Hello!
What about ${subj} in current?
Or maybe someone know how to make
ip tunnel on current using patches, tools, etc.?
Thanx.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
< said:
> Novice is ok, it's the other two that are problematic. Well,
> particularly "custom". "Custom" does not scare away anyone, and is
> actually actractive to Windows users. It should be called "death trap"
> or something like that...
Huh?
-GAWollman
To Unsubscribe: send mail to [EMAIL
> Kernel:
> ===
> FreeBSD karma.afterthought.org 4.0-CURRENT FreeBSD 4.0-CURRENT #0: Mon Feb
> 14 23:00:42 GMT 2000
> [EMAIL PROTECTED]:/usr/src/sys/compile/KARMA i386
>
> Background:
>
> 3 users. One with X running , and two users running breakwidgets
> , which make use of a
Please people. If you think you don't need a make world during a code
freeze, then please at least read the patched files...
Index: Makefile.inc
===
RCS file: /usr/home/ncvs/src/lib/libc_r/man/Makefile.inc,v
retrieving revision 1.10
< said:
> o A username may only be checked $number times per $timeperiod;
> after that, _all_ answers are silently converted to "no".
Easier: a username may only be checked by a process running as $uid
or by root.
> ... etc. There are possibilities for DoS attacks, but the daemon
> talks only
> "Mark" == Mark Murray <[EMAIL PROTECTED]> writes:
Mark> o A username may only be checked $number times per
Mark> $timeperiod; after that, _all_ answers are silently
Mark> converted to "no".
Umm, massive DOS hole.
Mark> o Daemon may only be invoked $number times per $timepe
Lyndon Nerenberg wrote:
>
> > "Mark" == Mark Murray <[EMAIL PROTECTED]> writes:
>
> Mark> o A username may only be checked $number times per
> Mark> $timeperiod; after that, _all_ answers are silently
> Mark> converted to "no".
>
> Umm, massive DOS hole.
Per username. If you p
Around ftp.c line 383 I see now:
} else if (code == 229) {
/* result for EPSV */
pflag = 1;
pflag = 100;
b
Hi,
I just installed a box (2208 -CURRENT snapshot) using a serial console,
worked fine (a bit slow in redrawing), but after booting the installed system
there was no getty on the serial port ...
/Jesper
--
Jesper Skriver, jesper(at)skriver(dot)dk - CCIE #5456
Work:Network manager @
On Mon, 14 Feb 2000, Jake Burkholder wrote:
> > On Mon, Feb 14, 2000 at 02:39:09PM -0700, Doug Russell wrote:
> >
> > > Does anyone have a Panasonic 526/563 CD-ROM drive working under 4.0-C? I
> > > have not had one working for may weeks, however, I wasn't sure if it was a
> > > hardware proble
Ok, this time for sure... version 3 of the MAP_GUARDED patch is out.
http://www.backplane.com/FreeBSD4/
http://www.backplane.com/FreeBSD4/guard-3.diff
http://www.backplane.com/FreeBSD4/guard3.c
MAP_GUARDED
mmap(addr/NULL, len, prot, MAP_GUARDED, fd, offse
Hello,I'm Takehiro Suzuki,a FreeBSD user. :-)
In article <[EMAIL PROTECTED]>
[EMAIL PROTECTED] writes:
>> > It is available from http://www.bsdclub.org/~takehiro/binutils.tar.gz .
>>
>> I am taking a look at it now. Since you did not rename any of the bits
>> (such as `as', `ld', etc..) what i
On Fri, Feb 18, 2000 at 11:05:31AM -0800, Matthew Dillon wrote:
> I also think that a single guard page at the base of the
> stack may be insufficient for some applications. I'm
> considering adding yet another field to vm_map_entry
> 'vm_pindex_t guard_pages' which allows the nu
Hi!
Why then it works on 3.4-STABLE (booting without loader(8) and
having kvm(3) programs like pstat(8) and top(1) working).
