From owner-freebsd-questions@freebsd.org Sun Feb 21 00:27:22 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 815CF53D98B for ; Sun, 21 Feb 2021 00:27:22 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from p-impout004.msg.pkvw.co.charter.net (p-impout004aa.msg.pkvw.co.charter.net [47.43.26.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DjmNT2jYhz4vLf for ; Sun, 21 Feb 2021 00:27:20 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from freebsd.localnet ([74.132.18.25]) by cmsmtp with ESMTPA id Dcakl0cB7LC0yDcallqziI; Sun, 21 Feb 2021 00:27:19 +0000 X-Authority-Analysis: v=2.3 cv=Q/OsHL+a c=1 sm=1 tr=0 a=6dKv8Xy78h5PIHsve0hi3A==:117 a=6dKv8Xy78h5PIHsve0hi3A==:17 a=kj9zAlcOel0A:10 a=6I5d2MoRAAAA:8 a=n999FUABAAAA:8 a=UNWf5WQ7AAAA:8 a=bEmra0nzMzQrmGP4-o4A:9 a=CjuIK1q_8ugA:10 a=IjZwj45LgO3ly-622nXo:22 a=STucfUEt0Ir3pRv2o46G:22 a=TmY6P1tBX-PGzTCW-pm6:22 From: Steven Friedrich To: freebsd-questions@freebsd.org Subject: Re: freebsd-questions Digest, Vol 871, Issue 3 Date: Wed, 17 Feb 2021 09:33:32 -0500 Message-ID: <9066698.RH3biPoPvx@freebsd> In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-CMAE-Envelope: MS4wfBxnLDGsaKIC4tnXgZBAwAWb8Xi/4gIxITH02y8FH78FBkxyvXAKK5yKHRocc6quGjf2TFcyRuNrnF6BQ6KHmtm229zKnpV290qgJwNiiPWN1ZrwR94U so1XYBzyTzPvfHDCquJ7iJfS3tF2MtkdY4oyJB/HA4d5F6oZYbD1WZJ2gmmbvy4JWwIOyAUQYwvxqQ== X-Rspamd-Queue-Id: 4DjmNT2jYhz4vLf X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@twc.com designates 47.43.26.135 as permitted sender) smtp.mailfrom=freebsd@twc.com X-Spamd-Result: default: False [-1.29 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[47.43.26.135:from]; FREEMAIL_FROM(0.00)[twc.com]; R_SPF_ALLOW(-0.20)[+ip4:47.43.26.0/24]; TO_DN_NONE(0.00)[]; NEURAL_HAM_SHORT(-0.99)[-0.993]; RECEIVED_SPAMHAUS_PBL(0.00)[74.132.18.25:received]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; CTE_CASE(0.50)[]; ASN(0.00)[asn:40294, ipnet:47.43.24.0/21, country:US]; FREEMAIL_ENVFROM(0.00)[twc.com]; FROM_EQ_ENVFROM(0.00)[]; ARC_NA(0.00)[]; DATE_IN_PAST(1.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[47.43.26.135:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; DMARC_NA(0.00)[twc.com]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[47.43.26.135:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[47.43.26.135:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 00:27:22 -0000 On Wednesday, 17 February 2021 05:52:32 EST freebsd-questions- request@freebsd.org wrote: > Subject: Re: Subject: Sound from HDMI (pcm2) using i915kms.ko > Message-ID: <20210217063131.e72eeaa0b74f498fcf509449@sohara.org> > Content-Type: text/plain; charset=US-ASCII > > On Wed, 17 Feb 2021 01:07:24 -0500 > > Steven Friedrich wrote: > > Message-ID: <1772815.u6MfGjpqfb@freebsd> > > Content-Type: text/plain; charset="us-ascii" > > > > I am running FreeBSD 12.2-RELEASE-p3 FreeBSD 12.2-RELEASE-p3 r369261 > > FreeBSD amd64 > > I put hw.snd.default_unit=2 in /etc/sysctl.conf to make pcm2 default. > > cat /dev/sndstat confirms: > > Installed devices: > > pcm0: (play/rec) > > pcm1: (play/rec) > > pcm2: (play) default > > No devices installed from userspace. > > > > But no sound is emitted from HDMI connector. > > > > It's my understanding that this requires some support in the video > > driver, i915kms.ko > > The device is recognised and attached so that's OK. This may be > something simple try mixer -f dev/mixer2 for clues. > > -- > Steve O'Hara-Smith Thanks for taking the time to respond. mixer -f /dev/mixer2 Mixer vol is currently set to 100:100 Mixer pcm is currently set to 100:100 Also, I am booting KDE Neon 5.21, Kubuntu 20.10 and Mint 20.1 Cinnamon on this machine. On those, ONLY the HDMI audio is discovered by KDE, yet the Realtek device shows up in dmesg. From owner-freebsd-questions@freebsd.org Sun Feb 21 00:27:25 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5856753D747; Sun, 21 Feb 2021 00:27:25 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from p-impout008.msg.pkvw.co.charter.net (p-impout008aa.msg.pkvw.co.charter.net [47.43.26.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DjmNX6P9Wz4vRD; Sun, 21 Feb 2021 00:27:24 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from freebsd.localnet ([74.132.18.25]) by cmsmtp with ESMTPA id DcajllZ8lGwBgDcakl1FDi; Sun, 21 Feb 2021 00:27:18 +0000 X-Authority-Analysis: v=2.3 cv=WOgBoUkR c=1 sm=1 tr=0 a=6dKv8Xy78h5PIHsve0hi3A==:117 a=6dKv8Xy78h5PIHsve0hi3A==:17 a=kj9zAlcOel0A:10 a=UNWf5WQ7AAAA:8 a=6I5d2MoRAAAA:8 a=kUAvkmD9ovdvG-Fg8c4A:9 a=CjuIK1q_8ugA:10 a=TmY6P1tBX-PGzTCW-pm6:22 a=IjZwj45LgO3ly-622nXo:22 From: Steven Friedrich To: freebsd-questions@freebsd.org, imp@freebsd.org, freebsd-current@freebsd.org Subject: Re: Strange anomaly when Netgear A6100 - AC600 Dual Band WiFi USB Mini Adapter plugged in on boot Date: Sat, 20 Feb 2021 05:38:21 -0500 Message-ID: <9068449.RH3biPoPvx@freebsd> In-Reply-To: <16988739.sFgvYJuXru@freebsd> References: <4833150.YNO7O01DYZ@freebsd> <4838382.YNO7O01DYZ@freebsd> <16988739.sFgvYJuXru@freebsd> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-CMAE-Envelope: MS4wfMNGmRWEv8vjdz0HbTr3ya9TnDLLFcZskCIdaI2IBrdEeLKMlyIm3Vig17yLE9j/2MKjud2/UMCYrul0A7UtkZ/4ZsfyCyRMDXyKaBUQx1lmAOVfwlJ7 rXvr49Wd9Co+cT+OD8kRtl8RjS1mtoqiavV1gIbKVQcuXxPkthie/Y7LexGZbsBd/SZ7Fdso6/6oQvhmPiBMmZHr96bdTVC+SMZRIRWxi0AdW5v+LBHscLie WQurE5/1EW6sdR/gplL8xw== X-Rspamd-Queue-Id: 4DjmNX6P9Wz4vRD X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@twc.com designates 47.43.26.139 as permitted sender) smtp.mailfrom=freebsd@twc.com X-Spamd-Result: default: False [-2.30 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RECEIVED_SPAMHAUS_PBL(0.00)[74.132.18.25:received]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:47.43.26.0/24:c]; FREEMAIL_FROM(0.00)[twc.com]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[twc.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_TLS_LAST(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[47.43.26.139:from]; NEURAL_HAM_SHORT(-1.00)[-0.998]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; MID_RHS_NOT_FQDN(0.50)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[twc.com]; CTE_CASE(0.50)[]; MIME_TRACE(0.00)[0:+]; MAILMAN_DEST(0.00)[freebsd-current,freebsd-questions]; ASN(0.00)[asn:40294, ipnet:47.43.24.0/21, country:US] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 00:27:25 -0000 On Friday, 19 February 2021 06:41:49 EST Steven Friedrich wrote: > BTW, I included output from pciconf, but the device is USB. Sorry. > I was confused because there's an unsupported wi-fi on the motherboard, also > from Realtek. > mobo Realtek is 8821ce > USB Realtek is 8811au > > On Thursday, 18 February 2021 21:37:34 EST Steven Friedrich wrote: > > On Thursday, 18 February 2021 16:35:48 EST Daniel Stevenson wrote: > > > On Thursday, February 18th, 2021 at 04:40, Steven Friedrich > > > > wrote: > > > > Starting devd. > > > > > > > > Cannot 'start' webcamd. Set webcamd_enable to YES in /etc/rc.conf or > > > > use > > > > > > > > 'onestart' instead of 'start'. > > > > > > > > There's nothing in /etc/rc.conf to invoke webcam. Nothing in > > > > /etc/devd.conf > > > > > > > > (AFAIK). I haven't modified devd.conf > > > > > > > > If I unplug the adapter and reboot, no message about webcam appears. > > > > > > > > Here's the device as reported by pciconf -lv > > > > > > > > none6@pci0:2:0:0: class=0x028000 card=0x831a103c chip=0xc82110ec > > > > > > > > rev=0x00 hdr=0x00 > > > > > > > > vendor = 'Realtek Semiconductor Co., Ltd.' > > > > > > > > device = 'RTL8821CE 802.11ac PCIe Wireless Network Adapter' > > > > > > > > class = network > > > > > > > > Here's the dmesg > > > > > > > > ugen0.2: at usbus0 > > > > > > > > rtwn0 on uhub0 > > > > > > > > rtwn0: <802.11ac WLAN Adapter > on usbus0 > > > > > > > > rtwn0: MAC/BB RTL8821AU, RF 6052 1T1R > > > > > > Whether or not you have a line in your /etc/rc.conf that says > > > webcamd_enable="NO", webcamd is disabled by default. You have to > > > override this by setting webcamd_enable="YES". > > > > You misinterpreted my post. > > > > I don't want webcam. > > > > I get this errant message because I have a USB network adapter plugged in > > on boot. > > > > I believe this is related to /usr/src/UPDATING entry 20180211: > > > > 20180211: > > devmatch functionality has been turned on in devd. It will > > > > automatically > > > > load drivers for unattached devices. This may cause unexpected > > > > drivers to > > > > be loaded. Please report any problems to current@ and > > > > imp@freebsd.org. > > > > > > _______________________________________________ > > freebsd-questions@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscribe@freebsd.org" Here is the what the original report SHOULD have been: This appears in dmesg if Netgear A6100 plugged in at boot Starting devd. Cannot 'start' webcamd. Set webcamd_enable to YES in /etc/rc.conf or use 'onestart' instead of 'start'. I don't HAVE or want a webcam. This is an anomaly Here's the device as reported by lsusb Bus /dev/usb Device /dev/ugen0.5: ID 0846:9052 NetGear, Inc. A6100 AC600 DB Wireless Adapter [Realtek RTL8811AU] Here's the dmesg ugen0.2: at usbus0 rtwn0 on uhub0 rtwn0: <802.11ac WLAN Adapter > on usbus0 rtwn0: MAC/BB RTL8821AU, RF 6052 1T1R I hope I am getting better at reporting anomalies... 