From owner-freebsd-hackers@freebsd.org Sun Nov 5 03:32:30 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E7E7FE608BF for ; Sun, 5 Nov 2017 03:32:30 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id 5C6426B595 for ; Sun, 5 Nov 2017 03:32:29 +0000 (UTC) (envelope-from vas@mpeks.tomsk.su) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 39854869 for freebsd-hackers@freebsd.org; Sun, 05 Nov 2017 09:27:43 +0600 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.15.2/8.15.2) with ESMTP id vA53WPh1034688 for ; Sun, 5 Nov 2017 10:32:27 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.15.2/8.15.2/Submit) id vA53WMdO034687 for freebsd-hackers@freebsd.org; Sun, 5 Nov 2017 10:32:22 +0700 (+07) (envelope-from vas@mpeks.tomsk.su) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to vas@mpeks.tomsk.su using -f Date: Sun, 5 Nov 2017 10:32:22 +0700 From: Victor Sudakov To: freebsd-hackers@freebsd.org Subject: "pw useradd -D -e" writes bogus expire_days value into pw.conf Message-ID: <20171105033222.GA34641@admin.sibptus.transneft.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.9.1 (2017-09-22) X-Mailman-Approved-At: Sun, 05 Nov 2017 11:39:54 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2017 03:32:31 -0000 Dear Colleagues, Could anyone please reproduce this bug, especially on an 11.x and 12.x branches? Or is it just me? https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223431 TIA. -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-hackers@freebsd.org Sun Nov 5 11:45:51 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 84FBFE68DFE for ; Sun, 5 Nov 2017 11:45:51 +0000 (UTC) (envelope-from yuripv@gmx.com) Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DFB1E7C34B for ; Sun, 5 Nov 2017 11:45:50 +0000 (UTC) (envelope-from yuripv@gmx.com) Received: from [192.168.1.2] ([94.233.224.52]) by mail.gmx.com (mrgmx101 [212.227.17.174]) with ESMTPSA (Nemesis) id 0MgXCF-1dnrCk1M07-00O2ps; Sun, 05 Nov 2017 12:45:41 +0100 Subject: Re: "pw useradd -D -e" writes bogus expire_days value into pw.conf To: Victor Sudakov , freebsd-hackers@freebsd.org References: <20171105033222.GA34641@admin.sibptus.transneft.ru> From: Yuri Pankov Message-ID: <497adca8-9e9a-fa99-34cb-6073cd433d01@gmx.com> Date: Sun, 5 Nov 2017 14:45:40 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171105033222.GA34641@admin.sibptus.transneft.ru> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:lhCT3vmRcUchKd7WdcPbz2bg87bHjosl1Vo5PmIn+YNJFDXem3F 9rycbgMufaSStDCTlOJrcGB6oI7i2b4nvhpH9tgWXhvcoY7NNg9vgDsVaWGH1G8QqexmTQQ ZP5VMHeCxH2sOUhvmRFjnVodhkiDc3dVpeRq8GMYMgX6Que0i1c6jxRyToIQ1NFLsbhmjT7 dLKPjXwR6X1EM7/Ye3UPQ== X-UI-Out-Filterresults: notjunk:1;V01:K0:bQ7C06rhut8=:/KGnELuagw1lnpTKm7Vt70 EFbAXwFJFEpbOtAI1uFC4qe0/MQuvj+BGp5KiZHG4O2d1a3Wxx1BsOjfArtTgoMtQH5VCUrCY VyqxfEsmZzEc6wgnVcMyDPuAcX50tojdEs6W3u7K/TFemoarR7wxG9TrnlOAMwsUmSUhroZoE hCJFTZ8rK65kToEErHFtP3EtDF/fin7HNfwnHBUzL1TK4cGqDEWM3Yp0a1MszkEg+NR/407rL c85ESoOjDGEYVY6QF4tMefXRQvgApKq7dH35SloOTLfLYKxJkoGEBUNTKE3VT3yiqzv2x3uUv 9rWCxJfYnBpN0Q+fCveaX2JcEShw/X8mrFGMFNXqdStiuall9wyj3WH6OoVBtYZ00+flO1hgj /zTpoOiJ+MIp5pULljcsNyvLApklW75LNYUfqTU5BvBm4S3TLiBBUEDRHQCar3TEG8ln8F+As xcUcyLymMSy5v+54Cl05IBs9tgG255hUmxdC2b1YQebFI1q3SO/UuZeLyQwOBVcXruLR22MED cIuEy/oIxn558l3NdzQQsViBj/irtQgyTx3lXsrpMky1rZaFt2rHohk3onZBb1XCUzwHk+8ZG rHlMBXv7DFrduF2QcQ5XOmv/rDfNQRbLkmBoJEnx7wjykdDz3S6kyBZ0at7+vQWfN/byTFz6q fKGYU3gPEiZJDapXE70/i9hBHbk0y/pV5KqAGioflh5o7hXpHzMsS4Gwd/vQ4chwV0ortVxj2 Os/EdqMiFr1SKwi2QEm2FTc3/gTuQn/hI35YaQZRJdMbJCN63+PG/DBACGpghkCgAiFgexB95 CLq4RrcQgQOwgn+nayAkhMggiQX6aC1Ihfq+J9oHj6NA0SEYa/bMrTrwJh4XHb+v2/r2Aim X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2017 11:45:51 -0000 On Sun, 5 Nov 2017 10:32:22 +0700, Victor Sudakov wrote: > Dear Colleagues, > > Could anyone please reproduce this bug, especially on an 11.x and 12.x > branches? Or is it just me? > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223431 Yes, it's the same on -CURRENT, but as the man page says, argument to -e must be numeric in presence of -D, so most likely it just needs an additional check. From owner-freebsd-hackers@freebsd.org Sun Nov 5 12:05:32 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D58A5E69BEF for ; Sun, 5 Nov 2017 12:05:32 +0000 (UTC) (envelope-from yuripv@gmx.com) Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3C7A47D151 for ; Sun, 5 Nov 2017 12:05:32 +0000 (UTC) (envelope-from yuripv@gmx.com) Received: from [192.168.1.2] ([94.233.224.52]) by mail.gmx.com (mrgmx101 [212.227.17.174]) with ESMTPSA (Nemesis) id 0Lat5o-1dQwFN0wBM-00kLeB; Sun, 05 Nov 2017 13:05:29 +0100 Subject: Re: "pw useradd -D -e" writes bogus expire_days value into pw.conf From: Yuri Pankov To: Victor Sudakov , freebsd-hackers@freebsd.org References: <20171105033222.GA34641@admin.sibptus.transneft.ru> <497adca8-9e9a-fa99-34cb-6073cd433d01@gmx.com> Message-ID: <1b21bd92-ae86-e81b-cf00-b2f7d9e06df7@gmx.com> Date: Sun, 5 Nov 2017 15:05:28 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <497adca8-9e9a-fa99-34cb-6073cd433d01@gmx.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:Q+U1CSn5MkC4wNbUe/YzSYzYgb0TZClX70+HLmnosj3Yf4vr/u0 1BILJy8IxetJTQqn66gK+fjdLbreXM5Wcbc8u7e76THdL3HJs2RNcvPdjpQgbV0diFnOBS/ G5RZK7UzzrGb7qEzUis3NhJXmYEi1GW747v2aEbgZvp8wXorPVn14NCYvSZH9iM4qVtn6xO 9qaKBinPoc9aU6dTDgVnQ== X-UI-Out-Filterresults: notjunk:1;V01:K0:ZZ0nh0nWFmg=:/DyY1Kl+koes694SKXI4VV tOsWE/VV2xmDYu9/z2C1V8pC98VKbIFaBr9U9gYtJf3KCRrq/EtSo6+lBRXMpwOkv+b7g6kTK yIyh3zW3eCKhfyLmvVzpWTP6N2cxStgI7Egx1nRo23Sea69n7GdaLpkaqn5vshkogpwQYRZ7I 47RQrKWcqjmoqcYaxwnKvo9txAk+yXZCV1JMvC5XrnAmlnn/h9ZYOu7Bryxu+32yWtnqgAcjd xRcBeEcLMBuxqUX3oYP3k6GFR+a1ojN29YTqGweVWBfDnFRhk7BHSoUxraJuwjfMvX8jHQQFw HuAXHrPbLGOkAIIq3QZZIaKjQMaoHAQNV6Sv4Pfh/8rkLBC7tJwIn2A8vKADiRDERb0HUUauh iXulXwQ1BpQrZhu4ib/VdoWrFxras5JQlAE3VRLahUdrj2k41oG8r3Mmv1dcSBYQO9B7+o6Y0 Evtyeo39PbzHej2GEBOjdQJSv33DNDU1hOjNgfieNmn0EPpANWJr4Sx9JDV5ujYxLNnwHH4Da //w0R/9O5/BzzDvGPWsyAwE5jAH93orRt+l4s4XdHu9YrO9iMX7YV6O1ykNGlE0Wl9YXdGUDA ppKef8r61q6rj6HxopQ5dJFa+XeKW5/8tl5OrVPf/2pRd7NjOvvidkqhudvPSpgpjUJ7SZ5AM Mb1wnqyNm0AxKIwswKA3RQice1gNvhfsXMB5I94mfjunJA62Ky1YMySIqclAYd6SX1lgoX40g