kern/174104: security.jail.param does not reflect actual jail perms
>Number: 174104 >Category: kern >Synopsis: security.jail.param does not reflect actual jail perms >Confidential: no >Severity: serious >Priority: medium >Responsible:freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 04 11:10:00 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Ed Maste >Release:FreeBSD 9.1-RC3 amd64 >Organization: ADARA Networks >Environment: System: FreeBSD bld91 9.1-RC3 FreeBSD 9.1-RC3 #0 r243630M: Mon Dec 3 10:44:36 PST 2012 root@bld91:/data/obj/data/freebsd-src/9.1/sys/GENERIC amd64 >Description: I would expect security.jail.param.* to update inside the jail after using jail -m on the host to change settings, but this does not appear to happen. >How-To-Repeat: # on the host, disallow chflags: bld91# jail -m jid=2 allow.chflags=0 # in the jail, verify that chflags fails: root@tinderbox:/root # sysctl security.jail.param.allow.chflags security.jail.param.allow.chflags: 0 root@tinderbox:/root # touch foo root@tinderbox:/root # chflags schg foo; chflags noschg foo chflags: foo: Operation not permitted # on the host, allow chflags: bld91# jail -m jid=2 allow.chflags=1 # in the jail, chflags works but the sysctl still shows 0: root@tinderbox:/root # sysctl security.jail.param.allow.chflags security.jail.param.allow.chflags: 0 root@tinderbox:/root # chflags schg foo ; chflags noschg foo root@tinderbox:/root # >Fix: >Release-Note: >Audit-Trail: >Unformatted: ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
Re: bin/151600: [patch] route(8) does not always flush stdout
Synopsis: [patch] route(8) does not always flush stdout State-Changed-From-To: open->patched State-Changed-By: glebius State-Changed-When: Tue Dec 4 11:10:45 UTC 2012 State-Changed-Why: Committed, thanks! Responsible-Changed-From-To: freebsd-bugs->glebius Responsible-Changed-By: glebius Responsible-Changed-When: Tue Dec 4 11:10:45 UTC 2012 Responsible-Changed-Why: Committed, thanks! http://www.freebsd.org/cgi/query-pr.cgi?pr=151600 ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
Re: kern/174104: security.jail.param does not reflect actual jail perms
Synopsis: security.jail.param does not reflect actual jail perms Responsible-Changed-From-To: freebsd-bugs->emaste Responsible-Changed-By: emaste Responsible-Changed-When: Tue Dec 4 14:26:51 UTC 2012 Responsible-Changed-Why: Assign to myself for tracking. This stuff is rather opaque and poorly documented, but it does appear to function. There are two sysctls associated with each of these parameters - e.g.: security.jail.param.allow.mount.nullfs: Jail may mount the nullfs file system security.jail.mount_nullfs_allowed: Processes in jail can mount the nullfs file system The non-param one inside the jail tracks modifications from jail -m modifications done by the host. http://www.freebsd.org/cgi/query-pr.cgi?pr=174104 ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
bin/174108: Missing quote in comment in 8.3 & 9.0 & 9.1RC2 etc/sendmail/freebsd.mc
>Number: 174108
>Category: bin
>Synopsis: Missing quote in comment in 8.3 & 9.0 & 9.1RC2
>etc/sendmail/freebsd.mc
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible:freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Dec 04 15:20:00 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: "Julian H. Stacey"
>Release:FreeBSD 9.1-RC3 amd64
>Organization:
http://berklix.com BSD Linux Unix Consultancy, Munich/Muenchen.
>Environment:
FreeBSD slim.berklix.org 9.1-RC3 FreeBSD 9.1-RC3 #0: Mon Nov 26 18:35:36 CET
2012 j...@slim.berklix.org:/usr/src/sys/amd64/compile/VIRTUAL amd64
>Description:
There is a missing double quote " in
8.3 & 9.0 & 9.1RC2 src/etc/sendmail/freebsd.mc
8.2-RELEASE & earlier are OK.
>How-To-Repeat:
See posting below
>Fix:
I append my
http://berklix.com/~jhs/src/bsd/fixes/FreeBSD/src/gen/etc/sendmail/freebsd.mc.REL=9.0-RELEASE.diff
This patch applies to 8.3-RELEASE and 9.0-RELEASE & 9.1RC3.
It is not needed for 8.2-RELEASE & earlier.
