_SC_GETGR_R_SIZE_MAX ?
Dear all, I have been trying to compile PHP 5.2.1 with the Suhosin Patch on an OpenBSD-STABLE 3.9 i386 machine. /configure finishes fine, but each time I try to make, it stops with: /var/build/php-5.2.1/ext/posix/posix.c: In function `zif_posix_getgrgid': /var/build/php-5.2.1/ext/posix/posix.c:889: error: `_SC_GETGR_R_SIZE_MAX' undeclared (first use in this function) /var/build/php-5.2.1/ext/posix/posix.c:889: error: (Each undeclared identifier is reported only once /var/build/php-5.2.1/ext/posix/posix.c:889: error: for each function it appears in.) Someone with a similar problem posted at the Hardened-PHP.net forums and was told that it was not a Suhosin issue. After searching for the (sysconf definition??) _SC_GETGR_R_SIZE_MAX on my own machine I found it in /usr/include/sys/unistd.h but it is in a section under #ifdef notyet /* P1003.1c */ - Does that mean those items in that section are "not yet" implemented in OpenBSD? (I read the getgr* man pages but am still none the wiser). Apologies for my ignorance of these nuts & bolts issues which I am having great difficulty understanding. Does anyone have a workaround for this problem? Many thanks in advance... Nick _ Click Here To Find Your Perfect Match This Valentines! http://msnuk.match.com/
Re: _SC_GETGR_R_SIZE_MAX ?
I presume you are aware that a) -current has this patch in its PHP port,
and b) 4.0 (at least) has a -hardened flavour which, while it uses
another patch, is pretty comparable?
Yes. 5.1.6 is in -CURRENT ports and uses Suhosin, but this is still a couple
of versions behind. Under normal circumstances I always use what is in ports
& packages, but I have a public facing webserver (with PHP apps I just can't
drop) which I am concerned about and from reading the PHP changelogs there
have been quite a few security fixes (as usual) in 5.2.0 and now 5.2.1.
Anyways, further digging into this problem led me to reading the CVS logs
for PHP and there was a newer version of the posix.c file. I replaced
5.2.1's ext/posix/posix.c with a new version and now make is successful.
Patch is below. Am still reading through Robert's patches to 5.1.6 in
-CURRENT to see what applies to 5.2.1...
patch-posix.c
--- ext/posix/posix.c.orig Fri Jan 12 01:46:11 2007
+++ ext/posix/posix.c Mon Feb 19 13:04:11 2007
@@ -16,7 +16,7 @@
+--+
*/
-/* $Id: posix.c,v 1.70.2.3.2.12 2007/01/12 01:46:11 iliaa Exp $ */
+/* $Id: posix.c,v 1.92 2007/02/10 00:50:29 tony2001 Exp $ */
#ifdef HAVE_CONFIG_H
#include "config.h"
@@ -147,7 +147,7 @@
static PHP_MINFO_FUNCTION(posix)
{
php_info_print_table_start();
- php_info_print_table_row(2, "Revision", "$Revision: 1.70.2.3.2.12 $");
+ php_info_print_table_row(2, "Revision", "$Revision: 1.92 $");
php_info_print_table_end();
}
/* }}} */
@@ -224,7 +224,7 @@
} \
RETURN_TRUE;
-/* {{{ proto bool posix_kill(int pid, int sig)
+/* {{{ proto bool posix_kill(int pid, int sig) U
Send a signal to a process (POSIX.1, 3.3.2) */
PHP_FUNCTION(posix_kill)
@@ -244,7 +244,7 @@
}
/* }}} */
-/* {{{ proto int posix_getpid(void)
+/* {{{ proto int posix_getpid(void) U
Get the current process id (POSIX.1, 4.1.1) */
PHP_FUNCTION(posix_getpid)
{
@@ -252,7 +252,7 @@
}
/* }}} */
-/* {{{ proto int posix_getppid(void)
+/* {{{ proto int posix_getppid(void) U
Get the parent process id (POSIX.1, 4.1.1) */
PHP_FUNCTION(posix_getppid)
{
@@ -260,7 +260,7 @@
}
/* }}} */
-/* {{{ proto int posix_getuid(void)
+/* {{{ proto int posix_getuid(void) U
Get the current user id (POSIX.1, 4.2.1) */
PHP_FUNCTION(posix_getuid)
{
@@ -268,7 +268,7 @@
}
/* }}} */
-/* {{{ proto int posix_getgid(void)
+/* {{{ proto int posix_getgid(void) U
Get the current group id (POSIX.1, 4.2.1) */
PHP_FUNCTION(posix_getgid)
{
@@ -276,7 +276,7 @@
}
/* }}} */
-/* {{{ proto int posix_geteuid(void)
+/* {{{ proto int posix_geteuid(void) U
