mime-version:to:from:subject:date:importance:in-reply-to :references; bh=Hg2e0BuIPc7AqXZPtgBrbjnwvU+mChuIv4pInUOHsiM=; b=lMXOlncFj5Nuq0OLH/Wau1IqaF84yimz2WaUBxMvvVJYUsNUZAoMDuMLO4YnnWQnnD BThhpkky/4LxxgOvtsZ3HEnq7hsoQgqns4l9sX9eqX+21O9DVo67BO5S8KTw13U+U3Ho rgtVHI89lpC5VXWP9e/8sfkxdd52lPfDvDCxrWhGmcZ12mnJXwwqfeBHQBntSLuTkdwU 4+6XxnhbCXhifxWPGJEmxHb3lvty089rkLyMuiCdybc/Oph65U4cj9OsgDQITv+q5neX 0L3K+6aMfyXe65dQ1ePOol93AWmgEwiNOn2e+9U1ZtAhcBQ+a6Yto+x2E1Qk55NqYWE+ iKDA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:mime-version:to:from:subject:date :importance:in-reply-to:references; bh=Hg2e0BuIPc7AqXZPtgBrbjnwvU+mChuIv4pInUOHsiM=; b=rB3T2OUUe/z5QDH4enx0XJAIBKIQFvh465UmgNLl9vX1VHf5OMvG2JCnM5cUF8PEie vFJUXyfSXxwXOxjlhQPjwaHw7F8T9g6F1ADr1KQSBE5DuAOHifnwvfJL0Qxu2SH6XGHy 9OSNktSmdeSEApfVaF8/7AZOe1XqDi8hrZ32eLmAvl2/4KDy7KUuadUJtn3h2NEit6d5 HoDSA4n/9/Ty+N4UhxoZNouxOMhXsgbyD2skReShYBVMP8TRDaU714tQDsYd31cgU+tc ZyiauG2ah6mrU3hC0IGnjaeiBNAZTBg2y/an4Vxt8wItYzSj8Xl72PFHWV+wY8j7UE64 joCA== X-Gm-Message-State: AJcUukfevGwBD0YgNjAJkRAoeWQgiTXIvut5R63b3N6Q4yv99bx8BYnA dYaYkp1M6ndYuM4dHPmSKq8JIvH+ X-Google-Smtp-Source: ALg8bN6+riDgupwZIYCa6lFp75yFPz1BsdsRuw2TgeoeUDgONaND2ndVzmpBjkMRrDUUnIEInPfNFA== X-Received: by 2002:a9f:300d:: with SMTP id h13mr14413975uab.80.1548184490748; Tue, 22 Jan 2019 11:14:50 -0800 (PST) Received: from ?IPv6:::ffff:192.10.1.165? ([208.131.167.134]) by smtp.gmail.com with ESMTPSA id l197sm101612086vke.18.2019.01.22.11.14.49 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Jan 2019 11:14:50 -0800 (PST) Message-ID: <5c476baa.1c69fb81.58970.0af8@mx.google.com> MIME-Version: 1.0 To: Gregory Byshenk , "freebsd-stable@freebsd.org" From: SoftwareInforJam Subject: RE: Issue with mod_security3 Date: Tue, 22 Jan 2019 14:14:50 -0500 Importance: normal X-Priority: 3 In-Reply-To: <20190122185438.GC85865@v1.leiden.byshenk.net> References: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> <20190122185438.GC85865@v1.leiden.byshenk.net> X-Rspamd-Queue-Id: 858DD6B523 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=lMXOlncF; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of softwareinforjam@gmail.com designates 2607:f8b0:4864:20::932 as permitted sender) smtp.mailfrom=softwareinforjam@gmail.com X-Spamd-Result: default: False [-4.84 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; HAS_X_PRIO_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.94)[-0.941,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2.3.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-0.89)[ipnet: 2607:f8b0::/32(-2.48), asn: 15169(-1.89), country: US(-0.08)] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jan 2019 19:14:52 -0000 Ah. Got that. Thank you. I had just assumed that the name would be the same= as the name of the port. I am going to try again. Thanks again. Sent from Mail for Windows 10 From: Gregory Byshenk Sent: Tuesday, January 22, 2019 1:54 PM To: freebsd-stable@freebsd.org; SoftwareInforJam Subject: Re: Issue with mod_security3 On Tue, Jan 22, 2019 at 11:29:01AM -0500, SoftwareInforJam wrote: > I am have a queer problem with the port mod_security3. I > actually want to set it up to work with NGINX. The port > /usr/ports/www/mod_security3 exists but when I do a=20 > # pkg install mod_security3=20 > I get=20 > ???pkg: No packages available to install matching 'mod_security3' > have been found in the repositories??? >=20 > When I do a pkg search ???mod_security*??? only > ap24-mod_security-2.9.2_3 Intrusion detection and prevention > engine. So only version 2.9 shows up. Not sure why this is > happening. Can anyone shed some light on this please? I'm no expert on mod_security, but my guess, based on reading https://www.linuxjournal.com/content/modsecurity-and-nginx, is that previous (to v3) versions of mod_security worked _only_ with apache. And it seems likely that the port has not yet been updated to the newest v3. Also based on the article, it seems that getting even mod_security v3 to work with nginx is slightly complicated, as building it depends on the specific version of nginx that is installed. --=20 gregory byshenk - gbyshenk@byshenk.net - Leiden, NL From owner-freebsd-stable@freebsd.org Wed Jan 23 00:18:12 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9A98B14B457D for ; Wed, 23 Jan 2019 00:18:12 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: from mail-vs1-xe2c.google.com (mail-vs1-xe2c.google.com [IPv6:2607:f8b0:4864:20::e2c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id F063F80A4A for ; Wed, 23 Jan 2019 00:18:10 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: by mail-vs1-xe2c.google.com with SMTP id y27so275284vsi.1 for ; Tue, 22 Jan 2019 16:18:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:mime-version:to:from:subject:date:importance:in-reply-to :references; bh=mHPPxuNeJ5H3j0E94y95GiOAOr5INeoksa1e2ehb/50=; b=DP/+skZ1WzNbeBTWSe8/QHGczjLKLIwftDIdse1ofJSWP43kkXfBns8s1HOabXXUV+ i+O0izUKGXdSdEFDY8O2oeFD3cnn+QiwqJeq7/4LBh7ME9N7//dzSGPL8XH8C3QKK9V1 6+Fjsw3jNUjV9YKbPxuVfBrgadYnBsHE4F2uD5W2WtWHEH/fNl3hZacI15YfSypomogb vxbCrlZur+SltJz8DYm8RYm9nb+S8/ZNIUhfTCsbHwcAtZzNO6ew6HNCSZLjwMUB5rf3 NM4hUIna5eUZkD0OC7qewmr/aIPqpV2GUuuONX9hoNVw6tjkw70whPhGzIbX0rhuvMME kKZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:mime-version:to:from:subject:date :importance:in-reply-to:references; bh=mHPPxuNeJ5H3j0E94y95GiOAOr5INeoksa1e2ehb/50=; b=kYzBb4Z1ugp1TicHCHyP5/EhociBNIg7z8hQQBi7gL041T2mMl+zVR+1qzLmRI/Zgh LLuyAXNU1ITQezWD6dEN19+/UsCJpPBZLxYC2ChCvlHMv12tTeXEW+IDMkosk7jmuKmf QF3Jhn8IiO6zaC5KROJiaQWdVQOqGCh5o/GNs6YwLtG6tBF0KjXxAarnFeEQueSnNW4L pTBRhDdcWT6naf7HHmFNQZ9N1Adf3iZ9F2+A32AxfIpLCk9SA/uiUuj5e1d1ikgod2kT NMKmZzvr/DwZbgjUR0N0cc/BN2I1ErLn/EMI9Vf9PA6HFyWuU7XrlprP79EqFnKQ+X0F 3FWw== X-Gm-Message-State: AJcUuke+kPbTH1dPcNJUWDgu1dHuAZ8Qei3Y2GMFbvnniwCSmnbNeu0g m9mRg9e4ajmu2VEFxKkgOeV/fsBz X-Google-Smtp-Source: ALg8bN5vsIk0UjBMNQcPbDmJeSgESwSSLqYYcm1tNuKhipKPphmErfJP4QUQBYpVoRjVm21SB1zzFg== X-Received: by 2002:a67:a9c7:: with SMTP id m68mr21073vsh.19.1548202689722; Tue, 22 Jan 2019 16:18:09 -0800 (PST) Received: from ?IPv6:::ffff:192.10.1.165? ([208.131.167.134]) by smtp.gmail.com with ESMTPSA id h2sm24167586vka.8.2019.01.22.16.18.07 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Jan 2019 16:18:08 -0800 (PST) Message-ID: <5c47b2c0.1c69fb81.ba7c2.95f3@mx.google.com> MIME-Version: 1.0 To: "freebsd-stable@freebsd.org" From: SoftwareInforJam Subject: RE: Issue with mod_security3 Date: Tue, 22 Jan 2019 19:18:08 -0500 Importance: normal X-Priority: 3 In-Reply-To: <5c476baa.1c69fb81.58970.0af8@mx.google.com> References: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> <20190122185438.GC85865@v1.leiden.byshenk.net> <5c476baa.1c69fb81.58970.0af8@mx.google.com> X-Rspamd-Queue-Id: F063F80A4A X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=DP/+skZ1; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of softwareinforjam@gmail.com designates 2607:f8b0:4864:20::e2c as permitted sender) smtp.mailfrom=softwareinforjam@gmail.com X-Spamd-Result: default: False [-5.55 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[3]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; HAS_X_PRIO_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.69)[-0.687,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(-2.85)[ip: (-9.82), ipnet: 2607:f8b0::/32(-2.46), asn: 15169(-1.89), country: US(-0.08)]; RCVD_IN_DNSWL_NONE(0.00)[c.2.e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; TO_DN_EQ_ADDR_ALL(0.00)[] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jan 2019 00:18:12 -0000 Well I am making some progress I guess. Now modsecurity is installed and no= t orphaned. My challenge now is that I have been reading several documents = and all of them say I need to add the following to nginx.conf load_module modules/ngx_http_modsecurity.so; My challenge now is I can=E2=80=99t seem to find this module anywhere. I am= not sure what to do now. Isn=E2=80=99t this module needed for this to work= ? root@proxy:/usr/local/etc/nginx # find / -name "ngx_http_modsecurity*" /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity_= body_filter.o /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity_= rewrite.o /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity_= log.o /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity_= pre_access.o /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity_= header_filter.o /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity_= module.o /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecurit= y_body_filter.c /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecurit= y_common.h /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecurit= y_header_filter.c /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecurit= y_log.c /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecurit= y_module.c /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecurit= y_pre_access.c /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecurit= y_rewrite.c Sent from Mail for Windows 10 From: SoftwareInforJam Sent: Tuesday, January 22, 2019 2:14 PM To: Gregory Byshenk; freebsd-stable@freebsd.org Subject: RE: Issue with mod_security3 Ah. Got that. Thank you. I had just assumed that the name would be the same= as the name of the port. I am going to try again. Thanks again. Sent from Mail for Windows 10 From: Gregory Byshenk Sent: Tuesday, January 22, 2019 1:54 PM To: freebsd-stable@freebsd.org; SoftwareInforJam Subject: Re: Issue with mod_security3 On Tue, Jan 22, 2019 at 11:29:01AM -0500, SoftwareInforJam wrote: > I am have a queer problem with the port mod_security3. I > actually want to set it up to work with NGINX. The port > /usr/ports/www/mod_security3 exists but when I do a=20 > # pkg install mod_security3=20 > I get=20 > ???pkg: No packages available to install matching 'mod_security3' > have been found in the repositories??? >=20 > When I do a pkg search ???mod_security*??? only > ap24-mod_security-2.9.2_3 Intrusion detection and prevention > engine. So only version 2.9 shows up. Not sure why this is > happening. Can anyone shed some light on this please? I'm no expert on mod_security, but my guess, based on reading https://www.linuxjournal.com/content/modsecurity-and-nginx, is that previous (to v3) versions of mod_security worked _only_ with apache. And it seems likely that the port has not yet been updated to the newest v3. Also based on the article, it seems that getting even mod_security v3 to work with nginx is slightly complicated, as building it depends on the specific version of nginx that is installed. --=20 gregory byshenk=C2=A0 -=C2=A0 gbyshenk@byshenk.net=C2=A0 -=C2=A0 Leiden, NL From owner-freebsd-stable@freebsd.org Wed Jan 23 00:59:13 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 71ACA14B5796 for ; Wed, 23 Jan 2019 00:59:13 +0000 (UTC) (envelope-from matt.garber@gmail.com) Received: from mail-qt1-x829.google.com (mail-qt1-x829.google.com [IPv6:2607:f8b0:4864:20::829]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8D4B582307 for ; Wed, 23 Jan 2019 00:59:12 +0000 (UTC) (envelope-from matt.garber@gmail.com) Received: by mail-qt1-x829.google.com with SMTP id t33so584503qtt.4 for ; Tue, 22 Jan 2019 16:59:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=+oExpbMqpOCRVYOg5UnXMpHAHZ+lKyRUZDbFqaivuU8=; b=tEXvLgUVzSsgJPqp+SYxIZxzU0HrbZvenKihU6+KDRlCTu7NB7uprSiYZPIaPjNrqy BEXp0qTT3ZqtBOFAe5HLbPzC3CYwAXmlusOsrMhD53eQZl+h0XvnKX2Ikc+BMG8U6VDL rQ1wKYlw2fdkQ8HAkZihcIPq7ZikWsRnHY03fAxKRQMYy7v742G7ZEDMlslb0ENOVzTF foTufWzAm3nr6DdFybSh3XMQGt5lHSq9CnhZkpjS7qCX1c2nkHgpngV+2VWZUNMQdIxa UJBHjUUluXyLhN3vaDcG8+va+bLJW5QA/JtHI+auO3Hry+QdoWwvBChHEF+MMtmH+dGH N9WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=+oExpbMqpOCRVYOg5UnXMpHAHZ+lKyRUZDbFqaivuU8=; b=Si2zGB0L4fgWptHAXlbcpnHjURk5CukkAbz8ZpljmGftHOTGK/0eXpO3Zt/tMxxsK9 3jtqesuaCbTpCztRlVniGS3J2EawOzi5qwZhd9H1V71RuvVD4Fw5v08f7EXQE/hFy01N H1QIUQND8NwjIPF8YRXNkpBPkaTsr/JmXK/c9fOuR0RwUmjmSO4bIDZ0FcwNMQQd0Set en+IcJ2Ur/Wqlh3un1qE8sf4UHQ9KGiC03SKCR1SsuCVV9OXo7vrYQ7w1lpD/myubquA EA+cSbW2WAHTeZl4fnHV/RS/ldip1IWiqp/vbfxzCDrKlYqmKFOJb11KTgbS/VY1OmQB 2icA== X-Gm-Message-State: AJcUukfjzYU4Ph2eiow+Ywu8HeQ5JvT9LPaGqJ6SM5uhhErvAZE+VY+q xLjHmwP0CUAkQYwf0MtvcAA= X-Google-Smtp-Source: ALg8bN4IR/P+46gzwhrkItNICcOGOB5/PPJsB/q4ab95a589eC+bxw8iLashnGjv3RyD1SCFaj5oEg== X-Received: by 2002:aed:2ee5:: with SMTP id k92mr167124qtd.304.1548205152047; Tue, 22 Jan 2019 16:59:12 -0800 (PST) Received: from [10.137.64.34] ([216.151.191.252]) by smtp.gmail.com with ESMTPSA id n67sm50836292qkd.95.2019.01.22.16.59.11 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 22 Jan 2019 16:59:11 -0800 (PST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Subject: Re: Issue with mod_security3 From: Matt Garber X-Priority: 3 In-Reply-To: <5c47b2c0.1c69fb81.ba7c2.95f3@mx.google.com> Date: Tue, 22 Jan 2019 19:59:09 -0500 Cc: "freebsd-stable@freebsd.org" Content-Transfer-Encoding: quoted-printable Message-Id: References: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> <20190122185438.GC85865@v1.leiden.byshenk.net> <5c476baa.1c69fb81.58970.0af8@mx.google.com> <5c47b2c0.1c69fb81.ba7c2.95f3@mx.google.com> To: SoftwareInforJam X-Mailer: Apple Mail (2.3445.102.3) X-Rspamd-Queue-Id: 8D4B582307 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=tEXvLgUV; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of mattgarber@gmail.com designates 2607:f8b0:4864:20::829 as permitted sender) smtp.mailfrom=mattgarber@gmail.com X-Spamd-Result: default: False [-6.12 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; MV_CASE(0.50)[]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; HAS_X_PRIO_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_SHORT(-0.94)[-0.944,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[9.2.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; RCVD_TLS_LAST(0.00)[]; IP_SCORE(-2.67)[ip: (-8.90), ipnet: 2607:f8b0::/32(-2.46), asn: 15169(-1.89), country: US(-0.08)] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jan 2019 00:59:13 -0000 > On Jan 22, 2019, at 7:18 PM, SoftwareInforJam = wrote: >=20 > Well I am making some progress I guess. Now modsecurity is installed = and not orphaned. My challenge now is that I have been reading several = documents and all of them say I need to add the following to nginx.conf >=20 > load_module modules/ngx_http_modsecurity.so; >=20 > My challenge now is I can=E2=80=99t seem to find this module anywhere. = I am not sure what to do now. Isn=E2=80=99t this module needed for this = to work? >=20 > root@proxy:/usr/local/etc/nginx # find / -name "ngx_http_modsecurity*" > = /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity= _body_filter.o > = /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity= _rewrite.o > = /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity= _log.o > = /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity= _pre_access.o > = /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity= _header_filter.o > = /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurity= _module.o > = /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecuri= ty_body_filter.c > = /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecuri= ty_common.h > = /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecuri= ty_header_filter.c > = /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecuri= ty_log.c > = /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecuri= ty_module.c > = /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecuri= ty_pre_access.c > = /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecuri= ty_rewrite.c Here are the steps I just followed successfully in a test jail =E2=80=93 = a mix of packages (modsecurity3) and the source for nginx and the = ModSecurity3-nginx connector; the =E2=80=98modsecurity3=E2=80=99 package = installs the shared library (e.g., = /usr/local/lib/libmodsecurity.so.3.0.3), but doesn=E2=80=99t install the = nginx connector. If the nginx port doesn=E2=80=99t have a make option = for the connector, you might have to either hack the port or just = compile from source like I did: ----- Very simplified, single jail ----- 1. Install the modsecurity3 library package and git for cloning the = ModSecurity-nginx repo: # pkg install modsecurity3 git 2. Grab the latest nginx source and ModSecurity-nginx repo: $ fetch 'http://nginx.org/download/nginx-1.14.2.tar.gz' $ tar -zxvf nginx-1.14.2.tar.gz $ git clone --depth 1 = https://github.com/SpiderLabs/ModSecurity-nginx.git $ cd nginx-1.14.2 3. Compile nginx, adding support for the ModSecurity3-nginx connector as = a dynamic module. I=E2=80=99ve also added a variety of other = FreeBSD-specific configuration directives and/or compilation/linking = hardening used by nginx upstream in their Linux repositories: $ ./configure --with-compat --add-dynamic-module=3D../ModSecurity-nginx = --prefix=3D/usr/local/etc/nginx --with-cc-opt=3D'-g -O2 = -fstack-protector-strong -Wformat -Werror=3Dformat-security -fPIC = -Wdate-time -D_FORTIFY_SOURCE=3D2 -I /usr/local/include' = --with-ld-opt=3D'-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC = -L /usr/local/lib' --conf-path=3D/usr/local/etc/nginx/nginx.conf = --sbin-path=3D/usr/local/sbin/nginx --pid-path=3D/var/run/nginx.pid = --error-log-path=3D/var/log/nginx/error.log --user=3Dwww --group=3Dwww = --modules-path=3D/usr/local/libexec/nginx --with-file-aio --with-threads = --without-mail_imap_module --without-mail_pop3_module = --without-mail_smtp_module --with-mail_ssl_module = --http-client-body-temp-path=3D/var/tmp/nginx/client_body_temp = --http-fastcgi-temp-path=3D/var/tmp/nginx/fastcgi_temp = --http-proxy-temp-path=3D/var/tmp/nginx/proxy_temp = --http-scgi-temp-path=3D/var/tmp/nginx/scgi_temp = --http-uwsgi-temp-path=3D/var/tmp/nginx/uwsgi_temp = --http-log-path=3D/var/log/nginx/access.log --with-http_addition_module = --with-http_auth_request_module --with-http_flv_module = --with-http_gunzip_module --with-http_gzip_static_module = --with-http_random_index_module --with-http_realip_module --with-pcre = --with-http_secure_link_module --with-http_slice_module = --with-http_ssl_module --with-http_stub_status_module = --with-http_sub_module --with-http_v2_module --with-stream_ssl_module = --with-mail=3Ddynamic --with-stream=3Ddynamic $ make $ sudo make install 4. The above step should have created ngx_http_modsecurity_module.so = under the nginx source directory, and installed it into = /usr/local/libexec/nginx, at which point the load_module directive in = the nginx configuration should work fine, and you can move on to ruleset = configuration. FYI, all of the above just follows the ~second half of = , after taking care of the prerequisites with FreeBSD = packages instead. Like I said, you could probably relatively easily hack = the nginx port to add in the integration of ModSecurity3-nginx if you = care about that more than keeping up-to-date with nginx source = separately, but then you=E2=80=99d have to avoid overwriting the port = =E2=80=93 YMMV. Thanks, =E2=80=94 Matt Garber From owner-freebsd-stable@freebsd.org Wed Jan 23 14:42:17 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9A72B14AA599 for ; Wed, 23 Jan 2019 14:42:17 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: from mail-vs1-xe30.google.com (mail-vs1-xe30.google.com [IPv6:2607:f8b0:4864:20::e30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A9C8F75C68 for ; Wed, 23 Jan 2019 14:42:16 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: by mail-vs1-xe30.google.com with SMTP id e7so1429962vsc.2 for ; Wed, 23 Jan 2019 06:42:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:mime-version:to:cc:from:subject:date:importance :in-reply-to:references; bh=cBusIE1sjrRilUYIF42vp4A8rP8QOzBhxdFQSylAZzc=; b=TnQ3iEFV/523Kx+O8jURzHjoMD1G+FsEvGBsKDRM7YyYL9LAPbMOjPGKeZy3VY7RZ/ LkXV6N7a5xN9caj35nKuj8WsXcC+3ggOcJgU4J0O2JwOjeTJwhF5fGfn4ksxov/wGL72 r6d4QfHboVu5caukwZth+CO0GY3NAXgIn3mF0Hu+SPA0NXd5BRgRC1mq4OBi066/KoW8 DdO8CDtgeC4VZatGFTVqp4v+grGV6Rjs5nybrTBvp4f10mCrsmqc5qyDGitOsq96W12N CfYLy/TUf7g4D+BAX3kL0Wgbe0/L8Ao9Yc0F7XhaKdwE/zkFj49jPFKVf6idWtE7mtRb 7bpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:mime-version:to:cc:from:subject:date :importance:in-reply-to:references; bh=cBusIE1sjrRilUYIF42vp4A8rP8QOzBhxdFQSylAZzc=; b=nXxjODKFkmU+xLNfeJ95U31+l3eCcWSbU8XGAaWKHamsz2mXFx8jkQwAJR32RoUa+f Ae4QasuqJLeX8UD1Z3reSlXjuxerFhz6DZUz/NPNAvvTIU8VkJdU/56SuoD0ek/5L1fs AhCpIRIbWL3NXxkjwtxYlLK2RwCXGE/Pn5VDyFuHJskjEIZ7ovRQbpRpiqX5BCXOIGQZ xsxFGA+vk43XFWg13tVWLqOcM1tnaUNyWPFt34Dus3Zn28Av80CXJyIA8i7geJtA6+cy e5rwLrSWukeSatFCHq9ni4nB4cYSGdsHxYgGfpojiZ4ZONZgWYQcg51hEig99dr6UmQh NgQQ== X-Gm-Message-State: AJcUukd7ciEIpmr8Xj+WnIj7OdgSO6a5IMUH1e1/246FMyn00sQhsvkA ju2Gqyw/DYgULDjm7fBOOzo= X-Google-Smtp-Source: ALg8bN4DZOTwyW3um+9QdWb/d/IXhtN8rUF2iRcmdu+nEzSEOCUhZfiP60INJRS4IzMFT4+Fiq10yg== X-Received: by 2002:a67:8188:: with SMTP id c130mr821222vsd.43.1548254536194; Wed, 23 Jan 2019 06:42:16 -0800 (PST) Received: from ?IPv6:::ffff:192.10.1.165? (git.mayberryinv.com. [63.143.111.202]) by smtp.gmail.com with ESMTPSA id k200sm62052136vke.9.2019.01.23.06.42.