more people could benefit from it (e.g. those having
> SD/SDHC/etc
> cards).
Once you detect read-only media, I suggest to implement the support by
adding new DISKFLAG_READONLY to disk(9) API and simply deny write access
in g_disk_access() when DISKFLAG_READONLY is set.
--
Pawel Jakub D
ion encrypted.
I don't fully understand how you can boot your system and then need to
attach GELI provider to be able to install world. If you booted fine
then your system is available and not encrypted.
--
Pawel Jakub Dawidek http://www.wheelsystems
hances are they are safe to mount from
within a jail, like ZFS (user can have access to ZFS datasets, but don't
need access to ZFS pool), NFS, SMBFS, NULLFS, UNIONFS, PROCFS, FDESCFS,
etc. I added VFCF_JAIL flag, so there is general mechanism to mark file
systems as jail-friendly, but back then I on
r_uids = 0;
> + restricted = is_user_restricted(pw, see_other_uids);
> +
> while ((ut = getutxent()) != NULL) {
> + /* Skip this entry if the invoking user is not permitted
> + * to see it */
> + if (restricted &&
&
eems a bit too far for my taste. Spawning a daemon somewhere from
within library doesn't sound like a good idea to me... At least until we
have something like launchd that can start such services on demand.
--
Pawel Jakub Dawidek http://www.wheelsy
this is only
> for the first rescue step.
>
> 6. I have changed userboot interface. I guess there is none consumers except
> the one test program. But if it isn't that, i can make it compatible.
>
> Any comments are welcome.
>
> --
> WBR, Andrey V. Elsuko
On Tue, Jun 26, 2012 at 06:01:26PM +0400, Andrey V. Elsukov wrote:
> On 26.06.2012 16:57, Pawel Jakub Dawidek wrote:
> > On Tue, Jun 26, 2012 at 04:50:36PM +0400, Andrey V. Elsukov wrote:
> >> Hi All,
> >>
> >> Some time ago i have started reading the code
ey is proposing is to
recognize the metadata and act accordingly - in case of a gmirror we
simply need to skip it.
In the future we will have the same problem with graid - until we add
support for it to the boot code, we won't be able to boot from it.
--
Pawel Jakub Dawidek
rmats that are recognized by all your
OSes.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://tupytaj.pl
pgpWHeMC9knsD.pgp
Description: PGP signature
t it. Pretending gmirror is special and
recommending to mirror partitions with it instead of raw disks is not
the solution.
I really can't see how gmirror is different in this regard from any
other software RAID or volume manager. If you try to use disk that
contains unrecognized metadata
ow the hardware you are running on, so you know where the disks
are exactly, etc. My company build appliances too, so I have been there.
For most of our users automatic configuration is simply better, as they
can shuffle disks around and not wonder if the system will boot or not.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://tupytaj.pl
pgpqqqo6XHCX4.pgp
Description: PGP signature
On Wed, Jun 27, 2012 at 10:45:35AM -0700, Marcel Moolenaar wrote:
>
> On Jun 26, 2012, at 2:43 PM, Pawel Jakub Dawidek wrote:
> >
> > As for sharing disk with other OS. If you share the disk with OS that
> > doesn't support gmirror, you shouldn't use gmirror in
uration is non-standard and problems are expected if the disk is
shared between other OSes.
In my opinion that's fair.
With such a warning in place, I think we can allow users to decide on
their own if they really want that or not. Then, we can also improve
FreeBSD boot lo
; > of the spec too?
>
> It's the same disk, isn't it? The OS can actually use the property
> of the ID to infer that it has already seen this disk and not create
> multiple device nodes.
You cannot trust some id that is found on disk to be unique, as all
your assumptions
>
> Because I find on Linux it often gets it wrong and winds up being useless
> noise. Mostly, though, it is because I mistype commands more than I type
> commands that should be there, but aren't.
It is even cooler than I thought initially. It punishes you for making
typos:)
rs to
turn it off.