Get the current effective user id (POSIX.1, 4.2.1) */
PHP_FUNCTION(posix_geteuid)
{
@@ -284,7 +284,7 @@
}
/* }}} */
-/* {{{ proto int posix_getegid(void)
+/* {{{ proto int posix_getegid(void) U
Get the current effective group id (POSIX.1, 4.2.1) */
PHP_FUNCTION(posix_getegid)
{
@@ -292,7 +292,7 @@
}
/* }}} */
-/* {{{ proto bool posix_setuid(long uid)
+/* {{{ proto bool posix_setuid(int uid) U
Set user id (POSIX.1, 4.2.2) */
PHP_FUNCTION(posix_setuid)
{
@@ -300,7 +300,7 @@
}
/* }}} */
-/* {{{ proto bool posix_setgid(int uid)
+/* {{{ proto bool posix_setgid(int uid) U
Set group id (POSIX.1, 4.2.2) */
PHP_FUNCTION(posix_setgid)
{
@@ -308,7 +308,7 @@
}
/* }}} */
-/* {{{ proto bool posix_seteuid(long uid)
+/* {{{ proto bool posix_seteuid(int uid) U
Set effective user id */
#ifdef HAVE_SETEUID
PHP_FUNCTION(posix_seteuid)
@@ -318,7 +318,7 @@
#endif
/* }}} */
-/* {{{ proto bool posix_setegid(long uid)
+/* {{{ proto bool posix_setegid(int uid) U
Set effective group id */
#ifdef HAVE_SETEGID
PHP_FUNCTION(posix_setegid)
@@ -328,7 +328,7 @@
#endif
/* }}} */
-/* {{{ proto array posix_getgroups(void)
+/* {{{ proto array posix_getgroups(void) U
Get supplementary group id's (POSIX.1, 4.2.3) */
#ifdef HAVE_GETGROUPS
PHP_FUNCTION(posix_getgroups)
@@ -372,7 +372,7 @@
#endif
/* }}} */
-/* {{{ proto int posix_getpgrp(void)
+/* {{{ proto int posix_getpgrp(void) U
Get current process group id (POSIX.1, 4.3.1) */
PHP_FUNCTION(posix_getpgrp)
{
@@ -380,7 +380,7 @@
}
/* }}} */
-/* {{{ proto int posix_setsid(void)
+/* {{{ proto int posix_setsid(void) U
Create session and set process group id (POSIX.1, 4.3.2) */
#ifdef HAVE_SETSID
PHP_FUNCTION(posix_setsid)
@@ -390,7 +390,7 @@
#endif
/* }}} */
-/* {{{ proto bool posix_setpgid(int pid, int pgid)
+/* {{{ proto bool posix_setpgid(int pid, int pgid) U
Set process group id for job control (POSIX.1, 4.3.3) */
PHP_FUNCTION(posix_setpgid)
{
@@ -409,7 +409,7 @@
}
/* }}} */
-/* {{{ proto int posix_getpgid(void)
+/* {{{ proto int posix_getpgid(void) U
Get the process group id of the specified process (This is not a POSIX
function, but a SVR4ism, so we compile conditionally) */
#ifdef HAVE_GETPGID
PHP_FUNCTION(posix_getpgid)
@@ -428,7 +428,7 @@
#endif
/* }}} */
-/* {{{ proto int posix_getsid(void)
+/* {{{ pro
OpenBSD & PCI ADSL Cards
I'm currently in the position where I have an OpenBSD firewall (standard issue x86 affair), a Zyxel 660H-61 ADSL router, and two 3COM WLAN devices providing the necessary services. I'd very much like to consolidate and get one box doing the lot (avoiding the need for extra plug sockets, extra cabling etc.) I have been looking through the archives for info on what success people have had with various PCI ADSL cards with OpenBSD. I understand that in the past the Sangoma cards were used (albeit with binary drivers) but are now unsupported, same with a couple of other vendors' products. [FWIW, I have written to Sangoma to ask if they would be prepared to release the tech docs so a free driver can be written.] Are there *any* PCI ADSL cards which people have working properly with 3.9/4.0? Or am I stuck with needing external ADSL routers bridging to my OpenBSD box? Many thanks in advance... Nick _ The new Windows Live Toolbar helps you guard against viruses http://toolbar.live.com/?mkt=en-gb
Passing random mac to lladdr in ifconfig
Hi All. Does anyone here have a wrapper script which can send a random MAC to ifconfig's lladdr parameter? I've used the 'macchanger' program before (written by Alvaro Lopez Ortega, found it in the Linux-based "Auditor" LiveCD) and that can generate a random MAC for the interface. Does anyone here have a script (Perl or otherwise) which can achieve the same in OpenBSD and they'd be willing to share? Many thanks. Nick http://messenger.msn.co.uk
Re: Passing random mac to lladdr in ifconfig
Many thanks to everyone for their replies.