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Jan 2019 06:42:15 -0800 (PST) Message-ID: <5c487d47.1c69fb81.42b03.5916@mx.google.com> MIME-Version: 1.0 To: Matt Garber Cc: "freebsd-stable@freebsd.org" From: SoftwareInforJam Subject: RE: Issue with mod_security3 Date: Wed, 23 Jan 2019 09:42:17 -0500 Importance: normal X-Priority: 3 In-Reply-To: References: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> <20190122185438.GC85865@v1.leiden.byshenk.net> <5c476baa.1c69fb81.58970.0af8@mx.google.com> <5c47b2c0.1c69fb81.ba7c2.95f3@mx.google.com> X-Rspamd-Queue-Id: A9C8F75C68 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=TnQ3iEFV; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of softwareinforjam@gmail.com designates 2607:f8b0:4864:20::e30 as permitted sender) smtp.mailfrom=softwareinforjam@gmail.com X-Spamd-Result: default: False [-5.81 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[5]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; HAS_X_PRIO_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_SHORT(-0.95)[-0.949,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TAGGED_RCPT(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[0.3.e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-2.85)[ip: (-9.78), ipnet: 2607:f8b0::/32(-2.48), asn: 15169(-1.90), country: US(-0.08)] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jan 2019 14:42:17 -0000 Fantastic. Thanks so much for clarifying. I just thought that if the port i= nstalled, that should have taken care of that module. And thanks also for p= ointing out that document.=20 Sent from Mail for Windows 10 From: Matt Garber Sent: Tuesday, January 22, 2019 7:59 PM To: SoftwareInforJam Cc: freebsd-stable@freebsd.org Subject: Re: Issue with mod_security3 > On Jan 22, 2019, at 7:18 PM, SoftwareInforJam wrote: >=20 > Well I am making some progress I guess. Now modsecurity is installed and = not orphaned. My challenge now is that I have been reading several document= s and all of them say I need to add the following to nginx.conf >=20 > load_module modules/ngx_http_modsecurity.so; >=20 > My challenge now is I can=E2=80=99t seem to find this module anywhere. I = am not sure what to do now. Isn=E2=80=99t this module needed for this to wo= rk? >=20 > root@proxy:/usr/local/etc/nginx # find / -name "ngx_http_modsecurity*" > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_body_filter.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_rewrite.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_log.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_pre_access.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_header_filter.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_module.o > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_body_filter.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_common.h > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_header_filter.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_log.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_module.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_pre_access.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_rewrite.c Here are the steps I just followed successfully in a test jail =E2=80=93 a = mix of packages (modsecurity3) and the source for nginx and the ModSecurity= 3-nginx connector; the =E2=80=98modsecurity3=E2=80=99 package installs the = shared library (e.g., /usr/local/lib/libmodsecurity.so.3.0.3), but doesn=E2= =80=99t install the nginx connector. If the nginx port doesn=E2=80=99t have= a make option for the connector, you might have to either hack the port or= just compile from source like I did: ----- Very simplified, single jail ----- 1. Install the modsecurity3 library package and git for cloning the ModSecu= rity-nginx repo: # pkg install modsecurity3 git 2. Grab the latest nginx source and ModSecurity-nginx repo: $ fetch 'http://nginx.org/download/nginx-1.14.2.tar.gz' $ tar -zxvf nginx-1.14.2.tar.gz $ git clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.git $ cd nginx-1.14.2 3. Compile nginx, adding support for the ModSecurity3-nginx connector as a = dynamic module. I=E2=80=99ve also added a variety of other FreeBSD-specific= configuration directives and/or compilation/linking hardening used by ngin= x upstream in their Linux repositories: $ ./configure --with-compat --add-dynamic-module=3D../ModSecurity-nginx --p= refix=3D/usr/local/etc/nginx --with-cc-opt=3D'-g -O2 -fstack-protector-stro= ng -Wformat -Werror=3Dformat-security -fPIC -Wdate-time -D_FORTIFY_SOURCE= =3D2 -I /usr/local/include' --with-ld-opt=3D'-Wl,-Bsymbolic-functions -Wl,-= z,relro -Wl,-z,now -fPIC -L /usr/local/lib' --conf-path=3D/usr/local/etc/ng= inx/nginx.conf --sbin-path=3D/usr/local/sbin/nginx --pid-path=3D/var/run/ng= inx.pid --error-log-path=3D/var/log/nginx/error.log --user=3Dwww --group=3D= www --modules-path=3D/usr/local/libexec/nginx --with-file-aio --with-thread= s --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp= _module --with-mail_ssl_module --http-client-body-temp-path=3D/var/tmp/ngin= x/client_body_temp --http-fastcgi-temp-path=3D/var/tmp/nginx/fastcgi_temp -= -http-proxy-temp-path=3D/var/tmp/nginx/proxy_temp --http-scgi-temp-path=3D/= var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=3D/var/tmp/nginx/uwsgi_temp = --http-log-path=3D/var/log/nginx/access.log --with-http_addition_module --w= ith-http_auth_request_module --with-http_flv_module --with-http_gunzip_modu= le --with-http_gzip_static_module --with-http_random_index_module --with-ht= tp_realip_module --with-pcre --with-http_secure_link_module --with-http_sli= ce_module --with-http_ssl_module --with-http_stub_status_module --with-http= _sub_module --with-http_v2_module --with-stream_ssl_module --with-mail=3Ddy= namic --with-stream=3Ddynamic $ make $ sudo make install 4. The above step should have created ngx_http_modsecurity_module.so under = the nginx source directory, and installed it into /usr/local/libexec/nginx,= at which point the load_module directive in the nginx configuration should= work fine, and you can move on to ruleset configuration. FYI, all of the a= bove just follows the ~second half of , after taking care of t= he prerequisites with FreeBSD packages instead. Like I said, you could prob= ably relatively easily hack the nginx port to add in the integration of Mod= Security3-nginx if you care about that more than keeping up-to-date with ng= inx source separately, but then you=E2=80=99d have to avoid overwriting the= port =E2=80=93 YMMV. Thanks, =E2=80=94 Matt Garber From owner-freebsd-stable@freebsd.org Wed Jan 23 15:50:46 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1F72E14AB965 for ; Wed, 23 Jan 2019 15:50:46 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: from mail-ua1-x92b.google.com (mail-ua1-x92b.google.com [IPv6:2607:f8b0:4864:20::92b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id E968F77E89 for ; Wed, 23 Jan 2019 15:50:44 +0000 (UTC) (envelope-from softwareinforjam@gmail.com) Received: by mail-ua1-x92b.google.com with SMTP id e16so855831uam.12 for ; Wed, 23 Jan 2019 07:50:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=message-id:mime-version:to:cc:from:subject:date:importance :in-reply-to:references; bh=3oHtdIhe3KGXN2oUY3WrtYhvKxHv0O0N+EvhnuBBkxY=; b=mjeibNkndIeh6pmeRWCoKhS3+QczfEf2w6X1C54JVIFgbuBEr5YKxvgA9vsaOoHGNc 7UWnbEtah/UQCz4OI1tLcxd2457VTE4bCbFl3NSX0T/YIWtqA0TUg5+SQkb6zHz8RZ8h TR6jc5UXSrYBe5dAHx9BbTJICksJndSUr4X88bVVi96W1s1kI7zp9/V40xBl1fAmvA3y Aiz/RH6lNxI6TrTpA1ICvFQTEX1rzvdZ6+EJGzKc1Xd3lcj3yZasZcIgLiWxvhGOi982 iATfzbL7ojjE6PrVqSJO5vrslGtAf3pk5JPmS9TWXlSA7Z3Q2gG7QInZ7Q31sJ2xKil+ 2xrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:message-id:mime-version:to:cc:from:subject:date :importance:in-reply-to:references; bh=3oHtdIhe3KGXN2oUY3WrtYhvKxHv0O0N+EvhnuBBkxY=; b=O9nc102thl/bjLsEV0u7fIRXHiOctJsXQ75GiAomrv9WU6zFEYMuwouBScxhYaQZbg LbHFBwg1PVGHql2h4cvU4wpSSfR7MtV/9Gb2UL8vMgO5khOO4Kh11q5Ik8ZW/zinNIqR J7E8pls7no4K7dQK8+Prg69f0OahJLElUkqaT+H8rG2ZUk+aS18zK9bbwlKwsBm2Up7W INKsrWXceDIsQQBOEpuGV3i1a4URZ1RYyOVoIf/295IlnrUO1+lvUFvnch3OTYtlkw4S kOIvcwa2oJjpw/alM7ob4QL0Mrd2U7flUoRRzSeyz0jIObHX0JPqUKsf2dUFCnux/V1a 6Fyw== X-Gm-Message-State: AJcUukeKrlbunr717473yPIhSfnw43jdh4nFXm+iXAR7oOQlCI9ZUzlu mQYqzxclDznidXv/Mnxo+04= X-Google-Smtp-Source: ALg8bN70dzPQ2/PX+KrJ9k+sC//KucDzj9laotYAlxcUQfFREJf7Bn445hvNnQJaR/1sUWXwb55rtg== X-Received: by 2002:ab0:16c:: with SMTP id 99mr990133uak.15.1548258644202; Wed, 23 Jan 2019 07:50:44 -0800 (PST) Received: from ?IPv6:::ffff:192.10.1.165? (git.mayberryinv.com. [63.143.111.202]) by smtp.gmail.com with ESMTPSA id t133sm17832123vsc.8.2019.01.23.07.50.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 23 Jan 2019 07:50:43 -0800 (PST) Message-ID: <5c488d53.1c69fb81.68ca7.efd8@mx.google.com> MIME-Version: 1.0 To: Matt Garber Cc: "freebsd-stable@freebsd.org" From: SoftwareInforJam Subject: RE: Issue with mod_security3 Date: Wed, 23 Jan 2019 10:50:44 -0500 Importance: normal X-Priority: 3 In-Reply-To: References: <5c4744cd.1c69fb81.7b84f.5450@mx.google.com> <20190122185438.GC85865@v1.leiden.byshenk.net> <5c476baa.1c69fb81.58970.0af8@mx.google.com> <5c47b2c0.1c69fb81.ba7c2.95f3@mx.google.com> X-Rspamd-Queue-Id: E968F77E89 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=mjeibNkn; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of softwareinforjam@gmail.com designates 2607:f8b0:4864:20::92b as permitted sender) smtp.mailfrom=softwareinforjam@gmail.com X-Spamd-Result: default: False [-5.49 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[5]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; HAS_X_PRIO_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_SHORT(-0.98)[-0.979,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TAGGED_RCPT(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[b.2.9.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; IP_SCORE(-2.50)[ip: (-8.03), ipnet: 2607:f8b0::/32(-2.47), asn: 15169(-1.90), country: US(-0.08)] Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jan 2019 15:50:46 -0000 It seems to be working now thanks. At first I got a binary incompatible err= or when I ran service nginx configtest. I realized after that I needed to r= un configure with the same options that nginx is configured with on the Pro= d box. I copied the output of nginx -V to configure and ran again. The seco= nd module it produced seems to be working fine. Thanks very much again for = your help. Sent from Mail for Windows 10 From: Matt Garber Sent: Tuesday, January 22, 2019 7:59 PM To: SoftwareInforJam Cc: freebsd-stable@freebsd.org Subject: Re: Issue with mod_security3 > On Jan 22, 2019, at 7:18 PM, SoftwareInforJam wrote: >=20 > Well I am making some progress I guess. Now modsecurity is installed and = not orphaned. My challenge now is that I have been reading several document= s and all of them say I need to add the following to nginx.conf >=20 > load_module modules/ngx_http_modsecurity.so; >=20 > My challenge now is I can=E2=80=99t seem to find this module anywhere. I = am not sure what to do now. Isn=E2=80=99t this module needed for this to wo= rk? >=20 > root@proxy:/usr/local/etc/nginx # find / -name "ngx_http_modsecurity*" > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_body_filter.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_rewrite.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_log.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_pre_access.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_header_filter.o > /usr/ports/www/nginx/work/nginx-1.14.2/objs/addon/src/ngx_http_modsecurit= y_module.o > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_body_filter.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_common.h > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_header_filter.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_log.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_module.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_pre_access.c > /usr/ports/www/nginx/work/ModSecurity-nginx-71ede63/src/ngx_http_modsecur= ity_rewrite.c Here are the steps I just followed successfully in a test jail =E2=80=93 a = mix of packages (modsecurity3) and the source for nginx and the ModSecurity= 3-nginx connector; the =E2=80=98modsecurity3=E2=80=99 package installs the = shared library (e.g., /usr/local/lib/libmodsecurity.so.3.0.3), but doesn=E2= =80=99t install the nginx connector. If the nginx port doesn=E2=80=99t have= a make option for the connector, you might have to either hack the port or= just compile from source like I did: ----- Very simplified, single jail ----- 1. Install the modsecurity3 library package and git for cloning the ModSecu= rity-nginx repo: # pkg install modsecurity3 git 2. Grab the latest nginx source and ModSecurity-nginx repo: $ fetch 'http://nginx.org/download/nginx-1.14.2.tar.gz' $ tar -zxvf nginx-1.14.2.tar.gz $ git clone --depth 1 https://github.com/SpiderLabs/ModSecurity-nginx.git $ cd nginx-1.14.2 3. Compile nginx, adding support for the ModSecurity3-nginx connector as a = dynamic module. I=E2=80=99ve also added a variety of other FreeBSD-specific= configuration directives and/or compilation/linking hardening used by ngin= x upstream in their Linux repositories: $ ./configure --with-compat --add-dynamic-module=3D../ModSecurity-nginx --p= refix=3D/usr/local/etc/nginx --with-cc-opt=3D'-g -O2 -fstack-protector-stro= ng -Wformat -Werror=3Dformat-security -fPIC -Wdate-time -D_FORTIFY_SOURCE= =3D2 -I /usr/local/include' --with-ld-opt=3D'-Wl,-Bsymbolic-functions -Wl,-= z,relro -Wl,-z,now -fPIC -L /usr/local/lib' --conf-path=3D/usr/local/etc/ng= inx/nginx.conf --sbin-path=3D/usr/local/sbin/nginx --pid-path=3D/var/run/ng= inx.pid --error-log-path=3D/var/log/nginx/error.log --user=3Dwww --group=3D= www --modules-path=3D/usr/local/libexec/nginx --with-file-aio --with-thread= s --without-mail_imap_module --without-mail_pop3_module --without-mail_smtp= _module --with-mail_ssl_module --http-client-body-temp-path=3D/var/tmp/ngin= x/client_body_temp --http-fastcgi-temp-path=3D/var/tmp/nginx/fastcgi_temp -= -http-proxy-temp-path=3D/var/tmp/nginx/proxy_temp --http-scgi-temp-path=3D/= var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=3D/var/tmp/nginx/uwsgi_temp = --http-log-path=3D/var/log/nginx/access.log --with-http_addition_module --w= ith-http_auth_request_module --with-http_flv_module --with-http_gunzip_modu= le --with-http_gzip_static_module --with-http_random_index_module --with-ht= tp_realip_module --with-pcre --with-http_secure_link_module --with-http_sli= ce_module --with-http_ssl_module --with-http_stub_status_module --with-http= _sub_module --with-http_v2_module --with-stream_ssl_module --with-mail=3Ddy= namic --with-stream=3Ddynamic $ make $ sudo make install 4. The above step should have created ngx_http_modsecurity_module.so under = the nginx source directory, and installed it into /usr/local/libexec/nginx,= at which point the load_module directive in the nginx configuration should= work fine, and you can move on to ruleset configuration. FYI, all of the a= bove just follows the ~second half of , after taking care of t= he prerequisites with FreeBSD packages instead. Like I said, you could prob= ably relatively easily hack the nginx port to add in the integration of Mod= Security3-nginx if you care about that more than keeping up-to-date with ng= inx source separately, but then you=E2=80=99d have to avoid overwriting the= port =E2=80=93 YMMV. Thanks, =E2=80=94 Matt Garber From owner-freebsd-stable@freebsd.org Thu Jan 24 18:39:14 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 87C3214B978A; Thu, 24 Jan 2019 18:39:14 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 500D877F6E; Thu, 24 Jan 2019 18:39:12 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id D1D32236DF; Thu, 24 Jan 2019 13:39:05 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Thu, 24 Jan 2019 13:39:05 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zyxst.net; h= date:from:to:cc:subject:message-id:mime-version:content-type; s= fm1; bh=m0K+YysQeWNbWsSq3ZpVl24pI9JbhZ5ZG+f4/PyW/CY=; b=KiC+c/oG t7wa9mZ91391ptRxxSKwdBjNiUufZoQ7ne92JAPBHoDOGohItR+rrHh3kJj627aq XaMlJjplvlCGerYXsnnexs50zDHhYOKks4qyBx3gVKWEH1dM/HkzFeZz3HE+sYPU ccY9452NKzq0xmdLl6Ja2fPlTWmXOc0ilKb76nR1Q7q2k7WutSyuUeGZd2jZz1d7 Uh1fNfsU8jez9dBWWVYITKEB9SOjlCfP7zndiVxZBXkRnTE2JAIbbBf+4VfLxtgC 4AAT3UmOFZM3SH1taeonFu32lAFhR4/ZQcCHf1IOdeNu9qxsaTXNTWJYBV+yM6fK SLeFO0T+DGG2Gg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=m0K+YysQeWNbWsSq3ZpVl24pI9Jbh Z5ZG+f4/PyW/CY=; b=AhKNZpRk/4tltjPWXM+SuvKjsRWJKSaEojgLRwHcqUscY V5bunXeYn4mW9XOh3f1QFaZ/F4WSlSAWNSggyAs5EJW976rYjrsEtOEYa8aXH23E vokwTeCc2cCLFWzY5fJFytgMi2XMQiqyzqJp+2fDCi3NqA4P2FXrBXWJTPQcpJ1d CRhh3sgvJceH0eclswbzXmi0dlcYS3xAfa47E7YL70Hj/fzIs+aGmdSqIqk552Ct 9OWjOft0G7UERVB7Y40ND38Nw7N+i5p6TOkU9hzpqIFRluQzdf4Biubj8y7+3W5/ whbGbGuzs1QF4PXMs8PmxWLqXINxDY2XEj+3VHRag== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledriedvgdduudefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfquhhtnecuuegrihhlohhuthemucef tddtnecunecujfgurhepfffhvffukfggtggufgesthdtredttdervdenucfhrhhomhepth gvtghhqdhlihhsthhsuceothgvtghhqdhlihhsthhsseiihiigshhtrdhnvghtqeenucfk phepkedvrdejtddrledurddutddunecurfgrrhgrmhepmhgrihhlfhhrohhmpehtvggthh dqlhhishhtshesiiihgihsthdrnhgvthenucevlhhushhtvghrufhiiigvpedt X-ME-Proxy: Received: from rpi3.zyxst.net (rpi3.zyxst.net [82.70.91.101]) by mail.messagingengine.com (Postfix) with ESMTPA id E5C21E4668; Thu, 24 Jan 2019 13:39:04 -0500 (EST) Date: Thu, 24 Jan 2019 18:39:02 +0000 From: tech-lists To: freebsd-stable@freebsd.org Cc: freebsd-security@freebsd.org Subject: apache protection Message-ID: <20190124183902.GC30993@rpi3.zyxst.net> Mail-Followup-To: freebsd-stable@freebsd.org, freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline User-Agent: Mutt/1.11.2 (2019-01-07) X-Rspamd-Queue-Id: 500D877F6E X-Spamd-Bar: ------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=zyxst.net header.s=fm1 header.b=KiC+c/oG; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=AhKNZpRk; spf=pass (mx1.freebsd.org: domain of tech-lists@zyxst.net designates 66.111.4.29 as permitted sender) smtp.mailfrom=tech-lists@zyxst.net X-Spamd-Result: default: False [-7.10 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[zyxst.net:s=fm1,messagingengine.com:s=fm1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.29]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[zyxst.