If this feature is going to prints quite a few extra lines, let's just
add one more line saying:
To disable this message run: echo set 31337mode >> ~/.tcshrc
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer
nce. I didn't succeed on my first attempt to
install FreeBSD, neither on the second attempt. It took me few tries to
do it right. I knew nothing about UNIX back then. I consider myself as
someone who improved FreeBSD a bit, but I could as easly gave up after
first two failed attempts to install
S even compiled in. What is more efficient use of developer time:
going through full reboot cycle every time or reading the warning from
console, unloading a module, fixing the bug and loading it again?
And if this option is turned off by default what is the problem?
--
Pawel Jakub Dawidek
On Sun, Nov 25, 2012 at 12:42:16PM +, Attilio Rao wrote:
> On Sun, Nov 25, 2012 at 12:39 PM, Pawel Jakub Dawidek
> wrote:
> > WITNESS is a development tool. We don't ship production kernels with
> > WITNESS even compiled in. What is more efficient use of developer
On Sun, Nov 25, 2012 at 01:37:19PM +, Attilio Rao wrote:
> On Sun, Nov 25, 2012 at 1:12 PM, Pawel Jakub Dawidek wrote:
> > On Sun, Nov 25, 2012 at 12:42:16PM +, Attilio Rao wrote:
> >> On Sun, Nov 25, 2012 at 12:39 PM, Pawel Jakub Dawidek
> >> wrote:
> >
On Sun, Nov 25, 2012 at 01:48:23PM +, Attilio Rao wrote:
> On Sun, Nov 25, 2012 at 1:47 PM, Pawel Jakub Dawidek wrote:
> > On Sun, Nov 25, 2012 at 01:37:19PM +, Attilio Rao wrote:
> >> On Sun, Nov 25, 2012 at 1:12 PM, Pawel Jakub Dawidek
> >> wrote:
> >
d you might not be
able to allocate memory even if you have physical pages available.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://tupytaj.pl
pgpLKog0RIkYD.pg
es that a bit earlier is it possible
that T0 can get later time than T1?
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://mobter.com
pgpClJvKZmY1R.pgp
Description: PGP signature
On Mon, Apr 15, 2013 at 10:18:15PM +0300, Konstantin Belousov wrote:
> On Mon, Apr 15, 2013 at 08:42:03PM +0200, Pawel Jakub Dawidek wrote:
> > On a mostly unrelated note when two threads (T0 and T1) call get*time()
> > on two different cores, but T0 does that a bit earlier is it po
re on how it works.
It probably mostly an optimization and probably protection before some
races, so you can call various functions with vnode's interlock already
held.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBS
wn code.
Something like this:
http://garage.freebsd.pl/mljail.README
I did it some time ago, and this is one of the feature for new jail
implementation with is beeing designed.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.
On Wed, Sep 19, 2007 at 01:30:44PM -0600, James Gritton wrote:
> Pawel Jakub Dawidek wrote:
> >Something like this:
> > http://garage.freebsd.pl/mljail.README
> >
> >I did it some time ago, and this is one of the feature for new jail
> >implementation with is
;
But I guess the most common use is:
gid_t gids[NGROUPS_MAX];
int gidsetlen;
gidsetlen = getgroups(NGROUPS_MAX, gids);
Binaries using the latter method should be just fine.
BTW. The latter method is what all utilities from the base system use.
--
Pawel Jakub Dawidek
on the given vnode,
do the same for /etc/passwd and others and compare their inodes and
file system ids. Performance hit may be significant for complex
policies.
You can register yourself for process_exit, process_fork and
process_exec in-kernel events and do your cleanups from your event
handler. Take
red there could still be important data
in RAM (eg. file system's buffer cache).
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpikfNoxpT5s.pgp
Description: PGP signature
uld just work.
Glabel is not for that and I don't agree for such obfuscation.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
p...@freebsd.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgp9g74Rergrb.pgp
Description: PGP signature
On Sun, Aug 08, 2010 at 02:02:17PM +0200, Ivan Voras wrote:
> On 8.8.2010 12:30, Pawel Jakub Dawidek wrote:
> > So why do you want to obfuscate glabel with it? For people to start
> > depend on it? Once we start supporting 4kB sectors what do we do with
> > such a change? R
some point disks will be detected and
presented as 4kB providers to the GEOM, this class won't be able to find
its metadata anymore (as it was stored in the last 512 bytes, not in the
last 4 kilobytes).