8o) -- FreeBSD FreeBSD 12.2-RELEASE-p3 FreeBSD 12.2-RELEASE-p3 r369283 Special amd64 HP-Slimline 290-p0014 Desktop Using integrated UHD Graphics 630 Built drm from /usr/ports/drm-kmod From owner-freebsd-questions@freebsd.org Sun Feb 21 00:27:25 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3C8F353D6B9 for ; Sun, 21 Feb 2021 00:27:25 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from p-impout008.msg.pkvw.co.charter.net (p-impout008aa.msg.pkvw.co.charter.net [47.43.26.139]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DjmNX4kTwz4vP7 for ; Sun, 21 Feb 2021 00:27:24 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from freebsd.localnet ([74.132.18.25]) by cmsmtp with ESMTPA id DcaillZ8DGwBgDcajl1FDd; Sun, 21 Feb 2021 00:27:17 +0000 X-Authority-Analysis: v=2.3 cv=WOgBoUkR c=1 sm=1 tr=0 a=6dKv8Xy78h5PIHsve0hi3A==:117 a=6dKv8Xy78h5PIHsve0hi3A==:17 a=kj9zAlcOel0A:10 a=hJ7SnZAeEzrPUXx1UycA:9 a=CjuIK1q_8ugA:10 From: Steven Friedrich To: freebsd-questions@freebsd.org Subject: Re: [drm] Got stolen memory base 0x8a800000, size 0x2000000 Date: Sat, 20 Feb 2021 05:45:23 -0500 Message-ID: <3029859.bT80LyP3VS@freebsd> In-Reply-To: <4840868.YNO7O01DYZ@freebsd> References: <16988477.sFgvYJuXru@freebsd> <4301c070-a85d-9951-eff7-91e49740b678@nomadlogic.org> <4840868.YNO7O01DYZ@freebsd> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-CMAE-Envelope: MS4wfCmCSJ8XWPSQy1oDa0mjY1+bH9XoAIrGNQ2615uS3ghDHQqXVfSUIR3v8TS8cvN7Te4+WCioS5/47wACWOBVqcgXp3HFVgJ+SM48md2EGdpQsol3EN5O 9NWYunk+N/j7rVR+wu8mZJKlUUiDtMxpdMvRJqiFXcsq8Jf1y6c/GLdCi928kfN6DAZA/6vbT2mBoA== X-Rspamd-Queue-Id: 4DjmNX4kTwz4vP7 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@twc.com designates 47.43.26.139 as permitted sender) smtp.mailfrom=freebsd@twc.com X-Spamd-Result: default: False [-2.30 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RECEIVED_SPAMHAUS_PBL(0.00)[74.132.18.25:received]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[47.43.26.139:from]; R_SPF_ALLOW(-0.20)[+ip4:47.43.26.0/24:c]; FREEMAIL_FROM(0.00)[twc.com]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[twc.com]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; MID_RHS_NOT_FQDN(0.50)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[twc.com]; CTE_CASE(0.50)[]; MIME_TRACE(0.00)[0:+]; MAILMAN_DEST(0.00)[freebsd-questions]; ASN(0.00)[asn:40294, ipnet:47.43.24.0/21, country:US] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 00:27:25 -0000 On Friday, 19 February 2021 21:54:08 EST Steven Friedrich wrote: > On Friday, 19 February 2021 13:27:49 EST Pete Wright wrote: > > On 2/19/21 2:23 AM, Steven Friedrich wrote: > > > How can I fix or avoid this? > > > > > > I do see some odd graphic corruption overlayed on my consoles. > > > > > > What will I lose if I turn DRM off by not using : > > > drm-fbsd12.0-kmod-4.16.g20201016_1 DRM modules for the linuxkpi-based > > > KMS > > > components > > > drm-kmod-g20190710_1 Metaport of DRM modules for the > > > linuxkpi-based KMS components > > > drm_info-2.2.0_1 Small utility to dump info about DRM > > > devices > > > libdrm-2.4.104,1 Userspace interface to kernel Direct > > > Rendering Module services > > > s > > > > You will not have hardware accelerated graphics is using Xorg if the > > drm-kmod is not present, which may or may be an issue depending on your > > use-case. It may also effect power management as well, for example on > > my laptop if I don't load the kmod for my Nvidia GPU I get much worse > > battery life. So that would be something to look out for. > > > > To help you fix this it would be helpful to provide the following: > > 1. FreeBSD release (uname -a) > > 2. Graphics hardware (Intel i915 vs AMD) > > 3. Additional logging/debugging information. For example if you can > > provide more context of the error in your logs, and if there are repro > > steps. > > > > Cheers, > > -pete > > Thanks for the reply, Pete. > After I sent that email, I figured out how to make my signature reflect my > uname output. > I have a i7-8700 with integrated UHD-630 graphics. > I have no idea where t look, beyond dmesg, for ,re info regarding this > "stolen" memory. It happens everytime I boot. No logs in /var/log by drm. > > root@FreeBSD(pts/1):/var/log # grep -i stolen * > dmesg.today:[drm] Got stolen memory base 0x8a800000, size 0x2000000 > dmesg.yesterday:[drm] Got stolen memory base 0x8a800000, size 0x2000000 > dmesg.yesterday:[drm] Got stolen memory base 0x8a800000, size 0x2000000 > messages:Feb 19 06:00:17 FreeBSD kernel: [drm] Got stolen memory base > 0x8a800000, size 0x2000000 > messages:Feb 19 05:04:41 FreeBSD kernel: [drm] Got stolen memory base > 0x8a800000, size 0x2000000 > messages:Feb 19 16:42:41 FreeBSD kernel: [drm] Got stolen memory base > 0x8a800000, size 0x2000000 > messages:Feb 19 16:59:01 FreeBSD kernel: [drm] Got stolen memory base > 0x8a800000, size 0x2000000 > messages:Feb 19 18:23:36 FreeBSD kernel: [drm] Got stolen memory base > 0x8a800000, size 0x2000000 Here's a better version of the original report: real memory = 17179869184 (16384 MB) avail memory = 16294457344 (15539 MB) unknown: memory range not supported pci0: at device 20.2 (no driver attached) [drm] Got stolen memory base 0x8a800000, size 0x2000000 Here's the device as reported by pciconf -lv: none1@pci0:0:20:2: class=0x050000 card=0x72708086 chip=0xa36f8086 rev=0x10 hdr=0x00 vendor = 'Intel Corporation' device = 'Cannon Lake PCH Shared SRAM' class = memory subclass = RAM After I invoke sddm, and start a plasma5 session, upon exiting sddm, my consoles have corruption at the top of the screens. It doesn't scrolll off. Remains until reboot. Another X11 session causes it to recur. -- FreeBSD FreeBSD 12.2-RELEASE-p3 FreeBSD 12.2-RELEASE-p3 r369283 Special amd64 HP-Slimline 290-p0014 Desktop Using integrated UHD Graphics 630 Built drm from /usr/ports/drm-kmod From owner-freebsd-questions@freebsd.org Sun Feb 21 05:48:40 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 04A3454BA54 for ; Sun, 21 Feb 2021 05:48:40 +0000 (UTC) (envelope-from kob6558@gmail.com) Received: from mail-oi1-x22b.google.com (mail-oi1-x22b.google.com [IPv6:2607:f8b0:4864:20::22b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DjvWB663dz3m8Z for ; Sun, 21 Feb 2021 05:48:38 +0000 (UTC) (envelope-from kob6558@gmail.com) Received: by mail-oi1-x22b.google.com with SMTP id 6so10667967ois.9 for ; Sat, 20 Feb 2021 21:48:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=oZIK6Y1u60j8SMpo+ybdPnfkTN0vWvOV6y1juknW+sQ=; b=cDf68w227Ffn3+MUlISXamobH3kyMiXtcxw9TlKksTy/1eccPEJq/m+WgQgBObTeJg DNuriGtKdfCzefYpWCyVhLkXC/jKtpaKwLu72q+i8LbbGoMo3PZSzSvQ0fRsNSIdoxLh UGywbYKZC8ew9Ltg9B7016RUGiKwp3TNcruMJQHrHhkSDjqRMt/GWg6Ysxc68sh+xRuE e0TkOSeUWAMbWuuxUGlOJGpGtLR5Ng68EUXQeoKGniGoVb88asQRiwnpjDe+WqVUsaNR o2lOEp/k7hQ6/HPJltRP7nAw3HM89uIaH8PgdlPQ5UC3RCzxD7jc28ug8qpz5I5X2/S3 hdbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=oZIK6Y1u60j8SMpo+ybdPnfkTN0vWvOV6y1juknW+sQ=; b=EH5ZBPlcPlUMcWAS+7Anrl0BdTIa0ZQBiFo123mg9ZuRgjO/0hzaiuJ+xM6zEjWXjZ uMq+ykQr5tcEnO0nBkBKcVJukEGMt9taor9YZ97/pA5YOzrYw8SSaG+MMGW0YxQyTQ1Y eu2FEDdmYdSiDMkXsXs6OIHPGxckzcZlQbPTBjDwHmv8jI/5rUuhnrgorjewkdShR/H2 hHtIHayUh7T6ZkMgcZxEjCUKOVAiZVRo9ygtvDAfNUhHrT6DCod3SPkNjSylsh9STii1 a428lBC6GlDssn7Ei4sysbwbXK6Pa7sgCHRQk0YuFTDokj1fUGIRG2FTu4O1QKfIVGiE tvZQ== X-Gm-Message-State: AOAM5321W2kXbhzUME+ZyPlpWyfNRxAvdZdQ5aRuC2rk0PIs54iriUfI 6SBcQ7J0ms8VZhMT3Gyd9TiRo1T/yk8VcCC49b76Q6m32BU= X-Google-Smtp-Source: ABdhPJyYXh+jXF/Cu1O6CyQaofx+3xktjfceP/nczB8XX12ZaGhWUDvobS5/tAQtE6mK52/8u+QhjYzMSJ98LaXpEQ8= X-Received: by 2002:aca:ac04:: with SMTP id v4mr8481043oie.57.1613886516775; Sat, 20 Feb 2021 21:48:36 -0800 (PST) MIME-Version: 1.0 References: <3029482.bT80LyP3VS@freebsd> <4fd50e25-5949-f67a-6378-12c1fec04a2f@yuripv.dev> In-Reply-To: <4fd50e25-5949-f67a-6378-12c1fec04a2f@yuripv.dev> From: Kevin Oberman Date: Sat, 20 Feb 2021 21:48:20 -0800 Message-ID: Subject: Re: Why isn't there a driver attached to this device? To: Yuri Pankov Cc: "freebsd-questions@freebsd.org" X-Rspamd-Queue-Id: 4DjvWB663dz3m8Z X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=cDf68w22; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of kob6558@gmail.com designates 2607:f8b0:4864:20::22b as permitted sender) smtp.mailfrom=kob6558@gmail.com X-Spamd-Result: default: False [-2.69 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.99)[-0.985]; FORGED_SENDER(0.30)[rkoberman@gmail.com,kob6558@gmail.com]; SUBJECT_ENDS_QUESTION(1.