-
*** 9.1-RC3/src/etc/sendmail/freebsd.mc Tue Dec 4 15:41:28 2012
--- new-generic/src/etc/sendmail/freebsd.mc Tue Dec 4 15:42:09 2012
***
*** 69,75
dnl Uncomment to activate your chosen DNS based blacklist
dnl FEATURE(dnsbl, `dnsbl.example.com')
dnl Alternatively, you can provide your own server and rejection message:
! dnl FEATURE(dnsbl, `dnsbl.example.com', ``"550 Mail from " $&{client_addr} "
rejected'')
dnl Dialup users should uncomment and define this appropriately
dnl define(`SMART_HOST', `your.isp.mail.server')
--- 69,75
dnl Uncomment to activate your chosen DNS based blacklist
dnl FEATURE(dnsbl, `dnsbl.example.com')
dnl Alternatively, you can provide your own server and rejection message:
! dnl FEATURE(dnsbl, `dnsbl.example.com', ``"550 Mail from " $&{client_addr} "
rejected"'')
dnl Dialup users should uncomment and define this appropriately
dnl define(`SMART_HOST', `your.isp.mail.server')
-
http://lists.freebsd.org/pipermail/freebsd-hackers/2012-December/041333.html
{
] To: hackers@@freebsd.org
] cc: re@@freebsd.org
] Subject: Missing quote in comment in 8.3 & 9.0 & 9.1RC2
etc/sendmail/freebsd.mc
] From: "Julian H. Stacey"
] Organization: http://berklix.com BSD Linux Unix Consultancy, Munich Germany
] Fcc: sent
] User-agent: EXMH on FreeBSD http://www.berklix.com/free/
] X-URL:http://www.berklix.com/~jhs/cv/
]
] Hi hackers@@freebsd.org
]
] There is a missing double quote " in
] 8.3 & 9.0 & 9.1RC2 src/etc/sendmail/freebsd.mc
] 8.2-RELEASE & earlier are OK.
]
] Here's a diff -c to .mc
] The diff is not to fix it, but to help generate a freebsd.cf to
] understand the difference. The patch for a fix would befar more trivial :-)
]
] --
] *** 9.1-RC3/src/etc/sendmail/freebsd.mc Mon Oct 29 21:16:44 2012
] --- 9.1-RC3/src+debug/etc/sendmail/freebsdjhs.mc Mon Dec 3 18:44:33 2012
] ***
] *** 66,75
] dnl For that, visit
] dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/
]
] ! dnl Uncomment to activate your chosen DNS based blacklist
] ! dnl FEATURE(dnsbl, `dnsbl.example.com')
] ! dnl Alternatively, you can provide your own server and rejection message:
] ! dnl FEATURE(dnsbl, `dnsbl.example.com', ``"550 Mail from " $&{client_addr}
" rejected'')
]
] dnl Dialup users should uncomment and define this appropriately
] dnl define(`SMART_HOST', `your.isp.mail.server')
] --- 66,77
] dnl For that, visit
] dnl http://www.google.com/Top/Computers/Internet/E-mail/Spam/Blacklists/
]
] ! # Uncomment to activate your chosen DNS based blacklist
] ! FEATURE(dnsbl, `jhs0.dnsbl.example.com')
] ! # Alternatively, you can provide your own server and rejection message:
] ! FEATURE(dnsbl, `jhs3.dnsbl.example.com', ``"550 Mail from " $&{client_addr}
" rejected'')
] ! # original line above has 3 x " , line below has 4
] ! FEATURE(dnsbl, `jhs4.dnsbl.example.com', ``"550 Mail from " $&{client_addr}
" rejected"'')
]
] dnl Dialup users should uncomment and define this appropriately
] dnl define(`SMART_HOST', `your.isp.mail.server')
] --
]
] The .cf output is
] --
] # DNS based IP address spam list jhs0.dnsbl.example.com
] R$* $: $&{client_addr}
] R$-.$-.$-.$- $: $(dnsbl $4.$3.$2.$1.jhs0.dnsbl.example.com. $:
OK $)
] ROK$: OKSOFAR
] R$+ $: TMPOK
] R$+$#error $@ 5.7.1 $: "550 Rejected: " $&{client_addr} "
listed at jhs0.dnsbl.example.com"
]
] # DNS based IP address spam list jhs3.dnsbl.example.com
] R$* $: $&{client_addr}
] R$-.$-.$-.$- $: $(dnsbl $4.$3.$2.$1.jhs3.dnsbl.example.com. $:
OK $)
] ROK$: OKSOFAR
] R$+
Re: misc/174060: Ext2FS system crashes (buffer overflow?)