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[zyxst.net:+,messagingengine.com:+]; RCPT_COUNT_TWO(0.00)[2]; MX_GOOD(-0.01)[in2-smtp.messagingengine.com,in1-smtp.messagingengine.com,in2-smtp.messagingengine.com,in1-smtp.messagingengine.com]; NEURAL_HAM_SHORT(-0.86)[-0.863,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; IP_SCORE(-3.63)[ip: (-9.70), ipnet: 66.111.4.0/24(-4.69), asn: 11403(-3.66), country: US(-0.08)]; RCVD_IN_DNSWL_LOW(-0.10)[29.4.111.66.list.dnswl.org : 127.0.5.1] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jan 2019 18:39:14 -0000 Hi, I already use sshguard to block woodpeckers on sshd. Is there something similar for apache? If so, would it work with sshguard? I use pf for firewall. Basically something that's causing 404s 5 times per second. How can I (automatically) block it? thanks, -- J. From owner-freebsd-stable@freebsd.org Thu Jan 24 18:51:53 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E0ED614BA0D5; Thu, 24 Jan 2019 18:51:52 +0000 (UTC) (envelope-from mad@madpilot.net) Received: from mail.madpilot.net (vogon.madpilot.net [159.69.1.99]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BA3FB80FD0; Thu, 24 Jan 2019 18:51:50 +0000 (UTC) (envelope-from mad@madpilot.net) Received: from mail (mail [192.168.254.3]) by mail.madpilot.net (Postfix) with ESMTP id 43lrq33vrwz6dQp; Thu, 24 Jan 2019 19:51:43 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=madpilot.net; h= content-transfer-encoding:content-language:content-type :content-type:in-reply-to:mime-version:user-agent:date:date :message-id:from:from:references:subject:subject:received :received; s=mail; t=1548355901; x=1550170302; bh=g0j+o57a0fM3bX vuxAeSjRPe0Pms6DWSEkDuDgzznno=; b=lg399GVdIqtdocPN3kZO585ErcEpRe sawWqa8SrIo0KF+vf5Vs1G5R3ZDsez2iBc4NwqZGE44V5H3jOsDBtmK3+Y0cqPdU SX/wDVosPDbaLaCvXrz1hw7btDYmWrxsklqvTKay6t+ziloydaka/S4LYHbgZ3q0 sINfB1YrzbcGY= Received: from mail.madpilot.net ([192.168.254.3]) by mail (mail.madpilot.net [192.168.254.3]) (amavisd-new, port 10026) with ESMTP id 91Pat4XvACNw; Thu, 24 Jan 2019 19:51:41 +0100 (CET) Received: from tommy.madpilot.net (unknown [87.13.153.156]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mail.madpilot.net (Postfix) with ESMTPSA; Thu, 24 Jan 2019 19:51:41 +0100 (CET) Subject: Re: apache protection To: freebsd-stable@freebsd.org, freebsd-security@freebsd.org References: <20190124183902.GC30993@rpi3.zyxst.net> From: Guido Falsi Openpgp: preference=signencrypt Autocrypt: addr=mad@madpilot.net; prefer-encrypt=mutual; keydata= mQENBE+G+l0BCADi/WBQ0aRJfnE7LBPsM0G3m/m3Yx7OPu4iYFvS84xawmRHtCNjWIntsxuX fptkmEo3Rsw816WUrek8dxoUAYdHd+EcpBcnnDzfDH5LW/TZ4gbrFezrHPdRp7wdxi23GN80 qPwHEwXuF0X4Wy5V0OO8B6VT/nA0ADYnBDhXS52HGIJ/GCUjgqJn+phDTdCFLvrSFdmgx4Wl c0W5Z1p5cmDF9l8L/hc959AeyNf7I9dXnjekGM9gVv7UDUYzCifR3U8T0fnfdMmS8NeI9NC+ wuREpRO4lKOkTnj9TtQJRiptlhcHQiAlG1cFqs7EQo57Tqq6cxD1FycZJLuC32bGbgalABEB AAG0Hkd1aWRvIEZhbHNpIDxtYWRAbWFkcGlsb3QubmV0PokBOQQTAQgAIwIbAwIeAQIXgAUL CQgHAwUVCgkICwQWAgMBBQJS79AgAhkBAAoJEBrmhg5Wy9KTc0kH/RO64ORBlTbTHaUaOj8F Je5O5NU2Pt9Cyt5ZWBRvxntr1zPTJGKRPS9ihlIfqT4ZvEngQGp57EUyFbCpI0UWasTerImM tt5WACnGmCzUTB39UXx8Oy4b1EgWeTJQ747e/F1mQLXTNa6ijRBE9fYlTb4gAkPN88/wVV9v 3PZozKLTg16ghBzHM/P7Lk8L7clPEZChX1FTa/6eSt3nvzfCuTMZbBPJF/ph+q1KyPqRgVfh tyhu5dvgMoPz/ni41IfeSrkJTD5RXzdyGR9q4Z1NYeBsLkRjC4LxKAP5KqUsvlOUjKvO1byj ApYdMarol+IGkaSk9e3zVYAJkWKjn/ni8Xa5Ag0EUxB7QQEQAKFhrDceoPdK/IHDSmoj6SQY isvM7VdhcleS7E9DoEAVt7yMbf6HbbMVTTY6ckvwTWQssywLBXNVqxgc4WLJjzfUhgef+WE7 5M3+WFYlOVQLGZY/zEVgma1raYnOHNAOzeHLDmEXjbZP6vGAeDyBbGfQPpE7qGYZ7ubeT3Xw QO+PklcCrvOPj2ZPcAxGNS2xVU/LzONqCrJqLMJSIcCdsbiSP4G5PnDFHtMokaTY6OEr8OEQ fOAerhcHUa/z7Uu8YtmaqKH+QGkE/WEgaRqSiTnv0JOTD+DxehaqvoKPPZ++2NpCZMHB2i6A /xifmQwEiIjEXtcueBRzkNUQkxhqZyS13SrhocL9ydtaVPBzZatAEjUDDEJmAMLVFs45qfyh MiNapHJo2n3MW/E5omqCvEkDdWX/en3P7CK2TemeaDghMsgkNKax/z0wNo5UZCkOPOz0xpNi UilOVbkuezZZNg65741qee2lfXhQIaZ66yT7hphc/N/z3PIAtLeze4u1VR2EXAuZ2sWAdlKC NTlJMsaU/x70BV11Wd/ypnVzM68dfdQIIAj1iMFAD/lXGlEUmKXg5Ov2VQDlTntQoanCYrAg +8CttPzjrydgLZFq3hrtQmfc0se5yv1WHS69+BsUOG09RvvawUDZxUjW19kyeN9THaNRgow3 kSuArUp6zSmJABEBAAGJAR8EGAEIAAkFAlMQe0ECGwwACgkQGuaGDlbL0pMN5wgA4bCkX/qw EVC06ToeR6C2putmSWQMgpDaqrv65Hubo+QGmg2P4ewTYQQ4g6oYWS03qHxqVVWhKz7FjfrV +dH8qbCLfSgIcvdBha7ayGZVrsiuMLKGbw36fcmkZPpSDOfHcP0XH8Z+u9CWj0xUkTxAlZ/7 i6gYSUpG2JWNtdmE/X8VVEyXusCLwy0K0BI60A/4dRTIX3C4QKrJ3ZbUXegz70ynjHf+lQMZ 9IZKASoRMuS5FozPQh6abvmwZEPdf5I9riUElzvHrqJ8Bx0t3Pujdoth+yNHpnBxrtO8LkQd rQ58P0SwcaIX33T2U9pG8bhu5YVR88FQ8OQ0cEsPBpDncg== Message-ID: Date: Thu, 24 Jan 2019 19:51:41 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 MIME-Version: 1.0 In-Reply-To: <20190124183902.GC30993@rpi3.zyxst.net> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: BA3FB80FD0 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=madpilot.net header.s=mail header.b=lg399GVd; spf=pass (mx1.freebsd.org: domain of mad@madpilot.net designates 159.69.1.99 as permitted sender) smtp.mailfrom=mad@madpilot.net X-Spamd-Result: default: False [-6.19 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[madpilot.net:s=mail]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[madpilot.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[4]; IP_SCORE(-2.75)[ip: (-9.60), ipnet: 159.69.0.0/16(-1.81), asn: 24940(-2.33), country: DE(-0.01)]; DKIM_TRACE(0.00)[madpilot.net:+]; RCPT_COUNT_TWO(0.00)[2]; MX_GOOD(-0.01)[eddie.gfratio.it,vogon.madpilot.net]; NEURAL_HAM_SHORT(-0.93)[-0.930,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:24940, ipnet:159.69.0.0/16, country:DE]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[156.153.13.87.zen.spamhaus.org : 127.0.0.10] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jan 2019 18:51:53 -0000 On 24/01/19 19:39, tech-lists wrote: > Hi, > > I already use sshguard to block woodpeckers on sshd. Is there something > similar for apache? If so, would it work with sshguard? I use pf for > firewall. > > Basically something that's causing 404s 5 times per second. How can I > (automatically) block it? > security/py-fail2ban may be what you are looking for. It has modules to read various common log files (including apache) and to manage locks for various firewalls and other tools. It's also easy to create new modules. -- Guido Falsi From owner-freebsd-stable@freebsd.org Thu Jan 24 19:53:41 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DC4114BC3B4 for ; Thu, 24 Jan 2019 19:53:41 +0000 (UTC) (envelope-from donald.charles@stardataleads.com) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 0EBEB83DB7 for ; Thu, 24 Jan 2019 19:53:41 +0000 (UTC) (envelope-from donald.charles@stardataleads.com) Received: by mailman.ysv.freebsd.org (Postfix) id C590614BC3B2; Thu, 24 Jan 2019 19:53:40 +0000 (UTC) Delivered-To: stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A31FD14BC3B1 for ; Thu, 24 Jan 2019 19:53:40 +0000 (UTC) (envelope-from donald.charles@stardataleads.com) Received: from a2nlsmtp01-05.prod.iad2.secureserver.net (a2nlsmtp01-05.prod.iad2.secureserver.net [198.71.225.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "relay-hosting.secureserver.net", Issuer "Starfield Secure Certificate Authority - G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 0915A83DB6 for ; Thu, 24 Jan 2019 19:53:40 +0000 (UTC) (envelope-from donald.charles@stardataleads.com) Received: from a2plcpnl0421.prod.iad2.secureserver.net ([198.71.235.17]) by : HOSTING RELAY : with ESMTP id mkl8grSSRVVmMmkl8g210P; Thu, 24 Jan 2019 12:33:54 -0700 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=stardataleads.com; s=default; h=Content-Type:MIME-Version:Message-ID:Date: Subject:To:From:Sender:Reply-To:Cc:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=hMmKxZ0kpPIscwO5wXdJ/a/GmKdz4tQSI2s5KNlbpPI=; b=LJ2Uswks61zpIBdBA551VYIM2I jML3yF2hcktyT4XLeMgOXttijoe+X0sYjYvb4yjf7IkDD3ExwmddHcnD6KF3n+wFYMnLL03wXmpm2 0af05jbzEKTAXgv+27qeQLvWmxdcESLsDoveUaYQfRcPoAbehXYQXy/NCAq7FD53a4TxDo9vSHdGy pk6JZAwNUt0Xbe1P5byF9RbWWqS0we4rPkMA6wQyRKwmSaOpDKNSb7p9NaRJT2qJpKJNfjWVlW01W ITR9vK+ZW6f4f1e/ND3vyoi5OsLyzJP1VkusqpsEIm70hFy2BjfY2gwBoOQtqiWbK45y6viqTFuIB DNDMYqnQ==; Received: from [106.200.205.135] (port=51236 helo=AdminPC) by a2plcpnl0421.prod.iad2.secureserver.net with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.91) (envelope-from ) id 1gmkNM-00GmQY-P2 for stable@freebsd.org; Thu, 24 Jan 2019 12:09:21 -0700 From: "Donald Charles" To: Subject: =?us-ascii?Q?Southern_California_Linux_Expo_-_SCALE_-_2019?= Date: Thu, 24 Jan 2019 14:08:25 -0500 Message-ID: MIME-Version: 1.0 X-Mailer: Microsoft Office Outlook 12.0 Thread-Index: AdS0GCvxDWdzy1JFRjiaH14+25saJQ== Content-Language: en-us X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - a2plcpnl0421.prod.iad2.secureserver.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - stardataleads.com X-Get-Message-Sender-Via: a2plcpnl0421.prod.iad2.secureserver.net: authenticated_id: donald.charles@stardataleads.com X-Authenticated-Sender: a2plcpnl0421.prod.iad2.secureserver.net: donald.charles@stardataleads.com X-Source: X-Source-Args: X-Source-Dir: X-CMAE-Envelope: MS4wfHt88LLIlEgPkd1PoKssMgwxbD2TVzXyFZ10qzWxILgrm2QzTV+NiTwgGhhFN0RCqonRTQK3lj7KfEO84W/Gyu+ZEg0hDkDqbcE3J+jKGm2Ffv2PYF3C ny74JBiCnL3Cq8T9GETkkniB++L3fT9F/QMLlih2VqOYswOe6YM1CuKdJUCOSKMH3z6s4BtMO+DiXvmDztd+wgMhvDpLCDRRpKc2I4Q6Jy3BPJfTpSH1F5Vr X-Rspamd-Queue-Id: 0915A83DB6 X-Spamd-Bar: +++++ Authentication-Results: mx1.freebsd.org; dkim=none (invalid DKIM record) header.d=stardataleads.com header.s=default header.b=LJ2Uswks; spf=pass (mx1.freebsd.org: domain of donald.charles@stardataleads.com designates 198.71.225.49 as permitted sender) smtp.mailfrom=donald.charles@stardataleads.com X-Spamd-Result: default: False [5.29 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; MX_INVALID(0.50)[cached]; R_SPF_ALLOW(-0.20)[+ip4:198.71.224.0/19]; HAS_X_SOURCE(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[stardataleads.com:~]; SUBJ_EXCESS_QP(1.20)[]; HAS_X_ANTIABUSE(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[135.205.200.106.zen.spamhaus.org : 127.0.0.11]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; ASN(0.00)[asn:26496, ipnet:198.71.224.0/21, country:US]; MID_RHS_MATCH_FROM(0.00)[]; HAS_X_AS(0.00)[donald.charles@stardataleads.com]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.99)[0.989,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[stardataleads.com]; NEURAL_SPAM_MEDIUM(1.00)[0.995,0]; RCPT_COUNT_ONE(0.00)[1]; IP_SCORE(0.91)[ip: (3.42), ipnet: 198.71.224.0/21(1.05), asn: 26496(0.15), country: US(-0.08)]; NEURAL_SPAM_LONG(1.00)[1.000,0]; RCVD_IN_DNSWL_NONE(0.00)[49.225.71.198.list.dnswl.org : 127.0.5.0]; R_DKIM_PERMFAIL(0.00)[stardataleads.com:s=default]; HAS_X_GMSV(0.00)[donald.charles@stardataleads.com]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jan 2019 19:53:41 -0000 Hi, Would you be interested in acquiring a list of "Southern California Linux Expo - SCALE - 2019?" We have the most updated records of attendees Contacts who are participating in this event. Please let me know your interest to send you the number of Attendees and cost. Awaiting for your reply. Best Regards, Donald Charles, Marketing and Communications. From owner-freebsd-stable@freebsd.org Fri Jan 25 02:51:11 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CE348148F6FF for ; Fri, 25 Jan 2019 02:51:10 +0000 (UTC) (envelope-from tatersoup38@gmail.com) Received: from mail-wm1-x32f.google.com (mail-wm1-x32f.google.com [IPv6:2a00:1450:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CE3FC93FB8 for ; Fri, 25 Jan 2019 02:51:09 +0000 (UTC) (envelope-from tatersoup38@gmail.com) Received: by mail-wm1-x32f.google.com with SMTP id m1so5302942wml.2 for ; Thu, 24 Jan 2019 18:51:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=J9ImsFlBU/nrM89lACNDW0L/K5X3XPc+2N2jjShv2T0=; b=nGpLEyzNyt1u2yrRD6FP0MLrnyN9kPqrLriNLDAQNUDEuo2qKE2x01loUUve5n0SS7 sREVra06vWJWo7Y6WXgvSJpIkJIQiUhwI4ueyRqEV7enT6jDtKTfeamqKVlDFh40JI6b HuL6q19AyIzy79B1QhO+407WTyk4pkkF93pIyTrQ4C3faSRH+zrvCZk20UcNwrp8A9xL lPpsuFVVRQAbNpcg8+DqbTEU8C042hXLgIgrClDIhC2p8GiN8nQdzrIJRaiYaduWznAA wi3T/Ndt2wCiF6/GiRMHu7l2hVEnFrBsVLXblj28iUAMREfNYjQ3nNL0Z0ROi94P7+Cj Qmtw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=J9ImsFlBU/nrM89lACNDW0L/K5X3XPc+2N2jjShv2T0=; b=HrSZNUOHmhMRjoIMVeH+qx35rhTC8cfQ7GliA2zpewWSxq8I5F5Xp3te98bzU/DOpr oVSIAVfUlz47elvUJFkztRNZwFCuzZzjT4N9Av7xr2Dw/V18/xEw8X2cPF3HX5DxR09e G1Y2m7/6TlD3aefg9GltZL16PpGQwd7UhXt9AHWoyt0hMvSPU/89MOixe0kfnn13bY1U 3bMNHnf3vXYaFZ318ZR6qramZFJ/7KjQD8Sg9sVUgqaoFBW2fQG/D2v0f6kIFJNG+mTE H5C9DML6j5T9bqscgcMwOEL2JnTFcytFlFOOAUolp6AhUD7YCpsJy8mx+apPyXpTDmtt vdFA== X-Gm-Message-State: AJcUukcu3ONiYNnrEq9h96VkpvQZ4u+pr4RKO8s42Kw1die9twuqT9Qb 8/Tdmlhuo1YB6zDT4nExlz78R5akbytvOVYBBg2VVw== X-Google-Smtp-Source: ALg8bN546E3ETJRkpeeUjkqayZS41kl23QZHTAA2vtzFSpGI0BuiWDby2T2wzifIPH3/9Vo6v6pfJ0hGn44QQPQpODs= X-Received: by 2002:a1c:8d53:: with SMTP id p80mr5218822wmd.68.1548384668386; Thu, 24 Jan 2019 18:51:08 -0800 (PST) MIME-Version: 1.0 From: Shayne Ison Date: Thu, 24 Jan 2019 21:50:56 -0500 Message-ID: Subject: Bug reports. To: freebsd-stable@freebsd.org X-Rspamd-Queue-Id: CE3FC93FB8 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=nGpLEyzN; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of tatersoup38@gmail.com designates 2a00:1450:4864:20::32f as permitted sender) smtp.mailfrom=tatersoup38@gmail.com X-Spamd-Result: default: False [-6.00 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[f.2.3.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.5.4.1.0.0.a.2.list.dnswl.org : 127.0.5.0]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; IP_SCORE(-2.63)[ip: (-8.92), ipnet: 2a00:1450::/32(-2.22), asn: 15169(-1.91), country: US(-0.08)]; NEURAL_HAM_SHORT(-0.37)[-0.370,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2019 02:51:11 -0000 This is Shayne I seen your links and would like to be on your mailing list Im a user of freebsd-stable From owner-freebsd-stable@freebsd.org Fri Jan 25 07:06:20 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AD4D514AA51B for ; Fri, 25 Jan 2019 07:06:20 +0000 (UTC) (envelope-from darius@dons.net.au) Received: from ipmail07.adl2.internode.on.net (ipmail07.adl2.internode.on.net [150.101.137.131]) by mx1.freebsd.org (Postfix) with ESMTP id F1A876C8BF for ; Fri, 25 Jan 2019 07:06:11 +0000 (UTC) (envelope-from darius@dons.net.au) Received: from unknown (HELO midget.dons.net.au) ([118.211.114.134]) by ipmail07.adl2.internode.on.net with ESMTP; 25 Jan 2019 17:30:58 +1030 Received: from midget.dons.net.au (localhost [127.0.0.1]) by midget.dons.net.au (8.15.2/8.15.2) with ESMTPS id x0P70jNH062464 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 25 Jan 2019 17:30:51 +1030 (ACDT) (envelope-from darius@dons.net.au) Received: (from mailnull@localhost) by midget.dons.net.au (8.15.2/8.15.2/Submit) id x0P6Xd37040714 for ; Fri, 25 Jan 2019 17:03:39 +1030 (ACDT) (envelope-from darius@dons.net.au) X-Authentication-Warning: midget.dons.net.au: mailnull set sender to using -f Received: from [203.31.81.59] ([203.31.81.59]) by [118.211.114.134] (envelope-sender ) (MIMEDefang) with ESMTP id x0P6XXdD040712; Fri, 25 Jan 2019 17:03:39 +1030 From: "O'Connor, Daniel" Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Date: Fri, 25 Jan 2019 17:03:32 +1030 Subject: FreeBSD update & custom kernel Message-Id: To: freebsd-stable X-Mailer: Apple Mail (2.3445.102.3) X-Spam-Score: 1.3 (*) No, score=1.3 required=5.0 tests=RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Scanned-By: MIMEDefang 2.83 on 10.0.2.1 X-Rspamd-Queue-Id: F1A876C8BF X-Spamd-Bar: ++++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [4.70 / 15.00]; ARC_NA(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; FROM_HAS_DN(0.00)[]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_SPAM_MEDIUM(0.96)[0.956,0]; DMARC_NA(0.00)[dons.net.au]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[midget.dons.net.au]; NEURAL_SPAM_LONG(0.99)[0.994,0]; NEURAL_SPAM_SHORT(0.93)[0.935,0]; R_SPF_NA(0.00)[]; RCVD_NO_TLS_LAST(0.10)[]; RCVD_IN_DNSWL_LOW(-0.10)[131.137.101.150.list.dnswl.org : 127.0.5.1]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:4739, ipnet:150.101.0.0/16, country:AU]; MID_RHS_MATCH_FROM(0.00)[]; IP_SCORE(0.43)[ipnet: 150.101.0.0/16(1.74), asn: 4739(0.44), country: AU(-0.04)]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2019 07:06:20 -0000 Hi everyone, I recently tried out freebsd-update on a system with a custom kernel (it = uses ALTQ) and it seems that this means you have to reboot into the new = generic kernel, build the custom kernel & install it and then reboot = again. Obviously for me this is not a huge deal since I only need it for ALTQ = but it is more challenging if you need a custom kernel because a GENERIC = one crashes etc.. It also reduces downtime significantly since it saves = a reboot etc.. Is it feasible for freebsd-update to update the source before the first = reboot so a custom kernel can be built? Even if it had to go into a = separate directory to allow rollback to work it would be a worthwhile = tradeoff. I have no idea how feasible such a thing would be though :) Thanks -- Daniel O'Connor "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum From owner-freebsd-stable@freebsd.org Fri Jan 25 10:49:49 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B6BF914B0864 for ; Fri, 25 Jan 2019 10:49:49 +0000 (UTC) (envelope-from a199e59c87e914e7b5fdb9459865d66e@zxas.fi) Received: from box.zxas.fi (box.zxas.fi [IPv6:2a05:b9c0::1:0:a4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CAAE874CD5 for ; Fri, 25 Jan 2019 10:49:47 +0000 (UTC) (envelope-from a199e59c87e914e7b5fdb9459865d66e@zxas.fi) Received: from authenticated-user (box.zxas.fi [185.87.111.