horcslyx2zJLGr0UEqSra5fVnaWN5kD7XU2pqyKW1hKkax+sSG5vqomS9lxILwQkezLzGtkqU dj9PruBdCKuy0nXoAmrGjoEAi3sEnmBGadEbMCFDjC7LDXLMM68up2AndFt4YqNUkKHF68/ X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2017 12:05:32 -0000 On Sun, 5 Nov 2017 14:45:40 +0300, Yuri Pankov wrote: > On Sun, 5 Nov 2017 10:32:22 +0700, Victor Sudakov wrote: >> Dear Colleagues, >> >> Could anyone please reproduce this bug, especially on an 11.x and 12.x >> branches? Or is it just me? >> >> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223431 > > Yes, it's the same on -CURRENT, but as the man page says, argument to -e > must be numeric in presence of -D, so most likely it just needs an > additional check. Added a simple patch to the PR -- check if argument is numeric, otherwise it's parsed as date, and the *timestamp* of account expiry is written as days into the pw.conf. From owner-freebsd-hackers@freebsd.org Sun Nov 5 12:09:24 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 40DB6E69DB1 for ; Sun, 5 Nov 2017 12:09:24 +0000 (UTC) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id AB4217D2F0 for ; Sun, 5 Nov 2017 12:09:22 +0000 (UTC) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 39855048; Sun, 05 Nov 2017 18:04:36 +0600 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.15.2/8.15.2) with ESMTP id vA5C9Isq038132; Sun, 5 Nov 2017 19:09:20 +0700 (+07) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.15.2/8.15.2/Submit) id vA5C9E8p038131; Sun, 5 Nov 2017 19:09:14 +0700 (+07) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to sudakov+freebsd@sibptus.tomsk.ru using -f Date: Sun, 5 Nov 2017 19:09:14 +0700 From: Victor Sudakov To: Yuri Pankov Cc: freebsd-hackers@freebsd.org Subject: Re: "pw useradd -D -e" writes bogus expire_days value into pw.conf Message-ID: <20171105120914.GA38007@admin.sibptus.transneft.ru> References: <20171105033222.GA34641@admin.sibptus.transneft.ru> <497adca8-9e9a-fa99-34cb-6073cd433d01@gmx.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <497adca8-9e9a-fa99-34cb-6073cd433d01@gmx.com> Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.9.1 (2017-09-22) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2017 12:09:24 -0000 Yuri Pankov wrote: > On Sun, 5 Nov 2017 10:32:22 +0700, Victor Sudakov wrote: > > Dear Colleagues, > > > > Could anyone please reproduce this bug, especially on an 11.x and 12.x > > branches? Or is it just me? > > > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223431 > > Yes, it's the same on -CURRENT, but as the man page says, argument to -e > must be numeric in presence of -D, so most likely it just needs an > additional check. Hmm, even with a numeric argument it sets the expiry date incorrectly in newly created accounts, see the "Expire" line below: root@gw:~ # pw useradd -D -e 365 root@gw:~ # grep expire_days /etc/pw.conf expire_days = 365 root@gw:~ # root@gw:~ # pw useradd sobaka Password for 'sobaka' is: rcv8n2PJVP9dt root@gw:~ # root@gw:~ # chsh sobaka Changing user information for sobaka. Login: sobaka Password: $6$KwbJbuUKt03pocQG$nC5mirikOyzF1oFbZacRpn2GXBT1scOBvvtJ8Jfsyw7YPpsR0hW8wDSwLK9uuzAXFNt7aTcFgylweMTXtx1Np. Uid [#]: 1873 Gid [# or name]: 1000 Change [month day year]: Expire [month day year]: January 1, 1970 Class: russian Home directory: /home/sobaka Shell: /bin/tcsh Full Name: User & Office Location: Office Phone: Home Phone: Other information: -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-hackers@freebsd.org Sun Nov 5 12:14:20 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0A4D2E6A0D2 for ; Sun, 5 Nov 2017 12:14:20 +0000 (UTC) (envelope-from yuripv@gmx.com) Received: from mout.gmx.net (mout.gmx.net [212.227.17.21]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "mout.gmx.net", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5CD0E7D710 for ; Sun, 5 Nov 2017 12:14:19 +0000 (UTC) (envelope-from yuripv@gmx.com) Received: from [192.168.1.2] ([94.233.224.52]) by mail.gmx.com (mrgmx103 [212.227.17.174]) with ESMTPSA (Nemesis) id 0Lngv5-1dTlaj3P9b-00hxHg; Sun, 05 Nov 2017 13:14:15 +0100 Subject: Re: "pw useradd -D -e" writes bogus expire_days value into pw.conf To: Victor Sudakov Cc: freebsd-hackers@freebsd.org References: <20171105033222.GA34641@admin.sibptus.transneft.ru> <497adca8-9e9a-fa99-34cb-6073cd433d01@gmx.com> <20171105120914.GA38007@admin.sibptus.transneft.ru> From: Yuri Pankov Message-ID: Date: Sun, 5 Nov 2017 15:14:13 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171105120914.GA38007@admin.sibptus.transneft.ru> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:9JoZhTTk8Yci5a9LRyIfmD5MN3S6W1ajuUXQXzKll8MXaDz3oOb BS4f5PbWwCbyWPtmOIH94ApObhHZSTreJNAqBZwiHbR0xK7ol/w5Bfjz3A9MzVL03lHWjrk YYRSTKi6WkVWBe1YAnsz7lVeb/2jmhY6V/85QHdTVJsfNTCOfz2V7ECyDnW7wsdjvIfAyYX sVGmp1J718Gh276Gm0lsw== X-UI-Out-Filterresults: notjunk:1;V01:K0:lEm38yVQF5o=:qN9NZnJd0v8q6/XOWB3Lq4 y6IPk/ejaNMrKMFr0Fk/CopgSOOqFgUf0S05r9RLtz2Wy5xYjEDWlhav8tiAuPXw2cqwc/6ri YpuOjE538x6t3yHGtswobi9awuS1F5Wbs4IXp9zz/28FncF2GR9ehNKJyqEDFtoCz+3UwXNpk hvQP2gobaY1vvd/Y10q393NQbBiEsgQHaXtMrmFqNU9x7Fnw+5nrjE7DnZ5lHtMyOFFHwfHkT w4s3n1JQKkGuTghdSZmtS9Mmn/WmFYm2zUV8dooSg+yExUd1Lj0iZtNp4VVPhvrC9FPVeHqwJ geUpth981cqXSEP/kORiRkP1G1p8zNu5Lomm13R/2/CyGJRbK/NIQNbxumO8vMEjWnyFXpKD8 77gSGuLyxK7qJyjxfHraISXOmph+FtZfce8Y/gZaIXGT00QzZTNridEZ/gwOQ0JXizeS9uxy8 8kZseykCvDyFKY8nCkBFmfGdz7zewOYej3uWOn+WBco3REPpvEztLRQnQgLeg4SgrhxSeysDf zPs2+z6vkhosrLWCSy8E9yJdVXjUNMGU8lMBkDUg2I4+5ugycEEQAvQcbSaSLblx5xoYU1zSn cX7mhcomWrQVBhJXagdkl3TrSYfkoi24RRuEvoGyb/DDJ8P1B2z/o8T7p1b1Sxfd51TPiiWlV muxtRDLgRuZe/6dRgAbN9db0KwfwOK6ofmUq34ZTC7JcmPyS0IshiHPTsnWM2W7ZYe+dVLW0K qbU65ezlIMhxmnIAry/cry/A+Ong3i5ZYTkZDk5wftibuDkNnGrdj6vcnjm7KlRG90iQ4MYjY gX4I+JckW1hhaZAU5VlaG87vTihUcUo0nVMMGlqL5eqs89Jdx9mZ7e9r9n19C1TinckV+8D X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2017 12:14:20 -0000 On Sun, 5 Nov 2017 19:09:14 +0700, Victor Sudakov wrote: > Yuri Pankov wrote: >> On Sun, 5 Nov 2017 10:32:22 +0700, Victor Sudakov wrote: >>> Dear Colleagues, >>> >>> Could anyone please reproduce this bug, especially on an 11.x and 12.x >>> branches? Or is it