What makes a difference here?
On Sun, Feb 06, 2000 at 09:38:41PM -0500, Garrett Wollman wrote:
> < said:
>
> > If I boot with loader(8), everything is ok.
> > Ideas?
>
>
> I fixed it and other problems, and added another changes. (In
> particular, I mistakenly left my testing part in router
> case. Sorry.)
> I'll attach the new diffs.
I still made more several fixes to IPv6 configuration scripts.
-changed the file rc.net6 to rc.network6
-changed the func net
nos-tun.
>
> Hello!
>
> What about ${subj} in current?
> Or maybe someone know how to make
> ip tunnel on current using patches, tools, etc.?
>
> Thanx.
>
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-current" in the body of the message
>
To Unsubscribe:
Doug Barton wrote:
>
> "Jordan K. Hubbard" wrote:
>
> > Hmmm. Odd, I've always noted the opposite. If you do the novice install
> > (which everyone should if they're trying to test the "typical case"),
>
> I've always found the term "novice" to be a little off-putting. Perhaps
> "Stan
Sorry about the html posting, it seems that Mozilla M13 decided to rape my
message. I hate html postings just as much as you do (thank god for
procmail filters), and will send this one using pine so Mozilla doesn't
try to rethink my e-mail for me.
Kernel:
===
FreeBSD karma.afterthought.org
The real solution is to make killall(1)s funtionality part of kill(1)
and avoid reading /proc so that we don't even have to mount /proc.
Poul-Henning
In message <[EMAIL PROTECTED]>,
Thomas Stromberg writes:
>3 users. One with X running , and two users running breakwidgets
>, which make use of
> Doug Barton wrote:
> >
> > "Jordan K. Hubbard" wrote:
> >
> > > Hmmm. Odd, I've always noted the opposite. If you do the novice instal
l
> > > (which everyone should if they're trying to test the "typical case"),
> >
> > I've always found the term "novice" to be a little of
I've come to the conclusion that the -current stuff really doesn't install
on an 8 Meg machine anymore. I have an old 486/66 machine I'm using
to play with the current-RC's, and it consistantly dies loading the 'bin'
stuff.
This isn't really a complaint -- after the load & boot cycle, there is o
Was wondering if anyone else was seeing this one. I'm following the
jail(8) build directions on the 02-14 snapshot. I've had the build
directions work previously, so I'm a little puzzled. During the make all
phase, I get the errors below. I cvsup'd this morning, but still get the
same results
A further data point: I was building with a -j, so maybe there's a
dependency mixup with the beforedepend target? If I manually cd to the
directory and do a make beforedepend, things continue naturally from
there.
On Fri, 18 Feb 2000, Robert Watson wrote:
>
> Was wondering if anyone else was
> "Garrett" == Garrett Wollman <[EMAIL PROTECTED]> writes:
Garrett> And what happens when the daemon is dead, has crashed, or
Garrett> was never started?
You incorporate my patches to inetd that teach it to listen on
named sockets, and then run the daemon from there in wait mode.
If
< said:
> You incorporate my patches to inetd that teach it to listen on
> named sockets, and then run the daemon from there in wait mode.
> If inetd dies you're pretty much hosed, anyway.
Think ``single-user mode''.
-GAWollman
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe
On Fri, Feb 18, 2000 at 11:28:45PM +0900, Daniel C. Sobral wrote:
>
> Novice is ok, it's the other two that are problematic. Well,
> particularly "custom". "Custom" does not scare away anyone, and is
> actually actractive to Windows users. It should be called "death trap"
> or something like that
> "Garrett" == Garrett Wollman <[EMAIL PROTECTED]> writes:
>> You incorporate my patches to inetd that teach it to listen on
>> named sockets, and then run the daemon from there in wait mode.
>> If inetd dies you're pretty much hosed, anyway.