Every few times I was getting "ifconfig: SIOCSIFLLADDR: Invalid argument"
but I've tracked that down to the generation of multicast addresses (first
octet's LSB), which aren't allowed. I've modified Jason's code below to
address this issue (My change is not very elegant as I know *very* little
perl!)
print first_hex(), (":" . first_hex());
print rand_hex(), (":" . rand_hex()), for (0..3);
sub first_hex {
return sprintf("%lx", rand(15) & 0xFE )
}
sub rand_hex {
return sprintf("%lx", rand(15))
}
I put the above into randommac.pl and then call it with
# ifconfig ath0 lladdr `perl randommac.pl`
Thanks again!
Nick
From: Jason Dixon <[EMAIL PROTECTED]>
On May 28, 2005, at 10:36 AM, Nick Holmes wrote:
Hi All.
Does anyone here have a wrapper script which can send a random MAC to
ifconfig's lladdr parameter?
I've used the 'macchanger' program before (written by Alvaro Lopez Ortega,
found it in the Linux-based "Auditor" LiveCD) and that can generate a
random MAC for the interface. Does anyone here have a script (Perl or
otherwise) which can achieve the same in OpenBSD and they'd be willing to
share?
Many thanks.
$ perl -e 'print rand_hex(), (":" . rand_hex()), for (0..4); sub rand_hex {
return sprintf("%lx", rand(15)) }'
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
http://messenger.msn.co.uk
Random lladdr to ifconfig for ath0 - cannot connect
Hi all.
I'm setting up a laptop to generate test traffic against one of our APs so
that we can look at logs, pf configs etc. We have a Dell C840 laptop with
Proxim Orinoco 802.11b/g Gold PCMCIA card. As part of the testing, I'm
changing the MAC on the wireless card and refreshing the dhcp assignment so
that we have plenty of different sources in our logs. When we don't change
the lladdr parameter in ifconfig, the wireless card can get a dhcp response,
etc and works fine. When we change the MAC to something random with ifconfig
and then associate, we get nothing.
I'm running gowire.sh (below) which calls a perl script to generate the
random MAC. gowire downs the interface, applies the config and brings it
back up again.
Maybe I'm doing something *really* daft here... Any ideas?
Many thanks.
Nick
---
gen-random-mac.pl
print first_hex(), (":" . first_hex());
print rand_hex(), (":" . rand_hex()), for (0..3);
sub first_hex {
return sprintf("%lx", rand(15) & 0xFE )
}
sub rand_hex {
return sprintf("%lx", rand(15))
}
---
gowire.sh
echo 'Bringing ath0 down...'
ifconfig ath0 down
sleep 5
echo 'Generating random MAC address and setting up connection...'
ifconfig ath0 lladdr `perl gen-random-mac.pl` nwid TESTNET chan 11 mode 11b
-nwkey -bssid
echo 'Bringing ath0 up...'
sleep 5
ifconfig ath0 up
echo 'Looking for DHCP info...'
sleep 2
dhclient ath0
echo 'Done.'
---
http://messenger.msn.co.uk
Re: OpenBSD website vintage looks
"OpenBSD's best friend" Now where can I too get an OpenBSD doggy-T for my Dobermann?! Jan 18, 2001 http://web.archive.org/web/20010118233800/http://www.openbsd.org/ _ Use MSN Messenger to send music and pics to your friends http://messenger.msn.co.uk
1U case for Soekris boards?