just me? >>> >>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223431 >> >> Yes, it's the same on -CURRENT, but as the man page says, argument to -e >> must be numeric in presence of -D, so most likely it just needs an >> additional check. > > Hmm, even with a numeric argument it sets the expiry date incorrectly in > newly created accounts, see the "Expire" line below: Indeed, guess there are a lot more bugs to fixed here :-) - `pw useradd -D -e 0` doesn't reset the value in pw.conf - man page doesn't say that `pw useradd -D -p days` should be treated the same as -D -e From owner-freebsd-hackers@freebsd.org Sun Nov 5 12:55:10 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 02A26E6B2DB for ; Sun, 5 Nov 2017 12:55:10 +0000 (UTC) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) Received: from relay2.tomsk.ru (mail.sibptus.tomsk.ru [212.73.124.5]) by mx1.freebsd.org (Postfix) with ESMTP id 5F0B47EAD4 for ; Sun, 5 Nov 2017 12:55:08 +0000 (UTC) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) X-Virus-Scanned: by clamd daemon 0.98.5_1 for FreeBSD at relay2.tomsk.ru Received: from [212.73.125.240] (HELO admin.sibptus.transneft.ru) by relay2.tomsk.ru (CommuniGate Pro SMTP 5.1.16) with ESMTPS id 39855069; Sun, 05 Nov 2017 18:50:22 +0600 Received: from admin.sibptus.transneft.ru (sudakov@localhost [127.0.0.1]) by admin.sibptus.transneft.ru (8.15.2/8.15.2) with ESMTP id vA5Ct4Q5038511; Sun, 5 Nov 2017 19:55:06 +0700 (+07) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) Received: (from sudakov@localhost) by admin.sibptus.transneft.ru (8.15.2/8.15.2/Submit) id vA5Ct1R8038510; Sun, 5 Nov 2017 19:55:01 +0700 (+07) (envelope-from sudakov+freebsd@sibptus.tomsk.ru) X-Authentication-Warning: admin.sibptus.transneft.ru: sudakov set sender to sudakov+freebsd@sibptus.tomsk.ru using -f Date: Sun, 5 Nov 2017 19:55:01 +0700 From: Victor Sudakov To: Yuri Pankov Cc: Victor Sudakov , freebsd-hackers@freebsd.org Subject: Re: "pw useradd -D -e" writes bogus expire_days value into pw.conf Message-ID: <20171105125501.GA38197@admin.sibptus.transneft.ru> References: <20171105033222.GA34641@admin.sibptus.transneft.ru> <497adca8-9e9a-fa99-34cb-6073cd433d01@gmx.com> <20171105120914.GA38007@admin.sibptus.transneft.ru> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Organization: AO "Svyaztransneft", SibPTUS X-PGP-Key: http://www.dreamwidth.org/pubkey?user=victor_sudakov X-PGP-Fingerprint: 10E3 1171 1273 E007 C2E9 3532 0DA4 F259 9B5E C634 User-Agent: Mutt/1.9.1 (2017-09-22) X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2017 12:55:10 -0000 Yuri Pankov wrote: > On Sun, 5 Nov 2017 19:09:14 +0700, Victor Sudakov wrote: > > Yuri Pankov wrote: > >> On Sun, 5 Nov 2017 10:32:22 +0700, Victor Sudakov wrote: > >>> Dear Colleagues, > >>> > >>> Could anyone please reproduce this bug, especially on an 11.x and 12.x > >>> branches? Or is it just me? > >>> > >>> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=223431 > >> > >> Yes, it's the same on -CURRENT, but as the man page says, argument to -e > >> must be numeric in presence of -D, so most likely it just needs an > >> additional check. > > > > Hmm, even with a numeric argument it sets the expiry date incorrectly in > > newly created accounts, see the "Expire" line below: > > Indeed, guess there are a lot more bugs to fixed here :-) > > - `pw useradd -D -e 0` doesn't reset the value in pw.conf > - man page doesn't say that `pw useradd -D -p days` should be treated > the same as -D -e Even if I treat expire_days as seconds, new accounts are still created with the expiration date in the past (seconds since epoch, not since the moment of account creation). -- Victor Sudakov, VAS4-RIPE, VAS47-RIPN AS43859 From owner-freebsd-hackers@freebsd.org Sun Nov 5 16:24:26 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 03006E373FA for ; Sun, 5 Nov 2017 16:24:26 +0000 (UTC) (envelope-from longwitz@incore.de) Received: from dss.incore.de (dss.incore.de [195.145.1.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 89815D5D for ; Sun, 5 Nov 2017 16:24:24 +0000 (UTC) (envelope-from longwitz@incore.de) Received: from inetmail.dmz (inetmail.dmz [10.3.0.3]) by dss.incore.de (Postfix) with ESMTP id 766851277; Sun, 5 Nov 2017 17:24:16 +0100 (CET) X-Virus-Scanned: amavisd-new at incore.de Received: from dss.incore.de ([10.3.0.3]) by inetmail.dmz (inetmail.dmz [10.3.0.3]) (amavisd-new, port 10024) with LMTP id BHvlVF73H-QH; Sun, 5 Nov 2017 17:24:14 +0100 (CET) Received: from mail.local.incore (fwintern.dmz [10.0.0.253]) by dss.incore.de (Postfix) with ESMTP id B46FD117F; Sun, 5 Nov 2017 17:24:14 +0100 (CET) Received: from bsdmhs.longwitz (unknown [192.168.99.6]) by mail.local.incore (Postfix) with ESMTP id 79A3E508A1; Sun, 5 Nov 2017 17:24:14 +0100 (CET) Message-ID: <59FF3B2E.5010603@incore.de> Date: Sun, 05 Nov 2017 17:24:14 +0100 From: Andreas Longwitz User-Agent: Thunderbird 2.0.0.19 (X11/20090113) MIME-Version: 1.0 To: Konstantin Belousov CC: freebsd-hackers@freebsd.org Subject: Re: double fault on 10.3-Stable i386 during installworld References: <59D11664.1060206@incore.de> <20171001180943.GO95911@kib.kiev.ua> <59F910C5.8020709@incore.de> <20171101092619.GJ2566@kib.kiev.ua> In-Reply-To: <20171101092619.GJ2566@kib.kiev.ua> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sun, 05 Nov 2017 18:31:18 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Nov 2017 16:24:26 -0000 Thanks for answer, I am now sure the reason for the double fault is not a FreeBSD problem, it is a CPU problem. >> On the stack we have >> >> 0xe437faa0: 0x00000000 R7:0xc0bc051c 0x00000020 0x00010007 >> >> so there is an exception on the instruction "movl PCB_CR3(%edx),%eax" >> in function cpu_switch(). The next stack entries indicates a lot of page >> faults, but the "double fault" happens not until the page boundary at >> 0xe437f000 is reached. I do not really understand this, but it seems to >> me that the thread > > Can you try to recover the %ecx, %edx values for the faulted frame ? > Note that %ecx is loaded from the on-stack argument. >From source swtch.s /* Save is done. Now fire