It got worse, now the system crash on single file save :-( Maybe this is not the reason but the address/location number is printed as negative value... Is there any way to see why this happens? Maybe some backtrace from kernel dump? I noticed some time ago that the filesystem was too big to handle so many files, some sort of inodes exhaustion, so I have removed lots of unnecessary files and it was fine for some time. Should I increase bytes-per-inode and/or number of inodes? Any hints are welcome :-) Tomek -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
misc/174117: [maintainer update] Updating port: sysutils/parallel - New Version (20121122)
>Number: 174117 >Category: misc >Synopsis: [maintainer update] Updating port: sysutils/parallel - New >Version (20121122) >Confidential: no >Severity: non-critical >Priority: low >Responsible:freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Tue Dec 04 17:50:01 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Chris Howey >Release:9.0-RELEASE >Organization: N/A >Environment: FreeBSD tinny-virtual 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Thu Jan 5 10:15:49 CET 2012 root@VirtualBSD.localdomain:/sys/i386/compile/VIRTUALBSD i386 >Description: Modified files: sysutils/parallel Makefile distinfo Update to 20121122 Release Notes: http://savannah.gnu.org/forum/forum.php?forum_id=7435 >How-To-Repeat: N/A >Fix: Patch included. Patch attached with submission follows: diff -ruN parallel.bak/Makefile parallel/Makefile --- parallel.bak/Makefile 2012-12-04 11:42:07.0 -0600 +++ parallel/Makefile 2012-12-04 11:42:33.0 -0600 @@ -2,7 +2,7 @@ # $FreeBSD: ports/sysutils/parallel/Makefile,v 1.29 2012/11/17 06:01:40 svnexp Exp $ PORTNAME= parallel -PORTVERSION= 20121022 +PORTVERSION= 20121122 CATEGORIES=sysutils MASTER_SITES= GNU diff -ruN parallel.bak/distinfo parallel/distinfo --- parallel.bak/distinfo 2012-12-04 11:42:10.0 -0600 +++ parallel/distinfo 2012-12-04 11:43:08.0 -0600 @@ -1,2 +1,2 @@ -SHA256 (parallel-20121022.tar.bz2) = 13626899b50f884d635e0bd21684e87e51d0f235e760f11b8df4a605e0fa03c8 -SIZE (parallel-20121022.tar.bz2) = 235026 +SHA256 (parallel-20121122.tar.bz2) = 0315336141612ba2ec1f76e6c8c58a72f4531777c96b79b91ef64b3980be584f +SIZE (parallel-20121122.tar.bz2) = 236294 >Release-Note: >Audit-Trail: >Unformatted: ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
Re: docs/173410: [patch] sh(1) include PS1 expansions in man page
Synopsis: [patch] sh(1) include PS1 expansions in man page Responsible-Changed-From-To: eadler->freebsd-bugs Responsible-Changed-By: eadler Responsible-Changed-When: Tue Dec 4 19:48:29 UTC 2012 Responsible-Changed-Why: I havn't touched this in a bit so return to pool so someone else can take it http://www.freebsd.org/cgi/query-pr.cgi?pr=173410 ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
Re: ports/174117: [maintainer update] Updating port: sysutils/parallel - New Version (20121122)
Synopsis: [maintainer update] Updating port: sysutils/parallel - New Version (20121122) Responsible-Changed-From-To: freebsd-bugs->bdrewery Responsible-Changed-By: bdrewery Responsible-Changed-When: Tue Dec 4 14:15:07 CST 2012 Responsible-Changed-Why: Take and fix category http://www.freebsd.org/cgi/query-pr.cgi?pr=174117 ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
misc/174130: [patch] faq: update #install-instructions-location
>Number: 174130 >Category: misc >Synopsis: [patch] faq: update #install-instructions-location >Confidential: no >Severity: non-critical >Priority: low >Responsible:freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 04 21:10:00 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Bas Smeelen >Release:9.1 >Organization: >Environment: FreeBSD cfd 9.1-RELEASE FreeBSD 9.1-RELEASE #0 r243853: Tue Dec 4 08:00:50 CET 2012 root@cfd:/usr/obj/usr/src/sys/GENERIC i386 >Description: change FAQ 3.4. Where are the instructions for installing FreeBSD? to point to: installing 9.x and later and to point to: installing releases prior to 9.x >How-To-Repeat: >Fix: cfd:/usr/doc/head/en_US.ISO8859-1/books/faq % svn diff Index: book.xml === --- book.xml(revision 40267) +++ book.xml(working copy) @@ -1262,8 +1262,14 @@ - Installation instructions can be found in the Handbook entry on installing &os;. + Installation instructions for FreeBSD 9.0-RELEASE + and later using bsdinstall can be found in the Handbook entry on + Installing + FreeBSD 9.x and Later. + Installation instructions for FreeBSD releases prior + to 9.0-RELEASE using sysinstall can be found in the Handbook + entry on Installing + FreeBSD 8.x and Earlier. >Release-Note: >Audit-Trail: >Unformatted: ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