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; FROM_NEQ_ENVFROM(0.00)[rkoberman@gmail.com,kob6558@gmail.com]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::22b:from]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::22b:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::22b:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 05:48:40 -0000 Very odd. Oddly, I didn't find any source files and the module was in /boot/kernel.old. I'm simply baffled as to how it got there. It is dated 02-Feb, so it's from my last build. Best guess is that it was pulled for some reason. With SVN, I'd look at the sources as of 2/2/21, but I'm just starting on git. Perhaps you might have some idea for tracking it down. Perhaps I botched a pull and got main branch instead of stable/13. I'm certainly running the correct version today. Sorry for the confusion. -- Kevin Oberman, Part time kid herder and retired Network Engineer E-mail: rkoberman@gmail.com PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683 On Fri, Feb 19, 2021 at 10:36 PM Yuri Pankov wrote: > Kevin Oberman wrote: > > On Fri, Feb 19, 2021 at 2:54 AM Yuri Pankov wrote: > > > >> Steven Friedrich wrote: > >>> I am surprised this device has no driver attached. I do include > >> coretemp in > >>> my kernel. > >>> > >>> This is from pciconf -lv > >>> > >>> none0@pci0:0:18:0: class=0x118000 card=0x843f103c chip=0xa3798086 > >>> rev=0x10 hdr=0x00 > >>> vendor = 'Intel Corporation' > >>> device = 'Cannon Lake PCH Thermal Controller' > >>> class = dasp > >>> > >> > >> That's different from coretemp(4), and should be driven by pchtherm(4), > >> but it seems to be only in 13 and not backported to stable/12: > >> > >> > >> > https://www.freebsd.org/cgi/man.cgi?query=pchtherm&apropos=0&sektion=0&manpath=FreeBSD+13.0-current&arch=default&format=html > >> _______________________________________________ > >> > > I see the kernel module on my 12-STABLE system, so I would expect it in > > 12.3. > > Interesting, checking out stable/12 branch, I don't see any files named > \*pchtherm\*, nor does grep find any matching contents. > From owner-freebsd-questions@freebsd.org Sun Feb 21 08:11:49 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3E9D954EEF4 for ; Sun, 21 Feb 2021 08:11:49 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from p-impout004.msg.pkvw.co.charter.net (p-impout004aa.msg.pkvw.co.charter.net [47.43.26.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DjyhN0bdLz3t6n for ; Sun, 21 Feb 2021 08:11:47 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from freebsd.localnet ([74.132.18.25]) by cmsmtp with ESMTPA id DjqDl5INkLC0yDjqDlrPLw; Sun, 21 Feb 2021 08:11:45 +0000 X-Authority-Analysis: v=2.3 cv=Q/OsHL+a c=1 sm=1 tr=0 a=6dKv8Xy78h5PIHsve0hi3A==:117 a=6dKv8Xy78h5PIHsve0hi3A==:17 a=kj9zAlcOel0A:10 a=C3AHgSZR_H68SJllVDIA:9 a=CjuIK1q_8ugA:10 From: Steven Friedrich To: freebsd-questions@freebsd.org Subject: Re: Subject: Sound from HDMI (pcm2) using i915kms.ko Date: Sun, 21 Feb 2021 03:11:44 -0500 Message-ID: <4833909.YNO7O01DYZ@freebsd> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-CMAE-Envelope: MS4wfOEG0krQsr+0Z3m7z/e/e2u4FhPqTRFVt+iAfkmv2/DvwDCQsWedsYrq8joEsovw4lxDB3/PkFJfHrCjW/biW8f1WlAu3PtDu9hs88bE4ncKFW54TFIp E27HYMDy0+OoaVcYbBXcvXxN8paI3oRZE+6x1h4dGvYhTP0FdxBiGVGdXqaxCoc2/bxBh0nx6oWM+A== X-Rspamd-Queue-Id: 4DjyhN0bdLz3t6n X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@twc.com designates 47.43.26.135 as permitted sender) smtp.mailfrom=freebsd@twc.com X-Spamd-Result: default: False [-1.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[47.43.26.135:from]; FREEMAIL_FROM(0.00)[twc.com]; R_SPF_ALLOW(-0.20)[+ip4:47.43.26.0/24]; TO_DN_NONE(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RECEIVED_SPAMHAUS_PBL(0.00)[74.132.18.25:received]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[twc.com]; RCVD_TLS_LAST(0.00)[]; CTE_CASE(0.50)[]; ASN(0.00)[asn:40294, ipnet:47.43.24.0/21, country:US]; FAKE_REPLY(1.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[47.43.26.135:from]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; DMARC_NA(0.00)[twc.com]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[47.43.26.135:from:127.0.2.255]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_IN_DNSWL_NONE(0.00)[47.43.26.135:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 08:11:49 -0000 I got verbose output, but I don't know quite what it means: hdaa0: Original pins configuration: ahcich3: hdaa0: nid 0x as seq device conn jack loc color misc hdaa0: 18 40000000 0 0 Line-out None Unknown 0x00 Unknown 0 hdaa0: 20 01014010 1 0 Line-out Jack 1/8 Rear Green 0 hdaa0: 23 411111f0 15 0 Speaker None 1/8 Rear Black 1 hdaa0: 24 01a19040 4 0 Mic Jack 1/8 Rear Pink 0 hdaa0: 25 411111f0 15 0 Speaker None 1/8 Rear Black 1 hdaa0: 26 411111f0 15 0 Speaker None 1/8 Rear Black 1 hdaa0: 27 01813030 3 0 Line-in Jack 1/8 Rear Blue 0 hdaa0: 29 40434601 0 1 SPDIF-out None ATAPI 0x00 Green 6 hdaa0: 30 411111f0 15 0 Speaker None 1/8 Rear Black 1 hdaa0: 33 02211020 2 0 Headphones Jack 1/8 Front Black 0 hdaa0: Patching widget caps nid=29 0x00400000 -> 0x00700000 SATA offline status=00000004 hdaa0: ahcich3: AHCI reset: device not found ahcich4: AHCI reset... Patched pins configuration: ahcich4: hdaa0: nid 0x as seq device conn jack loc color misc hdaa0: 18 40000000 0 0 Line-out None Unknown 0x00 Unknown 0 DISA hdaa0: 20 01014010 1 0 Line-out Jack 1/8 Rear Green 0 hdaa0: 23 411111f0 15 0 Speaker None 1/8 Rear Black 1 DISA hdaa0: 24 01a19040 4 0 Mic Jack 1/8 Rear Pink 0 hdaa0: 25 411111f0 15 0 Speaker None 1/8 Rear Black 1 DISA hdaa0: 26 411111f0 15 0 Speaker None 1/8 Rear Black 1 DISA hdaa0: 27 01813030 3 0 Line-in Jack 1/8 Rear Blue 0 hdaa0: 30 411111f0 15 0 Speaker None 1/8 Rear Black 1 DISA hdaa0: 33 02211020 2 0 Headphones Jack 1/8 Front Black 0 hdaa0: 4 associations found: hdaa0: Association 0 (1) out: hdaa0: Pin nid=20 seq=0 hdaa0: Association 1 (2) out: hdaa0: Pin nid=33 seq=0 hdaa0: Association 2 (3) in: hdaa0: Pin nid=27 seq=0 hdaa0: Association 3 (4) in: hdaa0: Pin nid=24 seq=0 hdaa0: Tracing association 0 (1) hdaa0: Pin 20 traced to DAC 2 hdaa0: Association 0 (1) trace succeeded hdaa0: Tracing association 1 (2) hdaa0: Pin 33 traced to DAC 3 hdaa0: Association 1 (2) trace succeeded hdaa0: Tracing association 2 (3) hdaa0: Pin 27 traced to ADC 8 hdaa0: Association 2 (3) trace succeeded hdaa0: Tracing association 3 (4) hdaa0: Pin 24 traced to ADC 9 hdaa0: Association 3 (4) trace succeeded hdaa0: Looking for additional DAC for association 0 (1) hdaa0: Looking for additional DAC for association 1 (2) hdaa0: Looking for additional ADC for association 2 (3) hdaa0: Looking for additional ADC for association 3 (4) hdaa0: Tracing input monitor hdaa0: Tracing nid 11 to out hdaa0: nid 11 is input monitor hdaa0: Tracing nid 35 to out hdaa0: Tracing other input monitors hdaa0: Tracing nid 24 to out hdaa0: Tracing nid 27 to out hdaa0: Tracing beeper SATA offline status=00000004 ahcich4: AHCI reset: device not found ahcich5: AHCI reset... hdaa0: Pin sense: nid=20 sense=0x80000000 (connected) ahcich5: SATA offline status=00000004 hdaa0: ahcich2: ahcich5: AHCI reset: device not found Pin sense: nid=33 sense=0x80000000 (connected) hdaa0: FG config/quirks: forcestereo ivref50 ivref80 ivref100 ivref I cut out pcm0 and pcm1 because they work. Only pcm2 (HDMI) doesn't produce sound hdacc1: at cad 2 on hdac0 hdaa1: at nid 1 on hdacc1 hdaa1: Subsystem ID: 0x80860101 hdaa1: NumGPIO=0 NumGPO=0 NumGPI=0 GPIWake=0 GPIUnsol=0 hdaa1: Original pins configuration: hdaa1: nid 0x as seq device conn jack loc color misc hdaa1: 3 18560010 1 0 Digital-out Jack Digital 0x18 Unknown 0 hdaa1: Patched pins configuration: hdaa1: nid 0x as seq device conn jack loc color misc hdaa1: 3 18560010 1 0 Digital-out Jack Digital 0x18 Unknown 0 hdaa1: 1 associations found: hdaa1: Association 0 (1) out: hdaa1: Pin nid=3 seq=0 hdaa1: Tracing association 0 (1) hdaa1: Pin 3 traced to DAC 2 hdaa1: Association 0 (1) trace succeeded hdaa1: Looking for additional DAC for association 0 (1) hdaa1: Tracing input monitor hdaa1: Tracing other input monitors hdaa1: Tracing beeper hdaa1: FG config/quirks: forcestereo ivref50 ivref80 ivref100 ivref pcm2: at nid 3 on hdaa1 pcm2: Playback: pcm2: Stream cap: 0x00000005 AC3 PCM pcm2: PCM cap: 0x001a07f0 16 24 32 bits, 32 44 48 88 96 176 192 KHz pcm2: DAC: 2 pcm2: pcm2: nid=3 [pin: Digital-out (Jack)] pcm2: + <- nid=2 [audio output] [src: pcm] pcm2: pcm2: Master Volume (OSS: vol): 0/0dB pcm2: +- ctl 1 (nid 3 in ): mute pcm2: pcm2: PCM Volume (OSS: pcm): 0/0dB pcm2: +- ctl 1 (nid 3 in ): mute pcm2: pcm2: Mixer "vol": pcm2: Mixer "pcm": pcm2: Soft PCM mixer ENABLED pcm2: Playback channel matrix is: unknown, assuming 7.1 (disconnected) It LOOKS like it's muted: pcm2: Master Volume (OSS: vol): 0/0dB pcm2: +- ctl 1 (nid 3 in ): mute and pcm2: PCM Volume (OSS: pcm): 0/0dB pcm2: +- ctl 1 (nid 3 in ): mute The LAST message looks annoying: pcm2: Playback channel matrix is: unknown, assuming 7.1 (disconnected) Oh, and mixer isn't any help: mixer -f /dev/mixer2 Mixer vol is currently set to 100:100 Mixer pcm is currently set to 100:100 I read snd_hda (4),but it's Geek to me. -- FreeBSD FreeBSD 12.2-RELEASE-p3 FreeBSD 12.2-RELEASE-p3 r369327 Special amd64 HP-Slimline 290-p0014 Desktop Using integrated UHD Graphics 630 Built drm from /usr/ports/drm-kmod From owner-freebsd-questions@freebsd.org Sun Feb 21 08:28:32 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 04D3654FB50 for ; Sun, 21 Feb 2021 08:28:32 +0000 (UTC) (envelope-from admin@freebsd.org) Received: from mail.francoiscarrier.com (host.francoiscarrier.com [67.225.191.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "francoiscarrier.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Djz3g6KFGz3tjY for ; Sun, 21 Feb 2021 08:28:31 +0000 (UTC) (envelope-from admin@freebsd.org) Received: (qmail 11261 invoked by uid 108); 21 Feb 2021 03:28:28 -0500 Received: by simscan 1.4.0 ppid: 61808, pid: 9415, t: 12.0540s scanners: clamav: 0.102.3/m:59/d:26085 spam: 3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on host.francoiscarrier.com X-Spam-Level: X-Spam-Status: No, score=0.1 required=5.0 tests=ALL_TRUSTED, HTML_IMAGE_ONLY_32, HTML_IMAGE_RATIO_06,HTML_MESSAGE,MIME_HTML_ONLY, PDS_FROM_NAME_TO_DOMAIN autolearn=no autolearn_force=no version=3.4.2 Received: from unknown (HELO bolognafiere.it) (info@moineurbain.com@116.73.15.41) by host.francoiscarrier.com with ESMTPSA; 21 Feb 2021 03:28:16 -0500 From: freebsd.org Administrator To: freebsd-questions@freebsd.org Subject: New sign-in on Email Date: 21 Feb 2021 13:58:17 +0530 Message-ID: <20210221135817.9A191EAF3EC20F11@freebsd.org> X-Rspamd-Queue-Id: 4Djz3g6KFGz3tjY X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [0.00 / 15.00]; local_wl_from(0.00)[freebsd.org]; ASN(0.00)[asn:32244, ipnet:67.225.128.0/17, country:US] MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 08:28:32 -0000 From owner-freebsd-questions@freebsd.org Sun Feb 21 08:47:10 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 6F8935501BB for ; Sun, 21 Feb 2021 08:47:10 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from p-impout004.msg.pkvw.co.charter.net (p-impout004aa.msg.pkvw.co.charter.net [47.43.26.135]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DjzT94WXdz3w1l for ; Sun, 21 Feb 2021 08:47:09 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from freebsd.localnet ([74.132.18.25]) by cmsmtp with ESMTPA id DkOSl5eoZLC0yDkOSlrQfM; Sun, 21 Feb 2021 08:47:08 +0000 X-Authority-Analysis: v=2.3 cv=Q/OsHL+a c=1 sm=1 tr=0 a=6dKv8Xy78h5PIHsve0hi3A==:117 a=6dKv8Xy78h5PIHsve0hi3A==:17 a=kj9zAlcOel0A:10 a=Om_J-JQwCm2JeCVa_bQA:9 a=CjuIK1q_8ugA:10 From: Steven Friedrich To: freebsd-questions@freebsd.org Subject: Not sure of my USB devices identity... Date: Sun, 21 Feb 2021 03:47:07 -0500 Message-ID: <16073869.vxEf1mJfsr@freebsd> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-CMAE-Envelope: MS4wfFyWPBcYoQjee4y71f1iaS20yXEgaaurRxYfuHAZeyw4zIN8gccT0XA1fKDLoCCei+VjgNF3eT8jipP8k0/YqMFPVlp26F2QbVkyquGaavSP3Fbsaa9r t2QLtFB5WOlk2S63p9tpDIY+gF2qpuhCyEfEXblfgrkSis8rgPzHvxbJrBK/zqhrWyGTW0i+QrR34A== X-Rspamd-Queue-Id: 4DjzT94WXdz3w1l X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@twc.com designates 47.43.26.135 as permitted sender) smtp.mailfrom=freebsd@twc.com X-Spamd-Result: default: False [-2.30 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[47.43.26.135:from]; FREEMAIL_FROM(0.00)[twc.com]; R_SPF_ALLOW(-0.20)[+ip4:47.43.26.0/24]; TO_DN_NONE(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RECEIVED_SPAMHAUS_PBL(0.00)[74.132.18.25:received]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[twc.com]; MIME_TRACE(0.00)[0:+]; CTE_CASE(0.50)[]; ASN(0.00)[asn:40294, ipnet:47.43.24.0/21, country:US]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[47.43.26.135:from]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[twc.com]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[47.43.26.135:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[47.43.26.135:from]; MID_RHS_NOT_FQDN(0.50)[]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 08:47:10 -0000 When I plug it in after boot, I get this in dmesg: ugen0.5: at usbus0 rtwn0 on uhub0 rtwn0: <802.11ac WLAN Adapter > on usbus0 rtwn0: MAC/BB RTL8821AU, RF 6052 1T1R NOTE that it self-identifies as 8821au rtwn0: 11a rates: 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps rtwn0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps rtwn0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps rtwn0: 1T1R rtwn0: 11na MCS 20MHz rtwn0: MCS 0-7: 6.5Mbps - 65Mbps rtwn0: 11na MCS 20MHz SGI rtwn0: MCS 0-7: 7Mbps - 72Mbps rtwn0: 11ng MCS 20MHz rtwn0: MCS 0-7: 6.5Mbps - 65Mbps rtwn0: 11ng MCS 20MHz SGI rtwn0: MCS 0-7: 7Mbps - 72Mbps wlan0: bpf attached wlan0: bpf attached wlan0: Ethernet address: 08:36:c9:1b:08:de firmware: 'rtwn-rtl8821aufw' version 111: 27804 bytes loaded at 0xffffffff82913000 # lsusb Identfies it as 8811au (but this is AFTER it loaded firmware) Bus /dev/usb Device /dev/ugen0.5: ID 0846:9052 NetGear, Inc. A6100 AC600 DB Wireless Adapter [Realtek RTL8811AU] And on the motherboard I have a similar chip: none6@pci0:2:0:0: class=0x028000 card=0x831a103c chip=0xc82110ec rev=0x00 hdr=0x00 vendor = 'Realtek Semiconductor Co., Ltd.' device = 'RTL8821CE 802.11ac PCIe Wireless Network Adapter' class = network but the motherboard device is NOT recognized by rtwn driver. I built both rtwn_pci and rtwn_usb into my kernel. The rtwnfw man page lists device rtwn-rtl8821aufw, but doesn't list a device rtwn-rtl8821cefw I'm hoping in the near future the motherboard device becomes supported. -- FreeBSD FreeBSD 12.2-RELEASE-p3 FreeBSD 12.2-RELEASE-p3 r369327 Special amd64 HP-Slimline 290-p0014 Desktop Using integrated UHD Graphics 630 Built drm from /usr/ports/drm-kmod From owner-freebsd-questions@freebsd.org Sun Feb 21 14:14:13 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 93621558427 for ; Sun, 21 Feb 2021 14:14:13 +0000 (UTC) (envelope-from Walter.von.Entferndt@posteo.net) Received: from mout01.posteo.de (mout01.posteo.de [185.67.36.