up new thread. Leave old vmspace. */ movl 4(%esp),%edi movl 8(%esp),%ecx /* New thread */ movl 12(%esp),%esi /* New lock */ #ifdef INVARIANTS testl %ecx,%ecx /* no thread? */ jz badsw3 /* no, panic */ #endif movl TD_PCB(%ecx),%edx /* switch address space */ movl PCB_CR3(%edx),%eax it can be seen by inspection of the stack, that %ecx is loaded with address of newtd (0xc8029a20) and %edx is loaded with address of newpcb (0xf0a3ad40). So we see an exception during the execution of a correct machine instruction. At the moment of double fault I see the same values in the saved TSS: (kgdb) p/x __pcpu[2]->pc_common_tss $16 = {tss_link = 0x0, tss_esp0 = 0xe437fd30, tss_ss0 = 0x28, tss_esp1 = 0x0, tss_ss1 = 0x0, tss_esp2 = 0x0, tss_ss2 = 0x0, tss_cr3 = 0x0, tss_eip = 0xc0bacac8, tss_eflags = 0x10007, tss_eax = 0xc08f492f, tss_ecx = 0xc8029a20, tss_edx = 0xf0a3ad40, tss_ebx = 0xd3cf, t ss_esp = 0xe437f000, tss_ebp = 0xe437fafc, tss_esi = 0xc0e43400, tss_edi = 0xc7ebd000, tss_es = 0x28, tss_cs = 0x20, tss_ss = 0x28, ts s_ds = 0x28, tss_fs = 0x8, tss_gs = 0x3b, tss_ldt = 0x0, tss_ioopt = 0x680000}. Also we have tss_eax = 0xc08f492f = return address, so the movl for "switch address space" was not executed. > Do you have latest CPU microcode loaded ? Your machine is very old, > I believe this is P4 class processor, am I right ? I have to correct one detail: The output (kgdb) p/x cpu_id $4 = 0xf29 for the CPUID was correct, but the correspondig output from dmesg was not from the crashing server, so here is the correct one: CPU: Intel(R) Xeon(TM) CPU 2.80GHz (2791.05-MHz 686-class CPU) Origin="GenuineIntel" Id=0xf29 Family=0xf Model=0x2 Stepping=9 Features=0xbfebfbff Features2=0x4400 kenv gives: smbios.bios.reldate="01/25/2005" smbios.bios.vendor="Intel Corporation" smbios.bios.version="SWV25.86B.0250.P39.0501252032" smbios.chassis.maker="Intel Corporation" smbios.memory.enabled="4194304" smbios.planar.maker="Intel " smbios.planar.product="SE7501WV2S" smbios.planar.serial="000E0C5C4ADE374" smbios.planar.version="A99386-112" smbios.socket.enabled="2" smbios.socket.populated="2" smbios.system.maker="MAXDATA" smbios.system.product="PLATINUM 2210R" (OEM, Intel SR2300) smbios.system.serial=" " smbios.system.uuid="d69da6f3-015e-11d9-b9dc-00108365a7e7" smbios.version="2.3" >From manual "Intel Xeon Processor (Document Number 249679-056(" I found my CPU is a Xeon 2.8B "Prestonia" (CPUID 0F29H, Core Stepping D1) released 8.11.2002. I have the last microcode revision m02f292d, but my BIOS version P39 was not latest. In the meantime I have upgraded to BIOS version P43. > Sure if pcb access faults, the system is in very broken state and > since an attempt to handle the fault causes a new fault for pcb access, > it recurses and dies due to the stack overflow. Agree. -- Andreas Longwitz From owner-freebsd-hackers@freebsd.org Mon Nov 6 10:16:18 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 27C40E588FF for ; Mon, 6 Nov 2017 10:16:18 +0000 (UTC) (envelope-from v.velox@vvelox.net) Received: from vulpes.vvelox.net (vulpes.vvelox.net [96.95.67.25]) by mx1.freebsd.org (Postfix) with ESMTP id 0CB8268426 for ; Mon, 6 Nov 2017 10:16:17 +0000 (UTC) (envelope-from v.velox@vvelox.net) Received: from vvelox.net (vulpes.vvelox.net [192.168.14.42]) (Authenticated sender: kitsune) by vulpes.vvelox.net (Postfix) with ESMTPA id D000B224A9A3 for ; Mon, 6 Nov 2017 04:16:16 -0600 (CST) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Mon, 06 Nov 2017 04:16:16 -0600 From: "Zane C. B-H." To: freebsd-hackers@freebsd.org Subject: Re: using pctcpu In-Reply-To: References: Message-ID: <90c4bd3e914ee531a99a98291e12bf16@vvelox.net> X-Sender: v.velox@vvelox.net User-Agent: Roundcube Webmail/1.3-beta X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 10:16:18 -0000 On 2017-10-09 23:16, Zane C. B-H. wrote: > Using https://metacpan.org/pod/BSD::Process that to get pctcpu, but I > can't get it to line up nicely with ps. > > The closest I can get is dividing pctcpu by 20, but that still tends > to run high. For example dividing by 20 will give me 1635.8 while ps > will show 1595.3. > > I know the 1635.8 is definitely off as this machine only has 16 cores. The answer to this happens to be... my $bproc=BSD::Process::info( $proc->pid ); my $pctcpu=$bproc->{pctcpu}; if ( ! defined( $pctcpu ) ){ $values{pctcpu}=0 }else{ my $fscale=`/sbin/sysctl -a kern.fscale`; $fscale=~s/^.*\: //; chomp($fscale); $values{pctcpu}= 100 * ( $pctcpu / $fscale ); } Also Wooho! Initial release of Proc-ProcessTable-Colorizer published to CPAN. :3 From owner-freebsd-hackers@freebsd.org Mon Nov 6 14:41:30 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8E6FCE5FBD2 for ; Mon, 6 Nov 2017 14:41:30 +0000 (UTC) (envelope-from freebsd-hackers@herveybayaustralia.com.au) Received: from mail.unitedinsong.com.au (mail.unitedinsong.com.au [150.101.178.33]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E08C771A0B for ; Mon, 6 Nov 2017 14:41:29 +0000 (UTC) (envelope-from freebsd-hackers@herveybayaustralia.com.au) Received: from [192.168.0.198] (laptop3.herveybayaustralia.com.au [192.168.0.198]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.unitedinsong.com.au (Postfix) with ESMTPSA id 31DB6620A3 for ; Tue, 7 Nov 2017 00:32:50 +1000 (EST) To: freebsd-hackers@freebsd.org From: Da Rock Subject: Openssl, nss, ca_root_nss, and certificate stores - SOLUTION PROVIDED near end Message-ID: <4d9c6b91-2af7-cd95-510c-64a28a810a4f@herveybayaustralia.com.au> Date: Tue, 7 Nov 2017 00:32:49 +1000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Nov 2017 14:41:30 -0000 I'm sure this will turn into a very lively discussion :) I very nearly resurrected this old thread https://lists.freebsd.org/pipermail/freebsd-hackers/2016-March/049162.html, but decided against it, although the subject matter is very close. It seems that this is a wide issue for all OS types - none is immune :D (not even winblow$) But the solutions are similar between linux and BSD. The general consensus is that a system wide certificate store should be available for all applications (there is some contention