Garrett> Think ``single-user mode
Another technique that could be used, and gets discussed occasionally on
-security, is passing authentication information via ancillary data
transfer on UNIX domain sockets. You could limit the effectiveness of DOS
attacks by rate limiting per-uid, for example.
It should be noted that both the
Hi,
I'm writing a driver that talks to a card that has some SRAM.
In the driver I'm trying to get a handle to the memory by doing the
following:
rid = 0;
sc->mem = bus_alloc_resource(dev, SYS_RES_MEMORY, &rid,
0ul, ~0ul, 0, RF_ACTIVE);
which fails.
Hello.
I followed up the stuff posted here and this evening I want to change one of
our smaller server towards FBSD 4.0. Got the CD, have a complete new
source tree cvsuped this day and now I make a cd /sys/i386/conf ...
Within this directory, I only have the GENERIC, LINT NEWCARD files and
my own
> ...
>Resource limits are still an issue. It turns out that the
>MAP_STACK code does not deal with the stack resource limit
>well at all -- sometimes it catches it, sometimes it doesn't.
In what sense? My recollection is that resource limits are
enforced on the "regular" process st
On Thu, Feb 17, 2000 at 06:06:22PM +0900, Yoshinobu Inoue wrote:
> > > But maybe it is better to print out the first error, as the fact?
> >
> > I have nothing against EPSV itself, I am against additional verbosity and
> > performance degradation since it is tried before _each_ command.
>
> OK I
> it makes sense to slice it that way. Also, as far as teaching new users how
> to install it, I _always_ show them the custom route. While this may sound
> harsh, its used to familarize them with all of sub-components, and
I really kinda wish you'd point them to Novice^H^H^H^H^HStandard
instea
> Perhaps the release notes, or hardware file need to note you really do need
> more than 8M ?
The CD boxes all say 16MB and the release notes/hardware guide don't
say anything at all about this. :)
- Jordan
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in t
:
:> ...
:>Resource limits are still an issue. It turns out that the
:>MAP_STACK code does not deal with the stack resource limit
:>well at all -- sometimes it catches it, sometimes it doesn't.
:
:In what sense? My recollection is that resource limits are
:enforced on the "regular"
On Fri, Feb 18, 2000 at 07:11:00PM +0100, O. Hartmann wrote:
> Hello.
> I followed up the stuff posted here and this evening I want to change one of
> our smaller server towards FBSD 4.0. Got the CD, have a complete new
> source tree cvsuped this day and now I make a cd /sys/i386/conf ...
> Within
On Fri, 18 Feb 2000, Robert Watson wrote:
> A further data point: I was building with a -j, so maybe there's a
> dependency mixup with the beforedepend target? If I manually cd to the
> directory and do a make beforedepend, things continue naturally from
> there.
What value of -j? I've built fi
> > OK I'll change not to try it once it fails.
>
> It seems your last patch _not_ fix the problem. Now I got:
>
> ftp> dir
> 500 'EPSV': command not understood.
>
> on first 'dir' command issued. This is with wu-ftpd. Remember that different
> ftpd's could have slightly different format for r
The only changes I have for you are small typos...
/etc/rc.conf:
"assigne router prefix" should be:
"assign router prefix"
/etc/rc.network6:
"if you instead want to route such packets to a "default"
interface": Looks to me like this comment is not applicable
> < said:
>
> > o A username may only be checked $number times per $timeperiod;
> > after that, _all_ answers are silently converted to "no".
>
> Easier: a username may only be checked by a process running as $uid
> or by root.
... added to the list of possibles.
> > ... etc. There are possi
On Fri, 18 Feb 2000, Anatoly Vorobey wrote:
> On Fri, Feb 18, 2000 at 11:28:45PM +0900, Daniel C. Sobral wrote:
> >
> > Novice is ok, it's the other two that are problematic. Well,
> > particularly "custom". "Custom" does not scare away anyone, and is
> > actually actractive to Windows users. It
All of the below are representative examples of the lattitude that
a sysamin may be granted when setting up her system. There is a DoS
of each of them. Pick your own policy.