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dk6kX4KnZz4kP2 for ; Sun, 21 Feb 2021 14:14:12 +0000 (UTC) (envelope-from Walter.von.Entferndt@posteo.net) Received: from submission (posteo.de [89.146.220.130]) by mout01.posteo.de (Postfix) with ESMTPS id 7CB99160060 for ; Sun, 21 Feb 2021 15:14:09 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017; t=1613916849; bh=aYJwHN9E2rsX26ra/DL7kc/XH8wmXUzPw6IxF6ngB5I=; h=From:To:Cc:Subject:Date:From; b=hb8bxgwvWl5xfj5YIu3SK5rNl/xNcQX/LMPFlrwAEywgs0n7yQMJIEqaLhJ3o7xea gjvkD46gFRilfkuJq6G0U85ogizcEHL+Lc2Xollas+u5oVjEfaLo/sn/ILHcssGGbi w1thqxIp4m7sv0gNQWrcLXJf5urlFiyeQ5S+KBsUhGsk7JW9cL0zW9pRf58ULYsEgE Vx1+IhE6n+yV5k+eZphwxMFQ/WhlfvrTuXmjRUbnB/NBG0cYUtr/nqkxrvactk15pn VO/CH9zKNPQlosVFvfzdHFkT3sDRfkIXnaj57pET00TOjb36ghT8eND+wCnb2v2k46 02F6eppb9HDtA== Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4Dk6kQ2QK4z6tmL; Sun, 21 Feb 2021 15:14:06 +0100 (CET) From: Walter von Entferndt To: Jerry Cc: freebsd-questions@freebsd.org Subject: Re: BUG 237666 Date: Sun, 21 Feb 2021 15:13:50 +0100 Message-ID: <1761655.CJpZife00y@t450s.local.lan> X-Face: #$[hC+4[4W*mS3hB&izisyT_#E]^Aq+7Isv`2Tu5q*1~jR@&['74B>Ibyrk]GTJ!j$ NjX=#L2#k2X7OnaaRM_Pd5`>`8OJ3; +I2 References: MIME-Version: 1.0 X-Rspamd-Queue-Id: 4Dk6kX4KnZz4kP2 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=posteo.net header.s=2017 header.b=hb8bxgwv; dmarc=pass (policy=none) header.from=posteo.net; spf=pass (mx1.freebsd.org: domain of Walter.von.Entferndt@posteo.net designates 185.67.36.65 as permitted sender) smtp.mailfrom=Walter.von.Entferndt@posteo.net X-Spamd-Result: default: False [-3.45 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:185.67.36.0/23]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; RCVD_COUNT_THREE(0.00)[3]; RCVD_IN_DNSWL_MED(-0.20)[185.67.36.65:from]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[posteo.net,none]; SUBJ_ALL_CAPS(0.75)[10]; DKIM_TRACE(0.00)[posteo.net:+]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; CTE_CASE(0.50)[]; ASN(0.00)[asn:8495, ipnet:185.67.36.0/23, country:DE]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[posteo.net:s=2017]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RWL_MAILSPIKE_VERYGOOD(0.00)[185.67.36.65:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7Bit X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 14:14:13 -0000 At Sonntag, 21. Februar 2021, 13:00:02 CET, Jerry wrote: > [...] The fact that this bug has existed and not been fixed > for two years certainly does not instill confidence that the FreeBSD > team can maintain a stable product. 1. The bug history contains a few dozens anwers + questions from hps, Konstantin Belousov, & mm, showing they're trying hard to fix it. 2. hps kindly offered to ship a machine to him which has this bug, so that he can investigate; _this_was_denied_. 3. The wizzards can only fix what they can debug appropiately; their work is mostly completely voluntary; in contrast, other OS incl. Linux have hundredth of engineers on their payroll. AFAIK there's only one manufacturer who certifies it's mainboards for FreeBSD (supermicro). 4. It is a well known fact that most, if not all, ACPI BIOS/UEFI implementations are buggy, and/or the official specs are ambiguous about some topics. Furthermore, the on-chip USB hub can be buggy. 5. Noone can assert a claim that FreeBSD runs on his/her particular hardware & network combination. 6. Everyone is invited to get a bloody nose & dive into C system programming & DTrace, in order to help integrating new hardware drivers, tweaks, & bug fixes. Regards -- =|o) "Stell' Dir vor es geht und keiner kriegt's hin." (Wolfgang Neuss) From owner-freebsd-questions@freebsd.org Sun Feb 21 19:42:17 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 80A9C55F5C6 for ; Sun, 21 Feb 2021 19:42:17 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com [IPv6:2607:f8b0:4864:20::102f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DkG141p7dz3KXv for ; Sun, 21 Feb 2021 19:42:16 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: by mail-pj1-x102f.google.com with SMTP id e9so7361708pjj.0 for ; Sun, 21 Feb 2021 11:42:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=reply-to:from:to:subject:date:organization:message-id:mime-version :content-transfer-encoding:thread-index:content-language; bh=ccO5OFwh0LdHUjZKPwKVgEiwfPHZs9mmt87jX3w40Sc=; b=X/5rPMhcwrOPorkLgv40xoxN9hmI7why0pryCElh0AHiMolquSwkmkxzpSw/jREV9l AOQXXqtGVHoeUH08VfbiTX/feniWO5GsvasDUJBjtYw59swcMZWuz/VCjtSCm8ZBDyw1 QOZe8I76MzzOfoKNqr/uSUoWFDgBUBgU+QJyE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:from:to:subject:date:organization :message-id:mime-version:content-transfer-encoding:thread-index :content-language; bh=ccO5OFwh0LdHUjZKPwKVgEiwfPHZs9mmt87jX3w40Sc=; b=q358xYCQ/tl4sDZBlDxy1E95Y1eW0jlq2jKz1HZGKy2+h+HyLvi3O+1pZo/AYs12I3 xBp7rxHTSiIFTsTNTpnjLvgepfQyByrut4xIaMauGE6p2pmsaReapKnwj8zhehCq9ffI 5H0x8zPh2rtGjOjjbMLWV/p4qOuK1m+H9decEtFJL/28soo+IbXPvPF4KOP2wUO42Kp3 feUeaelVYxSRQ/+jQYZ7XGqww+MU9W1FIjczgrZePemFMd3yRbiCZAww1IOwfUT2aR0d RXiEzTX6thK1SU4wfOBfF0q+7bISre0dnTf0d/JQU5NJT9Eag1I/PtB3yPfmFbJkVa7y HZAQ== X-Gm-Message-State: AOAM530X54E5TgcFtxa/CVx4cxTLg89netgJx4AXLabCX+vZVHwFA6fs 7ukL60JvicxrK0ecrK91kZ75ocD/wEbJdA== X-Google-Smtp-Source: ABdhPJxLi+mQDLJjPW1/HyHt5Gd0eEu5fc2Tw625pQgwC93gSeuf0rkOU2+OdovhEW//7aDmqtzt2g== X-Received: by 2002:a05:6214:574:: with SMTP id cj20mr17853817qvb.37.1613936032691; Sun, 21 Feb 2021 11:33:52 -0800 (PST) Received: from scorpio.seibercom.net (cpe-174-109-231-236.nc.res.rr.com. [174.109.231.236]) by smtp.gmail.com with ESMTPSA id j2sm5634050qtb.26.2021.02.21.11.33.51 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 21 Feb 2021 11:33:51 -0800 (PST) Received: from HPEnvy (zeus.seibercom.net [192.168.1.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: jerry@seibercom.net) by scorpio.seibercom.net (Postfix) with ESMTPSA id 4DkFqL6vkwz1Dhs for ; Sun, 21 Feb 2021 14:33:50 -0500 (EST) Reply-To: "FreeBSD" From: "Jerry" To: "FreeBSD" Subject: Certbot crashes after update of python installed Date: Sun, 21 Feb 2021 14:33:50 -0500 Organization: seibercom Message-ID: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 16.0 Thread-Index: AdcIh/b2J9RTqWwASb2EDNyItI2zHQ== Content-Language: en-us X-Rspamd-Queue-Id: 4DkG141p7dz3KXv X-Spamd-Bar: +++++ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=seibercom.net header.s=google header.b=X/5rPMhc; dmarc=none; spf=pass (mx1.freebsd.org: domain of jerry@seibercom.net designates 2607:f8b0:4864:20::102f as permitted sender) smtp.mailfrom=jerry@seibercom.net X-Spamd-Result: default: False [5.49 / 15.00]; HAS_REPLYTO(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; GREYLIST(0.00)[pass,body]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[seibercom.net:+]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::102f:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; REPLYTO_EQ_TO_ADDR(5.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[seibercom.net:s=google]; RECEIVED_SPAMHAUS_PBL(0.00)[174.109.231.236:received]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[seibercom.net]; NEURAL_SPAM_MEDIUM(0.99)[0.994]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::102f:from:127.0.2.255]; NEURAL_SPAM_LONG(1.00)[1.000]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::102f:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 19:42:17 -0000 Since updating python, certbot now crashes. It had worked fine via CRON for over a year. ~ $ Script started on Sun Feb 21 14:14:55 2021 Command: /usr/local/bin/certbot renew --apache --deploy-hook service dovecot restart Traceback (most recent call last): File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 583, in _build_master ws.require(__requires__) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 900, in require needed = self.resolve(parse_requirements(requirements)) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 791, in resolve raise VersionConflict(dist, req).with_context(dependent_req) pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 (/usr/local/lib/python3.7/site-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'}) During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/usr/local/bin/certbot", line 6, in from pkg_resources import load_entry_point File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3251, in @_call_aside File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3235, in _call_aside f(*args, **kwargs) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3264, in _initialize_master_working_set working_set = WorkingSet._build_master() File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 585, in _build_master return