as well I believe, with a minority? disagreeing with this stance), and some means of achieving this are similar as well. What should and shouldn't work OOB is in question, and given the secure nature of the problem this is understandably so. The main problem lies in openssl and nss contention and configuration, and the need for "minimal" solutions. Currently, openssl is configured (in base) to prioritise a certificate bundle over a path, and is prioritised to use /usr/local/etc/ssl over /etc/ssl (as of 11.1). As noted, this is rather counterintuitive, as openssl in base (intuitively) should look in base. Further, /usr/local/etc/ssl/cert.pem (ca bundle) is not installed by default (fair enough IMHO), but overrides any local trusted certificates. So if this is updated, as it is by ca_root_nss, sysadmin has to update the certificates - which presents some security issues as well. Given the number of ports that depend on this port (hardcoded and optional) - this is a relatively big issue for a relative minority who require local trusts. But it actually is not quite as simple as that... Why its not that simple is that if the updates to root certs is not atomic, then it stands to reason that there is a possibility of breakage (particularly in large deployment/remote installations). At the least, there is a small window where security policy may be broken - organisationally or otherwise (this may be highly debatable). Ironically, ca_root_nss gets the certificate bundle from nss, which has to be downloaded and parsed. This solution is the same as curl has used, and a few other linux solutions do similar. The nss src contains a text file to be parsed and then hardcoded into the nss libnssckbi.so library, but this is bypassed and parsed directly by ca_root_nss scripts (curl and other project use this method as well). And while ca_root_nss offers an option to symlink, only a symlink from /usr/local/etc/ssl to /etc/ssl is completed; the cert bundle is actually installed in /usr/local/share/certs AND /usr/local/etc/ssl. There are arguments for and against this, with whatever policy wrt mozilla/nss, symlinks to /etc, even store locations. As a sysadmin though, I think that a solution that gives control to the sysadmin makes more sense as whatever organisational policy is going to be adhered to - not whatever Freebsd devs decide. Does that sound reasonable? I personally "dumpster dived" into this issue for several days (this began with pkg using libfetch and a local certificate) and was thoroughly overwhelmed, so I can understand the confusion and contention in this area. 2 competing engines with 2 very different configurations - trying to bridge the 2 is insane. I may have discovered a reasonable solution though. POSSIBLE SOLUTION: We already use the nss root certificates anyway - most ports are dependent on it. nss compatibility exists in many apps as well - except for base (which is fine - keep it minimal). So what seems the reasonable thing to do is more overtly use this system, rather than covertly as we are atm. Instead of parsing the src, have nss port setup a store (optionally, if needed), add the libnssckbi.so module, and extract the certificates into a cert.pem. If certificates need to be added, add them to nss and run the update script to extract the "trusted" certificates again into /usr/local/etc/ssl/cert.pem (symlinked to /etc of course). This has an added benefit in that the sysadmin can decide not to trust the mozilla root certificates, and not include the libnssckbi.so module, can even decide not trust any one certificate in the store (including the mozilla roots), and updates automatically through the lib module. The certificates in the trust store are merged, not overwritten, and base applications and libraries as well as port/pkg installed are all kept happy. A further benefit is that even user apps like firefox,chromium, and thunderbird can then be configured to use a shared store (using a sqlite db - not the old dbm format), which means sysadmin can ensure that only trusted certficates are installed. It should be noted that db's can be separate and merged - handy so that the system store and user stores can remain separate if desired. This is only a step in the right direction, not necessarily the end solution, as there is work on a bridging solution as well. I believe using p11-kit one can use a "drop-in" replacement library for libnssckbi.so, and maybe a capath style trust store backend. Of course this requires a lot more configuration. For those who prefer openssl in the ported apps (such as curl) most of those actually have nss support. It s mainly base that doesn't. This would require some patching though of many ports, and some extra install scripts in nss (or maybe ca_root_nss might need hijacking?). First of which would be the checking of /usr/local/share/certs/ca-root-certs.pem and the triggered dependency. nss install would need to check the existence of the system wide root store (and like openssl, it has preferences but not hardcoded as such) to see if creation is required, and then a quick update script. Given current preference policy, I'd say this should be a sqlite db located in /usr/local/etc/pki/nssdb. Note that AFAICT the nssdb updates the root certs in the library, but the db details if the certs are actually trusted. So when the update script occurs, the trusted certs will only be added/updated within the library, and the db will still detail if they are actually trusted - only trusted certs will allow any connections. This has added benefits to those with strict organisational policies. This is not perfect, but it would be reasonably elegant for now. It also gives ultimate control to the system's administrator, not necessarily devs in any particular project. Ultimately something will inevitably be resolved to bridge the 2 engines (even if libressl were used instead of openssl), but neither are going away (or winning either), so we have to learn to deal with both as best as possible. p11-kit appears to be working towards a bridge, but I believe its still rather