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by box.zxas.fi (Postfix) with ESMTPSA id 8F9668202A; Fri, 25 Jan 2019 12:49:32 +0200 (EET) Received: from authenticated-user (box.zxas.fi [185.87.111.174]) by zero.my.domain (Postfix) with ESMTP id 273C933C39; Fri, 25 Jan 2019 12:49:29 +0200 (EET) Received: from authenticated-user (box.zxas.fi [185.87.111.174]) by thunderbolt.my.domain (8.15.2/8.15.2) with ESMTPS id x0PAnSlc084969 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 25 Jan 2019 12:49:28 +0200 (EET) (envelope-from ejk@thunderbolt.my.domain) Received: from authenticated-user (box.zxas.fi [185.87.111.174]) by thunderbolt.my.domain (8.15.2/8.15.2/Submit) id x0PAnSg7084968; Fri, 25 Jan 2019 12:49:28 +0200 (EET) (envelope-from ejk) Date: Fri, 25 Jan 2019 12:49:28 +0200 From: Esa Karkkainen To: "O'Connor, Daniel" Cc: freebsd-stable Subject: Re: FreeBSD update & custom kernel Message-ID: <20190125104928.GD63197@pp.htv.fi> Mail-Followup-To: Esa Karkkainen , "O'Connor, Daniel" , freebsd-stable References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: CAAE874CD5 X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.31 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[zxas.fi:~]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[zxas.fi,quarantine]; MX_GOOD(-0.01)[box.zxas.fi]; FORGED_SENDER(0.30)[freebsd.lists@zxas.fi,a199e59c87e914e7b5fdb9459865d66e@zxas.fi]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:201057, ipnet:2a05:b9c0::/29, country:FI]; FROM_NEQ_ENVFROM(0.00)[freebsd.lists@zxas.fi,a199e59c87e914e7b5fdb9459865d66e@zxas.fi]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.995,0]; RCVD_COUNT_FIVE(0.00)[5]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_SHORT(-0.78)[-0.782,0]; NEURAL_HAM_LONG(-1.00)[-0.999,0]; MIME_GOOD(-0.10)[text/plain]; IP_SCORE(-0.02)[country: FI(-0.09)]; TO_MATCH_ENVRCPT_SOME(0.00)[]; R_DKIM_PERMFAIL(0.00)[zxas.fi:s=mail] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2019 10:49:50 -0000 On Fri, Jan 25, 2019 at 05:03:32PM +1030, O'Connor, Daniel wrote: > Hi everyone, Hi Daniel, > Is it feasible for freebsd-update to update the source before the > first reboot so a custom kernel can be built? It's a hack, but sorta kinda yes. Use freebsd-update to update only the source, and follow the instructions here: https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html Which suggests to use svc to update sources instead of freebsd-update. Or you can use two separate freebsd-update config files, modified one modified to exclude i.e remove "src" from "Components" line, and new copied from the default which excudes everything exept the souces i.e. "Components src". Update only the source, build world and kernel(s), install the locally built kernel and the the normal freebsd-update. Regards, Esa -- "In the beginning the Universe was created. This has made a lot of people very angry and been widely regarded as a bad move." -- Douglas Adams 1952 - 2001 From owner-freebsd-stable@freebsd.org Fri Jan 25 11:45:32 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6D99714B23BE for ; Fri, 25 Jan 2019 11:45:32 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from land.berklix.org (land.berklix.org [144.76.10.75]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "land.berklix.org", Issuer "land.berklix.org" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 234D977482 for ; Fri, 25 Jan 2019 11:45:28 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from mart.js.berklix.net (p2E52C0CB.dip0.t-ipconnect.de [46.82.192.203]) (authenticated bits=0) by land.berklix.org (8.15.2/8.15.2) with ESMTPSA id x0PBjJc7023172 (version=TLSv1 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 25 Jan 2019 11:45:23 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id x0PBjFVA083540; Fri, 25 Jan 2019 12:45:16 +0100 (CET) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.7/8.14.7) with ESMTP id x0PBivk0099566; Fri, 25 Jan 2019 12:45:09 +0100 (CET) (envelope-from jhs@berklix.com) Message-Id: <201901251145.x0PBivk0099566@fire.js.berklix.net> To: Shayne Ison cc: freebsd-stable@freebsd.org Subject: Re: Bug reports. From: "Julian H. Stacey" Organization: http://berklix.eu BSD Unix Linux Consultants, Munich Aachen Kent User-agent: EXMH on FreeBSD http://berklix.eu/free/ X-From: http://www.berklix.eu/~jhs/ In-reply-to: Your message "Thu, 24 Jan 2019 21:50:56 -0500." Date: Fri, 25 Jan 2019 12:44:57 +0100 X-Rspamd-Queue-Id: 234D977482 X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [1.33 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.29)[0.286,0]; NEURAL_HAM_LONG(-0.04)[-0.042,0]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[berklix.com]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.12)[0.124,0]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: land.berklix.com]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[]; FREEMAIL_TO(0.00)[gmail.com]; RECEIVED_SPAMHAUS_PBL(0.00)[203.192.82.46.zen.spamhaus.org : 127.0.0.10]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:24940, ipnet:144.76.0.0/16, country:DE]; RCVD_TLS_LAST(0.00)[]; IP_SCORE(0.08)[ipnet: 144.76.0.0/16(2.72), asn: 24940(-2.33), country: DE(-0.01)]; FROM_EQ_ENVFROM(0.00)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2019 11:45:32 -0000 > This is Shayne I seen your links and would like to be on your mailing list > Im a user of freebsd-stable Hi, Join here https://lists.freebsd.org/mailman/listinfo/freebsd-stable Cheers, Julian -- Julian Stacey, Consultant Systems Engineer, BSD Linux Unix, Munich Aachen Kent 1st referendum Stole 700,000 votes from British in EU, 3.7 million globally, 1.9 M too young to vote, 1.3 M died, mostly leavers. Fraud, fines & lies. Honest Ref. Now ! Revoke Art. 50 for now to buy time to plan to avoid chaos. http://exitbrexit.uk/#email_your_mp From owner-freebsd-stable@freebsd.org Fri Jan 25 23:56:08 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2282F14C78BB for ; Fri, 25 Jan 2019 23:56:08 +0000 (UTC) (envelope-from karl@denninger.net) Received: from colo1.denninger.net (colo1.denninger.net [104.236.120.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5348781642 for ; Fri, 25 Jan 2019 23:56:07 +0000 (UTC) (envelope-from karl@denninger.net) Received: from denninger.net (ip68-1-57-197.pn.at.cox.net [68.1.57.197]) by colo1.denninger.net (Postfix) with ESMTP id E5CDF2110B0 for ; Fri, 25 Jan 2019 18:55:29 -0500 (EST) Received: from [192.168.10.23] (D13.Denninger.Net [192.168.10.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by denninger.net (Postfix) with ESMTPSA id 2A40ED1B68 for ; Fri, 25 Jan 2019 17:55:29 -0600 (CST) To: freebsd-stable@freebsd.org From: Karl Denninger Subject: Not sure if this is the correct place.... (laptop, dual-boot EFI) Openpgp: preference=signencrypt Autocrypt: addr=karl@denninger.net; prefer-encrypt=mutual; keydata= mQINBFIX1zsBEADRcJfsQUl9oFeoMfLPJ1kql+3sIaYx0MfJAUhV9LnbWxr0fsWCskM1O4cV tHm5dqPkuPM4Ztc0jLotD1i9ubWvCHOlkLGxFOL+pFbjA+XZ7VKsC/xWmhMwJ3cM8HavK2OV SzEWQ/AEYtMi04IzGSwsxh/5/5R0mPHrsIomV5SbuiI0vjLuDj7fo6146AABI1ULzge4hBYW i/SHrqUrLORmUNBs6bxek79/B0Dzk5cIktD3LOfbT9EAa5J/osVkstMBhToJgQttaMIGv8SG CzpR/HwEokE+7DP+k2mLHnLj6H3kfugOF9pJH8Za4yFmw//s9cPXV8WwtZ2SKfVzn1unpKqf wmJ1PwJoom/d4fGvQDkgkGKRa6RGC6tPmXnqnx+YX4iCOdFfbP8L9rmk2sewDDVzHDU3I3ZZ 8hFIjMYM/QXXYszRatK0LCV0QPZuF7LCf4uQVKw1/oyJInsnH7+6a3c0h21x+CmSja9QJ+y0 yzgEN/nM89d6YTakfR+1xkYgodVmMy/bS8kmXbUUZG/CyeqCqc95RUySjKT2ECrf9GhhoQkl +D8n2MsrAUSMGB4GQSN+TIq9OBTpNuvATGSRuF9wnQcs1iSry+JNCpfRTyWp83uCNApe6oHU EET4Et6KDO3AvjvBMAX0TInTRGW2SQlJMuFKpc7Dg7tHK8zzqQARAQABtCNLYXJsIERlbm5p bmdlciA8a2FybEBkZW5uaW5nZXIubmV0PokCPAQTAQIAJgUCUhfXOwIbIwUJCWYBgAYLCQgH AwIEFQIIAwQWAgMBAh4BAheAAAoJEG6/sivc5s0PLxQP/i6x/QFx9G4Cw7C+LthhLXIm7NSH AtNbz2UjySEx2qkoQQjtsK6mcpEEaky4ky6t8gz0/SifIfJmSmyAx0UhUQ0WBv1vAXwtNrQQ jJd9Bj6l4c2083WaXyHPjt2u2Na6YFowyb4SaQb83hu/Zs25vkPQYJVVE0JX409MFVPUa6E3 zFbd1OTr3T4yNUy4gNeQZfzDqDS8slbIks2sXeoJrZ6qqXVI0ionoivOlaN4T6Q0UYyXtigj dQvvhMt0aNowKFjRqrmSDRpdz+o6yg7Mp7qEZ1V6EZk8KqQTH6htpCTQ8i79ttK4LG6bstSF Re6Fwq52nbrcANrcdmtZXqjo+SGbUqJ8b1ggrxAsJ5MEhRh2peKrCgI/TjQo+ZxfnqEoR4AI 46Cyiz+/lcVvlvmf2iPifS3EEdaH3Itfwt7MxFm6mQORYs6skHDw3tOYB2/AdCW6eRVYs2hB RMAG4uwApZfZDKgRoE95PJmQjeTBiGmRPcsQZtNESe7I7EjHtCDLwtJqvD4HkDDQwpzreT6W XkyIJ7ns7zDfA1E+AQhFR6rsTFGgQZRZKsVeov3SbhYKkCnVDCvb/PKQCAGkSZM9SvYG5Yax 8CMry3AefKktf9fqBFg8pWqtVxDwJr56dhi0GHXRu3jVI995rMGo1fLUG5fSxiZ8L5sAtokh 9WFmQpyl Message-ID: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> Date: Fri, 25 Jan 2019 17:55:28 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-512; boundary="------------ms020700050107040708020207" X-Rspamd-Queue-Id: 5348781642 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-5.87 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_ATTACHMENT(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; MX_GOOD(-0.01)[px.denninger.net]; NEURAL_HAM_SHORT(-0.60)[-0.600,0]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-2.06)[ip: (-9.85), ipnet: 104.236.64.0/18(-3.10), asn: 14061(2.72), country: US(-0.08)]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:14061, ipnet:104.236.64.0/18, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:+]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[197.57.1.68.zen.spamhaus.org : 127.0.0.11]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; SIGNED_SMIME(-2.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,multipart/alternative,text/plain]; RCVD_TLS_LAST(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[denninger.net]; R_SPF_NA(0.00)[] X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jan 2019 23:56:08 -0000 This is a cryptographically signed message in MIME format. --------------ms020700050107040708020207 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable -mobile appears to be pretty much a dead-letter, so I'm posting here... I have dual-boot working well on my Lenovo X220, and have for quite some time, between Win10 and FreeBSD 11.=C2=A0 This is set up for MBR however,= not EFI. I just picked up an X1 Carbon Gen 6, which is an UEFI machine, with Win10 on it. I'd like to repartition it to be able to dual boot it much as I do with my X220 (I wish I could ditch Windows entirely, but that is just not going to happen), but I'm not sure how to accomplish that in the EFI world -- or if it reasonably CAN be done in the EFI world.=C2=A0 Fortunat= ely the BIOS has an option to turn off secure boot (which I surmise from reading the Wiki FreeBSD doesn't yet support) but I still need a means to select from some reasonably-friendly way *what* to boot. With the X220 Bootmanager does this reasonably easily; you get an "F" key for the desired partition, and if you press nothing after a few seconds whatever you pressed last is booted.=C2=A0 Works fine.=C2=A0 What= options exist for doing this in a UEFI world, if any, and is there a "cookbook" for putting this together?=C2=A0 I assume *someone* has set up dual, give= n that the X1 Carbon Gen 6 is listed as working in the laptop database. Thanks in advance! --=20 Karl Denninger karl@denninger.net /The Market Ticker/ /[S/MIME encrypted email preferred]/ --------------ms020700050107040708020207 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC DdgwggagMIIEiKADAgECAhMA5EiKghDOXrvfxYxjITXYDdhIMA0GCSqGSIb3DQEBCwUAMIGL MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJTmljZXZpbGxlMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExITAf BgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQTAeFw0xNzA4MTcxNjQyMTdaFw0yNzA4 MTUxNjQyMTdaMHsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkwFwYDVQQKDBBD dWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExJTAjBgNVBAMMHEN1 ZGEgU3lzdGVtcyBMTEMgMjAxNyBJbnQgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQC1aJotNUI+W4jP7xQDO8L/b4XiF4Rss9O0B+3vMH7Njk85fZ052QhZpMVlpaaO+sCI KqG3oNEbuOHzJB/NDJFnqh7ijBwhdWutdsq23Ux6TvxgakyMPpT6TRNEJzcBVQA0kpby1DVD 0EKSK/FrWWBiFmSxg7qUfmIq/mMzgE6epHktyRM3OGq3dbRdOUgfumWrqHXOrdJz06xE9NzY vc9toqZnd79FUtE/nSZVm1VS3Grq7RKV65onvX3QOW4W1ldEHwggaZxgWGNiR/D4eosAGFxn uYeWlKEC70c99Mp1giWux+7ur6hc2E+AaTGh+fGeijO5q40OGd+dNMgK8Es0nDRw81lRcl24 SWUEky9y8DArgIFlRd6d3ZYwgc1DMTWkTavx3ZpASp5TWih6yI8ACwboTvlUYeooMsPtNa9E 6UQ1nt7VEi5syjxnDltbEFoLYcXBcqhRhFETJe9CdenItAHAtOya3w5+fmC2j/xJz29og1KH YqWHlo3Kswi9G77an+zh6nWkMuHs+03DU8DaOEWzZEav3lVD4u76bKRDTbhh0bMAk4eXriGL h4MUoX3Imfcr6JoyheVrAdHDL/BixbMH1UUspeRuqQMQ5b2T6pabXP0oOB4FqldWiDgJBGRd zWLgCYG8wPGJGYgHibl5rFiI5Ix3FQncipc6SdUzOQIDAQABo4IBCjCCAQYwHQYDVR0OBBYE FF3AXsKnjdPND5+bxVECGKtc047PMIHABgNVHSMEgbgwgbWAFBu1oRhUMNEzjODolDka5k4Q EDBioYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJ TmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5 c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYIJAKxAy1WBo2kY MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IC AQCB5686UCBVIT52jO3sz9pKuhxuC2npi8ZvoBwt/IH9piPA15/CGF1XeXUdu2qmhOjHkVLN gO7XB1G8CuluxofOIUce0aZGyB+vZ1ylHXlMeB0R82f5dz3/T7RQso55Y2Vog2Zb7PYTC5B9 oNy3ylsnNLzanYlcW3AAfzZcbxYuAdnuq0Im3EpGm8DoItUcf1pDezugKm/yKtNtY6sDyENj tExZ377cYA3IdIwqn1Mh4OAT/Rmh8au2rZAo0+bMYBy9C11Ex0hQ8zWcvPZBDn4v4RtO8g+K uQZQcJnO09LJNtw94W3d2mj4a7XrsKMnZKvm6W9BJIQ4Nmht4wXAtPQ1xA+QpxPTmsGAU0Cv HmqVC7XC3qxFhaOrD2dsvOAK6Sn3MEpH/YrfYCX7a7cz5zW3DsJQ6o3pYfnnQz+hnwLlz4MK 17NIA0WOdAF9IbtQqarf44+PEyUbKtz1r0KGeGLs+VGdd2FLA0e7yuzxJDYcaBTVwqaHhU2/ Fna/jGU7BhrKHtJbb/XlLeFJ24yvuiYKpYWQSSyZu1R/gvZjHeGb344jGBsZdCDrdxtQQcVA 6OxsMAPSUPMrlg9LWELEEYnVulQJerWxpUecGH92O06wwmPgykkz//UmmgjVSh7ErNvL0lUY UMfunYVO/O5hwhW+P4gviCXzBFeTtDZH259O7TCCBzAwggUYoAMCAQICEwCg0WvVwekjGFiO 62SckFwepz0wDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3Jp ZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBD QTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExMQyAyMDE3IEludCBDQTAeFw0xNzA4MTcyMTIx MjBaFw0yMjA4MTYyMTIxMjBaMFcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRswGQYDVQQDDBJrYXJsQGRlbm5pbmdlci5uZXQw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+HVSyxVtJhy3Ohs+PAGRuO//Dha9A 16l5FPATr6wude9zjX5f2lrkRyU8vhCXTZW7WbvWZKpcZ8r0dtZmiK9uF58Ec6hhvfkxJzbg 96WHBw5Fumd5ahZzuCJDtCAWW8R7/KN+zwzQf1+B3MVLmbaXAFBuKzySKhKMcHbK3/wjUYTg y+3UK6v2SBrowvkUBC+jxNg3Wy12GsTXcUS/8FYIXgVVPgfZZrbJJb5HWOQpvvhILpPCD3xs YJFNKEPltXKWHT7Qtc2HNqikgNwj8oqOb+PeZGMiWapsatKm8mxuOOGOEBhAoTVTwUHlMNTg 6QUCJtuWFCK38qOCyk9Haj+86lUU8RG6FkRXWgMbNQm1mWREQhw3axgGLSntjjnznJr5vsvX SYR6c+XKLd5KQZcS6LL8FHYNjqVKHBYM+hDnrTZMqa20JLAF1YagutDiMRURU23iWS7bA9tM cXcqkclTSDtFtxahRifXRI7Epq2GSKuEXe/1Tfb5CE8QsbCpGsfSwv2tZ/SpqVG08MdRiXxN 5tmZiQWo15IyWoeKOXl/hKxA9KPuDHngXX022b1ly+5ZOZbxBAZZMod4y4b4FiRUhRI97r9l CxsP/EPHuuTIZ82BYhrhbtab8HuRo2ofne2TfAWY2BlA7ExM8XShMd9bRPZrNTokPQPUCWCg CdIATQIDAQABo4IBzzCCAcswPAYIKwYBBQUHAQEEMDAuMCwGCCsGAQUFBzABhiBodHRwOi8v b2NzcC5jdWRhc3lzdGVtcy5uZXQ6ODg4ODAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF oDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMDMGCWCG SAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBDbGllbnQgQ2VydGlmaWNhdGUwHQYDVR0O BBYEFLElmNWeVgsBPe7O8NiBzjvjYnpRMIHKBgNVHSMEgcIwgb+AFF3AXsKnjdPND5+bxVEC GKtc047PoYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UE BwwJTmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRh IFN5c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYITAORIioIQ zl6738WMYyE12A3YSDAdBgNVHREEFjAUgRJrYXJsQGRlbm5pbmdlci5uZXQwDQYJKoZIhvcN AQELBQADggIBAJXboPFBMLMtaiUt4KEtJCXlHO/3ZzIUIw/eobWFMdhe7M4+0u3te0sr77QR dcPKR0UeHffvpth2Mb3h28WfN0FmJmLwJk+pOx4u6uO3O0E1jNXoKh8fVcL4KU79oEQyYkbu 2HwbXBU9HbldPOOZDnPLi0whi/sbFHdyd4/w/NmnPgzAsQNZ2BYT9uBNr+jZw4SsluQzXG1X lFL/qCBoi1N2mqKPIepfGYF6drbr1RnXEJJsuD+NILLooTNf7PMgHPZ4VSWQXLNeFfygoOOK FiO0qfxPKpDMA+FHa8yNjAJZAgdJX5Mm1kbqipvb+r/H1UAmrzGMbhmf1gConsT5f8KU4n3Q IM2sOpTQe7BoVKlQM/fpQi6aBzu67M1iF1WtODpa5QUPvj1etaK+R3eYBzi4DIbCIWst8MdA 1+fEeKJFvMEZQONpkCwrJ+tJEuGQmjoQZgK1HeloepF0WDcviiho5FlgtAij+iBPtwMuuLiL shAXA5afMX1hYM4l11JXntle12EQFP1r6wOUkpOdxceCcMVDEJBBCHW2ZmdEaXgAm1VU+fnQ qS/wNw/S0X3RJT1qjr5uVlp2Y0auG/eG0jy6TT0KzTJeR9tLSDXprYkN2l/Qf7/nT6Q03qyE QnnKiBXWAZXveafyU/zYa7t3PTWFQGgWoC4w6XqgPo4KV44OMYIFBzCCBQMCAQEwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBglghkgBZQMEAgMFAKCCAkUw GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTkwMTI1MjM1NTI4 WjBPBgkqhkiG9w0BCQQxQgRArhul0lw8g8N1cDO5p9Xk37cmzCJjLr5EzP+mNEmyc7SmfROp GIrGE2gVFee1JLSnGjc4lbQveVoIkiKx+Qh4BDBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFl AwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3 DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGjBgkrBgEEAYI3EAQxgZUwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTCBpQYLKoZIhvcNAQkQAgsxgZWg gZIwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lz dGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0 ZW1zIExMQyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBgkqhkiG9w0BAQEF AASCAgCc9XT2X0So+q3SCfV1h9GZgI6yd8NPOumcIajH244AOVAyoVL2ZZVJMuKAJKAgniq2 XALQjR59qi5ZUhldZPAy3+5MDvVUukOerjqsO/+OySUGtSNiZyJnsxnM8lOMzcIgn1WtRXOk xpcWIiSpNQJ+r4sP3XiusADh4PSmCzJthrD0bdSrAh5cz8AgQtwZSOpW0j2+SO4201Q9PA9O nyynEa55MbLF7q0bSRwQwro0rruRwWF2hkZb1C4kSPhOaGh1x/R3tU+EOJjjK3eOVAC0b41B B/CEs+GjlPv8TgCVFWW8AHEMxSI4SRQCALQdSIDN89H2AQE9zQxvUp0Ng0IZLy++RdQ5mvZn R8OYQLugNWd3+RRnzgIFqMXncNZ+/gaT5qs/H5AAMbhFpci3PKjegv767Zfe1wC2r6cy3oOt s5MPU5CiMg/ZjC4nIXhi0z4zdW4U/BlbafzJpErnhs+87RsJ41hgYc2pl8N5Ak2jEgPi2A8G h9PHmg3+KhlA2/2s+A5WNlLQfXNIzDxdSHSq9ZPQZ4ZlayxpOV4ysX15PZkhvU4rEERhVU/U XCv7Ri8B7RmzJJUMQ7VpuBTMEON8S+zUamtyKdxspiNL6h7ZFwYZrfiYxgjTIHFEYiNLvKdp VCnfjHNIfmXsZKLn4/UYLaaI28KbokpzHizU9wiwWQAAAAAAAA== --------------ms020700050107040708020207-- From owner-freebsd-stable@freebsd.org Sat Jan 26 00:29:59 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7DA8B14A6B15 for ; Sat, 26 Jan 2019 00:29:59 +0000 (UTC) (envelope-from jonc@chen.org.nz) Received: from mail-vs1-xe2d.google.com (mail-vs1-xe2d.google.com [IPv6:2607:f8b0:4864:20::e2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 472E382A37 for ; Sat, 26 Jan 2019 00:29:57 +0000 (UTC) (envelope-from jonc@chen.org.nz) Received: by mail-vs1-xe2d.google.com with SMTP id z3so6741473vsf.7 for ; Fri, 25 Jan 2019 16:29:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chen-org-nz.