M
> > "Mark" == Mark Murray <[EMAIL PROTECTED]> writes:
>
> Mark> o A username may only be checked $number times
> <
said:
>
> > You incorporate my patches to inetd that teach it to listen on
> > named sockets, and then run the daemon from there in wait mode.
> > If inetd dies you're pretty much hosed, anyway.
>
> Think ``single-user mode''.
Single user mode has nothing to do with the problem I am attemp
>
> Another technique that could be used, and gets discussed occasionally on
> -security, is passing authentication information via ancillary data
> transfer on UNIX domain sockets. You could limit the effectiveness of DOS
> attacks by rate limiting per-uid, for example.
Why is this being discu
< said:
> Why is this being discussed as if it is new?
> This is what my tool _does_, for crying out loud!!
Which so far nobody else has ever seen.
-GAWollman
--
Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same
[EMAIL PROTECTED] | O Siem / The fires of freedom
> < said:
>
> > Why is this being discussed as if it is new?
>
> > This is what my tool _does_, for crying out loud!!
>
> Which so far nobody else has ever seen.
Nor asked to see.
Poul-Henning Kamp's "bike shed" argument applies here _big_time_.
M
--
Mark Murray
Join the anti-SPAM movement:
* Mark Murray <[EMAIL PROTECTED]> [000218 13:27] wrote:
> > < said:
> >
> > > Why is this being discussed as if it is new?
> >
> > > This is what my tool _does_, for crying out loud!!
> >
> > Which so far nobody else has ever seen.
>
> Nor asked to see.
>
> Poul-Henning Kamp's "bike shed" arg
On Fri, 18 Feb 2000, Kris Kennaway wrote:
> On Fri, 18 Feb 2000, Robert Watson wrote:
>
> > A further data point: I was building with a -j, so maybe there's a
> > dependency mixup with the beforedepend target? If I manually cd to the
> > directory and do a make beforedepend, things continue nat
I do not mean to throw blame on freebsd at all (unless tons of people also
see this) but I had a freeze earlier today. I had several windows open,
netscape, and was compiling qt2 with not much disk activity at all when it
just froze hard as a rock in all ways I can think of. If it happens again
On Fri, 18 Feb 2000, Robert Watson wrote:
> > What value of -j? I've built fine with -j4 and -j8, but this says that the
> > depend target hadn't run before the all target did. Did you 'make depend'
> > before building?
>
> Nope -- my make was in the top level /usr/src tree, in the form of ``mak
Ok, I just finished making the modifications, essentially
rewriting vm_map_growstack() and vm_map_stack().
http://www.backplane.com/FreeBSD4/
http://www.backplane.com/FreeBSD4/guard-3.diff
http://www.backplane.com/FreeBSD4/guard3.c
Here are the proposed sema
> Hello!
>
> What about ${subj} in current?
> Or maybe someone know how to make
> ip tunnel on current using patches, tools, etc.?
>
> Thanx.
Maybe there are several ways, and one thing I know is gif
interface recently added.
It can be used by adding following entry in your kernel
config. (An
On Fri, 18 Feb 2000, Adam wrote:
> I do not mean to throw blame on freebsd at all (unless tons of people also
> see this) but I had a freeze earlier today. I had several windows open,
> netscape, and was compiling qt2 with not much disk activity at all when it
> just froze hard as a rock in all
In message <[EMAIL PROTECTED]>, Wes Peters wrote:
} Lyndon Nerenberg wrote:
} >
} > > "Mark" == Mark Murray <[EMAIL PROTECTED]> writes:
} >
} > Mark> o A username may only be checked $number times per
} > Mark> $timeperiod; after that, _all_ answers are silently
} > Mark> conver
:Currently, the threads library only creates one guard page
:at the top (or bottom depending on how you look at it) of
:each threads stack (for stacks of default size). Thread
:stacks are allocated in sequential zones, so they are always
:placed on top of the previous threads stack, and thus alre
"Jordan K. Hubbard" <[EMAIL PROTECTED]> writes:
> I really kinda wish you'd point them to Novice^H^H^H^H^HStandard
> instead since it does more than be a bit more verbose, it also makes
> sure that all the appropriate steps are covered and prevents even
> relatively skilled people from hanging th
On Fri, 18 Feb 2000, Kris Kennaway wrote:
> On Fri, 18 Feb 2000, Robert Watson wrote:
>
> > > What value of -j? I've built fine with -j4 and -j8, but this says that the
> > > depend target hadn't run before the all target did. Did you 'make depend'
> > > before building?