experimental in a lot of ways. I think that ultimately a distributed store solution is more inclined to breakage or policy issues, or at the very least may become inconsistent. I'd personally prefer a single store that can be maintained easily. But that's me - and there may even be room to allow for both with this solution as well. Any thoughts? Suggestions? I figured discussion might be better here than in a PR. If this goes well, I can write the scripts and submit a PR. From owner-freebsd-hackers@freebsd.org Sat Nov 11 16:40:04 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 912D9E6EC4A for ; Sat, 11 Nov 2017 16:40:04 +0000 (UTC) (envelope-from lankfordandrew@charter.net) Received: from que006-public.msg.strl.va.charter.net (que006-public.msg.strl.va.charter.net [68.114.190.43]) by mx1.freebsd.org (Postfix) with ESMTP id 4DB0F66149 for ; Sat, 11 Nov 2017 16:40:03 +0000 (UTC) (envelope-from lankfordandrew@charter.net) Received: from impout005 ([68.114.189.20]) by mtaout004.msg.strl.va.charter.net (InterMail vM.9.00.023.01 201-2473-194) with ESMTP id <20171111155014.BMCW3685.mtaout004.msg.strl.va.charter.net@impout005> for ; Sat, 11 Nov 2017 09:50:14 -0600 Received: from localhost ([68.114.1.173]) by impout005 with charter.net id YfqE1w00H3jxklw01fqESe; Sat, 11 Nov 2017 09:50:14 -0600 X-Authority-Analysis: v=2.2 cv=VrVTO6+n c=1 sm=1 tr=0 a=9uHC+vg69XL/CMnl7knG/A==:117 a=9uHC+vg69XL/CMnl7knG/A==:17 a=fVP89FL7aggA:10 a=x7bEGLp0ZPQA:10 a=yx-K657DVniNRgXPzxQA:9 a=QEXdDO2ut3YA:10 a=3q0DxSYvc6nT1Cm2L5AA:9 a=_W_S_7VecoQA:10 Message-ID: From: lankfordandrew@charter.net To: "'freebsd-hackers@freebsd.org'" X-Mailer: Atmail 7.1.1.13434 X-Originating-IP: [97.89.225.125] Subject: Root partition and usrland on one slice, /usr/local ports and src on another Date: Sat, 11 Nov 2017 10:50:14 -0500 MIME-Version: 1.0 X-Mailman-Approved-At: Sat, 11 Nov 2017 17:11:44 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2017 16:40:04 -0000 When I installed FreeBSD 10 on an old laptop, I wanted to merge both=0At= he root partition heirarchy (kernel /bin /sbin etc) and the rest of=0AFb= sd usr-land together onto one slice. I like upgrading from source,=0Abut= I do that more frequently with ports than the OS-proper. When I=0Aneed= to boot up single user, it seems rather quaint these days (at=0Aleast f= or a laptop user) to have to mount /usr in order to get=0Areasonably the= functionality from applications that use shared=0Alibraries (vi, man pa= ges, etc). The likelyhood that I'm going to fall=0Aback on a serial port= and an ASR-33 tty are nil.=0A=0ASo what I'd like to do is put the entir= e freebsd system on one fairly=0Asmall, pristine slice, but put the more= bloated and ephemeral src,=0Aports, /usr/local, /home portions on one b= ig slice. I tried symlinks=0Abetween "/src" or "/usr/src" and "/usr/port= s" and tweaking some build=0Avariables, but it seemed like something alw= ays breaks in some bizarre=0Away whenever I tried to rebuild world. I gu= ess a lot of the strange=0Abehavior showed up in /src/contrib and the gn= u licensed side of the=0Abuild system. Can anyone suggest some docs on /= src and ports,=0Aspecifically for what I'm trying to do besides "man src= "?=0A=0AAndrew Lankford=0A=0A From owner-freebsd-hackers@freebsd.org Sat Nov 11 17:24:34 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EA6C7E6FB4A for ; Sat, 11 Nov 2017 17:24:34 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 7D1DB677EC for ; Sat, 11 Nov 2017 17:24:33 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vABHOI4Y003585 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 11 Nov 2017 18:24:19 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: lankfordandrew@charter.net Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id vABHOFMC001446 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 12 Nov 2017 00:24:15 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Root partition and usrland on one slice, /usr/local ports and src on another To: lankfordandrew@charter.net, "'freebsd-hackers@freebsd.org'" References: From: Eugene Grosbein Message-ID: <5A07323C.1080704@grosbein.net> Date: Sun, 12 Nov 2017 00:24:12 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS * 2.6 LOCAL_FROM From my domains X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2017 17:24:35 -0000 11.11.2017 22:50, lankfordandrew@charter.net пишет: > When I installed FreeBSD 10 on an old laptop, I wanted to merge both > the root partition heirarchy (kernel /bin /sbin etc) and the rest of > Fbsd usr-land together onto one slice. I like upgrading from source, > but I do that more frequently with ports than the OS-proper. When I > need to boot up single user, it seems rather quaint these days (at > least for a laptop user) to have to mount /usr in order to get > reasonably the functionality from applications that use shared > libraries (vi, man pages, etc). The likelyhood that I'm going to fall > back on a serial port and an ASR-33 tty are nil. > > So what I'd like to do is put the entire freebsd system on one fairly > small, pristine slice, but put the more bloated and ephemeral src, > ports, /usr/local, /home portions on one big slice. I tried symlinks > between "/src" or "/usr/src" and "/usr/ports" and tweaking some build > variables, but it seemed like something always breaks in some bizarre > way whenever I tried to rebuild world. I guess a lot of the strange > behavior showed up in /src/contrib and the gnu licensed side of the > build system. Can anyone suggest some docs on /src and ports, > specifically for what I'm trying to do besides "man src"? I do that for years for eight major releases at least and have no problems making symlinks /usr/src -> /usr/local/src, /usr/obj -> /usr/local/obj, /usr/ports -> /usr/local/ports. What kind of problems do you have while building world and why do you think that problems are due to symlinks? Eugene Grosbein From owner-freebsd-hackers@freebsd.org Sat Nov 11 17:39:50 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F2D31E6FF50 for ; Sat, 11 Nov 2017 17:39:50 +0000 (UTC) (envelope-from