Dear misc@ After many years of service my OpenBSD SS20 with quad hme finally gave up last weekend. I am currently looking at a Soekris board (4801-50+LAN1641). I would rather not have a small soekris box with separate power supply balancing on top of my racked 2610 router, so I'd like to know if there are any decent 1U rack mount boxes for the Soekris boards. Failing that, maybe can someone recommend an experienced company in the UK or Europe who can make one for me? I need the 1U box to have the ethernet ports at the front and the powersupply to be integrated inside. TIA Nick http://toolbar.msn.co.uk/
Re: 1U case for Soekris boards?
Thanks to everyone for the replies on this one. I have had several suggestions from people. Some folks suggested an Epia Mini-ITX, but to the best of my knowledge these systems do not support full serial control like my old SS20. This is quite important to me as I do not have monitor or input devices in or near the rack. I like being able to console in to my routers, firewalls etc. I understand that a proper 1U case is being planned, so I will wait for that to be made available. Regards, Nick http://www.msn.co.uk/newsletters
Horde/Kronolith - chroot issues?
Dear All, I am now desperately in need of a online calendaring solution and need to be able to manage multiple appointments and most importantly have an at-a-glance busy time view. I've looked at a number of php/perl scripts that do most of what I need, but on looking at Kronolith this seems to be the most appropriate for me. I notice that Horde and its various components are in ports. As I currently run my "Gallery" in chroot, I want to keep it that way. If I install Kronolith/Horde from ports am I going to have a serious amount of headaches getting the dependencies copied into the chroot? Has anyone else got Kronolith running on chroot'd Apache in OpenBSD (I am running -CURRENT)? Is it relatively easy or utterly painful? Is there any advice that can be given or openbsd/chroot specfic caveats I must be aware of before I start installing the Horde Framwork and Kronolith? Many thanks in advance for your help. Nick Holmes
Dual-head DVI on -CURRENT & X.Org 6.9.0
Dear Misc@, I am looking to build a new OpenBSD workstation for home and would like to have a dual-headed setup using DVI. I have seen some recent previous dicussion on this matter (Matrox P650 series not supported because of Parhelia chipset) and would like to ask a few questions about an nVidia card: My searching shows that: - OpenBSD-CURRENT has recently bumped to X.org v6.9.0 (http://marc.theaimsgroup.com/?l=openbsd-cvs&m=113736397823846) - nv manpage for 6.9.0 shows that it supports the 6xxx series of cards (http://ftp.x.org/pub/X11R6.9.0/doc/html/nv.4.html) - There are several conflicting reports of dual-headed support working on a single card under the standard "nv"driver. I have been looking at the "XFX GeForce 6600 GT 128MB DDR3" (Model: PV-T43G-ND) which is a PCI-E card with Dual-DVI outputs. Does anyone here have experience of using this card in a dual-headed configuration on OpenBSD-CURRENT (using X.org 6.9.0) and does it work? If so, could you please share your config files or any caveats with me? Many thanks in advance for any advice. Regards, Nick London, UK 7.5 today! http://messenger.msn.co.uk
OT: Archiving many files to span multiple DVDs
Dear Misc@, First up this is off-topic but I'm sure that someone here has experienced this problem in the past, so please forgive my asking as I'm not sure where else to turn. I've got an OpenBSD fileserver full of files which I have built up over the years: Digital photos, 3D modelling files, company accounts, MP3s etc - roughly 30GB of stuff. The *really* critical stuff goes onto a weekly DAT tape and sent offsite. However, I want to back all of this data up on a regular basis (once every month or so) onto optical media and ship the discs offsite for safekeeping. Currently I am manually working out the optimum split of files over discs to use the least amount of DVDs possible - It is highly labour-intensive and I now want to be able to cycle my discs GF-F-S. What I'd like to know is if there is a utility which will figure out the best way to portion out these files to save on DVD+RWs (i.e. which selection of files best utilise the 4.4GB available per disc). Ideally such a tool would give me appropriate output to shove into mkisofs and generate the images for burning (I'll then grab a directory listing into a text file which I can grep so I can find stuff later! =) I'd rather not tar and split the files as I am worried about corruption and recovery failure issues. Apologies again for the OT nature of this mail. Any ideas very much appreciated. Warmest regards, Nick Holmes, London http://www.msn.co.uk/newsletters
OT: Any OpenBSD'ers at Wacken Open Air 2005?