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=2I/GB9EA/ItOlyUVpQU51Tb+xuVZOvOhnNE0m+T3NWc=; b=YuJhNUbNpsOWeJWYV7mNjuR3XdtUx3EMBNQIvQnTK5LnWm0BhTHAxcvk0mNqkzQ554 s+mr6iqpomlLnXudOMHXrDkLd506yBAQT5IEmqv/G1u2Q6ZbUgc+KX4iEgJ6ZthTIUeM 7axXPdpC6t2Wufz/n1xQv40YuQc+zPMZh3kjtGvW/H7WSCCMq0XgFmRMueLuzTTMp6FK whkZLGLFECGIVa1o4qvvmEYGudeJ4XgF8jkyef7cVc7zV80gode73qYPdThrV9fUbDpr d1d0yG7M/AL5BzSppB7q6kYViGTa4J2I9O5XbpkOGZn7IjNGFHYOF/fkgaBWBGfhcXiN 02qg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=2I/GB9EA/ItOlyUVpQU51Tb+xuVZOvOhnNE0m+T3NWc=; b=qKlg5wM8i3p1Hx90GJ0vTWsO+tRd00cID7Z6A4nGaMH1bX7ukYlw80S5np548edaq/ x8UBG9KQGHN4U1piyvUM3jy1nildi9j4juyWHYJKKIfcu0ir5Dp4ggpqnOxzg8pjfxcr ty760jqm21g0tJcTERPv48fiCMUrVnhvaHNl3tPXNbjgDpMQ+pX0SlehCD9Z3docojXl xB1eJ6wBfA+aGR7OgKse4luQt9Ofh3SqHtjHwluE9KAydC4x1cyspnp+nSOtqLyIfM2L 6PQXNlaGKaVJStmO4ArHZYeindcium6CZxjjwXZmZGSl/eIYqgZkEoxUVy6waKDSuFvg v7MQ== X-Gm-Message-State: AJcUukdEG9+Igi7IAqhkaY2WfFkc3nx0SNU2iLIEUyVzomUAUWswuHPW czWq9yoQpm5tnSMfcot7GiPD6CYkiZAG2qLxlsbZAjZK X-Google-Smtp-Source: ALg8bN7pzcMVce6C8Dn7WOBhZWnl79BJ8gJ9BVV/VBobndJqy6DG5wFk3DEeH+eiZzoKDNguKOMtOlquho54Z3KGegM= X-Received: by 2002:a67:8e8a:: with SMTP id q132mr5043406vsd.210.1548462596418; Fri, 25 Jan 2019 16:29:56 -0800 (PST) MIME-Version: 1.0 References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> In-Reply-To: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> From: Jonathan Chen Date: Sat, 26 Jan 2019 13:29:40 +1300 Message-ID: Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) To: Karl Denninger Cc: freebsd-stable@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 472E382A37 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=chen-org-nz.20150623.gappssmtp.com header.s=20150623 header.b=YuJhNUbN X-Spamd-Result: default: False [-5.04 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[chen-org-nz.20150623.gappssmtp.com:s=20150623]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.13)[0.133,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; DMARC_NA(0.00)[chen.org.nz]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[cached: alt1.aspmx.l.google.com]; DKIM_TRACE(0.00)[chen-org-nz.20150623.gappssmtp.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[d.2.e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; IP_SCORE(-2.86)[ip: (-9.80), ipnet: 2607:f8b0::/32(-2.50), asn: 15169(-1.93), country: US(-0.08)] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 00:29:59 -0000 On Sat, 26 Jan 2019 at 13:00, Karl Denninger wrote: [...] > I'd like to repartition it to be able to dual boot it much as I do with > my X220 (I wish I could ditch Windows entirely, but that is just not > going to happen), but I'm not sure how to accomplish that in the EFI > world -- or if it reasonably CAN be done in the EFI world. Fortunately > the BIOS has an option to turn off secure boot (which I surmise from > reading the Wiki FreeBSD doesn't yet support) but I still need a means > to select from some reasonably-friendly way *what* to boot. The EFI partition is just a MS-DOS partition, and most EFI aware BIOS will (by default) load /EFI/Boot/boot64.efi when starting up. On my Dell Inspiron 17, I created /EFI/FreeBSD and copied FreeBSD's /boot/loader.efi to /EFI/FreeBSD/boot64.efi. My laptop's BIOS setup allowed me to specify a boot-entry to for \EFI\FreeBSD\boot64.efi. On a cold start, I have to be quick to hit the F12 key, which then allows me to specify whether to boot Windows or FreeBSD. I'm not sure how Lenovo's BIOS setup works, but I'm pretty sure that it should have something similar. Cheers. -- Jonathan Chen From owner-freebsd-stable@freebsd.org Sat Jan 26 01:35:05 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C1C2314AA4C1 for ; Sat, 26 Jan 2019 01:35:05 +0000 (UTC) (envelope-from eric@vangyzen.net) Received: from smtp.vangyzen.net (hotblack.vangyzen.net [IPv6:2607:fc50:1000:7400:216:3eff:fe72:314f]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B64208687C for ; Sat, 26 Jan 2019 01:35:04 +0000 (UTC) (envelope-from eric@vangyzen.net) Received: from [198.18.2.23] (unknown [70.97.188.230]) by smtp.vangyzen.net (Postfix) with ESMTPSA id 9FA0256468; Fri, 25 Jan 2019 19:35:03 -0600 (CST) Mime-Version: 1.0 (1.0) Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) From: Eric van Gyzen X-Mailer: iPhone Mail (16C104) In-Reply-To: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> Date: Fri, 25 Jan 2019 19:35:01 -0600 Cc: freebsd-stable@freebsd.org Message-Id: <923432DB-246E-4B5F-83BF-EDAFE8B124A6@vangyzen.net> References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> To: Karl Denninger X-Rspamd-Queue-Id: B64208687C X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of eric@vangyzen.net designates 2607:fc50:1000:7400:216:3eff:fe72:314f as permitted sender) smtp.mailfrom=eric@vangyzen.net X-Spamd-Result: default: False [-6.02 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MV_CASE(0.50)[]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[vangyzen.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[hotblack.vangyzen.net]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.95)[-0.948,0]; IP_SCORE(-3.26)[ip: (-8.08), ipnet: 2607:fc50:1000::/36(-4.22), asn: 36236(-3.91), country: US(-0.08)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; ASN(0.00)[asn:36236, ipnet:2607:fc50:1000::/36, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 01:35:06 -0000 >=20 > I'd like to repartition it to be able to dual boot it much as I do with > my X220 (I wish I could ditch Windows entirely, but that is just not > going to happen), but I'm not sure how to accomplish that in the EFI > world -- or if it reasonably CAN be done in the EFI world. Fortunately > the BIOS has an option to turn off secure boot (which I surmise from > reading the Wiki FreeBSD doesn't yet support) but I still need a means > to select from some reasonably-friendly way *what* to boot. Check out rEFInd: https://www.rodsbooks.com/refind/ I use it to dual boot Win10 and FreeBSD with EFI. The installation docs are= pretty good. Eric= From owner-freebsd-stable@freebsd.org Sat Jan 26 04:00:28 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7DFF314AED55 for ; Sat, 26 Jan 2019 04:00:28 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 23CFE8B163 for ; Sat, 26 Jan 2019 04:00:28 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from mail-lj1-f180.google.com (mail-lj1-f180.google.com [209.85.208.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) (Authenticated sender: kevans) by smtp.freebsd.org (Postfix) with ESMTPSA id AF7D5DA16 for ; Sat, 26 Jan 2019 04:00:27 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: by mail-lj1-f180.google.com with SMTP id t9-v6so10025854ljh.6 for ; Fri, 25 Jan 2019 20:00:27 -0800 (PST) X-Gm-Message-State: AJcUukf8HAq39KQB6V28klWEySKswikkKdWnANy125kCPiudMUCntI8a e8ejfRhRu1fIrOs+S3DXHN9x7WtjuyYT/BUCLTo= X-Google-Smtp-Source: ALg8bN41vgzJjrkxmRLD3FERFVjXRKRZlDm/4iteZKzgknUN4rzQIayUdnIv30qkdPxev5maunZVOyEbGITyOYkOjko= X-Received: by 2002:a2e:8006:: with SMTP id j6-v6mr10598951ljg.186.1548475226017; Fri, 25 Jan 2019 20:00:26 -0800 (PST) MIME-Version: 1.0 References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> In-Reply-To: From: Kyle Evans Date: Fri, 25 Jan 2019 22:00:14 -0600 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) To: Jonathan Chen Cc: Karl Denninger , FreeBSD-STABLE Mailing List Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 23CFE8B163 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-2.97 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.97)[-0.967,0]; ASN(0.00)[asn:11403, ipnet:96.47.64.0/20, country:US]; NEURAL_HAM_LONG(-1.00)[-1.000,0] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 04:00:28 -0000 On Fri, Jan 25, 2019 at 6:30 PM Jonathan Chen wrote: > > On Sat, 26 Jan 2019 at 13:00, Karl Denninger wrote: > [...] > > I'd like to repartition it to be able to dual boot it much as I do with > > my X220 (I wish I could ditch Windows entirely, but that is just not > > going to happen), but I'm not sure how to accomplish that in the EFI > > world -- or if it reasonably CAN be done in the EFI world. Fortunately > > the BIOS has an option to turn off secure boot (which I surmise from > > reading the Wiki FreeBSD doesn't yet support) but I still need a means > > to select from some reasonably-friendly way *what* to boot. > > The EFI partition is just a MS-DOS partition, and most EFI aware BIOS > will (by default) load /EFI/Boot/boot64.efi when starting up. On my > Dell Inspiron 17, I created /EFI/FreeBSD and copied FreeBSD's > /boot/loader.efi to /EFI/FreeBSD/boot64.efi. My laptop's BIOS setup > allowed me to specify a boot-entry to for \EFI\FreeBSD\boot64.efi. On > a cold start, I have to be quick to hit the F12 key, which then allows > me to specify whether to boot Windows or FreeBSD. I'm not sure how > Lenovo's BIOS setup works, but I'm pretty sure that it should have > something similar. > Adding a boot-entry can also be accomplished with efibootmgr. This is effectively what the installer in -CURRENT does, copying loader to \EFI\FreeBSD on the ESP and using efibootmgr to insert a "FreeBSD" entry for that loader and activating it. From owner-freebsd-stable@freebsd.org Sat Jan 26 07:06:10 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7334B14B5317 for ; Sat, 26 Jan 2019 07:06:10 +0000 (UTC) (envelope-from darius@dons.net.au) Received: from ipmail02.adl2.internode.on.net (ipmail02.adl2.internode.on.net [150.101.137.139]) by mx1.freebsd.org (Postfix) with ESMTP id 53E426B6D2 for ; Sat, 26 Jan 2019 07:06:06 +0000 (UTC) (envelope-from darius@dons.net.au) Received: from ppp118-210-249-99.bras1.adl4.internode.on.net (HELO midget.dons.net.au) ([118.210.249.99]) by ipmail02.adl2.internode.on.net with ESMTP; 26 Jan 2019 17:30:54 +1030 Received: from midget.dons.net.au (localhost [127.0.0.1]) by midget.dons.net.au (8.15.2/8.15.2) with ESMTPS id x0Q70lqX080282 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Sat, 26 Jan 2019 17:30:47 +1030 (ACDT) (envelope-from darius@dons.net.au) Received: (from mailnull@localhost) by midget.dons.net.au (8.15.2/8.15.2/Submit) id x0Q6nKPZ069994 for ; Sat, 26 Jan 2019 17:19:20 +1030 (ACDT) (envelope-from darius@dons.net.au) X-Authentication-Warning: midget.dons.net.au: mailnull set sender to using -f Received: from [10.0.2.26] ([10.0.2.26]) by ns.dons.net.au (envelope-sender ) (MIMEDefang) with ESMTP id x0Q6nEwE069992; Sat, 26 Jan 2019 17:19:20 +1030 Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\)) Subject: Re: FreeBSD update & custom kernel From: "O'Connor, Daniel" In-Reply-To: <20190125104928.GD63197@pp.htv.fi> Date: Sat, 26 Jan 2019 17:19:14 +1030 Cc: freebsd-stable Content-Transfer-Encoding: 7bit Message-Id: References: <20190125104928.GD63197@pp.htv.fi> To: Esa Karkkainen X-Mailer: Apple Mail (2.3445.102.3) X-Spam-Score: -1 () No, score=-1.0 required=5.0 tests=ALL_TRUSTED autolearn=unavailable autolearn_force=no version=3.4.1 X-Scanned-By: MIMEDefang 2.83 on 10.0.2.1 X-Rspamd-Queue-Id: 53E426B6D2 X-Spamd-Bar: ++++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [4.32 / 15.00]; MV_CASE(0.50)[]; HAS_XAW(0.00)[]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: midget.dons.net.au]; RCPT_COUNT_TWO(0.00)[2]; RCVD_NO_TLS_LAST(0.10)[]; RECEIVED_SPAMHAUS_PBL(0.00)[99.249.210.118.zen.spamhaus.org : 127.0.0.11]; MIME_TRACE(0.00)[0:+]; IP_SCORE(0.42)[ipnet: 150.101.0.0/16(1.69), asn: 4739(0.43), country: AU(-0.04)]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:4739, ipnet:150.101.0.0/16, country:AU]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[139.137.101.150.list.dnswl.org : 127.0.5.1]; ARC_NA(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.75)[0.749,0]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.79)[0.793,0]; DMARC_NA(0.00)[dons.net.au]; R_DKIM_NA(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_LONG(0.97)[0.974,0]; R_SPF_NA(0.00)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 07:06:10 -0000 > On 25 Jan 2019, at 21:19, Esa Karkkainen wrote: > > On Fri, Jan 25, 2019 at 05:03:32PM +1030, O'Connor, Daniel wrote: >> Hi everyone, > > Hi Daniel, > >> Is it feasible for freebsd-update to update the source before the >> first reboot so a custom kernel can be built? > > It's a hack, but sorta kinda yes. > > Use freebsd-update to update only the source, and follow the > instructions here: > https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html > Which suggests to use svc to update sources instead of freebsd-update. Yes, I would have thought it's probably more efficient to use svn! > Or you can use two separate freebsd-update config files, modified > one modified to exclude i.e remove "src" from "Components" line, and new > copied from the default which excudes everything exept the souces i.e. > "Components src". > > Update only the source, build world and kernel(s), install the locally > built kernel and the the normal freebsd-update. OK, interesting idea - I'll try it next time and see how I go. Thanks! -- Daniel O'Connor "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum From owner-freebsd-stable@freebsd.org Sat Jan 26 15:17:08 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57C5414C6088; Sat, 26 Jan 2019 15:17:08 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C0FFC871F3; Sat, 26 Jan 2019 15:17:05 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 821D821305; Sat, 26 Jan 2019 10:17:04 -0500 (EST) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Sat, 26 Jan 2019 10:17:04 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zyxst.net; h= date:from:to:cc:subject:message-id:mime-version:content-type; s= fm1; bh=qxY10rRLVZpE47mNJFa+Hv3EisDzRaNuyV/0g4YVlWI=; b=d8TErC4Y 63tpKBu4tRgr+Dx9UvaAu0wP5cOUq7ti+iiPQwSdbddvTf9V58RD7vQDHOU7JsRp axR9kiUU3OVziZ8+ErOiO2XF5TQwZJQ65HKk7ObZKRt9AUPE9y6wXSIc9VKk72Ux Xbu5wBW6yRk53jOVTpGyjUlYM1beJ8R9LIsRLFavU63ox1QbaVrIgRDQp3CFeeJv PHzpLdbM2jnqrRx1mO77qG+UdFEf+RjRM5xTGRQX2nRQkOWBlKKrLcati8aRHBkx Kvw2ZeTmk+biUmt3j6yqROl2jvmInykmsoBxYvhGV73d52psXx7kvBgpXKk0bO1m ctY+PlMdbXMPkw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=qxY10rRLVZpE47mNJFa+Hv3EisDzR aNuyV/0g4YVlWI=; b=SDFIawgcEo/LFF+Qi1+dsOromTxXhg0lR4zax/SR5rxuz MV3In54CxTvZyY88TNI1QqvKV4QpGie5IRT5mGKCewtK5UvYR1bo8AZKWcvmfxYt K3PT/0nCNsbcwYYaQIwd5Bsag7zbI84iXuILRQX05oZcKaNc9LJ7frsUVHwfxxN4 7fJ9akMitIqXGCu3YIoIt51gw/SRdjFS8cfsCCvygiAq2AFwiZbOvppHhW068pcv E8PKOXlz0rL2aTOc/UL48HDrzLBtJIZ+obJAYI4+iTs1S3Rvstmz+D+diPUDSn2A gfR+UHx28z8M+A0dMvqFEdhlsfg7Y8ZGwo91a5y0w== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrieeigdejiecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthenuceurghilhhouhhtmecufedt tdenucenucfjughrpeffhffvuffkgggtuggfsehttdertddtredvnecuhfhrohhmpehtvg gthhdqlhhishhtshcuoehtvggthhdqlhhishhtshesiiihgihsthdrnhgvtheqnecukfhp peekvddrjedtrdeluddruddtudenucfrrghrrghmpehmrghilhhfrhhomhepthgvtghhqd hlihhsthhsseiihiigshhtrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from rpi3.zyxst.net (rpi3.zyxst.net [82.70.91.101]) by mail.messagingengine.com (Postfix) with ESMTPA id C9B0510087; Sat, 26 Jan 2019 10:17:03 -0500 (EST) Date: Sat, 26 Jan 2019 15:17:01 +0000 From: tech-lists To: freebsd-virtualization@freebsd.org Cc: freebsd-stable@freebsd.org Subject: freebsd-12 and bhyve and the azure platform Message-ID: <20190126151701.GA87737@rpi3.zyxst.net> Mail-Followup-To: freebsd-virtualization@freebsd.org, freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline User-Agent: Mutt/1.11.2 (2019-01-07) X-Rspamd-Queue-Id: C0FFC871F3 X-Spamd-Bar: ------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=zyxst.net header.s=fm1 header.b=d8TErC4Y; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=SDFIawgc; spf=pass (mx1.freebsd.org: domain of tech-lists@zyxst.net designates 66.111.4.29 as permitted sender) smtp.mailfrom=tech-lists@zyxst.net X-Spamd-Result: default: False [-7.19 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[zyxst.net:s=fm1,messagingengine.com:s=fm1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:66.111.4.29]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[zyxst.net]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[zyxst.net:+,messagingengine.com:+]; RCPT_COUNT_TWO(0.00)[2]; MX_GOOD(-0.01)[in2-smtp.messagingengine.com,in1-smtp.messagingengine.com,in2-smtp.messagingengine.com,in1-smtp.messagingengine.com,in2-smtp.messagingengine.com,in1-smtp.messagingengine.com]; NEURAL_HAM_SHORT(-0.96)[-0.955,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US]; IP_SCORE(-3.63)[ip: (-9.71), ipnet: 66.111.4.0/24(-4.69), asn: 11403(-3.65), country: US(-0.08)]; RCVD_IN_DNSWL_LOW(-0.10)[29.4.111.66.list.dnswl.org : 127.0.5.1] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 15:17:08 -0000 Hello, Is it possible to migrate a byve freebsd instance/image to Azure? Or does one have to have the instance initially provisioned via their marketplace? thanks, -- J. From owner-freebsd-stable@freebsd.org Sat Jan 26 15:39:53 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BCA3114C6930; Sat, 26 Jan 2019 15:39:53 +0000 (UTC) (envelope-from paul@redbarn.org) Received: from family.redbarn.org (family.redbarn.org [IPv6:2001:559:8000:cd::5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4C50487E07; Sat, 26 Jan 2019 15:39:53 +0000 (UTC) (envelope-from paul@redbarn.org) Received: from [192.168.0.58] (cpc130782-camd17-2-0-cust84.know.cable.virginm.net [82.37.104.85]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by family.redbarn.org (Postfix) with ESMTPSA id A9370892C6; Sat, 26 Jan 2019 15:39:42 +0000 (UTC) Subject: Re: freebsd-12 and bhyve and the azure platform To: freebsd-virtualization@freebsd.org, freebsd-stable@freebsd.org References: <20190126151701.GA87737@rpi3.zyxst.net> From: Paul Vixie Message-ID: <920a79f6-f7ea-fe2b-16cb-cde2a8112721@redbarn.org> Date: Sat, 26 Jan 2019 16:39:39 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 PostboxApp/6.1.9 MIME-Version: 1.0 In-Reply-To: <20190126151701.GA87737@rpi3.zyxst.