--
Pawel Jakub Dawidek http://www.wheelsystems.com
p...@freebsd.
n.
Could you also try to decrease vfs.zfs.arc_max?
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpJ8VT5v06Ug.pgp
Description: PGP signature
east:root:~# zpool list
NAMESIZEUSED AVAILCAP HEALTH ALTROOT
tank732G604G128G82% ONLINE -
but:
beast:root:~# zfs list | wc -l
1932
No panics.
PS. I'm quite sure the ZFS version I've in perforce wi
On Thu, Jun 05, 2008 at 02:10:02PM +0100, Hugo Silva wrote:
> Pawel Jakub Dawidek wrote:
> >PS. I'm quite sure the ZFS version I've in perforce will fix most if not
> >all 'kmem_map too small' panics. It's not yet committed, but I do want
> >to MFC it
o it in a different way if that
was possible. Maybe it's worth contacting OpenBSD/NetBSD and ask? There
might be a good reason for that.
> - Any comment is welcome, this is my first work on a driver.
Looks good:) I can do a final review and commit once you are done and if
I'll be able
On Thu, Jun 05, 2008 at 04:00:13PM +0200, Ivan Voras wrote:
> Pawel Jakub Dawidek wrote:
>
> > If we're comparing who has bigger... :)
> >
> > beast:root:~# zpool list
> > NAMESIZEUSED AVAILCAP HEALTH ALTROOT
> > tan
iver is loaded.
If I read code properly, there is currently no way for a driver to say
to the opencrypto framework that only AES-CBC with 128bit key is
supported. A driver can only state that it supports AES-CBC, that's all.
As a workaround the driver should implement AES-
On Mon, Jul 21, 2008 at 02:10:00PM +0200, Patrick Lamaizi?re wrote:
> Le Sun, 20 Jul 2008 21:39:55 +0200,
> Pawel Jakub Dawidek <[EMAIL PROTECTED]> a écrit :
>
> Hello,
>
> > > In the "opencrypto framework" the function crypto_register() has an
>
50513 at syscall+0x283
#17 0x80634e40 at Xint0x80_syscall+0x20
[...]
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgp7AAbGMNK4D.pgp
Description: PGP signature
obj.c
> @@ -798,7 +798,9 @@ link_elf_load_file(linker_class_t cls, const char
> *filename,
> link_elf_reloc_local(lf);
>
> /* Pull in dependencies */
> + VOP_UNLOCK(nd.ni_vp);
> error = linker_load_dependencies(lf);
> + vn_lock(nd.ni_vp, LK_EXCLUSIVE | LK_RETRY
D 7.x kthread_create() creates a process
without file descriptor table, so you can't use kern_open() and actually
you shouldn't do this either.
Take a look at sys/cddl/compat/opensolaris/kern/opensolaris_kobj.c,
where you can find functions to do what you want.
I guess you already con
SD behaviour (ie. inherit group ownership from the parent directory),
but it become broken during v6 -> v13 switch. Could you file PR for
this, I should be able to fix it before 8.0-RELEASE.
--
Pawel Jakub Dawidek http://www.wheel.pl
p...@freebsd.org
sys_exit+0x1d
[...]
db> show lock 0x8079a348
class: sx
name: GEOM topology
state: XLOCK: 0x85d0d000 (tid 100008, pid 2, "g_event")
waiters: exclusive
--
Pawel Jakub Dawidek http://www.wheel.pl
p...@freebsd.org http://www.FreeBSD.or
On Sat, Jan 30, 2010 at 12:27:49PM +0100, Pawel Jakub Dawidek wrote:
> On Sat, Jan 30, 2010 at 12:58:26AM +0200, Alexander Motin wrote:
> > Hi.
> >
> > Experimenting with SATA hot-plug I've found quite repeatable deadlock
> > case. Problem observed when severa
On Sat, Jan 30, 2010 at 12:44:51PM +0100, Pawel Jakub Dawidek wrote:
> Maybe I'll add how I understand what's going on:
>
> GEOM calls destroy_dev() while holding the topology lock.