> >
> > Nope -- my make
> * When you mmap() with MAP_GUARDED|MAP_STACK, you get
> a guarded stack. The system will not create a
> growable stack, though, it pre-reserves the space
> (but, of course, does not allocate physical pages
> for things you haven't touched).
>
> The new semantics
:Ok, I just finished making the modifications, essentially
:rewriting vm_map_growstack() and vm_map_stack().
:
: http://www.backplane.com/FreeBSD4/
: http://www.backplane.com/FreeBSD4/guard-3.diff
: http://www.backplane.com/FreeBSD4/guard3.c
Oops, withdrawn... I m
On Fri, 18 Feb 2000, Matthew Dillon wrote:
> :Currently, the threads library only creates one guard page
> :at the top (or bottom depending on how you look at it) of
> :each threads stack (for stacks of default size). Thread
> :stacks are allocated in sequential zones, so they are always
> :plac
I've come up against a number of ports lately assume IPv6 support if
you're running:
.if ${OSVERSION} >= 400014
CONFIGURE_ARGS+= --enable-ipv6
.endif
... I don't see INET6 in my GENERIC kernel. This affects at least
net/mtr and lang/ruby.
Dave.
--
> OK, I took a chance and flashed the card's BIOS to the latest from the AMI
> site I had been suspecting BIOS, as the readme.txt mentioned problems
> with newer motherboards. Lo and Behold, it seems to have done the trick
>
> amr0: mem 0xe900-0xe93f irq 11 at device 12.1 on pci0
>
Is it planned to make su(1) support authentication via PAM?
--
Dominik - http://www.saargate.de/~domi/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
On Fri, Feb 18, 2000 at 05:26:45PM -0500, David Gilbert wrote:
> I've come up against a number of ports lately assume IPv6 support if
> you're running:
>
> .if ${OSVERSION} >= 400014
> CONFIGURE_ARGS+= --enable-ipv6
> .endif
>
> ... I don't see INET6 in my GENERIC kernel. This affects at least
> "Chris" == Chris Piazza <[EMAIL PROTECTED]> writes:
Chris> On Fri, Feb 18, 2000 at 05:26:45PM -0500, David Gilbert wrote:
>> I've come up against a number of ports lately assume IPv6 support
>> if you're running:
>>
>> .if ${OSVERSION} >= 400014 CONFIGURE_ARGS+= --enable-ipv6 .endif
>>
>>
::
::Correct me if I'm wrong, but using MAP_STACK|MAP_GUARDED
::would allocate one additional guard page for each threads
::stack.
::
::DanE.
:
:Correct. At the moment MAP_GUARDED is a 'generic' guarding flag
:and makes no assumptions about the areas being adjoining. It doesn't
:cost
On Sat, Feb 19, 2000 at 04:47:34AM +0900, Yoshinobu Inoue wrote:
> But the change to do it seems to be not so simple as can be
> done in this code freeze phase. (At least with my level of
> understanding of ftp code.)
> Somewhat no printing version of getreply() seems to be
> necessary.
>
> Coul
:
:Any problem if we overlay a previously MAP_GUARDED page with another
:(to save an extra guard page)?
:
:Dan Eischen
:[EMAIL PROTECTED]
Overlaying *anything* on top of a MAP_GUARDED mmap will break its
functionality. This is true of a MAP_STACK mmap as well.