cls._build_from_requirements(__requires__) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 598, in _build_from_requirements dists = ws.resolve(reqs, Environment()) File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 791, in resolve raise VersionConflict(dist, req).with_context(dependent_req) pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 (/usr/local/lib/python3.7/site-packages), Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'}) Command exit status: 1 Script done on Sun Feb 21 14:14:56 2021 python37-3.7.9_1 I have rebuilt python, but the results are still the same. -- Jerry From owner-freebsd-questions@freebsd.org Sun Feb 21 20:51:54 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7EEA653A2A4 for ; Sun, 21 Feb 2021 20:51:54 +0000 (UTC) (envelope-from johnl@iecc.com) Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "gal.iecc.com", Issuer "Let's Encrypt Authority X3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DkHYP4Qdzz3QDn for ; Sun, 21 Feb 2021 20:51:53 +0000 (UTC) (envelope-from johnl@iecc.com) Received: (qmail 24634 invoked from network); 21 Feb 2021 20:51:47 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=6035.6032c7e3.k2102; bh=iaiXNEG/yt5npPGjnEIdM8Rr0paf4w3hhm64kcaHHms=; b=bYWRGDnhuNav3Yw1sgrpRxUW/zdpv29uuW4Dy9qTi2cRQFEGEwE/ma/XeptqOlT83q+gP0Bt8ap6g91gDZA6HOrqjXG7EKxUcW0yymIafTsMwHu6YAP98EUEn/JNvAY61kEZW9Y4fl9fB/flnGvFeuaD7AhIl5Uvr88kAZQd3dzgogTDpOk9t3F1ERoqYK4mrMuWHTw8j2RMOSonhVrmlvW0zHb5GxJCRgcB0cCIpcTlaC23VOQerL+DsNlk6qRT0T2Jic1alCBHYDwjtGObcq+s0qLm7jWm4Ad3fs5sTMisOpNT7mh1okdsLsPitwUvEwDhlQWrxjEmrMVQKLNzCw== Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.2 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 21 Feb 2021 20:51:46 -0000 Received: by ary.qy (Postfix, from userid 501) id 364356E6BDB0; Sun, 21 Feb 2021 15:51:45 -0500 (EST) Date: 21 Feb 2021 15:51:45 -0500 Message-Id: <20210221205146.364356E6BDB0@ary.qy> From: "John Levine" To: freebsd-questions@freebsd.org Subject: Re: Certbot crashes after update of python installed In-Reply-To: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> Organization: Taughannock Networks X-Headerized: yes Cleverness: minimal Mime-Version: 1.0 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: 8bit X-Rspamd-Queue-Id: 4DkHYP4Qdzz3QDn X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none (invalid DKIM record) header.d=iecc.com header.s=6035.6032c7e3.k2102 header.b=bYWRGDnh; dmarc=pass (policy=none) header.from=iecc.com; spf=pass (mx1.freebsd.org: domain of johnl@iecc.com designates 2001:470:1f07:1126:0:43:6f73:7461 as permitted sender) smtp.mailfrom=johnl@iecc.com X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; MV_CASE(0.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCPT_COUNT_ONE(0.00)[1]; HAS_ORG_HEADER(0.00)[]; SPAMHAUS_ZRD(0.00)[2001:470:1f07:1126:0:43:6f73:7461:from:127.0.2.255]; R_SPF_ALLOW(-0.20)[+ip6:2001:470:1f07:1126::/64]; DKIM_TRACE(0.00)[iecc.com:~]; DMARC_POLICY_ALLOW(-0.50)[iecc.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_DKIM_PERMFAIL(0.00)[iecc.com:s=6035.6032c7e3.k2102]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:470:1f07:1126:0:43:6f73:7461:from]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Feb 2021 20:51:54 -0000 It's telling you what the problem is: > raise VersionConflict(dist, req).with_context(dependent_req) >pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 >(/usr/local/lib/python3.7/site-packages), >Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'}) It now requires version 3.2 or newer of the python cryptography package but the version in the ports and packages is only 2.9.2. You might drop a note to the person who maintains the py-cryptography port to see if he wants help updating it, or if you're feeling brave, you can use the python pip package manager to update it locally. (as root) # pkg install rust # the crypto bits are written in rust # pip install -U cryptography # pkg lock py37-cryptography # tell freebsd package manager not to downgrade it # pkg delete rust # if you don't otherwise need rust, get back 500MB I did this on FBSD 12.2 and it worked, leaving me with version 3.4.6 of cryptography. -- Regards, John Levine, johnl@taugh.com, Primary Perpetrator of "The Internet for Dummies", Please consider the environment before reading this e-mail. https://jl.ly From owner-freebsd-questions@freebsd.org Mon Feb 22 00:28:02 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 269D5541881 for ; Mon, 22 Feb 2021 00:28:02 +0000 (UTC) (envelope-from daniel@dstev.net) Received: from mail2.protonmail.ch (mail2.protonmail.ch [185.70.40.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "SwissSign Server Gold CA 2014 - G22" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DkNLn0lqwz3tHN for ; Mon, 22 Feb 2021 00:28:00 +0000 (UTC) (envelope-from daniel@dstev.net) Date: Mon, 22 Feb 2021 00:27:41 +0000 To: Steven Friedrich From: Daniel Stevenson Cc: freebsd-questions@freebsd.org, imp@freebsd.org, freebsd-current@freebsd.org Reply-To: Daniel Stevenson Subject: Re: Strange anomaly when Netgear A6100 - AC600 Dual Band WiFi USB Mini Adapter plugged in on boot Message-ID: In-Reply-To: <9068449.RH3biPoPvx@freebsd> References: <4833150.YNO7O01DYZ@freebsd> <4838382.YNO7O01DYZ@freebsd> <16988739.sFgvYJuXru@freebsd> <9068449.RH3biPoPvx@freebsd> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-1.0 required=10.0 tests=ALL_TRUSTED shortcircuit=no autolearn=disabled version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on mailout.protonmail.ch X-Rspamd-Queue-Id: 4DkNLn0lqwz3tHN X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=dstev.net; spf=pass (mx1.freebsd.org: domain of daniel@dstev.net designates 185.70.40.22 as permitted sender) smtp.mailfrom=daniel@dstev.net X-Spamd-Result: default: False [-3.55 / 15.00]; HAS_REPLYTO(0.00)[daniel@dstev.net]; RWL_MAILSPIKE_VERYGOOD(0.00)[185.70.40.22:from]; REPLYTO_EQ_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:185.70.40.0/24]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-0.65)[-0.652]; DMARC_POLICY_ALLOW(-0.50)[dstev.net,none]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FREEMAIL_TO(0.00)[twc.com]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH]; MID_RHS_MATCH_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_IN_DNSWL_LOW(-0.10)[185.70.40.22:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 00:28:02 -0000 On Saturday, February 20th, 2021 at 04:38, Steven Friedrich wrote: > On Friday, 19 February 2021 06:41:49 EST Steven Friedrich wrote: > > > BTW, I included output from pciconf, but the device is USB. Sorry. > > > > I was confused because there's an unsupported wi-fi on the motherboard,= also > > > > from Realtek. > > > > mobo Realtek is 8821ce > > > > USB Realtek is 8811au > > > > On Thursday, 18 February 2021 21:37:34 EST Steven Friedrich wrote: > > > > > On Thursday, 18 February 2021 16:35:48 EST > > > > > > Daniel > > > > > > Stevenson wrote: > > > > > > > On Thursday, February 18th, 2021 at 04:40, Steven Friedrich > > > > > > FreeBSD@twc.com wrote: > > > > > > > > Starting devd. > > > > > > > > > > Cannot 'start' webcamd. Set webcamd_enable to YES in /etc/rc.conf= or > > > > > > > > > > use > > > > > > > > > > 'onestart' instead of 'start'. > > > > > > > > > > There's nothing in /etc/rc.conf to invoke webcam. Nothing in > > > > > > > > > > /etc/devd.conf > > > > > > > > > > (AFAIK). I haven't modified devd.conf > > > > > > > > > > If I unplug the adapter and reboot, no message about webcam appea= rs. > > > > > > > > > > Here's the device as reported by pciconf -lv > > > > > > > > > > none6@pci0:2:0:0: class=3D0x028000 card=3D0x831a103c chip=3D0xc82= 110ec > > > > > > > > > > rev=3D0x00 hdr=3D0x00 > > > > > > > > > > vendor =3D 'Realtek Semiconductor Co., Ltd.' > > > > > > > > > > device =3D 'RTL8821CE 802.11ac PCIe Wireless Network Adapter' > > > > > > > > > > class =3D network > > > > > > > > > > Here's the dmesg > > > > > > > > > > ugen0.2: at usbus0 > > > > > > > > > > rtwn0 on uhub0 > > > > > > > > > > rtwn0: <802.11ac WLAN Adapter > on usbus0 > > > > > > > > > > rtwn0: MAC/BB RTL8821AU, RF 6052 1T1R > > > > > > > > Whether or not you have a line in your /etc/rc.conf that says > > > > > > > > webcamd_enable=3D"NO", webcamd is disabled by default. You have to > > > > > > > > override this by setting webcamd_enable=3D"YES". > > > > > > You