>
> Destroy_dev() wants to destroy device, but can't because there are
> threads
separately, not sure where. There is ongoing discussion
somwhere on importing this algorithm to the base for tar(1) to use, it
would be best to have only one copy of code in the tree.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
p...@freebsd.org
ss when bug is found is very, very bad.
Another reason is performance. You can see how much faster, eg. openssl
crypto is when doing it in userland and when forcing it to use software
crypto from the opencrypto kernel framework.
--
Pawel Jakub Dawidek http://www.wheelsystems.
; I suspect it is not the card as much as the driver, but I am not sure.
I was able to modify the driver in a way multipathing started to work
(no more hanging request when path was disconnected). It was hackish,
but worked, so I'm quite sure it's driver's fault.
--
Pawel Jakub Dawid
so
jexec won't work here.
Try to ssh into the jail and then ssh to another box.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpRTiVDk
On Fri, Dec 16, 2005 at 05:27:11PM +0700, Vitaliy Ovsyannikov wrote:
+> Hello, freebsd-hackers.
+>
+> Please, look at the output and help if you can:
+>
+> # tar -yxf geom_gate.tbz
+> # cd geom_gate
+> # make
[...]
Why don't you just use ggate from the base system
o protect our
users from a foot-shooting).
And because of the way SU works, it is possible to run background fsck,
as the only problems are unreferenced objects (inodes, blocks, etc.).
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http:/
should be
configured in /boot/loader.conf.
2. If memory type is in kernel module, vm.memguard_desc sysctl should be
configured before loading the module.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD
this.
This is a bit tricky, ie. there is no clean API for this, but it is of
course possible.
There are few frameworks in the kernel that do exactly this. One of them
is alq(9), so take a look at sys/kern/kern_alq.c.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMA
o you must create one for your own.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpkLPh9TonWL.pgp
Description: PGP signature
with your private
key and on authentication, you should provide data from your finger scan
and data to sign - on match, it should return signed data, which you can
use to continue authentication process.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpwxmt56juB3.pgp
Description: PGP signature
ecover data or get the machine to boot?
Can you provide more info? There should be more interesting informations
before those you pasted.
There was a lot of fixes to gmirror in 6.1, so you may consider an
upgrade.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMA
uio_resid as the number
of bytes to proceed, so it has to be set before the call.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpmp8Q0Urm4t.pgp
Description: PGP signature
panics without graid3. For
example on a plain disk, but with 2kB sector size (you can do it with
gnop(8)). You can also try gstripe(8) your disks with small stripesize,
eg. 512 bytes and use gnop(8) on top of it to change sector size, so all
disks will be used, in case there is a problem with your
m out of town tomorrow, I'll try to take a look when I'm back. We saw
snapshot/gjournal related deadlocks, but all were fixed, maybe there is
a fix which wasn't comitted.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED]
patch was not yet merged to RELENG_6, can you try it?
http://people.freebsd.org/~pjd/patches/vfs_subr.c.3.patch
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer
ror=35).
I'm aware of this, but it is harmless. On journal switch gjournal cannot
synchronize the file system, so it will try again later. It should be
probably better logged (as a warning).
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED]
On Sat, Aug 26, 2006 at 07:23:36AM -0500, Eric Anderson wrote:
> Hmm - had another panic. Again, screen shots are here:
>
> http://www.googlebit.com/freebsd/snapshots/gjournal_panic2/
I can't find panic message. What was it?
--
Pawel Jakub Dawidek http:
On Sat, Aug 26, 2006 at 08:19:40PM -0500, Eric Anderson wrote:
> On 08/26/06 07:44, Pawel Jakub Dawidek wrote:
> >On Sat, Aug 26, 2006 at 07:23:36AM -0500, Eric Anderson wrote:
> >>Hmm - had another panic. Again, screen shots are here:
> >>
> >>http:/
ce account for you would be a good start. Would you like
to work there?
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpd5wcOLlCS9.pgp
Description: PGP signature
e some starting code for this and I'm planning to implement them, at
least for ZFS.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpu3L8mZGSH6.pgp
Description: PGP signature
I missing?
