unveil(2) vipw(8)

2018-09-26 Thread Ricardo Mestre
Hi, I've just commited this to unveil vipw, all the tests I've done were successful and didn't bump into any problems, nevertheless if you get any troubles because of this, like getting locked out of the machine, please let me know ASAP! Index: vipw.c

Re: Fix for USB keyboards eating keys, a DDB story

2018-09-26 Thread Adam McDougall
On 5/10/17 5:19 PM, Hrvoje Popovski wrote: > On 10.5.2017. 15:22, Martin Pieuchot wrote: >> This big hammer of delaying every input via a timeout introduced a nasty >> side effect. Since only one element can be queued, we can lose inputs >> if the keyboard is too fast. >> >> Here are some bug repo

Re: [patch]Modify the example code in write(2) manual

2018-09-26 Thread Nan Xiao
Hi Ingo, Thanks very much for your time and detailed explanation! I have one more question: If write(2) indeed returns 0, the write(2) won't set errno variable, ring? Because from the manual, the errno is set only when the return value is -1. If this is true, the errno's value should be set by l

More bif

2018-09-26 Thread Martin Pieuchot
Diff below rename the remaining "struct bridge_iflist" variables to `bif', cohérence oblige! Ok? Index: net/bridgectl.c === RCS file: /cvs/src/sys/net/bridgectl.c,v retrieving revision 1.8 diff -u -p -r1.8 bridgectl.c --- net/bridge

syslogd line escaping

2018-09-26 Thread Alexander Bluhm
Hi, I have been asked twice whether syslogd(8) is escaping log data. Should we document it? bluhm Index: usr.sbin/syslogd/syslogd.8 === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.8,v retrieving revision 1.59 dif

Re: unveil(2) tcpdump(8)

2018-09-26 Thread Ricardo Mestre
I'm not too worried about the crash, I was playing with removing rpath from pledge in the case that /etc/ethers wasn't need which sure enough it is. pledge was most likely the reason that made it crash. But brynet@ pointed out that while he was working on tcpdump last year he saw that it also need

Re: bgpd ROA validation

2018-09-26 Thread Claudio Jeker
On Tue, Sep 25, 2018 at 12:23:48PM +0200, Claudio Jeker wrote: > On Sat, Sep 22, 2018 at 09:48:24PM +, Job Snijders wrote: > > Hi claudio, > > > > Seems we are getting very close. Some suggestions to simplify the > > experience for the end user. > > > > Let's start with supporting just one (u

unveil DPRINTF()

2018-09-26 Thread Michael Mikonos
Hello, As done in other parts of the kernel, introduce DPRINTF() macro to unveil. I think this is worth doing because the code is slightly more readable. OK? - Michael Index: kern_unveil.c === RCS file: /cvs/src/sys/kern/kern_unvei

Re: unveil(2) tcpdump(8)

2018-09-26 Thread Theo de Raadt
Ricardo Mestre wrote: > Hi, > > This has been shown internally for some time, but deraadt@ asked me to show it > to a bigger audience now so here it is! > > If we want OS fingerprinting by using -o flag then we can unveil /etc/pf.os in > read mode, nevertheless in order to do this we need to in

Re: [patch]Modify the example code in write(2) manual

2018-09-26 Thread Ingo Schwarze
Hi, Nan Xiao wrote on Wed, Sep 26, 2018 at 09:42:02PM +0800: > Any developer can comment on this patch? Thanks! I think this change is a bad idea and should not be committed. No matter whether or not it can happen on OpenBSD, *if* some implementation of write(2) sometimes returns 0 even for nby

getent: adjust alignment in hostsprint()

2018-09-26 Thread Klemens Nanni
hostsprint() reserves only 16 columns for IPs and prints one whitespace too many afterwards: $ getent hosts 1.1.1.1 long ::::::: 1.1.1.1 one.one.one.one ::::::: long :::::6

Re: [patch]Modify the example code in write(2) manual

2018-09-26 Thread Nan Xiao
ping tech@, Any developer can comment on this patch? Thanks! On 9/25/2018 10:10 PM, Nan Xiao wrote: > Hi tech@, > > I am reading write(2) manual, and come across the following example: > > for (off = 0; off < bsz; off += nw) > if ((nw = write(d, buf + off, bsz - off)) == 0 || nw == -1) >

Re: getent: use more appropiate types/limits around strtonum()

2018-09-26 Thread Klemens Nanni
On Wed, Sep 26, 2018 at 06:48:07AM -0600, Todd C. Miller wrote: > One comment inline, otherwise OK millert@ > > @@ -397,6 +397,9 @@ static int > > services(int argc, char *argv[]) > > { > > struct servent *se; > > + const char *err; > > + char*proto; > > + int

Re: getent: use more appropiate types/limits around strtonum()

2018-09-26 Thread Todd C. Miller
On Wed, 26 Sep 2018 00:44:18 +0200, Klemens Nanni wrote: > Replace `long long id' with appropiate types and names, use smaller > limits where applicable and move variable declarations up out of loops. > > This makes the code clearer and a tad simpler while staying consistent > across databases. O

Re: fix usermod -l

2018-09-26 Thread Todd C. Miller
On Wed, 26 Sep 2018 10:51:28 +0100, Ricardo Mestre wrote: > While doing something else here I noticed that changing the login name of an > existing user with usermod -l the program gets a segmentation fault. > > This looks like it was introduced when millert@ changed pwcache and the fix > is a mat

fix usermod -l

2018-09-26 Thread Ricardo Mestre
Hi, While doing something else here I noticed that changing the login name of an existing user with usermod -l the program gets a segmentation fault. This looks like it was introduced when millert@ changed pwcache and the fix is a matter of changing getpwnam(3) to uid_from_user(3). OK? Index: u

Re: imsg over network

2018-09-26 Thread Jason McIntyre
On Fri, Sep 14, 2018 at 01:57:13PM -0700, Geoff Hill wrote: > The imsg_init(3) man page currently doesn't make it clear whether > this library can be used for remote communication. > > The current text reads: > > The imsg functions provide a simple mechanism for communication > between pr

unveil(2) tcpdump(8)

2018-09-26 Thread Ricardo Mestre
Hi, This has been shown internally for some time, but deraadt@ asked me to show it to a bigger audience now so here it is! If we want OS fingerprinting by using -o flag then we can unveil /etc/pf.os in read mode, nevertheless in order to do this we need to inform the privsep proc that we are usin