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 15:39:53 -0000 tech-lists wrote on 2019-01-26 16:17: > Is it possible to migrate a byve freebsd instance/image to Azure? Or > does one have to have the instance initially provisioned via their > marketplace? bhyve does not participate in the virtualbox/vmware/etc ecosystem where "appliances" in the form of "open virtualization format" files can be exported and imported. this in turn means that you would have to manually control the parameters of an azure instance to be sure that it can contain your existing system image. i would expect you to use dump | restore, or zfs dump | zfs restore, to move a system image from one container strategy (or bare metal) to another (such as azure), after first booting a rescue image inside the destination container. you'd then fine-tune your /etc/rc.conf file to have whatever settings were appropriate for the new container. i know that's somewhat old school, but, that's one reason to love bhyve. -- P Vixie From owner-freebsd-stable@freebsd.org Sat Jan 26 15:59:48 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 21BE614C760A for ; Sat, 26 Jan 2019 15:59:48 +0000 (UTC) (envelope-from kamisouckova@gmail.com) Received: from mail-vs1-f50.google.com (mail-vs1-f50.google.com [209.85.217.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C8F3E88B2E; Sat, 26 Jan 2019 15:59:46 +0000 (UTC) (envelope-from kamisouckova@gmail.com) Received: by mail-vs1-f50.google.com with SMTP id n10so7426601vso.13; Sat, 26 Jan 2019 07:59:46 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=22jgWE8t+hoK2DBSTu7KUpxkErAns7XboNlLvF/Xlns=; b=d/bG4cKuLpikF40bFdVLAgY5M8EqyvQjpcvn20kqFo/zbKQnkTihUuPD1SGk1pKnjT 8PD7P+g7lRQAE8hFpM6U3ay6yFSvvyImWxT/je1NiRsHGqPyzCyuteS1aEsKOAryLG0f fCm+lQQZKGOITi3YOfS7tSAHnkr+zG1cmwBgi5nOhEPOt4CDV3unhGUP9yvzA0wNsGi/ 6VrtvEq5Q5XRoIx5hwpMgcdlAHVXWpX/nSxSOgafzByv8MtLUokRcGPSDJ/lYMsqXTd1 EL/E0fWv+AGM5xgGmRWjQPnL6Ha+cjL6EAMHGIHWXn9lmGmL+ihYUCsMZajk04GwgHdv iw7Q== X-Gm-Message-State: AJcUukdhKvjBR7Trzj6XROJeIwyeejjHmiAeRQ4VdFQivrSxm2jAeZFG FL2LOtGw7MyajTyL9MHLfRU2YJ4ciW2ZnIsV2IV53zFG X-Google-Smtp-Source: ALg8bN5lQO93GPX0Dwa6bf0FN/wA1ZnzspukD64crkIM2fNq+mQN/kl5jcCViTRuDYyo58CcZ1df1QjyuRg40YVecHU= X-Received: by 2002:a67:8291:: with SMTP id e139mr6347204vsd.3.1548511738084; Sat, 26 Jan 2019 06:08:58 -0800 (PST) MIME-Version: 1.0 References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> In-Reply-To: From: =?UTF-8?B?S2FtaWxhIFNvdcSNa292w6E=?= Date: Sat, 26 Jan 2019 15:08:46 +0100 Message-ID: Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) To: Kyle Evans Cc: FreeBSD-STABLE Mailing List , Jonathan Chen , Karl Denninger X-Rspamd-Queue-Id: C8F3E88B2E X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of kamisouckova@gmail.com designates 209.85.217.50 as permitted sender) smtp.mailfrom=kamisouckova@gmail.com X-Spamd-Result: default: False [-3.66 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.998,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; R_SPF_ALLOW(-0.20)[+ip4:209.85.128.0/17]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[ksp.sk]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; NEURAL_HAM_SHORT(-0.51)[-0.507,0]; RCVD_IN_DNSWL_NONE(0.00)[50.217.85.209.list.dnswl.org : 127.0.5.0]; IP_SCORE(-1.14)[ipnet: 209.85.128.0/17(-3.70), asn: 15169(-1.93), country: US(-0.08)]; FORGED_SENDER(0.30)[kamila@ksp.sk,kamisouckova@gmail.com]; RWL_MAILSPIKE_POSSIBLE(0.00)[50.217.85.209.rep.mailspike.net : 127.0.0.17]; MIME_TRACE(0.00)[0:+,1:+]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:209.85.128.0/17, country:US]; FROM_NEQ_ENVFROM(0.00)[kamila@ksp.sk,kamisouckova@gmail.com]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 15:59:48 -0000 I'm just booting the installer, going to do this on my X1 Carbon (5th gen), and I'm planning to use the efibootmgr entry first (which is sufficient for booting), and later I might add rEFInd if I feel like it. I'll be posting my steps online, I can post the link once it's out there if you're interested. I'm very curious about HW support on the 6th gen Carbon, it'd be great to hear how it goes. Have fun! Kamila On Sat, 26 Jan 2019, 06:54 Kyle Evans, wrote: > On Fri, Jan 25, 2019 at 6:30 PM Jonathan Chen wrote: > > > > On Sat, 26 Jan 2019 at 13:00, Karl Denninger wrote: > > [...] > > > I'd like to repartition it to be able to dual boot it much as I do with > > > my X220 (I wish I could ditch Windows entirely, but that is just not > > > going to happen), but I'm not sure how to accomplish that in the EFI > > > world -- or if it reasonably CAN be done in the EFI world. Fortunately > > > the BIOS has an option to turn off secure boot (which I surmise from > > > reading the Wiki FreeBSD doesn't yet support) but I still need a means > > > to select from some reasonably-friendly way *what* to boot. > > > > The EFI partition is just a MS-DOS partition, and most EFI aware BIOS > > will (by default) load /EFI/Boot/boot64.efi when starting up. On my > > Dell Inspiron 17, I created /EFI/FreeBSD and copied FreeBSD's > > /boot/loader.efi to /EFI/FreeBSD/boot64.efi. My laptop's BIOS setup > > allowed me to specify a boot-entry to for \EFI\FreeBSD\boot64.efi. On > > a cold start, I have to be quick to hit the F12 key, which then allows > > me to specify whether to boot Windows or FreeBSD. I'm not sure how > > Lenovo's BIOS setup works, but I'm pretty sure that it should have > > something similar. > > > > Adding a boot-entry can also be accomplished with efibootmgr. This is > effectively what the installer in -CURRENT does, copying loader to > \EFI\FreeBSD on the ESP and using efibootmgr to insert a "FreeBSD" > entry for that loader and activating it. > _______________________________________________ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@freebsd.org Sat Jan 26 16:43:53 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0555114C8933; Sat, 26 Jan 2019 16:43:53 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from out5-smtp.messagingengine.com (out5-smtp.messagingengine.com [66.111.4.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9FFCB8A586; Sat, 26 Jan 2019 16:43:52 +0000 (UTC) (envelope-from tech-lists@zyxst.net) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id F3DBB20DA0; Sat, 26 Jan 2019 11:43:51 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute4.internal (MEProxy); Sat, 26 Jan 2019 11:43:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zyxst.net; h= date:from:to:subject:message-id:references:mime-version :content-type:in-reply-to; s=fm1; bh=oNjEzBBIqAdAo9kaaSfhbBoj2RX apJ1PwtwdZbFAETI=; b=vTjrvIwLbPLqv4pnIQXykhAGCF5Fq9+LtidywNhmDNB I93zPYXlJFB5mO6bnV3Qij+8wkn3J5OgabzJUB328I2sW2dIQHMgJqjOGyCuK1bD YNSYYlRF9O9Kjc+yujxRz3WKNj6ISEy76obxFXF0W/52zK9Gtp3jMfG7Io2TDOHZ 7+t3Ye4XikAumugjtHRCKHSNK8WdLNwu3WXihBIVxgu/ninw8hht18bvBWZX0DcC hSXXQOEO997JHToIkp1wPqrLZL5xPXFzT0bYW4Lt10YsysZEN5az7114fcb462WS Farz+/td8CIsH2hCXdUQt9Ad/oRTUdvXHgpv2+ZjLfw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm1; bh=oNjEzB BIqAdAo9kaaSfhbBoj2RXapJ1PwtwdZbFAETI=; b=DFrSliE05KwELannQacFIz qNYZgOxRwIHlkT2PmmkKZHQ4uLFpflpzdusrZJtnnO87TI5+QzTTeGeqrT6SyiEZ iViCdijvspsk3+LxLmh3zMFOxGdEfBLqFCyGzZ6D5/fl8zUZ3u2n1gHpKD7yIT5b TduAwpYhW38HkvkUCQT6cHgvyuebrOh4QHsHCPrmjqcG2TFKcqhfEXA6Mj2x+V2S ItcmAp8zSu0TGLGHOahe7PwhzMn5C3eZ/2vSVUhUOdCSuXl2HwoA8KTiIkBZ15xL KIrBCouWqfFQpDvlrz3duOzjvppiP/faOs6kOP9vsK5sKbjvEm+2zNROe0oxh7jg == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedtledrieeigdelhecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfhuthenuceurghilhhouhhtmecufedt tdenucenucfjughrpeffhffvuffkfhggtggujggfsehttdertddtredvnecuhfhrohhmpe htvggthhdqlhhishhtshcuoehtvggthhdqlhhishhtshesiiihgihsthdrnhgvtheqnecu kfhppeekvddrjedtrdeluddruddtudenucfrrghrrghmpehmrghilhhfrhhomhepthgvtg hhqdhlihhsthhsseiihiigshhtrdhnvghtnecuvehluhhsthgvrhfuihiivgeptd X-ME-Proxy: Received: from rpi3.zyxst.net (rpi3.zyxst.net [82.70.91.101]) by mail.messagingengine.com (Postfix) with ESMTPA id DD30DE4559; Sat, 26 Jan 2019 11:43:50 -0500 (EST) Date: Sat, 26 Jan 2019 16:43:48 +0000 From: tech-lists To: freebsd-stable@freebsd.org, freebsd-virtualization@freebsd.org Subject: Re: freebsd-12 and bhyve and the azure platform Message-ID: <20190126164347.GB87737@rpi3.zyxst.net> Mail-Followup-To: freebsd-stable@freebsd.org, freebsd-virtualization@freebsd.org References: <20190126151701.GA87737@rpi3.zyxst.net> <920a79f6-f7ea-fe2b-16cb-cde2a8112721@redbarn.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: <920a79f6-f7ea-fe2b-16cb-cde2a8112721@redbarn.org> User-Agent: Mutt/1.11.2 (2019-01-07) X-Rspamd-Queue-Id: 9FFCB8A586 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.99)[-0.987,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; REPLY(-4.00)[] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 16:43:53 -0000 On Sat, Jan 26, 2019 at 04:39:39PM +0100, Paul Vixie wrote: >i would expect you to use dump | restore, or zfs dump | zfs restore, to >move a system image from one container strategy (or bare metal) to >another (such as azure), after first booting a rescue image inside the >destination container. you'd then fine-tune your /etc/rc.conf file to >have whatever settings were appropriate for the new container. > >i know that's somewhat old school, but, that's one reason to love bhyve. OK, thanks. I thought this might be the case. Just wanted to make sure I wasn't trying to reinvent the wheel ;) -- J. From owner-freebsd-stable@freebsd.org Sat Jan 26 20:00:22 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 48C3214AC1CB for ; Sat, 26 Jan 2019 20:00:22 +0000 (UTC) (envelope-from karl@denninger.net) Received: from colo1.denninger.net (colo1.denninger.net [104.236.120.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 893036AF41 for ; Sat, 26 Jan 2019 20:00:21 +0000 (UTC) (envelope-from karl@denninger.net) Received: from denninger.net (ip68-1-57-197.pn.at.cox.net [68.1.57.197]) by colo1.denninger.net (Postfix) with ESMTP id 2F3DC211080 for ; Sat, 26 Jan 2019 15:00:20 -0500 (EST) Received: from [192.168.10.23] (D13.Denninger.Net [192.168.10.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by denninger.net (Postfix) with ESMTPSA id A2167A44E2 for ; Sat, 26 Jan 2019 14:00:19 -0600 (CST) Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) To: freebsd-stable@freebsd.org References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> From: Karl Denninger Openpgp: preference=signencrypt Autocrypt: addr=karl@denninger.net; prefer-encrypt=mutual; keydata= mQINBFIX1zsBEADRcJfsQUl9oFeoMfLPJ1kql+3sIaYx0MfJAUhV9LnbWxr0fsWCskM1O4cV tHm5dqPkuPM4Ztc0jLotD1i9ubWvCHOlkLGxFOL+pFbjA+XZ7VKsC/xWmhMwJ3cM8HavK2OV SzEWQ/AEYtMi04IzGSwsxh/5/5R0mPHrsIomV5SbuiI0vjLuDj7fo6146AABI1ULzge4hBYW i/SHrqUrLORmUNBs6bxek79/B0Dzk5cIktD3LOfbT9EAa5J/osVkstMBhToJgQttaMIGv8SG CzpR/HwEokE+7DP+k2mLHnLj6H3kfugOF9pJH8Za4yFmw//s9cPXV8WwtZ2SKfVzn1unpKqf wmJ1PwJoom/d4fGvQDkgkGKRa6RGC6tPmXnqnx+YX4iCOdFfbP8L9rmk2sewDDVzHDU3I3ZZ 8hFIjMYM/QXXYszRatK0LCV0QPZuF7LCf4uQVKw1/oyJInsnH7+6a3c0h21x+CmSja9QJ+y0 yzgEN/nM89d6YTakfR+1xkYgodVmMy/bS8kmXbUUZG/CyeqCqc95RUySjKT2ECrf9GhhoQkl +D8n2MsrAUSMGB4GQSN+TIq9OBTpNuvATGSRuF9wnQcs1iSry+JNCpfRTyWp83uCNApe6oHU EET4Et6KDO3AvjvBMAX0TInTRGW2SQlJMuFKpc7Dg7tHK8zzqQARAQABtCNLYXJsIERlbm5p bmdlciA8a2FybEBkZW5uaW5nZXIubmV0PokCPAQTAQIAJgUCUhfXOwIbIwUJCWYBgAYLCQgH AwIEFQIIAwQWAgMBAh4BAheAAAoJEG6/sivc5s0PLxQP/i6x/QFx9G4Cw7C+LthhLXIm7NSH AtNbz2UjySEx2qkoQQjtsK6mcpEEaky4ky6t8gz0/SifIfJmSmyAx0UhUQ0WBv1vAXwtNrQQ jJd9Bj6l4c2083WaXyHPjt2u2Na6YFowyb4SaQb83hu/Zs25vkPQYJVVE0JX409MFVPUa6E3 zFbd1OTr3T4yNUy4gNeQZfzDqDS8slbIks2sXeoJrZ6qqXVI0ionoivOlaN4T6Q0UYyXtigj dQvvhMt0aNowKFjRqrmSDRpdz+o6yg7Mp7qEZ1V6EZk8KqQTH6htpCTQ8i79ttK4LG6bstSF Re6Fwq52nbrcANrcdmtZXqjo+SGbUqJ8b1ggrxAsJ5MEhRh2peKrCgI/TjQo+ZxfnqEoR4AI 46Cyiz+/lcVvlvmf2iPifS3EEdaH3Itfwt7MxFm6mQORYs6skHDw3tOYB2/AdCW6eRVYs2hB RMAG4uwApZfZDKgRoE95PJmQjeTBiGmRPcsQZtNESe7I7EjHtCDLwtJqvD4HkDDQwpzreT6W XkyIJ7ns7zDfA1E+AQhFR6rsTFGgQZRZKsVeov3SbhYKkCnVDCvb/PKQCAGkSZM9SvYG5Yax 8CMry3AefKktf9fqBFg8pWqtVxDwJr56dhi0GHXRu3jVI995rMGo1fLUG5fSxiZ8L5sAtokh 9WFmQpyl Message-ID: <7a61c927-796d-ea1f-8dce-37e82fb6d646@denninger.net> Date: Sat, 26 Jan 2019 14:00:18 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-512; boundary="------------ms010306020302040608060000" X-Rspamd-Queue-Id: 893036AF41 X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.19 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_ATTACHMENT(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: px.denninger.net]; NEURAL_HAM_SHORT(-0.90)[-0.904,0]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-2.08)[ip: (-9.86), ipnet: 104.236.64.0/18(-3.23), asn: 14061(2.76), country: US(-0.08)]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:14061, ipnet:104.236.64.0/18, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:+]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[197.57.1.68.zen.spamhaus.org : 127.0.0.11]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; SIGNED_SMIME(-2.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,multipart/alternative,text/plain]; RCVD_TLS_LAST(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[denninger.net]; R_SPF_NA(0.00)[] X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 20:00:22 -0000 This is a cryptographically signed message in MIME format. --------------ms010306020302040608060000 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Further question....=C2=A0 does boot1.efi (which I assume has to be place= d on the EFI partition and then something like rEFInd can select it) know how to handle a geli-encrypted primary partition (e.g. for root/boot so I don't need an unencrypted /boot partition), and if so how do I tell it that's the case and to prompt for the password? (If not I know how to set up for geli-encryption using a non-encrypted /boot partition, but my understanding is that for 12 the loader was taught how to handle geli internally and thus you can now install 12 -- at least for ZFS -- with encryption on root.=C2=A0 However, that wipes th= e disk if you try to select it in the installer, so that's no good -- and besides, on a laptop zfs is overkill.) Thanks! On 1/26/2019 08:08, Kamila Sou=C4=8Dkov=C3=A1 wrote: > I'm just booting the installer, going to do this on my X1 Carbon (5th g= en), > and I'm planning to use the efibootmgr entry first (which is sufficient= for > booting), and later I might add rEFInd if I feel like it. I'll be posti= ng > my steps online, I can post the link once it's out there if you're > interested. > > I'm very curious about HW support on the 6th gen Carbon, it'd be great = to > hear how it goes. > > Have fun! > > Kamila > > On Sat, 26 Jan 2019, 06:54 Kyle Evans, wrote: > >> On Fri, Jan 25, 2019 at 6:30 PM Jonathan Chen wrote= : >>> On Sat, 26 Jan 2019 at 13:00, Karl Denninger wro= te: >>> [...] >>>> I'd like to repartition it to be able to dual boot it much as I do w= ith >>>> my X220 (I wish I could ditch Windows entirely, but that is just not= >>>> going to happen), but I'm not sure how to accomplish that in the EFI= >>>> world -- or if it reasonably CAN be done in the EFI world. Fortunat= ely >>>> the BIOS has an option to turn off secure boot (which I surmise from= >>>> reading the Wiki FreeBSD doesn't yet support) but I still need a mea= ns >>>> to select from some reasonably-friendly way *what* to boot. >>> The EFI partition is just a MS-DOS partition, and most EFI aware BIOS= >>> will (by default) load /EFI/Boot/boot64.efi when starting up. On my >>> Dell Inspiron 17, I created /EFI/FreeBSD and copied FreeBSD's >>> /boot/loader.efi to /EFI/FreeBSD/boot64.efi. My laptop's BIOS setup >>> allowed me to specify a boot-entry to for \EFI\FreeBSD\boot64.efi. On= >>> a cold start, I have to be quick to hit the F12 key, which then allow= s >>> me to specify whether to boot Windows or FreeBSD. I'm not sure how >>> Lenovo's BIOS setup works, but I'm pretty sure that it should have >>> something similar. >>> >> Adding a boot-entry can also be accomplished with efibootmgr. This is >> effectively what the installer in -CURRENT does, copying loader to >> \EFI\FreeBSD on the ESP and using efibootmgr to insert a "FreeBSD" >> entry for that loader and activating it. >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.o= rg" >> > _______________________________________________ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.or= g" --=20 Karl Denninger karl@denninger.net /The Market Ticker/ /[S/MIME encrypted email preferred]/ --------------ms010306020302040608060000 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC DdgwggagMIIEiKADAgECAhMA5EiKghDOXrvfxYxjITXYDdhIMA0GCSqGSIb3DQEBCwUAMIGL MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJTmljZXZpbGxlMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExITAf BgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQTAeFw0xNzA4MTcxNjQyMTdaFw0yNzA4 MTUxNjQyMTdaMHsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkwFwYDVQQKDBBD dWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExJTAjBgNVBAMMHEN1 ZGEgU3lzdGVtcyBMTEMgMjAxNyBJbnQgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQC1aJotNUI+W4jP7xQDO8L/b4XiF4Rss9O0B+3vMH7Njk85fZ052QhZpMVlpaaO+sCI KqG3oNEbuOHzJB/NDJFnqh7ijBwhdWutdsq23Ux6TvxgakyMPpT6TRNEJzcBVQA0kpby1DVD 0EKSK/FrWWBiFmSxg7qUfmIq/mMzgE6epHktyRM3OGq3dbRdOUgfumWrqHXOrdJz06xE9NzY vc9toqZnd79FUtE/nSZVm1VS3Grq7RKV65onvX3QOW4W1ldEHwggaZxgWGNiR/D4eosAGFxn uYeWlKEC70c99Mp1giWux+7ur6hc2E+AaTGh+fGeijO5q40OGd+dNMgK8Es0nDRw81lRcl24 SWUEky9y8DArgIFlRd6d3ZYwgc1DMTWkTavx3ZpASp5TWih6yI8ACwboTvlUYeooMsPtNa9E 6UQ1nt7VEi5syjxnDltbEFoLYcXBcqhRhFETJe9CdenItAHAtOya3w5+fmC2j/xJz29og1KH YqWHlo3Kswi9G77an+zh6nWkMuHs+03DU8DaOEWzZEav3lVD4u76bKRDTbhh0bMAk4eXriGL h4MUoX3Imfcr6JoyheVrAdHDL/BixbMH1UUspeRuqQMQ5b2T6pabXP0oOB4FqldWiDgJBGRd zWLgCYG8wPGJGYgHibl5rFiI5Ix3FQncipc6SdUzOQIDAQABo4IBCjCCAQYwHQYDVR0OBBYE FF3AXsKnjdPND5+bxVECGKtc047PMIHABgNVHSMEgbgwgbWAFBu1oRhUMNEzjODolDka5k4Q EDBioYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJ TmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5 c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYIJAKxAy1WBo2kY MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IC AQCB5686UCBVIT52jO3sz9pKuhxuC2npi8ZvoBwt/IH9piPA15/CGF1XeXUdu2qmhOjHkVLN gO7XB1G8CuluxofOIUce0aZGyB+vZ1ylHXlMeB0R82f5dz3/T7RQso55Y2Vog2Zb7PYTC5B9 oNy3ylsnNLzanYlcW3AAfzZcbxYuAdnuq0Im3EpGm8DoItUcf1pDezugKm/yKtNtY6sDyENj tExZ377cYA3IdIwqn1Mh4OAT/Rmh8au2rZAo0+bMYBy9C11Ex0hQ8zWcvPZBDn4v4RtO8g+K uQZQcJnO09LJNtw94W3d2mj4a7XrsKMnZKvm6W9BJIQ4Nmht4wXAtPQ1xA+QpxPTmsGAU0Cv HmqVC7XC3qxFhaOrD2dsvOAK6Sn3MEpH/YrfYCX7a7cz5zW3DsJQ6o3pYfnnQz+hnwLlz4MK 17NIA0WOdAF9IbtQqarf44+PEyUbKtz1r0KGeGLs+VGdd2FLA0e7yuzxJDYcaBTVwqaHhU2/ Fna/jGU7BhrKHtJbb/XlLeFJ24yvuiYKpYWQSSyZu1R/gvZjHeGb344jGBsZdCDrdxtQQcVA 6OxsMAPSUPMrlg9LWELEEYnVulQJerWxpUecGH92O06wwmPgykkz//UmmgjVSh7ErNvL0lUY UMfunYVO/O5hwhW+P4gviCXzBFeTtDZH259O7TCCBzAwggUYoAMCAQICEwCg0WvVwekjGFiO 