Jeff Rizzo | 30 Jul 22:40 2015
Picon

default root crontab sets HOME=/var/log

It recently came to my attention that the default root crontab sets 
HOME=/var/log, and has done since rev 1.2 in April of 1993 (!)

I discovered this because I added a backup command to my root crontab 
which didn't work, even though it had been working from the command 
line, because it could no longer find its default configuration (which 
was stored in root's home dir, by default).

1) Does anyone know why we would _want_ HOME set to /var/log?  I confess 
I never gave it any thought in over 20 years of seeing that there.

2) might we want to consider, you know, changing it?  POLA and all that...

Thoughts?

Edgar Fuß | 27 Jul 20:09 2015
Picon

rc.d/postfix:postfix_precmd()

I think the part of postfix_precmd() that tries to re-build the alias 
databases is less than helpful:

1. It doesn't deal with alias_database entries seperated by commas
2. It doesn't do variable expansion on the alias_database entries
3. It runs newaliases for every outdated or missing member instead of once.

I don't know how to properly handle (2). The only way I can think of is 
through postconf -b, but that's quite ugly.
The most common case should be a leading $config_directory

	_rebuild=false
	_configdir=$($postconf -h config_directory)
	_IFS="$IFS"; IFS=",$IFS"
	for f in $($postconf -h alias_database); do
		case $f in
			hash:*) f="${f#hash:}" ;;
			*) continue ;;
		esac
		case $f in
			\$config_directory*) f="$_configdir${f#\$config_directory}" ;;
			\${config_directory}*) f="$_configdir${f#\${config_directory\}}" ;;
			\$\(config_directory\)*) f="$_configdir${f#\$(config_directory)}" ;;
		esac
		if [ ! -e "$f.db" ]; then
			_reason="missing"
			_rebuild=true;
		elif [ "$f" -nt "$f.db" ]; then
			_reason="out of date"
			_rebuild=true;
(Continue reading)

Christof Meerwald | 25 Jul 18:23 2015

Waking up all threads waiting in kevent

Hi,

I have got multiple threads waiting on a single kqueue and want to
wake up all these threads at some point (before exiting). I believe
the way to do it is to have a dummy socket/pipe added to the kqueue
and close the other end (I have also found
http://thread.gmane.org/gmane.os.netbsd.devel.kernel/28051 which seems
to agree on that approach).

But when I am actually testing this approach, some threads don't seem
to be woken up and keep waiting in the kevent syscall. Source code for
a test case is available from
http://svn.cmeerw.net/src/nginetd/trunk/test/kqtest-wakeup.cc

I have tested on my ODROID-C1 (quad core ARMv7) with netbsd-7 (build
from a few days ago) and seen the problem occur with 3 or more
threads.

Is there a problem in my test case, is it a kernel bug or an
ODROID-C1/ARM specific issue? Any ideas?

Christof

--

-- 

http://cmeerw.org                              sip:cmeerw at cmeerw.org
mailto:cmeerw at cmeerw.org                   xmpp:cmeerw at cmeerw.org

Edgar Fuß | 15 Jul 11:21 2015
Picon

checking another processes resource limits

Is there a way of checking which resource limits (e.g. ulimit) another 
process is running under?

Christos Zoulas | 14 Jul 22:21 2015

stdio buffering extension


Hi,

After discussing importing stdbuf(1) from FreeBSD with various
people, they objected about it using LD_PRELOAD and suggested to
use the environment directly to alter the default buffering policy.

Here's an implementation of that...

Suggestions/Comments?

christos

Index: fopen.3
===================================================================
RCS file: /cvsroot/src/lib/libc/stdio/fopen.3,v
retrieving revision 1.30
diff -u -u -r1.30 fopen.3
--- fopen.3	11 Feb 2015 15:19:05 -0000	1.30
+++ fopen.3	14 Jul 2015 20:16:45 -0000
 <at>  <at>  -196,6 +196,13  <at>  <at> 
 .Em stdin ,
 or
 .Em stdout ) .
+.Pp
+Input and output against the opened stream will be fully buffered, unless
+it refers to an interactive terminal device, or a different kind of buffering
+is specified in the environment.
+See
+.Xr setvbuf 3
(Continue reading)

Christos Zoulas | 13 Jul 17:17 2015

adding stdbuf/libstdbuf from FreeBSD


Is that ok? We could then use it to make the output of some rc commands
unbuffered to avoid the performance issues with the pinger?