freebsd-lists@be-well.ilk.org) Received: from be-well.ilk.org (be-well.ilk.org [23.30.133.173]) by mx1.freebsd.org (Postfix) with ESMTP id CFD2567D95 for ; Sat, 11 Nov 2017 17:39:50 +0000 (UTC) (envelope-from freebsd-lists@be-well.ilk.org) Received: from lowell-desk.lan (router.lan [172.30.250.2]) by be-well.ilk.org (Postfix) with ESMTP id A021B33C22; Sat, 11 Nov 2017 12:39:43 -0500 (EST) Received: by lowell-desk.lan (Postfix, from userid 1147) id 67A273981A; Sat, 11 Nov 2017 12:39:42 -0500 (EST) From: Lowell Gilbert To: lankfordandrew@charter.net Cc: "'freebsd-hackers\@freebsd.org'" Subject: Re: Root partition and usrland on one slice, /usr/local ports and src on another References: Date: Sat, 11 Nov 2017 12:39:42 -0500 In-Reply-To: (lankfordandrew@charter.net's message of "Sat, 11 Nov 2017 10:50:14 -0500") Message-ID: <44vaigu335.fsf@lowell-desk.lan> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2017 17:39:51 -0000 lankfordandrew@charter.net writes: > When I installed FreeBSD 10 on an old laptop, I wanted to merge both > the root partition heirarchy (kernel /bin /sbin etc) and the rest of > Fbsd usr-land together onto one slice. I like upgrading from source, > but I do that more frequently with ports than the OS-proper. When I > need to boot up single user, it seems rather quaint these days (at > least for a laptop user) to have to mount /usr in order to get > reasonably the functionality from applications that use shared > libraries (vi, man pages, etc). The likelyhood that I'm going to fall > back on a serial port and an ASR-33 tty are nil. > > So what I'd like to do is put the entire freebsd system on one fairly > small, pristine slice, but put the more bloated and ephemeral src, > ports, /usr/local, /home portions on one big slice. I tried symlinks > between "/src" or "/usr/src" and "/usr/ports" and tweaking some build > variables, but it seemed like something always breaks in some bizarre > way whenever I tried to rebuild world. I guess a lot of the strange > behavior showed up in /src/contrib and the gnu licensed side of the > build system. Can anyone suggest some docs on /src and ports, > specifically for what I'm trying to do besides "man src"? For your case, I'd recommend just putting everything into a single slice. The installer even does that these days, if I recall correctly. That said, what you're describing should work fine. Having /usr/src, /usr/obj, and /usr/ports all be symlinks works fine for me in a chroot I'm using (I don't do it with laptops any more because I use NFS instead). From owner-freebsd-hackers@freebsd.org Sat Nov 11 18:39:33 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BCB0BE70F97 for ; Sat, 11 Nov 2017 18:39:33 +0000 (UTC) (envelope-from lankfordandrew@charter.net) Received: from mtaout004-public.msg.strl.va.charter.net (mtaout004-public.msg.strl.va.charter.net [68.114.190.29]) by mx1.freebsd.org (Postfix) with ESMTP id 8009669F61 for ; Sat, 11 Nov 2017 18:39:32 +0000 (UTC) (envelope-from lankfordandrew@charter.net) Received: from impout003 ([68.114.189.18]) by mtaout004.msg.strl.va.charter.net (InterMail vM.9.00.023.01 201-2473-194) with ESMTP id <20171111183931.CICX3685.mtaout004.msg.strl.va.charter.net@impout003>; Sat, 11 Nov 2017 12:39:31 -0600 Received: from localhost ([68.114.3.110]) by impout003 with charter.net id YifX1w0072NQztg01ifXLH; Sat, 11 Nov 2017 12:39:31 -0600 X-Authority-Analysis: v=2.2 cv=XZf59Mx5 c=1 sm=1 tr=0 a=9uHC+vg69XL/CMnl7knG/A==:117 a=9uHC+vg69XL/CMnl7knG/A==:17 a=fVP89FL7aggA:10 a=x7bEGLp0ZPQA:10 a=6I5d2MoRAAAA:8 a=hOpmn2quAAAA:8 a=eulmlbeIvpeG9MSLKaAA:9 a=QEXdDO2ut3YA:10 a=H0GPC0OhAAAA:8 a=f9rMFTpsmH3-3QQ4S0MA:9 a=7W66PfZtqcEN794M:21 a=_W_S_7VecoQA:10 a=IjZwj45LgO3ly-622nXo:22 a=GyA-uvUxXSCciAkwuKQO:22 a=KczGKrPSgCPlefTG41c3:22 Message-ID: From: lankfordandrew@charter.net To: "'Eugene Grosbein'" , "'freebsd-hackers@freebsd.org'" X-Mailer: Atmail 7.1.1.13434 X-Originating-IP: [97.89.225.125] Subject: Re: Root partition and usrland on one slice, /usr/local ports and src on another Date: Sat, 11 Nov 2017 13:39:31 -0500 MIME-Version: 1.0 X-Mailman-Approved-At: Sat, 11 Nov 2017 18:53:53 +0000 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2017 18:39:33 -0000 It's been quite a while since I've tried a rebuild, but I think the=0Apr= oblems appeared early when gcc and gas and dependencies were being=0Abui= lt. I tried just symlinks, then different settings of the build=0Avariab= les, and (IIRC) enabling clang. Perhaps I could start fresh with=0A11.1,= but then perhaps placing everything on one slice is the most=0Astraight= forward solution.=0A=0AAndrew Lankford=0A=0A=09-------------------------= ----------------From: "Eugene Grosbein" =0ATo: "freebsd-hackers@freebsd.= org"=0ACc: =0ASent: 11-Nov-2017 17:24:25 +0000=0ASubject: Re: Root parti= tion and usrland on one slice, /usr/local ports=0Aand src on another=0A= =0A 11.11.2017 22:50, lankfordandrew@charter.net =D0=BF=D0=B8=D1=88=D0= =B5=D1=82:=0A > When I installed FreeBSD 10 on an old laptop, I wanted t= o merge=0Aboth=0A > the root partition heirarchy (kernel /bin /sbin etc)= and the rest=0Aof=0A > Fbsd usr-land together onto one slice. I like up= grading from=0Asource,=0A > but I do that more frequently with ports tha= n the OS-proper. When I=0A > need to boot up single user, it seems rathe= r quaint these days (at=0A > least for a laptop user) to have to mount /= usr in order to get=0A > reasonably the functionality from applications= that use shared=0A > libraries (vi, man pages, etc). The likelyhood tha= t I'm going to=0Afall=0A > back on a serial port and an ASR-33 tty are n= il.=0A > =0A > So what I'd like to do is put the entire freebsd system o= n one=0Afairly=0A > small, pristine slice, but put the more bloated and= ephemeral src,=0A > ports, /usr/local, /home portions on one big slice.= I tried=0Asymlinks=0A > between "/src" or "/usr/src" and "/usr/ports" a= nd tweaking some=0Abuild=0A > variables, but it seemed like something al= ways breaks in some=0Abizarre=0A > way whenever I tried to rebuild world= . I guess a lot of the strange=0A > behavior showed up in /src/contrib a= nd the gnu licensed side of the=0A > build system. Can anyone suggest so= me docs on /src and ports,=0A > specifically for what I'm trying to do b= esides "man src"?