On Fri, 18 Feb 2000, Gray, David W. wrote:
> I've come to the conclusion that the -current stuff really doesn't install
> on an 8 Meg machine anymore. I have an old 486/66 machine I'm using
> to play with the current-RC's, and it consistantly dies loading the 'bin'
> stuff.
>
I installed CURRE
If memory serves me right, Yoshinobu Inoue wrote:
> I still made more several fixes to IPv6 configuration scripts.
>
> -changed the file rc.net6 to rc.network6
> -changed the func net6_pass1 to network6_pass1
> -changed several var name more unlikely to confilict
> -changed if several se
Kris,
I was pointed to you for questions regarding whether or not certain ports
would be working udner 4.0-RELEASE -- specifically, OpenSSH and related
applications which depend on SSL/RSA. Do we plan to provide a consistent
and documented way for users of FreeBSD to go from the RSA-disabled ba
Hi,
I was wondering if its possible to run FreeBSD-4.0 on a 486 SLC2 66mhz.
(win95 runs on this computer ok)
I downloaded the floppies from Feb.14th, and disabled the hardware I
don't have
but the boot panics at:
...
npx0: on motherboard
npx0:Using IRQ 13 interface
Fatal trap 12: page fault whil
I am currently having a problem installing linux_base, both the port and the
package on -current. I used to lurk to discover these problems by browsing
the mailing list, but they are down. :-(
I just cvsupped and rebuilt the world today and it still fails. Here are the
messages:
miles# pkg_add -
:In general, a given number of guard pages is insufficient for some (perhaps
:non-existent) applications. The basic idea is to catch typical stack
:overflow. Trying to always catch stack overflow is not practical. Since
:this is a heuristic error detection technique, I'm not sure how much
:wor
> I am currently having a problem installing linux_base, both the port and the
> package on -current. I used to lurk to discover these problems by browsing
> the mailing list, but they are down. :-(
>
> I just cvsupped and rebuilt the world today and it still fails. Here are the
> messages:
Yes,
On Fri, 18 Feb 2000, Robert Watson wrote:
> Ok, is this a make depend in the top /usr/src, or in directories thjat
> specifically require it. Or more practically speaking--I want the
> directions in jail(8) to work every time. :-) How can this be fixed?
Specifically, 'make depend' in secure/l
On Fri, 18 Feb 2000, Robert Watson wrote:
> I was pointed to you for questions regarding whether or not certain ports
> would be working udner 4.0-RELEASE -- specifically, OpenSSH and related
> applications which depend on SSL/RSA.
All of the ports which explicitly depend on openssl should be wo
:> I am currently having a problem installing linux_base, both the port and the
:> package on -current. I used to lurk to discover these problems by browsing
:> the mailing list, but they are down. :-(
:>
:> I just cvsupped and rebuilt the world today and it still fails. Here are the
:> messages:
I recently upgraded from 3.2 to 4.0. I use an ide hard disk, and would
like to know how to change over the devices. I created the new devices
by copying over /usr/src/etc/MAKEDEV to a new /dev directory and running
it, but it didn't create any ata* devices such as is shown in the kernel
config f
Jon Hamilton wrote:
>
> In message <[EMAIL PROTECTED]>, Wes Peters wrote:
> } Lyndon Nerenberg wrote:
> } >
> } > > "Mark" == Mark Murray <[EMAIL PROTECTED]> writes:
> } >
> } > Mark> o A username may only be checked $number times per
> } > Mark> $timeperiod; after that, _all_ answers
The latest ata commits left my system completely unbootable. No disks
were probed.
I have on the motherboard's Alladin controller:
HP 4x4x24 CD burner as master primary channel
40x CD as slave primary channel
HP Colorado 8 Gig ATAPI tape as master secondary channel
On a Promise Ultra66:
WDC AC
81 matches
Mail list logo