Best,

christos

Kamil Rytarowski | 11 Jul 15:28 2015
Picon

Add reallocarray(3) and strtonum(3) to lib/libc/include/namespace.h


I would like to add the OpenBSD functions to lib/libc/include/namespace.
h.

The reasoning is that it seems correct as other libc functions are
there as well.

Any comments?
pierre-philipp braun | 6 Jul 13:41 2015

tnftpd no tcp wrappers on freebsd

Hi Luke, hi NetBSD tech-userlevel,

I installed tnftpd as my favorite FTP daemon on a FreeBSD box but I 
observed that I couldn't reject some dirty hackers trying to brute force 
it, as it isn't linked against libwrap on that system.  I guess or I 
hope it is TCP wrappers capable on NetBSD, but that feature seems to be 
missing on FreeBSD which also has a specific /etc/hosts.allow mechanism.

Compiling ot from the ports tree or getting the prepared binary brings 
the same.  I also looked at ./configure --help output and didn't see 
anything about tcp wrappers nor libwrap.

Is there some way that I can keep my daemon up while still being able to 
refuse specific IP or hostnames trying to brute force?

Thanks
Best regards,
Pierre-Philipp

Steffen Nurpmeso | 4 Jul 14:54 2015

usr.bin/mail/dotlock.c loop-condition fix

Hello,
counter may exhaust in which case the "foreign semi-unique" lock
is stolen a.k.a. unlink(2)ed.
.. and have a nice weekend!

--steffen
Attachment (mail-dotlock.diff): text/x-diff, 518 bytes
tlaronde | 4 Jul 09:05 2015

newfs_udf(8) and wedges

Context: in a previous thread, I had suggested that UDF was a way to
share a filesystem (in my case via an USB connected disk---umass) with,
at least Windows (probably works with Mac too and others, due to the
nature of UDF, but haven't tested).

The trick is to use a GPT header with a sole UDF partition (but,
apparently, from tests, the partition has to start at offset 2048 
_sectors_ for Windows).

I had GPT'ed and formatted under Windows and NetBSD was able to read
using mount_udf(8) and the wedge.

The remaining has been attempted on 6.1.5.

I tried the reverse: setting everything on NetBSD, but it fails:

1) If I can create a GPT (need to force and possibly even to destroy
first to have sensible results) and then add a partition, I was then
unable to dkctl(8) addwedge: I needed to disconnect the disk and
reconnect so that the automatic wedge creation happens ;

2) newfs_udf(8) is using DIOCGDINFO and DISKPART that is relies AFAIU on
disklabel and is unable to deal with wedges. Trying to fake a disklabel
as a workaround lead to disaster.

Is there somewhere documentation or a code canonical example to update
an utility for wedge support?

--

-- 
        Thierry Laronde <tlaronde +AT+ polynum +dot+ com>
(Continue reading)

David Holland | 4 Jul 09:04 2015
Picon

nsswitch

so I've been meaning for some time (usual peanut gallery comments
here) to look at the nsswitch and getpw* (and similar) code, for the
following reasons:
   - we want to be able to kick db 1.85 out of libc when the time for
     the mythical libc bump comes;
   - this should not involve losing the ability to use db 1.85 (or
     db4/db5/whatever, too) to hash the password file or other system
     databases;
   - this needs to work even with static linking;
   - therefore the nsswitch logic needs to support forking
     subprocesses as an alternative to loading .so plugin files;
   - and it can't currently do this.
and,
   - the "compat" mode should be generalized so you can use it with
     arbitrary backends, which currently AFAIK doesn't quite work;
   - the password file code is a big mess.

Also, cursory examination in the past has suggested that the nsswitch
code is also itself kind of a mess.

I have now done some preliminary investigation, and have the following
preliminary conclusions:

 - The architecture of the nsswitch code may have had noble
intentions, but it's far more general than really needed; and its data
structures are more general still. This has several consequences; one
is that it's messy to interface to (as readily observed in the
password code); one is that it's possible for an external nss module
to provide meaningless combinations of methods; another is that it
uses a lot of arbitrary strings internally and there's nothing to
(Continue reading)


Gmane