Have just booked my ticket to Wacken Open Air metal festival (August 4-6 @ Izehoe, Germany). Anyone else here going along? Would be good to meet up for beer with fellow OpenBSD users/metalheads! Drop me a line. If anyone from the development team is going I'd be happy to bring along any hardware donations from the UK to save on international shipping as I'll bringing the car. Regards Nick _ Use MSN Messenger to send music and pics to your friends http://messenger.msn.co.uk
Gallery 1.5 on OpenBSD chroot'd Apache
Dear Misc@, Here is an update to my script to get Gallery photo albums working within the chroot. I've tidied up the script and taken out ImageMagick so we're only using NetPBM now. Lib copies should be nicer and work with other future versions too hopefully. I have tested and it works OK, any feedback please let me know... Regards, Nick == #!/bin/sh # # [ gallery-openbsd-chroot-install ] # # # Copyright (c) 2005 Nick G Holmes <[EMAIL PROTECTED]> # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above # copyright notice and this permission notice appear in all copies. # # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. # # # 1.0 03-Apr-2005 NGH First release # 1.1 22-May-2005 NGH Update for PHP 4.3.11, Gallery 1.5, + tidy up # # From 1.1 we're using netpbm only as it's easier to manage! # # # OVERVIEW # # This script copies the necessary files from the true root # to Apache's chroot'd environment. Script creates needed # directories. Assumes you're using ports, otherwise just # add your binary packages the usual way. # # Test Environment: # * OpenBSD 3.7 -CURRENT (i386) # * Compaq D5S SFF - P4 1.7GHz, 256MB RAM # * Gallery 1.5 # * PHP 4.3.11 # * NetPBM 9.24 # # INSTALLING A CHROOT'D GALLERY # = # # 00* First, make sure you change rc.conf to httpd_flags="" # 01 cd /usr/ports/www/php4/core # 02 make install # 03 cp /usr/local/share/examples/php4/php.ini-recommended /var/www/conf/php.ini # 04 /usr/local/sbin/phpxs -s # 05 echo '' > /var/www/htdocs/phptest.html # - Use your browser to checkout the phptest page to make sure it is all working! # 06 cd /usr/ports/graphics/netpbm # 07 make install # 08 cd /usr/ports/graphics/jhead # 09 make install # 10 Download gallery and tar xfz the file into htdocs # 11 mkdir -p /var/www/htdocs/albums # 12 chown www:www /var/www/htdocs/albums # 13 chmod 755 /var/www/htdocs/albums # 14 ** NOW RUN THIS SCRIPT ** # 15 Using your web browser, follow the gallery setup procedure # - Don't forget temp directory is /tmp as it will be chroot! # 16 After it's all working, cd to /var/www/htdocs/gallery and run ./secure.sh # # # A FINAL NOTE # # This script worked for me. It might not work for you. Mileage may vary. # My scripting isn't so hot, so the below is probably very basic looking. # If you spot any errors, please e-mail me. # # My thanks goes out to: # * Bruno Rohee.(Suggestions on libraries) # * Stuart Henderson(advice on using ldd) # * Daniel Polak(Help with files I missed) # * And everyone else on the OpenBSD misc@ mailing list # # === # echo '== Gallery chroot Copy Tool ==' echo 'Making /var/www/tmp ...' mkdir -p /var/www/tmp chmod -R 777 /var/www/tmp echo 'Making /var/www/htdocs/gallery/config.php ...' touch /var/www/htdocs/gallery/config.php chmod 0777 /var/www/htdocs/gallery/config.php echo 'Making /var/www/htdocs/gallery/.htaccess ...' touch /var/www/htdocs/gallery/.htaccess chmod 0777 /var/www/htdocs/gallery/.htaccess echo ' Creating support directories within chroot ...' mkdir -p /var/www/bin mkdir -p /var/www/var/run mkdir -p /var/www/usr/lib mkdir -p /var/www/usr/libexec mkdir -p /var/www/usr/local/bin mkdir -p /var/www/usr/local/lib mkdir -p /var/www/usr/local/include mkdir -p /var/www/usr/local/include/libpng mkdir -p /var/www/usr/local/share/netpbm # # Mirror misc files # - echo 'Copying shell files...' cd /var/www/bin cp /bin/sh . cd /var/www/usr/local/bin echo 'Copying jhead files...' cp /usr/local/bin/jhead . echo 'Copying jpegtran files...' cp /usr/local/bin/jpegtran . # # Mirror libs to chroot jail # -- echo 'Copying library files...' cp /usr/lib/libc* /var/www/usr/lib cp /usr/lib/libm* /var/www/usr/lib cp /usr/lib/libz* /var/www/usr/lib cp /usr/libexec/ld.so /var/www/usr/libexec cp /usr/local/lib/libiconv.*/var/