misinterpreted my post. > > > > > > I don't want webcam. > > > > > > I get this errant message because I have a USB network adapter plugge= d in > > > > > > on boot. > > > > > > I believe this is related to /usr/src/UPDATING entry 20180211: > > > > > > 20180211: > > > > > > devmatch functionality has been turned on in devd. It will > > > > > > automatically > > > > > > load drivers for unattached devices. This may cause unexpecte= d > > > > > > > > > drivers to > > > > > > be loaded. Please report any problems to current@ and > > > > > > > > > imp@freebsd.org. > > > > > > freebsd-questions@freebsd.org mailing list > > > > > > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > > > > > > To unsubscribe, send any mail to > > > > > > "freebsd-questions-unsubscribe@freebsd.org" > > Here is the what the original report SHOULD have been: > > This appears in dmesg if Netgear A6100 plugged in at boot > > Starting devd. > > Cannot 'start' webcamd. Set webcamd_enable to YES in /etc/rc.conf or use > > 'onestart' instead of 'start'. > > I don't HAVE or want a webcam. This is an anomaly > > Here's the device as reported by lsusb > > Bus /dev/usb Device /dev/ugen0.5: ID 0846:9052 NetGear, Inc. A6100 AC600 = DB > > Wireless Adapter [Realtek RTL8811AU] > > Here's the dmesg > > ugen0.2: at usbus0 > > rtwn0 on uhub0 > > rtwn0: <802.11ac WLAN Adapter > on usbus0 > > rtwn0: MAC/BB RTL8821AU, RF 6052 1T1R > > I hope I am getting better at reporting anomalies... 8o) Uninstalling webcamd would be a good place to start. It's not part of the base system; it must have been pulled in as a dependency somewhere along the line. -- Daniel Stevenson From owner-freebsd-questions@freebsd.org Mon Feb 22 07:20:43 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3AB9D54ACFF for ; Mon, 22 Feb 2021 07:20:43 +0000 (UTC) (envelope-from contact@evilham.com) Received: from yggdrasil.evilham.com (yggdrasil.evilham.com [IPv6:2a02:2770::216:3eff:fee1:cf9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DkYVy0hkzz4k2J for ; Mon, 22 Feb 2021 07:20:41 +0000 (UTC) (envelope-from contact@evilham.com) Received: from yggdrasil.evilham.com (localhost [IPv6:::1]) by yggdrasil.evilham.com (Postfix) with ESMTP id 4DkYVm3tMyzF0V for ; Mon, 22 Feb 2021 08:20:32 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=evilham.com; h=from:to :subject:references:in-reply-to:date:message-id:mime-version :content-type; s=mail; bh=MEQMyFw1YrbUdwe1cdfO4lYE/Is=; b=1+5qu6 N3ywtDAkXMPiXMfVPTSXAirSmsWiaJC5FtL8hdA2Z1FdEMNzlZdlOTkhQ0IhIthU kgaPe4t1dEEgEWoCX3Eoo/Vp+4vb2BrJjYz1u++uHZ/elq40AKNPOp0FlgMV8vQN Kig6Rb4+UjBTGzYCJOIzqUNF194ESTbrUkC9Y= Received: from yggdrasil.evilham.com (unknown [IPv6:2a0a:e5c1:121:1::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by yggdrasil.evilham.com (Postfix) with ESMTPSA id 4DkYVl6jkXzF0S for ; Mon, 22 Feb 2021 08:20:31 +0100 (CET) From: Evilham To: freebsd-questions@freebsd.org Subject: Re: Certbot crashes after update of python installed References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> In-reply-to: <20210221205146.364356E6BDB0@ary.qy> Date: Mon, 22 Feb 2021 08:20:30 +0100 Message-ID: <6b735533-ad9a-441d-817f-afb4100b43bc@yggdrasil.evilham.com> MIME-Version: 1.0 Content-Type: text/plain; format=flowed X-Rspamd-Queue-Id: 4DkYVy0hkzz4k2J X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=evilham.com header.s=mail header.b=1+5qu6 N; dmarc=pass (policy=none) header.from=evilham.com; spf=pass (mx1.freebsd.org: domain of contact@evilham.com designates 2a02:2770::216:3eff:fee1:cf9 as permitted sender) smtp.mailfrom=contact@evilham.com X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a02:2770::216:3eff:fee1:cf9:from]; R_DKIM_ALLOW(-0.20)[evilham.com:s=mail]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a02:2770::216:3eff:fee1:cf9:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DKIM_TRACE(0.00)[evilham.com:+]; DMARC_POLICY_ALLOW(-0.50)[evilham.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:196752, ipnet:2a02:2770::/32, country:NL]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 07:20:43 -0000 On dg., febr. 21 2021, John Levine wrote: > It's telling you what the problem is: > >> raise VersionConflict(dist, req).with_context(dependent_req) >>pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 >>(/usr/local/lib/python3.7/site-packages), >>Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'}) > > It now requires version 3.2 or newer of the python cryptography > package > but the version in the ports and packages is only 2.9.2. > > You might drop a note to the person who maintains the > py-cryptography > port to see if he wants help updating it, or if you're feeling > brave, > you can use the python pip package manager to update it locally. > > (as root) > # pkg install rust # the crypto bits are written in rust > > # pip install -U cryptography > > # pkg lock py37-cryptography # tell freebsd package manager not > to downgrade it > # pkg delete rust # if you don't otherwise need rust, get > back 500MB > > I did this on FBSD 12.2 and it worked, leaving me with version > 3.4.6 of cryptography. Not 100% sure if following would have a positive effect on the ports system, but it certainly would be useful for FreeBSD+pip users if someone has the bandwidth to get involved upstream (the Python cryptography project: https://github.com/pyca/cryptography) and help them publish wheels for FreeBSD. That would mean, e.g. that pulling rust is not necessary for pip install cryptography. -- Evilham From owner-freebsd-questions@freebsd.org Mon Feb 22 11:33:54 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D8C82551839 for ; Mon, 22 Feb 2021 11:33:54 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-qk1-x72d.google.com (mail-qk1-x72d.google.com [IPv6:2607:f8b0:4864:20::72d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dkg760dh1z3GMY for ; Mon, 22 Feb 2021 11:33:53 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: by mail-qk1-x72d.google.com with SMTP id 81so12164127qkf.4 for ; Mon, 22 Feb 2021 03:33:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=reply-to:from:to:cc:references:in-reply-to:subject:date :organization:message-id:mime-version:content-transfer-encoding :thread-index:content-language; bh=+uwYMXtURw+9NgVivvXAi9nryf14+nm4oElZ2MzRv4c=; b=IcnG3uSqYw2CyhjXdebTBD0GwfwBgeiFSA/JPiyfQqriO/y3WZLbd08OhGlFz30tls p2AhBG0TfeZI7E9c1o4n0avDy1GQCfjMp+xUmwxZJhJDmdjkxVXhqC3h0Zrs0ZBFKbkC K8E1n2GbrR6kX9nFj3EZJo4dZ+2bFDtuWcHr0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:from:to:cc:references:in-reply-to :subject:date:organization:message-id:mime-version :content-transfer-encoding:thread-index:content-language; bh=+uwYMXtURw+9NgVivvXAi9nryf14+nm4oElZ2MzRv4c=; b=UMK5nGb+jgcGgvkJKyonNOPk95jA/RIJ8vBHdb+KlyiCWdzR2RoC7drPW+3p7bRoUv h+n6NKXUX0ZH6dC6cjyWtbp/xCK0+iJ70pLwrEO2UmZPiMPp9LCzc31VXXlgVPFzKNuL ZIck9xR3v8gf1Nqw1DswGJzPC4UmV83G+mX0xApHW49847R9ieYCWvXIH/tv0MF0C6q3 uXP639Fd3e/IeNUF3jAcGfUGL/73apmWITNrTnclyufcuXG3GZQpJPmf6EkH05/m22Dx 6lskfftkf9G9y26OrCTYZ4rOtRZLj1c70R8Aj1NOCpCkI5UIBv9naF2tEWBQXNr7cixx 0PuQ== X-Gm-Message-State: AOAM533Grib7yup+yBjBVwhGU981FyPiv3K8Ma4OwVYh6t2mXTRa99jn G2WuXbToFbAX0bWcb1YxQUzrgbnAZoL9rg== X-Google-Smtp-Source: ABdhPJwSABRTHDvL+BuqjPYejYmp3qoeXi7dqUkaUOI3Rj1FynFI8UiPj2JDHxD/+WsoQ/yJqLWZLA== X-Received: by 2002:a37:a597:: with SMTP id o145mr12342072qke.128.1613993189360; Mon, 22 Feb 2021 03:26:29 -0800 (PST) Received: from scorpio.seibercom.net (cpe-174-109-231-236.nc.res.rr.com. [174.109.231.236]) by smtp.gmail.com with ESMTPSA id b191sm4245479qkc.74.2021.02.22.03.26.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Feb 2021 03:26:28 -0800 (PST) Received: from HPEnvy (zeus.seibercom.net [192.168.1.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) (Authenticated sender: jerry@seibercom.net) by scorpio.seibercom.net (Postfix) with ESMTPSA id 4DkfyW6P2Xz1Fhh; Mon, 22 Feb 2021 06:26:27 -0500 (EST) Reply-To: "FreeBSD" From: "Jerry" To: "FreeBSD" Cc: References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> In-Reply-To: <20210221205146.364356E6BDB0@ary.qy> Subject: RE: Certbot crashes after update of python installed Date: Mon, 22 Feb 2021 06:26:26 -0500 Organization: seibercom Message-ID: <014901d7090d$8f28ce80$ad7a6b80$@seibercom.