On 10/25/18 9:12 AM, Alexandre Ratchov wrote: > i did a quick test, playback works in chrome; any hints on how to > reproduce the sound problem?
Thankyou. It is my fault. I must have been tired or it's been working so long without any notice side effects that I missed the obvious. I use the following script from rc.local when it should really be in rc.securelevel with early daemons like syslog restarts to replace the sockets. The script puts /dev in mfs to allow ro root and desired /dev/changes whilst preventing persisted changes perhaps by attackers. I guess OpenBSD filesystem layout (tiny root) coupled with the ease of upgrading and finding changes makes it not worth the small amount of hastle and unintended consequences. Perhaps sndiod creates a socket and I didn't catch it. I have removed it and ro root from all machines in case I miss a catch again. I think ro root may have saved me from hosing a system once but it is quick to fix that with OpenBSD :) Sorry for wasting your time. #!/bin/sh /sbin/mount -uw / #Put /dev in ram for read only root without permission problems if [ ! -d /dev2 ]; then /bin/mkdir /dev2 fi #populate /dev2 with files from /dev except sockets (we can't do so in one go) /sbin/mount_mfs -i 2 -P /dev -s 10000 /dev/sd0b /dev2 #Give time to settle so that getty runs reliably and login comes up. sleep 2 #populate /dev with files from /dev2 except sockets /sbin/mount_mfs -i 2 -P /dev2 -o nosuid,noexec -s 10000 /dev/sd0b /dev #Give time to settle so that getty runs reliably. May not need both but who #cares about a couple of seconds. sleep 2 /sbin/umount /dev2 #stop and start any daemons that create sockets in /dev /usr/sbin/rcctl restart syslogd