> There is no libubsec.so in the system.
>
> Any help will be appreciated.
'-engine ubsec' will try to use userland driver. If you loaded ubsec.ko
and cryptodev.ko, you should use '-engine cryptodev'.
--
Pawel Jakub Dawidek http://w
rror, the error
> doesn't appear...
Silent data corruptions happens, look for example at the "problem with
4T volume under FreeBSD" thread on [EMAIL PROTECTED]
I'd suggest configuring geli with data authentication on top of the FC
array. geli will detect si
ss the errors up.
This is what I did in ggate and it seems to work.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpmejRxKe25f.pgp
Description: PGP signature
oduction, my customer using it in production on large
number of FreeBSD servers and I also have heard already many success
stories, BUT I still consider the code to be experimental.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http
On Sun, Jan 14, 2007 at 07:18:04PM +0100, Attila Nagy wrote:
> On 2007.01.12. 20:06, Pawel Jakub Dawidek wrote:
> >Silent data corruptions happens, look for example at the "problem with
> >4T volume under FreeBSD" thread on [EMAIL PROTECTED]
> >
> >I
launched.
+> GEOM_MIRROR: Cannot update metadata on disk ad0s1 (error=1).
+> GEOM_MIRROR: Device vol0: provider ad0s1 disconnected.
This is known race, which is already fixed in HEAD. I want to commit it
soon.
--
Pawel Jakub Dawidek http://www.FreeBSD.org
[EMAIL PR
On Wed, Dec 08, 2004 at 02:10:02AM +0200, Alexandr Kovalenko wrote:
+> Hello, Pawel Jakub Dawidek!
+> >
+> > This is known race, which is already fixed in HEAD. I want to commit it
+> > soon.
+>
+> Any plans on backporting it to RELENG_5 (RELENG_5_3 maybe?)?
I'
. You need to create the mirror on 2nd disk first, etc.
Even if you store metadata on disk (with debugflags=16), changes will
not be updated on 2nd disk, because I/O requests go to the disk provider,
not to the mirror provider.
--
Pawel Jakub Dawidek http://www.wheel.pl
ch against HEAD from a
minute ago:
http://people.freebsd.org/~pjd/patches/jail_2004120901.patch
I don't have time to work on this right now, so can't say if/when it'll
be committed.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED]
too).
+> Sending it a particular signal would notify it to
+> send shutdown signals to all its compatriots in the jail etc.
I started to work on this in perforce: pjd_jailinit.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] ht
uilding)
What system version are you using? If this is 5.3 you should place:
swapoff="YES"
to your /etc/rc.conf and use shutdown(8) command to reboot/turn off your
machine.
This is fixed in HEAD in much more clean way already.
--
Pawel Jakub Dawidek
ang on boot when I use atapicam with my DVD-RW. With CD-ROM
everything is ok.
I'm able to boot and work without any problems on my DVD-RW only with
atapi DMA turned off in /boot/loader.conf:
hw.ata.atapi_dma=0
--
Pawel Jakub Dawidek http://ww
dir}/${parent_}.lock\"}"
+> if [ -e "/dev/${parent}" -a ! -e "/dev/${parent}.bde" ]; then
+> echo "Configuring Disk Encryption for ${parent}."
Only this part is needed.
Committed to HEAD, MFC after 1 week. Thanks!
-
irrors, after unclean shutdown you
probably don't need rebuild all mirrors.
The argument against could be that when you synchronize many mirrors on
the same disks in parallel, your disks are less happy (in one big mirror
scenario, disk's heads don't have to jump fro
you have dedicated mirror only for swap (e.g. mirror on ad0s1b and
ad2s1b) you probably should be able to dump into ad[02]s1b (but I didn't
test it).
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
Fre
IMHO is possibility to use
reboot(8)/shutdown(8), etc. inside a jail, but...
I'm unfortunately too busy with other (probably less interesting, but
profitable) projects.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://
On Wed, Feb 02, 2005 at 12:52:17AM +0800, Xin LI wrote:
+> ??? 2005-02-01?? 11:40 +0100???Pawel Jakub Dawidek?