62SckFwepz0wDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3Jp ZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBD QTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExMQyAyMDE3IEludCBDQTAeFw0xNzA4MTcyMTIx MjBaFw0yMjA4MTYyMTIxMjBaMFcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRswGQYDVQQDDBJrYXJsQGRlbm5pbmdlci5uZXQw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+HVSyxVtJhy3Ohs+PAGRuO//Dha9A 16l5FPATr6wude9zjX5f2lrkRyU8vhCXTZW7WbvWZKpcZ8r0dtZmiK9uF58Ec6hhvfkxJzbg 96WHBw5Fumd5ahZzuCJDtCAWW8R7/KN+zwzQf1+B3MVLmbaXAFBuKzySKhKMcHbK3/wjUYTg y+3UK6v2SBrowvkUBC+jxNg3Wy12GsTXcUS/8FYIXgVVPgfZZrbJJb5HWOQpvvhILpPCD3xs YJFNKEPltXKWHT7Qtc2HNqikgNwj8oqOb+PeZGMiWapsatKm8mxuOOGOEBhAoTVTwUHlMNTg 6QUCJtuWFCK38qOCyk9Haj+86lUU8RG6FkRXWgMbNQm1mWREQhw3axgGLSntjjnznJr5vsvX SYR6c+XKLd5KQZcS6LL8FHYNjqVKHBYM+hDnrTZMqa20JLAF1YagutDiMRURU23iWS7bA9tM cXcqkclTSDtFtxahRifXRI7Epq2GSKuEXe/1Tfb5CE8QsbCpGsfSwv2tZ/SpqVG08MdRiXxN 5tmZiQWo15IyWoeKOXl/hKxA9KPuDHngXX022b1ly+5ZOZbxBAZZMod4y4b4FiRUhRI97r9l CxsP/EPHuuTIZ82BYhrhbtab8HuRo2ofne2TfAWY2BlA7ExM8XShMd9bRPZrNTokPQPUCWCg CdIATQIDAQABo4IBzzCCAcswPAYIKwYBBQUHAQEEMDAuMCwGCCsGAQUFBzABhiBodHRwOi8v b2NzcC5jdWRhc3lzdGVtcy5uZXQ6ODg4ODAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF oDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMDMGCWCG SAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBDbGllbnQgQ2VydGlmaWNhdGUwHQYDVR0O BBYEFLElmNWeVgsBPe7O8NiBzjvjYnpRMIHKBgNVHSMEgcIwgb+AFF3AXsKnjdPND5+bxVEC GKtc047PoYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UE BwwJTmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRh IFN5c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYITAORIioIQ zl6738WMYyE12A3YSDAdBgNVHREEFjAUgRJrYXJsQGRlbm5pbmdlci5uZXQwDQYJKoZIhvcN AQELBQADggIBAJXboPFBMLMtaiUt4KEtJCXlHO/3ZzIUIw/eobWFMdhe7M4+0u3te0sr77QR dcPKR0UeHffvpth2Mb3h28WfN0FmJmLwJk+pOx4u6uO3O0E1jNXoKh8fVcL4KU79oEQyYkbu 2HwbXBU9HbldPOOZDnPLi0whi/sbFHdyd4/w/NmnPgzAsQNZ2BYT9uBNr+jZw4SsluQzXG1X lFL/qCBoi1N2mqKPIepfGYF6drbr1RnXEJJsuD+NILLooTNf7PMgHPZ4VSWQXLNeFfygoOOK FiO0qfxPKpDMA+FHa8yNjAJZAgdJX5Mm1kbqipvb+r/H1UAmrzGMbhmf1gConsT5f8KU4n3Q IM2sOpTQe7BoVKlQM/fpQi6aBzu67M1iF1WtODpa5QUPvj1etaK+R3eYBzi4DIbCIWst8MdA 1+fEeKJFvMEZQONpkCwrJ+tJEuGQmjoQZgK1HeloepF0WDcviiho5FlgtAij+iBPtwMuuLiL shAXA5afMX1hYM4l11JXntle12EQFP1r6wOUkpOdxceCcMVDEJBBCHW2ZmdEaXgAm1VU+fnQ qS/wNw/S0X3RJT1qjr5uVlp2Y0auG/eG0jy6TT0KzTJeR9tLSDXprYkN2l/Qf7/nT6Q03qyE QnnKiBXWAZXveafyU/zYa7t3PTWFQGgWoC4w6XqgPo4KV44OMYIFBzCCBQMCAQEwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBglghkgBZQMEAgMFAKCCAkUw GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTkwMTI2MjAwMDE4 WjBPBgkqhkiG9w0BCQQxQgRArXcuXFaOIST+mVFDCDTDCa4BV9w9JGGNNzBth8M47mRng7hu JtYJhKhfLXhNXjrvHVuBAiyP8SR2WrdwWSDxhTBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFl AwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3 DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGjBgkrBgEEAYI3EAQxgZUwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTCBpQYLKoZIhvcNAQkQAgsxgZWg gZIwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lz dGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0 ZW1zIExMQyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBgkqhkiG9w0BAQEF AASCAgAUJ7ODTfW2lxCxdIUSyNZgC+XGaDLPq0dw1DtzZ3LKX93RJOB697U3j8NJHYHYzygv VCzxTdTtAf7wz1zgzM1XmdseiwkJvgCIJIML5Cqiy/0P7IQ5bflNb40OqyqMhLh6ALWIieL3 lL6flkei1xhCBOTI/O3v86/QGna0n0CUeurl8o6ZsysAoV2JYca9JUci5jW/+ab+OBWWlwpQ Z+viN1J3u5Yy+riW/jim0Bvm518yXmpVN1oukq5cYKMOI9O4NmXkJ46aleGsuFCi6YR2ARrw uhRTzsJyu377zkQSUvkHJDavt5WjiwkeeZngBbOdo13FIcS0C0b7XsmVRxHnrwxDxandyBUv Hc3GG3aZCFyCHNDLj/0ZLtgjwD9K72u7hNobHq73o61QbLoPLThNFGO0btSLh9O9n6vtYrTC EK7Q5XAcWULnJZBnBQyOImJ7P+vmFLvtVkC/6XH+obHnmMvo/6OgPdIjZ6fVAGHveinesRLj cU45PKqviXAXUXqdNJkdwBB5OUvapfDGVSwXa57SKI1Qnc7gZ2cOVshNOBVqf8kKjfYZrrYn vHtDKWEA3CVaCwdSdILPuR7+dQNt44oFHusYGcNB7VdnaxIJVCZKsZ1KuA0OrgCMDGgDUJKf 3ERPope7OQ+j5mtVyGhfFz4ARj0GSSNizeO3viriTAAAAAAAAA== --------------ms010306020302040608060000-- From owner-freebsd-stable@freebsd.org Sat Jan 26 20:10:58 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2E62A14AC867 for ; Sat, 26 Jan 2019 20:10:58 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5197F6B526 for ; Sat, 26 Jan 2019 20:10:57 +0000 (UTC) (envelope-from wlosh@bsdimp.com) Received: by mail-qt1-x834.google.com with SMTP id r14so14458386qtp.1 for ; Sat, 26 Jan 2019 12:10:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bsdimp-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=t4H4DNkadHuNxamY3e/LH6/c7MrAJ1fPTOKc4B+vQ6c=; b=GmyGWpuyb4HV5TpUavrgedHOBbq37noT8SCWLUy0cYNcjVw6pY/pLWiLCy9Rm2dTFf SAU7kYg7xSrY84KgfR5Gpp2M3eWfzyxadqxLuubIfCuWlM612bsxH3VlIy/TUhak0plf by3YyoqeqUDl6NjqD4kufVQPr/qmZCVcMwMQrmtdj0DAnS4y3x/NNTQMapzRcEEbZ9Gy TEBDYJpNT6mre00nL/9+Kf+lGOp+5dFE9FNgmrlhBDgr0/CVd/BDKpOul8uk2/KZlaN6 PpndG+8tvJGg/EP9MijOyj6IqP3U+V61QvGZpjaoN/zpB+mgtDbcYiQ9uWM5+xPNXIcQ qruA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=t4H4DNkadHuNxamY3e/LH6/c7MrAJ1fPTOKc4B+vQ6c=; b=ZiDN4Nx7iKdk2E+B7izRpLj0SfnO59n40X4QrnEi5r7fECz7Orv+BJu3yD11Ox+8Kr wawq8RbZGSk5+NqlVw4QjPaXMOk+rbRlPRC9s2XPGeuI0OroU8gukzmYwoZNZj+2dH2b KDZxE9gckJo/Ob/JmeAXOJ5cV/WRmjJefmx5G1A78yz8N82KN3LKkilSPkYsA29J2s3i oCgq75nvKPaZzd1ANflzWjQH0xfknzn2WwjvcpuXE5sXwcpDF5Ul7DSTY/VVO2LHPxLQ +yP6DUb9//AlNS612gqQ54lcLyTPEDNB8oOJ5Xrt4KQHP2E7Fc3kdfKj/LRo9YiaI48Z b7iw== X-Gm-Message-State: AJcUukc6f7Dcw3XPGvqH0wNfgtltyFQAYiljLIZOurtpHuaZq2g0ABwG AyhLx9dvkWDXj4jgtGWvIQ45+vfU5HUDKVbUlRxqkFxo X-Google-Smtp-Source: ALg8bN7HM8OwQ69S3dy/rXLngaagDBZsNWjjnpEFZZGQxuEj4T9pgLd6miu/ILOBOjsfYlepIyoKVgmmKX11Rc5BEw8= X-Received: by 2002:ac8:668c:: with SMTP id d12mr15349598qtp.242.1548533456560; Sat, 26 Jan 2019 12:10:56 -0800 (PST) MIME-Version: 1.0 References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> <7a61c927-796d-ea1f-8dce-37e82fb6d646@denninger.net> In-Reply-To: <7a61c927-796d-ea1f-8dce-37e82fb6d646@denninger.net> From: Warner Losh Date: Sat, 26 Jan 2019 13:10:45 -0700 Message-ID: Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) To: Karl Denninger Cc: FreeBSD-STABLE Mailing List X-Rspamd-Queue-Id: 5197F6B526 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=bsdimp-com.20150623.gappssmtp.com header.s=20150623 header.b=GmyGWpuy X-Spamd-Result: default: False [-5.10 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[bsdimp-com.20150623.gappssmtp.com:s=20150623]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_SHORT(-0.65)[-0.654,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; DMARC_NA(0.00)[bsdimp.com]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[bsdimp-com.20150623.gappssmtp.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[4.3.8.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; MX_GOOD(-0.01)[cached: ALT1.aspmx.l.google.com]; R_SPF_NA(0.00)[]; FORGED_SENDER(0.30)[imp@bsdimp.com,wlosh@bsdimp.com]; MIME_TRACE(0.00)[0:+,1:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[imp@bsdimp.com,wlosh@bsdimp.com]; IP_SCORE(-2.44)[ip: (-7.68), ipnet: 2607:f8b0::/32(-2.50), asn: 15169(-1.93), country: US(-0.08)]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 20:10:58 -0000 On Sat, Jan 26, 2019 at 1:01 PM Karl Denninger wrote: > Further question.... does boot1.efi (which I assume has to be placed on > the EFI partition and then something like rEFInd can select it) know how > to handle a geli-encrypted primary partition (e.g. for root/boot so I > don't need an unencrypted /boot partition), and if so how do I tell it > that's the case and to prompt for the password? > Not really. The whole reason we ditched boot1.efi is because it is quite limited in what it can do. You must loader.efi for that. > (If not I know how to set up for geli-encryption using a non-encrypted > /boot partition, but my understanding is that for 12 the loader was > taught how to handle geli internally and thus you can now install 12 -- > at least for ZFS -- with encryption on root. However, that wipes the > disk if you try to select it in the installer, so that's no good -- and > besides, on a laptop zfs is overkill.) > For MBR stuff, yes. For loader.efi, yes. For boot1.efi, no: it did not and will not grow that functionality. Warner > Thanks! > > On 1/26/2019 08:08, Kamila Sou=C4=8Dkov=C3=A1 wrote: > > I'm just booting the installer, going to do this on my X1 Carbon (5th > gen), > > and I'm planning to use the efibootmgr entry first (which is sufficient > for > > booting), and later I might add rEFInd if I feel like it. I'll be posti= ng > > my steps online, I can post the link once it's out there if you're > > interested. > > > > I'm very curious about HW support on the 6th gen Carbon, it'd be great = to > > hear how it goes. > > > > Have fun! > > > > Kamila > > > > On Sat, 26 Jan 2019, 06:54 Kyle Evans, wrote: > > > >> On Fri, Jan 25, 2019 at 6:30 PM Jonathan Chen wrote= : > >>> On Sat, 26 Jan 2019 at 13:00, Karl Denninger > wrote: > >>> [...] > >>>> I'd like to repartition it to be able to dual boot it much as I do > with > >>>> my X220 (I wish I could ditch Windows entirely, but that is just not > >>>> going to happen), but I'm not sure how to accomplish that in the EFI > >>>> world -- or if it reasonably CAN be done in the EFI world. > Fortunately > >>>> the BIOS has an option to turn off secure boot (which I surmise from > >>>> reading the Wiki FreeBSD doesn't yet support) but I still need a mea= ns > >>>> to select from some reasonably-friendly way *what* to boot. > >>> The EFI partition is just a MS-DOS partition, and most EFI aware BIOS > >>> will (by default) load /EFI/Boot/boot64.efi when starting up. On my > >>> Dell Inspiron 17, I created /EFI/FreeBSD and copied FreeBSD's > >>> /boot/loader.efi to /EFI/FreeBSD/boot64.efi. My laptop's BIOS setup > >>> allowed me to specify a boot-entry to for \EFI\FreeBSD\boot64.efi. On > >>> a cold start, I have to be quick to hit the F12 key, which then allow= s > >>> me to specify whether to boot Windows or FreeBSD. I'm not sure how > >>> Lenovo's BIOS setup works, but I'm pretty sure that it should have > >>> something similar. > >>> > >> Adding a boot-entry can also be accomplished with efibootmgr. This is > >> effectively what the installer in -CURRENT does, copying loader to > >> \EFI\FreeBSD on the ESP and using efibootmgr to insert a "FreeBSD" > >> entry for that loader and activating it. > >> _______________________________________________ > >> freebsd-stable@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-stable > >> To unsubscribe, send any mail to " > freebsd-stable-unsubscribe@freebsd.org" > >> > > _______________________________________________ > > freebsd-stable@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.or= g > " > -- > Karl Denninger > karl@denninger.net > /The Market Ticker/ > /[S/MIME encrypted email preferred]/ > From owner-freebsd-stable@freebsd.org Sat Jan 26 20:27:27 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5583814AD013 for ; Sat, 26 Jan 2019 20:27:27 +0000 (UTC) (envelope-from karl@denninger.net) Received: from colo1.denninger.net (colo1.denninger.net [104.236.120.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B85346BFD7 for ; Sat, 26 Jan 2019 20:27:26 +0000 (UTC) (envelope-from karl@denninger.net) Received: from denninger.net (ip68-1-57-197.pn.at.cox.net [68.1.57.197]) by colo1.denninger.net (Postfix) with ESMTP id 805BD21109D; Sat, 26 Jan 2019 15:26:54 -0500 (EST) Received: from [192.168.10.23] (D13.Denninger.Net [192.168.10.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by denninger.net (Postfix) with ESMTPSA id 07C97A45A2; Sat, 26 Jan 2019 14:26:54 -0600 (CST) Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) To: Warner Losh , FreeBSD-STABLE Mailing List References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> <7a61c927-796d-ea1f-8dce-37e82fb6d646@denninger.net> From: Karl Denninger Openpgp: preference=signencrypt Autocrypt: addr=karl@denninger.net; prefer-encrypt=mutual; keydata= mQINBFIX1zsBEADRcJfsQUl9oFeoMfLPJ1kql+3sIaYx0MfJAUhV9LnbWxr0fsWCskM1O4cV tHm5dqPkuPM4Ztc0jLotD1i9ubWvCHOlkLGxFOL+pFbjA+XZ7VKsC/xWmhMwJ3cM8HavK2OV SzEWQ/AEYtMi04IzGSwsxh/5/5R0mPHrsIomV5SbuiI0vjLuDj7fo6146AABI1ULzge4hBYW i/SHrqUrLORmUNBs6bxek79/B0Dzk5cIktD3LOfbT9EAa5J/osVkstMBhToJgQttaMIGv8SG CzpR/HwEokE+7DP+k2mLHnLj6H3kfugOF9pJH8Za4yFmw//s9cPXV8WwtZ2SKfVzn1unpKqf wmJ1PwJoom/d4fGvQDkgkGKRa6RGC6tPmXnqnx+YX4iCOdFfbP8L9rmk2sewDDVzHDU3I3ZZ 8hFIjMYM/QXXYszRatK0LCV0QPZuF7LCf4uQVKw1/oyJInsnH7+6a3c0h21x+CmSja9QJ+y0 yzgEN/nM89d6YTakfR+1xkYgodVmMy/bS8kmXbUUZG/CyeqCqc95RUySjKT2ECrf9GhhoQkl +D8n2MsrAUSMGB4GQSN+TIq9OBTpNuvATGSRuF9wnQcs1iSry+JNCpfRTyWp83uCNApe6oHU EET4Et6KDO3AvjvBMAX0TInTRGW2SQlJMuFKpc7Dg7tHK8zzqQARAQABtCNLYXJsIERlbm5p bmdlciA8a2FybEBkZW5uaW5nZXIubmV0PokCPAQTAQIAJgUCUhfXOwIbIwUJCWYBgAYLCQgH AwIEFQIIAwQWAgMBAh4BAheAAAoJEG6/sivc5s0PLxQP/i6x/QFx9G4Cw7C+LthhLXIm7NSH AtNbz2UjySEx2qkoQQjtsK6mcpEEaky4ky6t8gz0/SifIfJmSmyAx0UhUQ0WBv1vAXwtNrQQ jJd9Bj6l4c2083WaXyHPjt2u2Na6YFowyb4SaQb83hu/Zs25vkPQYJVVE0JX409MFVPUa6E3 zFbd1OTr3T4yNUy4gNeQZfzDqDS8slbIks2sXeoJrZ6qqXVI0ionoivOlaN4T6Q0UYyXtigj dQvvhMt0aNowKFjRqrmSDRpdz+o6yg7Mp7qEZ1V6EZk8KqQTH6htpCTQ8i79ttK4LG6bstSF Re6Fwq52nbrcANrcdmtZXqjo+SGbUqJ8b1ggrxAsJ5MEhRh2peKrCgI/TjQo+ZxfnqEoR4AI 46Cyiz+/lcVvlvmf2iPifS3EEdaH3Itfwt7MxFm6mQORYs6skHDw3tOYB2/AdCW6eRVYs2hB RMAG4uwApZfZDKgRoE95PJmQjeTBiGmRPcsQZtNESe7I7EjHtCDLwtJqvD4HkDDQwpzreT6W XkyIJ7ns7zDfA1E+AQhFR6rsTFGgQZRZKsVeov3SbhYKkCnVDCvb/PKQCAGkSZM9SvYG5Yax 8CMry3AefKktf9fqBFg8pWqtVxDwJr56dhi0GHXRu3jVI995rMGo1fLUG5fSxiZ8L5sAtokh 9WFmQpyl Message-ID: Date: Sat, 26 Jan 2019 14:26:53 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-512; boundary="------------ms050403000103030604000109" X-Rspamd-Queue-Id: B85346BFD7 X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.00 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; SIGNED_SMIME(-2.00)[]; IP_SCORE(-2.10)[ip: (-9.86), ipnet: 104.236.64.0/18(-3.34), asn: 14061(2.76), country: US(-0.08)]; HAS_ATTACHMENT(0.00)[]; MIME_GOOD(-0.20)[multipart/signed,multipart/alternative,text/plain]; DMARC_NA(0.00)[denninger.net]; AUTH_NA(1.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: px.denninger.net]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.68)[-0.683,0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+]; ASN(0.00)[asn:14061, ipnet:104.236.64.0/18, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[197.57.1.68.zen.spamhaus.org : 127.0.0.11] X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 20:27:27 -0000 This is a cryptographically signed message in MIME format. --------------ms050403000103030604000109 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable =C2=A01/26/2019 14:10, Warner Losh wrote: > > > On Sat, Jan 26, 2019 at 1:01 PM Karl Denninger > wrote: > > Further question....=C2=A0 does boot1.efi (which I assume has to be= > placed on > the EFI partition and then something like rEFInd can select it) > know how > to handle a geli-encrypted primary partition (e.g. for root/boot so= I > don't need an unencrypted /boot partition), and if so how do I tell= it > that's the case and to prompt for the password? > > > Not really. The whole reason we ditched boot1.efi is because it is > quite limited in what it can do. You must loader.efi for that. > =C2=A0 > > (If not I know how to set up for geli-encryption using a non-encryp= ted > /boot partition, but my understanding is that for 12 the loader was= > taught how to handle geli internally and thus you can now install > 12 -- > at least for ZFS -- with encryption on root.=C2=A0 However, that wi= pes the > disk if you try to select it in the installer, so that's no good > -- and > besides, on a laptop zfs is overkill.) > > > For MBR stuff, yes. For loader.efi, yes. For boot1.efi, no: it did not > and will not grow that functionality. > > Warner > =C2=A0 Ok, next dumb question -- can I put loader.efi in the EFI partition under EFI/FreeBSD as "bootx64.efi" there (from reading mailing list archives that appears to be yes -- just copy it in) and, if yes, how do I "tell" it that when it finds the freebsd-ufs partition on the disk it was started from (which, if I'm reading correctly, it will scan and look for) that it needs to geli attach the partition before it dig into there and find the rest of what it needs to boot? That SHOULD allow me to use an EFI boot manager to come up on initial boot, select FreeBSD and the loader.efi (named as bootx64.efi in EFI/FreeBSD) code will then boot the system. I've looked as the 12-RELEASE man page(s) and it's not obvious how you tell the loader to look for the partition and then attach it via GELI (prompting for the password of course) before attempting to boot it; obviously a "load" directive (e.g. geom_eli_load =3D"YES") makes no sense= as the thing you'd "load" is on the disk you'd be loading it from and its encrypted.. .never mind that loader.conf violates the 8.3 filename rules for a DOS filesystem. Thanks! --=20 Karl Denninger karl@denninger.net /The Market Ticker/ /[S/MIME encrypted email preferred]/ --------------ms050403000103030604000109 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC DdgwggagMIIEiKADAgECAhMA5EiKghDOXrvfxYxjITXYDdhIMA0GCSqGSIb3DQEBCwUAMIGL MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJTmljZXZpbGxlMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExITAf BgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQTAeFw0xNzA4MTcxNjQyMTdaFw0yNzA4 MTUxNjQyMTdaMHsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkwFwYDVQQKDBBD dWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExJTAjBgNVBAMMHEN1 ZGEgU3lzdGVtcyBMTEMgMjAxNyBJbnQgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQC1aJotNUI+W4jP7xQDO8L/b4XiF4Rss9O0B+3vMH7Njk85fZ052QhZpMVlpaaO+sCI KqG3oNEbuOHzJB/NDJFnqh7ijBwhdWutdsq23Ux6TvxgakyMPpT6TRNEJzcBVQA0kpby1DVD 0EKSK/FrWWBiFmSxg7qUfmIq/mMzgE6epHktyRM3OGq3dbRdOUgfumWrqHXOrdJz06xE9NzY vc9toqZnd79FUtE/nSZVm1VS3Grq7RKV65onvX3QOW4W1ldEHwggaZxgWGNiR/D4eosAGFxn uYeWlKEC70c99Mp1giWux+7ur6hc2E+AaTGh+fGeijO5q40OGd+dNMgK8Es0nDRw81lRcl24 SWUEky9y8DArgIFlRd6d3ZYwgc1DMTWkTavx3ZpASp5TWih6yI8ACwboTvlUYeooMsPtNa9E 6UQ1nt7VEi5syjxnDltbEFoLYcXBcqhRhFETJe9CdenItAHAtOya3w5+fmC2j/xJz29og1KH YqWHlo3Kswi9G77an+zh6nWkMuHs+03DU8DaOEWzZEav3lVD4u76bKRDTbhh0bMAk4eXriGL h4MUoX3Imfcr6JoyheVrAdHDL/BixbMH1UUspeRuqQMQ5b2T6pabXP0oOB4FqldWiDgJBGRd zWLgCYG8wPGJGYgHibl5rFiI5Ix3FQncipc6SdUzOQIDAQABo4IBCjCCAQYwHQYDVR0OBBYE FF3AXsKnjdPND5+bxVECGKtc047PMIHABgNVHSMEgbgwgbWAFBu1oRhUMNEzjODolDka5k4Q EDBioYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJ TmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5 c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYIJAKxAy1WBo2kY MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IC AQCB5686UCBVIT52jO3sz9pKuhxuC2npi8ZvoBwt/IH9piPA15/CGF1XeXUdu2qmhOjHkVLN