=0A=0A I do that for years for eight major releases at= least and have no=0Aproblems=0A making symlinks /usr/src -> /usr/local/= src, /usr/obj ->=0A/usr/local/obj,=0A /usr/ports -> /usr/local/ports.=0A= =0A What kind of problems do you have while building world and=0A why do= you think that problems are due to symlinks?=0A=0A Eugene Grosbein=0A= =0A From owner-freebsd-hackers@freebsd.org Sat Nov 11 19:36:57 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 958E0E720CB for ; Sat, 11 Nov 2017 19:36:57 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from hz.grosbein.net (hz.grosbein.net [78.47.246.247]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "hz.grosbein.net", Issuer "hz.grosbein.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 2FA716C221 for ; Sat, 11 Nov 2017 19:36:56 +0000 (UTC) (envelope-from eugen@grosbein.net) Received: from eg.sd.rdtc.ru (root@eg.sd.rdtc.ru [62.231.161.221] (may be forged)) by hz.grosbein.net (8.15.2/8.15.2) with ESMTPS id vABJaotR004599 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sat, 11 Nov 2017 20:36:51 +0100 (CET) (envelope-from eugen@grosbein.net) X-Envelope-From: eugen@grosbein.net X-Envelope-To: lankfordandrew@charter.net Received: from [10.58.0.4] ([10.58.0.4]) by eg.sd.rdtc.ru (8.15.2/8.15.2) with ESMTPS id vABJak3s039863 (version=TLSv1.2 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Sun, 12 Nov 2017 02:36:46 +0700 (+07) (envelope-from eugen@grosbein.net) Subject: Re: Root partition and usrland on one slice, /usr/local ports and src on another To: lankfordandrew@charter.net, "'freebsd-hackers@freebsd.org'" References: From: Eugene Grosbein Message-ID: <5A07514B.9080809@grosbein.net> Date: Sun, 12 Nov 2017 02:36:43 +0700 User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=2.2 required=5.0 tests=BAYES_00, LOCAL_FROM, RDNS_NONE autolearn=no autolearn_force=no version=3.4.1 X-Spam-Report: * -2.3 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0000] * 1.9 RDNS_NONE Delivered to internal network by a host with no rDNS * 2.6 LOCAL_FROM From my domains X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on hz.grosbein.net X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2017 19:36:57 -0000 12.11.2017 1:39, lankfordandrew@charter.net wrote: > It's been quite a while since I've tried a rebuild, but I think the > problems appeared early when gcc and gas and dependencies were being > built. I tried just symlinks, then different settings of the build > variables, and (IIRC) enabling clang. Perhaps I could start fresh with > 11.1, but then perhaps placing everything on one slice is the most > straightforward solution. I still don't get what specific problems did you have but I'm sure they were not due to symlinking as such links work just fine for me with gcc, and with clang too. From owner-freebsd-hackers@freebsd.org Sat Nov 11 20:16:00 2017 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C28FFE72DE6 for ; Sat, 11 Nov 2017 20:16:00 +0000 (UTC) (envelope-from jamie@dyslexicfish.net) Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [IPv6:2001:19f0:300:2185:a:dead:bad:faff]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 911C06D679 for ; Sat, 11 Nov 2017 20:16:00 +0000 (UTC) (envelope-from jamie@dyslexicfish.net) Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [104.207.135.49]) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5) with ESMTP id vABKFwFj099980; Sat, 11 Nov 2017 20:15:58 GMT (envelope-from jamie@donotpassgo.dyslexicfish.net) Received: (from jamie@localhost) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5/Submit) id vABKFwVw099979; Sat, 11 Nov 2017 20:15:58 GMT (envelope-from jamie) From: Jamie Landeg-Jones Message-Id: <201711112015.vABKFwVw099979@donotpassgo.dyslexicfish.net> Date: Sat, 11 Nov 2017 20:15:58 +0000 Organization: Dyslexic Fish To: lankfordandrew@charter.net, freebsd-hackers@freebsd.org Subject: Re: Root partition and usrland on one slice, /usr/local ports and src on another References: In-Reply-To: User-Agent: Heirloom mailx 12.4 7/29/08 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sat, 11 Nov 2017 23:21:47 +0000 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Nov 2017 20:16:00 -0000 lankfordandrew@charter.net wrote: > So what I'd like to do is put the entire freebsd system on one fairly > small, pristine slice, but put the more bloated and ephemeral src, > ports, /usr/local, /home portions on one big slice. I tried symlinks > between "/src" or "/usr/src" and "/usr/ports" and tweaking some build I too had problems doing a similar thing. I remember ports wouldn't always work in some situations (I can't remember the details now, it was years ago) Anyway, this was my solution, using null-mounts: Create 2 mountable partitions, "/" and another (say "/...") Under /... create: (for example) mkdir /.../mnt mkdir /.../mnt/usr.local mkdir /.../mnt/usr.src mkdir /.../mnt/usr.ports ... Then bind mount then, in /etc/fstab: /.../mnt/usr.local /usr/local nullfs rw 0 0 /.../mnt/usr.src /usr/src nullfs rw 0 0 /.../mnt/usr.ports /usr/ports nullfs rw 0 0 hidden /.../mnt tmpfs ro,uid=0,gid=0,mode=0000,size=4096,inodes=14 0 0 Basically, the directories under /.../mnt/ in fstab are additionally mounted onto the specified directory. The last entry above is optional. I know it will make some people shiver! - What it does is mount a blank, empty, unwritable temp disk over /.../mnt , masking the directory and it's contents, so that files on the filesystem won't get exposed twice. This means things that walk '/', like file-stat scripts, and backups won't need specific modifications to remove duplicates listings. This works, so long as the directories beneath /.../mnt are mounted before the hidden fs. The reason I use /.../mnt/filesys rather than /.../filesys is so that operational directories, such as /.../.snap and /.../lost+found are not made unacessable by the hidden mount. Cheers, Jamie