misc/174132: There is no usefull information in core.txt files
>Number: 174132 >Category: misc >Synopsis: There is no usefull information in core.txt files >Confidential: no >Severity: non-critical >Priority: low >Responsible:freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Dec 04 21:40:00 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Eugen Konkov >Release:9.1-PRERELEASE >Organization: ISP FreeLine >Environment: # uname -a FreeBSD newflux 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #4 r239949: Fri Aug 31 16:57:42 EEST 2012 root@newflux:/usr/obj/usr/src/sys/KES_KERN_v9 i386 >Description: Look here: #0 doadump (textdump=1) at pcpu.h:244 244<--->pcpu.h: No such file or directory. <-->in pcpu.h (kgdb) #0 doadump (textdump=1) at pcpu.h:244 #1 0xc0ac399f in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:448 #2 0xc0ac3c92 in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:636 #3 0xc0e68aab in dblfault_handler () at /usr/src/sys/i386/i386/trap.c:1051 #4 0xc0e538e8 in Xprot () at /usr/src/sys/i386/i386/exception.s:133 #5 0x00010046 in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb). nothing usefull. That will be good to have which process cause doublefault (which process own page that is missed from swap) Now I have double fault each 3-5days regulary. >How-To-Repeat: >Fix: >Release-Note: >Audit-Trail: >Unformatted: ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
misc/174133: Fix openmotif_FILE line in /usr/ports/Mk/bsd.linux-apps.mk
>Number: 174133
>Category: misc
>Synopsis: Fix openmotif_FILE line in /usr/ports/Mk/bsd.linux-apps.mk
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible:freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Dec 04 22:00:01 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Craig Rodrigues
>Release:9.1
>Organization:
>Environment:
>Description:
/usr/ports/x11-toolkits/linux-openmotif provides libXm.so.3.0.3, not
libXm.so.4.0.3.
/usr/ports/x11-toolkits/linux-f10-openmotif provides libXm.so.4,
so ports which need a newer Openmotif library should use that port.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
Index: Mk/bsd.linux-apps.mk
===
--- Mk/bsd.linux-apps.mk(revision 308276)
+++ Mk/bsd.linux-apps.mk(working copy)
@@ -351,7 +351,7 @@
openldap_DETECT= ${openldap${LINUX_DIST_SUFFIX:S/-/_/}_FILE}
openldap_PORT= ${PORTSDIR}/net/linux${LINUX_DIST_SUFFIX}-openldap
-openmotif_FILE=${LINUXBASE}/usr/X11R6/lib/libXm.so.4.0.3
+openmotif_FILE=${LINUXBASE}/usr/X11R6/lib/libXm.so.3.0.3
openmotif_f10_FILE=${LINUXBASE}/usr/lib/libXm.so.4
openmotif_DETECT= ${openmotif${LINUX_DIST_SUFFIX:S/-/_/}_FILE}
openmotif_PORT=
${PORTSDIR}/x11-toolkits/linux${LINUX_DIST_SUFFIX}-openmotif
>Release-Note:
>Audit-Trail:
>Unformatted:
___
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
Re: ports/174133: Fix openmotif_FILE line in /usr/ports/Mk/bsd.linux-apps.mk
Synopsis: Fix openmotif_FILE line in /usr/ports/Mk/bsd.linux-apps.mk Responsible-Changed-From-To: freebsd-bugs->freebsd-ports-bugs Responsible-Changed-By: eadler Responsible-Changed-When: Wed Dec 5 03:53:45 UTC 2012 Responsible-Changed-Why: fix category - reassign http://www.freebsd.org/cgi/query-pr.cgi?pr=174133 ___ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
bin/174144: [PATCH] usr.sbin/adduser default to csh as sh is just annoying
>Number: 174144
>Category: bin
>Synopsis: [PATCH] usr.sbin/adduser default to csh as sh is just annoying
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible:freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Wed Dec 05 07:20:00 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Chris Petrik
>Release:FreeBSD 9.0-p5
>Organization:
ns
>Environment:
>Description:
I have always used adduser to create users, but having sh as default is not
really user friendly for most and it is a pain to use otherwise so why not
change it to csh?
>How-To-Repeat:
>Fix:
patch
Patch attached with submission follows:
Index: freebsdsrc/head/usr.sbin/adduser/adduser.sh
==
--- freebsdsrc/head/usr.sbin/adduser/adduser.sh
+++ freebsdsrc/head/usr.sbin/adduser/adduser.sh
@@ -834,11 +834,11 @@
}
END SUBROUTINE DEFINITION
THISCMD=`/usr/bin/basename $0`
-DEFAULTSHELL=/bin/sh
+DEFAULTSHELL=/bin/csh
ADDUSERCONF="${ADDUSERCONF:-/etc/adduser.conf}"
PWCMD="${PWCMD:-/usr/sbin/pw}"
MAILCMD="${MAILCMD:-mail}"
ETCSHELLS="${ETCSHELLS:-/etc/shells}"
NOHOME="/nonexistent"
>Release-Note:
>Audit-Trail:
>Unformatted:
___
freebsd-bugs@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