gO7XB1G8CuluxofOIUce0aZGyB+vZ1ylHXlMeB0R82f5dz3/T7RQso55Y2Vog2Zb7PYTC5B9 oNy3ylsnNLzanYlcW3AAfzZcbxYuAdnuq0Im3EpGm8DoItUcf1pDezugKm/yKtNtY6sDyENj tExZ377cYA3IdIwqn1Mh4OAT/Rmh8au2rZAo0+bMYBy9C11Ex0hQ8zWcvPZBDn4v4RtO8g+K uQZQcJnO09LJNtw94W3d2mj4a7XrsKMnZKvm6W9BJIQ4Nmht4wXAtPQ1xA+QpxPTmsGAU0Cv HmqVC7XC3qxFhaOrD2dsvOAK6Sn3MEpH/YrfYCX7a7cz5zW3DsJQ6o3pYfnnQz+hnwLlz4MK 17NIA0WOdAF9IbtQqarf44+PEyUbKtz1r0KGeGLs+VGdd2FLA0e7yuzxJDYcaBTVwqaHhU2/ Fna/jGU7BhrKHtJbb/XlLeFJ24yvuiYKpYWQSSyZu1R/gvZjHeGb344jGBsZdCDrdxtQQcVA 6OxsMAPSUPMrlg9LWELEEYnVulQJerWxpUecGH92O06wwmPgykkz//UmmgjVSh7ErNvL0lUY UMfunYVO/O5hwhW+P4gviCXzBFeTtDZH259O7TCCBzAwggUYoAMCAQICEwCg0WvVwekjGFiO 62SckFwepz0wDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3Jp ZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBD QTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExMQyAyMDE3IEludCBDQTAeFw0xNzA4MTcyMTIx MjBaFw0yMjA4MTYyMTIxMjBaMFcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRswGQYDVQQDDBJrYXJsQGRlbm5pbmdlci5uZXQw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+HVSyxVtJhy3Ohs+PAGRuO//Dha9A 16l5FPATr6wude9zjX5f2lrkRyU8vhCXTZW7WbvWZKpcZ8r0dtZmiK9uF58Ec6hhvfkxJzbg 96WHBw5Fumd5ahZzuCJDtCAWW8R7/KN+zwzQf1+B3MVLmbaXAFBuKzySKhKMcHbK3/wjUYTg y+3UK6v2SBrowvkUBC+jxNg3Wy12GsTXcUS/8FYIXgVVPgfZZrbJJb5HWOQpvvhILpPCD3xs YJFNKEPltXKWHT7Qtc2HNqikgNwj8oqOb+PeZGMiWapsatKm8mxuOOGOEBhAoTVTwUHlMNTg 6QUCJtuWFCK38qOCyk9Haj+86lUU8RG6FkRXWgMbNQm1mWREQhw3axgGLSntjjnznJr5vsvX SYR6c+XKLd5KQZcS6LL8FHYNjqVKHBYM+hDnrTZMqa20JLAF1YagutDiMRURU23iWS7bA9tM cXcqkclTSDtFtxahRifXRI7Epq2GSKuEXe/1Tfb5CE8QsbCpGsfSwv2tZ/SpqVG08MdRiXxN 5tmZiQWo15IyWoeKOXl/hKxA9KPuDHngXX022b1ly+5ZOZbxBAZZMod4y4b4FiRUhRI97r9l CxsP/EPHuuTIZ82BYhrhbtab8HuRo2ofne2TfAWY2BlA7ExM8XShMd9bRPZrNTokPQPUCWCg CdIATQIDAQABo4IBzzCCAcswPAYIKwYBBQUHAQEEMDAuMCwGCCsGAQUFBzABhiBodHRwOi8v b2NzcC5jdWRhc3lzdGVtcy5uZXQ6ODg4ODAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF oDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMDMGCWCG SAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBDbGllbnQgQ2VydGlmaWNhdGUwHQYDVR0O BBYEFLElmNWeVgsBPe7O8NiBzjvjYnpRMIHKBgNVHSMEgcIwgb+AFF3AXsKnjdPND5+bxVEC GKtc047PoYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UE BwwJTmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRh IFN5c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYITAORIioIQ zl6738WMYyE12A3YSDAdBgNVHREEFjAUgRJrYXJsQGRlbm5pbmdlci5uZXQwDQYJKoZIhvcN AQELBQADggIBAJXboPFBMLMtaiUt4KEtJCXlHO/3ZzIUIw/eobWFMdhe7M4+0u3te0sr77QR dcPKR0UeHffvpth2Mb3h28WfN0FmJmLwJk+pOx4u6uO3O0E1jNXoKh8fVcL4KU79oEQyYkbu 2HwbXBU9HbldPOOZDnPLi0whi/sbFHdyd4/w/NmnPgzAsQNZ2BYT9uBNr+jZw4SsluQzXG1X lFL/qCBoi1N2mqKPIepfGYF6drbr1RnXEJJsuD+NILLooTNf7PMgHPZ4VSWQXLNeFfygoOOK FiO0qfxPKpDMA+FHa8yNjAJZAgdJX5Mm1kbqipvb+r/H1UAmrzGMbhmf1gConsT5f8KU4n3Q IM2sOpTQe7BoVKlQM/fpQi6aBzu67M1iF1WtODpa5QUPvj1etaK+R3eYBzi4DIbCIWst8MdA 1+fEeKJFvMEZQONpkCwrJ+tJEuGQmjoQZgK1HeloepF0WDcviiho5FlgtAij+iBPtwMuuLiL shAXA5afMX1hYM4l11JXntle12EQFP1r6wOUkpOdxceCcMVDEJBBCHW2ZmdEaXgAm1VU+fnQ qS/wNw/S0X3RJT1qjr5uVlp2Y0auG/eG0jy6TT0KzTJeR9tLSDXprYkN2l/Qf7/nT6Q03qyE QnnKiBXWAZXveafyU/zYa7t3PTWFQGgWoC4w6XqgPo4KV44OMYIFBzCCBQMCAQEwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBglghkgBZQMEAgMFAKCCAkUw GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTkwMTI2MjAyNjUz WjBPBgkqhkiG9w0BCQQxQgRATWVuS7SW21lV/j/qLd2JtVN7WtooeI6ER3mTwMmOPDRhPKfl wig7YJXThxnIm5crnwq3WV4LO5klnYQm0ytowDBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFl AwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3 DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGjBgkrBgEEAYI3EAQxgZUwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTCBpQYLKoZIhvcNAQkQAgsxgZWg gZIwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lz dGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0 ZW1zIExMQyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBgkqhkiG9w0BAQEF AASCAgBb32J9v3kxOrirxy5PuoqPS8oGySvjJk7SjEMiM4CLnamcbwZ9RtMtCU/LIV79/8hU 7h6uxboOwOnfp/PJhGFaVDvhTiOdFhWAb5H0brRguiHEfZ0EWBKN99xsCBwMIiS2EevnpvFf FkszOI8ZrZJsghiQs7x6yN3ANcrBXHaNDN1RjQlX3gnppaw0PVsc2Vc8CsduCM5cTi1da1TW HhdPTkSEO4MyDVsIlE1u+ofzC88/EKVjTiHI/JYkqbxs7G9WJFf2uikKGClXy7uCZkDlykda YkFev7F4IVkaBrDxQlNADScFORa4aPP4Yg59FYrdI4iACZg+eYfm7luwayUrkEQNusBd/vol U9Xy5HOrD/CqmI9lAPk6bZUQ2iv3g9SbiVreV9nkkJDnmm4jeA+FFwN7icLagd9Eav8kN/x4 qh3VFBnNFYSIeFtYnEmEND2yhvVNYYD1DVTNnacTOmXmvilO48941TnIw2gzJaYIBtn4rx1N j5H9bo6UQtYCASzdoGIYYUFRhyVn67KLKcOdV4Rch7RMCYKlaJ50cYoWCYq2RGiV1p3t0rxD S75vmT+VG9sNo4HNqa9VgjOb+jKn4ILCTCwLeSxyhOQYgHIHb+phcgb35ldTewIk1Qw8cyBS 9VVQSalqtHoDQkr/x+VxtOczQRK62Cu+nmxdBCd0ZgAAAAAAAA== --------------ms050403000103030604000109-- From owner-freebsd-stable@freebsd.org Sat Jan 26 21:05:08 2019 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E0B4914AE84C for ; Sat, 26 Jan 2019 21:05:07 +0000 (UTC) (envelope-from karl@denninger.net) Received: from colo1.denninger.net (colo1.denninger.net [104.236.120.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 10AC56D82E for ; Sat, 26 Jan 2019 21:05:06 +0000 (UTC) (envelope-from karl@denninger.net) Received: from denninger.net (ip68-1-57-197.pn.at.cox.net [68.1.57.197]) by colo1.denninger.net (Postfix) with ESMTP id B73DD211080 for ; Sat, 26 Jan 2019 16:04:33 -0500 (EST) Received: from [192.168.10.23] (D13.Denninger.Net [192.168.10.23]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by denninger.net (Postfix) with ESMTPSA id 00447A46A8 for ; Sat, 26 Jan 2019 15:04:32 -0600 (CST) Subject: Re: Not sure if this is the correct place.... (laptop, dual-boot EFI) To: freebsd-stable@freebsd.org References: <7391812a-a2ad-874a-80c9-5a871a29f680@denninger.net> <7a61c927-796d-ea1f-8dce-37e82fb6d646@denninger.net> From: Karl Denninger Openpgp: preference=signencrypt Autocrypt: addr=karl@denninger.net; prefer-encrypt=mutual; keydata= mQINBFIX1zsBEADRcJfsQUl9oFeoMfLPJ1kql+3sIaYx0MfJAUhV9LnbWxr0fsWCskM1O4cV tHm5dqPkuPM4Ztc0jLotD1i9ubWvCHOlkLGxFOL+pFbjA+XZ7VKsC/xWmhMwJ3cM8HavK2OV SzEWQ/AEYtMi04IzGSwsxh/5/5R0mPHrsIomV5SbuiI0vjLuDj7fo6146AABI1ULzge4hBYW i/SHrqUrLORmUNBs6bxek79/B0Dzk5cIktD3LOfbT9EAa5J/osVkstMBhToJgQttaMIGv8SG CzpR/HwEokE+7DP+k2mLHnLj6H3kfugOF9pJH8Za4yFmw//s9cPXV8WwtZ2SKfVzn1unpKqf wmJ1PwJoom/d4fGvQDkgkGKRa6RGC6tPmXnqnx+YX4iCOdFfbP8L9rmk2sewDDVzHDU3I3ZZ 8hFIjMYM/QXXYszRatK0LCV0QPZuF7LCf4uQVKw1/oyJInsnH7+6a3c0h21x+CmSja9QJ+y0 yzgEN/nM89d6YTakfR+1xkYgodVmMy/bS8kmXbUUZG/CyeqCqc95RUySjKT2ECrf9GhhoQkl +D8n2MsrAUSMGB4GQSN+TIq9OBTpNuvATGSRuF9wnQcs1iSry+JNCpfRTyWp83uCNApe6oHU EET4Et6KDO3AvjvBMAX0TInTRGW2SQlJMuFKpc7Dg7tHK8zzqQARAQABtCNLYXJsIERlbm5p bmdlciA8a2FybEBkZW5uaW5nZXIubmV0PokCPAQTAQIAJgUCUhfXOwIbIwUJCWYBgAYLCQgH AwIEFQIIAwQWAgMBAh4BAheAAAoJEG6/sivc5s0PLxQP/i6x/QFx9G4Cw7C+LthhLXIm7NSH AtNbz2UjySEx2qkoQQjtsK6mcpEEaky4ky6t8gz0/SifIfJmSmyAx0UhUQ0WBv1vAXwtNrQQ jJd9Bj6l4c2083WaXyHPjt2u2Na6YFowyb4SaQb83hu/Zs25vkPQYJVVE0JX409MFVPUa6E3 zFbd1OTr3T4yNUy4gNeQZfzDqDS8slbIks2sXeoJrZ6qqXVI0ionoivOlaN4T6Q0UYyXtigj dQvvhMt0aNowKFjRqrmSDRpdz+o6yg7Mp7qEZ1V6EZk8KqQTH6htpCTQ8i79ttK4LG6bstSF Re6Fwq52nbrcANrcdmtZXqjo+SGbUqJ8b1ggrxAsJ5MEhRh2peKrCgI/TjQo+ZxfnqEoR4AI 46Cyiz+/lcVvlvmf2iPifS3EEdaH3Itfwt7MxFm6mQORYs6skHDw3tOYB2/AdCW6eRVYs2hB RMAG4uwApZfZDKgRoE95PJmQjeTBiGmRPcsQZtNESe7I7EjHtCDLwtJqvD4HkDDQwpzreT6W XkyIJ7ns7zDfA1E+AQhFR6rsTFGgQZRZKsVeov3SbhYKkCnVDCvb/PKQCAGkSZM9SvYG5Yax 8CMry3AefKktf9fqBFg8pWqtVxDwJr56dhi0GHXRu3jVI995rMGo1fLUG5fSxiZ8L5sAtokh 9WFmQpyl Message-ID: <59c4f20f-0526-0d0a-4a67-f6ad7b00899d@denninger.net> Date: Sat, 26 Jan 2019 15:04:32 -0600 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-512; boundary="------------ms070706000601020507040604" X-Rspamd-Queue-Id: 10AC56D82E X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.02 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_ATTACHMENT(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; MX_GOOD(-0.01)[cached: px.denninger.net]; NEURAL_HAM_SHORT(-0.69)[-0.690,0]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(-2.13)[ip: (-9.86), ipnet: 104.236.64.0/18(-3.45), asn: 14061(2.76), country: US(-0.08)]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:14061, ipnet:104.236.64.0/18, country:US]; MIME_TRACE(0.00)[0:+,1:+,2:+]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[197.57.1.68.zen.spamhaus.org : 127.0.0.11]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; SIGNED_SMIME(-2.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.20)[multipart/signed,multipart/alternative,text/plain]; RCVD_TLS_LAST(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[denninger.net]; R_SPF_NA(0.00)[] X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jan 2019 21:05:08 -0000 This is a cryptographically signed message in MIME format. --------------ms070706000601020507040604 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Nevermind! I set the "-g" flag on the provider and.... voila.=C2=A0 Up she comes; th= e loader figured out that it had to prompt for the password and it was immediately good. Now THAT'S easy compared with the convoluted BS I had to do (two partitions, fully "by-hand" install, etc) for 11 on my X220. Off to the races I go; now I have to figure out what I have to set in Windows group policy so Bitlocker doesn't throw up every time I boot FreeBSD (this took a bit with my X220 since the boot manager tickled something that Bitlocker interpreted as "someone tampered with the system.")=C2=A0 Maybe this will be a nothingburger too (which would be gr= eat if true.) I'm going to write this one up when I've got it all solid and post it on my blog; hopefully it will help others. On 1/26/2019 14:26, Karl Denninger wrote: > =C2=A01/26/2019 14:10, Warner Losh wrote: >> >> On Sat, Jan 26, 2019 at 1:01 PM Karl Denninger > > wrote: >> >> Further question....=C2=A0 does boot1.efi (which I assume has to b= e >> placed on >> the EFI partition and then something like rEFInd can select it) >> know how >> to handle a geli-encrypted primary partition (e.g. for root/boot s= o I >> don't need an unencrypted /boot partition), and if so how do I tel= l it >> that's the case and to prompt for the password? >> >> >> Not really. The whole reason we ditched boot1.efi is because it is >> quite limited in what it can do. You must loader.efi for that. >> =C2=A0 >> >> (If not I know how to set up for geli-encryption using a non-encry= pted >> /boot partition, but my understanding is that for 12 the loader wa= s >> taught how to handle geli internally and thus you can now install >> 12 -- >> at least for ZFS -- with encryption on root.=C2=A0 However, that w= ipes the >> disk if you try to select it in the installer, so that's no good >> -- and >> besides, on a laptop zfs is overkill.) >> >> >> For MBR stuff, yes. For loader.efi, yes. For boot1.efi, no: it did not= >> and will not grow that functionality. >> >> Warner >> =C2=A0 > Ok, next dumb question -- can I put loader.efi in the EFI partition > under EFI/FreeBSD as "bootx64.efi" there (from reading mailing list > archives that appears to be yes -- just copy it in) and, if yes, how do= > I "tell" it that when it finds the freebsd-ufs partition on the disk it= > was started from (which, if I'm reading correctly, it will scan and loo= k > for) that it needs to geli attach the partition before it dig into ther= e > and find the rest of what it needs to boot? > > That SHOULD allow me to use an EFI boot manager to come up on initial > boot, select FreeBSD and the loader.efi (named as bootx64.efi in > EFI/FreeBSD) code will then boot the system. > > I've looked as the 12-RELEASE man page(s) and it's not obvious how you > tell the loader to look for the partition and then attach it via GELI > (prompting for the password of course) before attempting to boot it; > obviously a "load" directive (e.g. geom_eli_load =3D"YES") makes no sen= se > as the thing you'd "load" is on the disk you'd be loading it from and > its encrypted.. .never mind that loader.conf violates the 8.3 filename > rules for a DOS filesystem. > > Thanks! > --=20 Karl Denninger karl@denninger.net /The Market Ticker/ /[S/MIME encrypted email preferred]/ --------------ms070706000601020507040604 Content-Type: application/pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgMFADCABgkqhkiG9w0BBwEAAKCC DdgwggagMIIEiKADAgECAhMA5EiKghDOXrvfxYxjITXYDdhIMA0GCSqGSIb3DQEBCwUAMIGL MQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJTmljZXZpbGxlMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExITAf BgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQTAeFw0xNzA4MTcxNjQyMTdaFw0yNzA4 MTUxNjQyMTdaMHsxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkwFwYDVQQKDBBD dWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5c3RlbXMgQ0ExJTAjBgNVBAMMHEN1 ZGEgU3lzdGVtcyBMTEMgMjAxNyBJbnQgQ0EwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIK AoICAQC1aJotNUI+W4jP7xQDO8L/b4XiF4Rss9O0B+3vMH7Njk85fZ052QhZpMVlpaaO+sCI KqG3oNEbuOHzJB/NDJFnqh7ijBwhdWutdsq23Ux6TvxgakyMPpT6TRNEJzcBVQA0kpby1DVD 0EKSK/FrWWBiFmSxg7qUfmIq/mMzgE6epHktyRM3OGq3dbRdOUgfumWrqHXOrdJz06xE9NzY vc9toqZnd79FUtE/nSZVm1VS3Grq7RKV65onvX3QOW4W1ldEHwggaZxgWGNiR/D4eosAGFxn uYeWlKEC70c99Mp1giWux+7ur6hc2E+AaTGh+fGeijO5q40OGd+dNMgK8Es0nDRw81lRcl24 SWUEky9y8DArgIFlRd6d3ZYwgc1DMTWkTavx3ZpASp5TWih6yI8ACwboTvlUYeooMsPtNa9E 6UQ1nt7VEi5syjxnDltbEFoLYcXBcqhRhFETJe9CdenItAHAtOya3w5+fmC2j/xJz29og1KH YqWHlo3Kswi9G77an+zh6nWkMuHs+03DU8DaOEWzZEav3lVD4u76bKRDTbhh0bMAk4eXriGL h4MUoX3Imfcr6JoyheVrAdHDL/BixbMH1UUspeRuqQMQ5b2T6pabXP0oOB4FqldWiDgJBGRd zWLgCYG8wPGJGYgHibl5rFiI5Ix3FQncipc6SdUzOQIDAQABo4IBCjCCAQYwHQYDVR0OBBYE FF3AXsKnjdPND5+bxVECGKtc047PMIHABgNVHSMEgbgwgbWAFBu1oRhUMNEzjODolDka5k4Q EDBioYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UEBwwJ TmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRhIFN5 c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYIJAKxAy1WBo2kY MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4IC AQCB5686UCBVIT52jO3sz9pKuhxuC2npi8ZvoBwt/IH9piPA15/CGF1XeXUdu2qmhOjHkVLN gO7XB1G8CuluxofOIUce0aZGyB+vZ1ylHXlMeB0R82f5dz3/T7RQso55Y2Vog2Zb7PYTC5B9 oNy3ylsnNLzanYlcW3AAfzZcbxYuAdnuq0Im3EpGm8DoItUcf1pDezugKm/yKtNtY6sDyENj tExZ377cYA3IdIwqn1Mh4OAT/Rmh8au2rZAo0+bMYBy9C11Ex0hQ8zWcvPZBDn4v4RtO8g+K uQZQcJnO09LJNtw94W3d2mj4a7XrsKMnZKvm6W9BJIQ4Nmht4wXAtPQ1xA+QpxPTmsGAU0Cv HmqVC7XC3qxFhaOrD2dsvOAK6Sn3MEpH/YrfYCX7a7cz5zW3DsJQ6o3pYfnnQz+hnwLlz4MK 17NIA0WOdAF9IbtQqarf44+PEyUbKtz1r0KGeGLs+VGdd2FLA0e7yuzxJDYcaBTVwqaHhU2/ Fna/jGU7BhrKHtJbb/XlLeFJ24yvuiYKpYWQSSyZu1R/gvZjHeGb344jGBsZdCDrdxtQQcVA 6OxsMAPSUPMrlg9LWELEEYnVulQJerWxpUecGH92O06wwmPgykkz//UmmgjVSh7ErNvL0lUY UMfunYVO/O5hwhW+P4gviCXzBFeTtDZH259O7TCCBzAwggUYoAMCAQICEwCg0WvVwekjGFiO 62SckFwepz0wDQYJKoZIhvcNAQELBQAwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3Jp ZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBD QTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExMQyAyMDE3IEludCBDQTAeFw0xNzA4MTcyMTIx MjBaFw0yMjA4MTYyMTIxMjBaMFcxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdGbG9yaWRhMRkw FwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRswGQYDVQQDDBJrYXJsQGRlbm5pbmdlci5uZXQw ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQC+HVSyxVtJhy3Ohs+PAGRuO//Dha9A 16l5FPATr6wude9zjX5f2lrkRyU8vhCXTZW7WbvWZKpcZ8r0dtZmiK9uF58Ec6hhvfkxJzbg 96WHBw5Fumd5ahZzuCJDtCAWW8R7/KN+zwzQf1+B3MVLmbaXAFBuKzySKhKMcHbK3/wjUYTg y+3UK6v2SBrowvkUBC+jxNg3Wy12GsTXcUS/8FYIXgVVPgfZZrbJJb5HWOQpvvhILpPCD3xs YJFNKEPltXKWHT7Qtc2HNqikgNwj8oqOb+PeZGMiWapsatKm8mxuOOGOEBhAoTVTwUHlMNTg 6QUCJtuWFCK38qOCyk9Haj+86lUU8RG6FkRXWgMbNQm1mWREQhw3axgGLSntjjnznJr5vsvX SYR6c+XKLd5KQZcS6LL8FHYNjqVKHBYM+hDnrTZMqa20JLAF1YagutDiMRURU23iWS7bA9tM cXcqkclTSDtFtxahRifXRI7Epq2GSKuEXe/1Tfb5CE8QsbCpGsfSwv2tZ/SpqVG08MdRiXxN 5tmZiQWo15IyWoeKOXl/hKxA9KPuDHngXX022b1ly+5ZOZbxBAZZMod4y4b4FiRUhRI97r9l CxsP/EPHuuTIZ82BYhrhbtab8HuRo2ofne2TfAWY2BlA7ExM8XShMd9bRPZrNTokPQPUCWCg CdIATQIDAQABo4IBzzCCAcswPAYIKwYBBQUHAQEEMDAuMCwGCCsGAQUFBzABhiBodHRwOi8v b2NzcC5jdWRhc3lzdGVtcy5uZXQ6ODg4ODAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIF oDAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMDMGCWCG SAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBDbGllbnQgQ2VydGlmaWNhdGUwHQYDVR0O BBYEFLElmNWeVgsBPe7O8NiBzjvjYnpRMIHKBgNVHSMEgcIwgb+AFF3AXsKnjdPND5+bxVEC GKtc047PoYGRpIGOMIGLMQswCQYDVQQGEwJVUzEQMA4GA1UECAwHRmxvcmlkYTESMBAGA1UE BwwJTmljZXZpbGxlMRkwFwYDVQQKDBBDdWRhIFN5c3RlbXMgTExDMRgwFgYDVQQLDA9DdWRh IFN5c3RlbXMgQ0ExITAfBgNVBAMMGEN1ZGEgU3lzdGVtcyBMTEMgMjAxNyBDQYITAORIioIQ zl6738WMYyE12A3YSDAdBgNVHREEFjAUgRJrYXJsQGRlbm5pbmdlci5uZXQwDQYJKoZIhvcN AQELBQADggIBAJXboPFBMLMtaiUt4KEtJCXlHO/3ZzIUIw/eobWFMdhe7M4+0u3te0sr77QR dcPKR0UeHffvpth2Mb3h28WfN0FmJmLwJk+pOx4u6uO3O0E1jNXoKh8fVcL4KU79oEQyYkbu 2HwbXBU9HbldPOOZDnPLi0whi/sbFHdyd4/w/NmnPgzAsQNZ2BYT9uBNr+jZw4SsluQzXG1X lFL/qCBoi1N2mqKPIepfGYF6drbr1RnXEJJsuD+NILLooTNf7PMgHPZ4VSWQXLNeFfygoOOK FiO0qfxPKpDMA+FHa8yNjAJZAgdJX5Mm1kbqipvb+r/H1UAmrzGMbhmf1gConsT5f8KU4n3Q IM2sOpTQe7BoVKlQM/fpQi6aBzu67M1iF1WtODpa5QUPvj1etaK+R3eYBzi4DIbCIWst8MdA 1+fEeKJFvMEZQONpkCwrJ+tJEuGQmjoQZgK1HeloepF0WDcviiho5FlgtAij+iBPtwMuuLiL shAXA5afMX1hYM4l11JXntle12EQFP1r6wOUkpOdxceCcMVDEJBBCHW2ZmdEaXgAm1VU+fnQ qS/wNw/S0X3RJT1qjr5uVlp2Y0auG/eG0jy6TT0KzTJeR9tLSDXprYkN2l/Qf7/nT6Q03qyE QnnKiBXWAZXveafyU/zYa7t3PTWFQGgWoC4w6XqgPo4KV44OMYIFBzCCBQMCAQEwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBglghkgBZQMEAgMFAKCCAkUw GAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMTkwMTI2MjEwNDMy WjBPBgkqhkiG9w0BCQQxQgRAyesDV8+QoN1JXaV/E7gMyALsOApj92EQVTLLACX6MxpWcETz hJtMH589io5usMkD+UGmDNjVRue48WUz6bnu2jBsBgkqhkiG9w0BCQ8xXzBdMAsGCWCGSAFl AwQBKjALBglghkgBZQMEAQIwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3 DQMCAgFAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMIGjBgkrBgEEAYI3EAQxgZUwgZIwezEL MAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lzdGVtcyBM TEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0ZW1zIExM QyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTCBpQYLKoZIhvcNAQkQAgsxgZWg gZIwezELMAkGA1UEBhMCVVMxEDAOBgNVBAgMB0Zsb3JpZGExGTAXBgNVBAoMEEN1ZGEgU3lz dGVtcyBMTEMxGDAWBgNVBAsMD0N1ZGEgU3lzdGVtcyBDQTElMCMGA1UEAwwcQ3VkYSBTeXN0 ZW1zIExMQyAyMDE3IEludCBDQQITAKDRa9XB6SMYWI7rZJyQXB6nPTANBgkqhkiG9w0BAQEF AASCAgADZMmvq3dfn8lCd6yY92G6AD/twfrcpXtqbXGKx5gwIgpvkNJFahLMzGiuAuMtSnEz b8RXtYo3QiUa+8s+eDGWLFLfp/ScDV1OFKxZrxIZ1BuyLXeoYYEAt9Eu20eEf2ibLV+1ldPJ rq6APa99yxU3WMcfinT80LliepZyIhCMQo0VtRB1Ue2ZL3XB7tBD10i/zw0aM7ROloNSV2Ge k6WR7+pLWCKwF3hckTA51aPrBp2AZOCZ+7pGDj3dnor+j0IDbaycAIMZcDSkDiYS8MYxLc8q eORgLzpJYfVVfODfGMk3BbszlHzNTRk/1uFxJUauNaXkNmmTXlAXN1MF/6un4zKuqL9wm7Ey 2mYcKpD70AMD04xme3fEH9XyyKrHjPW7J3oqDLjl/QnSPtMmdFOHdMcDnvNyh4lMbYaKlzx7 oU+d0YUXcYY/CCY3J3VXtZmGaQ5k5AIkACJfsqsC2ux9ciCC6IsLiRY2zo0MxWgaAilrXg6f G7s3hAq9D0hFcPKIsS+N5fZehCS1VpSH+ZQVEjGzB2aBhc+PiGjZ1u1jy14UXCD+jkTZRf3Q ufMT/QI++vlIyEMrsX6o7VnjKu5Npc+GeItzFMSB70SEOMvHbm5h31G+nf8C0eX94XgIRlsa Xa1ngPAscviSzqzC5nWHQZRbwx/sPIw6AVKkV/Zr+QAAAAAAAA== --------------ms070706000601020507040604--