+> > The thing that can be useful IMHO is possibility to use
+> > reboot(8)/shutdown(8), etc. inside a jail, but...
+> > I'm unfortunately too busy
lping to resolve them.
Frankly, I don't know. It just needs detailed testing.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgp1aIJTzcoLj.pgp
Description: PGP signature
configurations and is there any
+> wisdom about ggate configurations?
Set kern.geom.gate.debug to 1 and send output which is generated on
failures.
I've much improved ggate in perforce, but it needs some polishing still...
--
Pawel Jakub Dawidek http://www.wheel.pl
ovide
+> source.
It would be probably useful for wintess, so when first order is stored,
it can be stored with stack and on LOR, both backtraces can be shown.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
Free
noon, so
+> it's perfectly possible that I'm missing some vital point or that it's
+> complete nonsense :)
+>
+> Does it make sense to do it this way? Is it worth applying for the SoC?
Not sure. Basically this is simlar what softupdate does, I think.
e bootloader). The passphrase is entered at the bootloader prompt
+> or embedded in the bootloader.
This is not not possible with current GBDE.
I've patches which allows this here:
http://people.freebsd.org/~pjd/patches/gbde.patch
--
Pawel Jakub Dawidek http://www
em:)
I'm not going to commit it by myself.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgpBzeFSPfvLU.pgp
Description: PGP signature
ements (managing keys, protecting passphrases,
metadata backups, encrypted root partition, etc.) are or could be the same.
--
Pawel Jakub Dawidek http://www.wheel.pl
[EMAIL PROTECTED] http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
pgp7lyHzfctn3.pgp
Description: PGP signature
or ggated(8) and ggatec(8)
+> ;)
Thanks a lot! Unfortunately I don't have time to setup test environment
(I don't use ipv6 at all) and it can take a while before I'll be ready
for committing this (if noone else beat me on this).
I'll be grateful if you could file PR and send
futher. Strategy
of choosing disks, failures handle, etc. should be also general. I want to
provide support for many on-disk metadata formats if it will be possible.
The bad news is that it is only a concept, I've only some initial code
and project draft. I hope I'll find time to implement
cott on this).
Not really. I've start planing something different (see my previous mail).
--
Pawel Jakub Dawidek [EMAIL PROTECTED]
UNIX Systems Programmer/Administrator http://garage.freebsd.pl
Am I Evil? Yes, I Am! http://cerber.sourceforge.net
pgp0.pgp
Description: PGP signature
+> Any help on this topic would be much appreciated.
I've many reports about DNS problems with my patch in jail, that's true.
I can't promise, but I'll try to find some time in few days to track this
problem down.
--
Pawel Jakub Dawidek [EMAIL PROT
could try this patch againt recent -CURRENT, but I haven't added
anything - for me gethostbyname(3) in jail works fine.
http://garage.freebsd.pl/patches/mijail5_2.patch
--
Pawel Jakub Dawidek [EMAIL PROTECTED]
UNIX Systems Programmer/Administrator http://garage
ng old value in dedicated pointer is correct.
There still will be a problem when modules are loaded and unloaded
in random order. Unload order have to be reverse load order, if not,
invalid pointer (of module that was already unloaded) will be stored
in sysent table.
--
Pawel Jakub Dawidek
.
Such "secure" flag for running process could be also implemented with
multiple meanings:
1. All freed pages have to be zeroed.
2. All removed files have to be overwritten.
3. Umask for newly created files should be 0077.
4. "secure" flag for newly created files should be f
le will be overwriten even if it is opened
and/or link count is grater than 0. That's why allowing link(2) operation
for such files don't make much sens (the problem exists when there
are hardlinks before "secure" flag is set).
--
Pawel Jakub Dawidek [E
perfromance,
because this should be resolved at compile-time.
I'm not sure if dedicated epanic() is the best way to implement out-of-range
errors prevention - the more handy solution should cause compile error.
--
Pawel Jakub Dawidek [EMAIL PROTECTED]
UNIX Sy
1 - 100 of 235 matches
Mail list logo