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 16.0 Thread-Index: AQJKsf52uSnmJZMdqrnhCEu4U3yDLql8tTpA Content-Language: en-us X-Rspamd-Queue-Id: 4Dkg760dh1z3GMY X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=seibercom.net header.s=google header.b=IcnG3uSq; dmarc=none; spf=pass (mx1.freebsd.org: domain of jerry@seibercom.net designates 2607:f8b0:4864:20::72d as permitted sender) smtp.mailfrom=jerry@seibercom.net X-Spamd-Result: default: False [2.89 / 15.00]; HAS_REPLYTO(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; GREYLIST(0.00)[pass,body]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[seibercom.net:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-0.35)[-0.354]; RECEIVED_SPAMHAUS_PBL(0.00)[174.109.231.236:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; REPLYTO_EQ_TO_ADDR(5.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::72d:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.26)[-0.257]; R_DKIM_ALLOW(-0.20)[seibercom.net:s=google]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[seibercom.net]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::72d:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::72d:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 11:33:54 -0000 On Sunday, February 21, 2021 3:52 PM, John Levine stated: > It's telling you what the problem is: > > > raise VersionConflict(dist, req).with_context(dependent_req) > >pkg_resources.ContextualVersionConflict: (cryptography 2.9.2 > >(/usr/local/lib/python3.7/site-packages), > >Requirement.parse('cryptography>=3.2'), {'PyOpenSSL'}) > > It now requires version 3.2 or newer of the python cryptography package but > the version in the ports and packages is only 2.9.2. > > You might drop a note to the person who maintains the py-cryptography port > to see if he wants help updating it, or if you're feeling brave, you can use the > python pip package manager to update it locally. > > (as root) > # pkg install rust # the crypto bits are written in rust > > # pip install -U cryptography > > # pkg lock py37-cryptography # tell freebsd package manager not to > downgrade it > # pkg delete rust # if you don't otherwise need rust, get back 500MB > > I did this on FBSD 12.2, and it worked, leaving me with version 3.4.6 of > cryptography. I search, and a PR has already been filed against it. < https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253756>. -- Jerry From owner-freebsd-questions@freebsd.org Mon Feb 22 12:11:17 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id ACFD0553574 for ; Mon, 22 Feb 2021 12:11:17 +0000 (UTC) (envelope-from darcy@druid.net) Received: from mail.vex.net (mail.vex.net [98.158.132.68]) by mx1.freebsd.org (Postfix) with ESMTP id 4DkgyD4xKtz3JwG for ; Mon, 22 Feb 2021 12:11:16 +0000 (UTC) (envelope-from darcy@druid.net) Received: from imp.druid.net (unknown [IPv6:2607:9880:1150:40:ea2a:eaff:fe28:7058]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) (Authenticated sender: darcy) by mail.vex.net (Postfix) with ESMTPSA id 81BB85439C; Mon, 22 Feb 2021 07:11:10 -0500 (EST) To: "Kevin P. Neal" Cc: freebsd-questions@freebsd.org References: <69dcd9f7-b5f8-1111-8bea-9be93a493eba@druid.net> From: D'Arcy Cain Subject: Re: Upgrade to 12.2 and permission weirdness Message-ID: <88d75a8e-558c-bda8-6402-9644c15bb429@druid.net> Date: Mon, 22 Feb 2021 07:11:10 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4DkgyD4xKtz3JwG X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of darcy@druid.net has no SPF policy when checking 98.158.132.68) smtp.mailfrom=darcy@druid.net X-Spamd-Result: default: False [-1.75 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; NEURAL_HAM_MEDIUM(-0.75)[-0.748]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[druid.net]; RBL_DBL_DONT_QUERY_IPS(0.00)[98.158.132.68:from]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[98.158.132.68:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-0.998]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:19842, ipnet:98.158.132.0/24, country:CA]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 12:11:17 -0000 On 2/14/21 5:13 PM, Kevin P. Neal wrote: > The environment variables from cron are what you expect? That was it. For some reason HOME was set to /var/log in crontab. I removed that line and it worked again. The other issue was an actual database permission issue which I fixed. I still don't understand why neither of these things were triggering before the FreeBSD upgrade but the two fixes do make sense. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 788 2246 (DoD#0082) (eNTP) | what's for dinner. IM: darcy@VybeNetworks.com, VoIP: sip:darcy@druid.net Disclaimer: By sending an email to ANY of my addresses you are agreeing that: 1. I am by definition, "the intended recipient". 2. All information in the email is mine to do with as I see fit and make such financial profit, political mileage, or good joke as it lends itself to. In particular, I may quote it where I please. 3. I may take the contents as representing the views of your company if I so wish. 4. This overrides any disclaimer or statement of confidentiality that may be included or implied in your message. From owner-freebsd-questions@freebsd.org Mon Feb 22 13:51:02 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1B6DF555145 for ; Mon, 22 Feb 2021 13:51:02 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from kicp.uchicago.edu (kicp.uchicago.edu [128.135.20.70]) by mx1.freebsd.org (Postfix) with ESMTP id 4Dkk9K2t07z3PgL for ; Mon, 22 Feb 2021 13:51:01 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from [IPv6:2607:fb90:17c2:7402:7169:391a:ecc2:1b70] (unknown [172.58.142.184]) (Authenticated sender: galtsev) by kicp.uchicago.edu (Postfix) with ESMTPSA id 441374E666; Mon, 22 Feb 2021 07:50:55 -0600 (CST) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Re: Upgrade to 12.2 and permission weirdness From: Valeri Galtsev In-Reply-To: <88d75a8e-558c-bda8-6402-9644c15bb429@druid.net> Date: Mon, 22 Feb 2021 07:50:52 -0600 Cc: "Kevin P. Neal" , freebsd-questions@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <69dcd9f7-b5f8-1111-8bea-9be93a493eba@druid.net> <88d75a8e-558c-bda8-6402-9644c15bb429@druid.net> To: D'Arcy Cain X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Rspamd-Queue-Id: 4Dkk9K2t07z3PgL X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=uchicago.edu (policy=none); spf=none (mx1.freebsd.org: domain of galtsev@kicp.uchicago.edu has no SPF policy when checking 128.135.20.70) smtp.mailfrom=galtsev@kicp.uchicago.edu X-Spamd-Result: default: False [-2.40 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RBL_DBL_DONT_QUERY_IPS(0.00)[128.135.20.70:from]; SPAMHAUS_ZRD(0.00)[128.135.20.70:from:127.0.2.255]; RECEIVED_SPAMHAUS_PBL(0.00)[172.58.142.184:received]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.997]; NEURAL_HAM_MEDIUM(-1.00)[-0.998]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:160, ipnet:128.135.0.0/16, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions]; DMARC_POLICY_SOFTFAIL(0.10)[uchicago.edu : No valid SPF, No valid DKIM,none] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 13:51:02 -0000 > On Feb 22, 2021, at 6:11 AM, D'Arcy Cain wrote: >=20 > --=20 > D'Arcy J.M. Cain | Democracy is three = wolves > http://www.druid.net/darcy/ | and a sheep voting on > +1 416 788 2246 (DoD#0082) (eNTP) | what's for dinner. > IM: darcy@VybeNetworks.com, VoIP: sip:darcy@druid.net >=20 This made my day! : > Disclaimer: By sending an email to ANY of my addresses you > are agreeing that: >=20 > 1. I am by definition, "the intended recipient". > 2. All information in the email is mine to do with as I see > fit and make such financial profit, political mileage, or > good joke as it lends itself to. In particular, I may quote > it where I please. > 3. I may take the contents as representing the views of > your company if I so wish. > 4. This overrides any disclaimer or statement of > confidentiality that may be included or implied in > your message. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@freebsd.org Mon Feb 22 14:58:12 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 734A654178C for ; Mon, 22 Feb 2021 14:58:12 +0000 (UTC) (envelope-from darcy@druid.net) Received: from mail.vex.net (mail.vex.net [98.158.132.68]) by mx1.freebsd.org (Postfix) with ESMTP id 4Dklfq27wgz3lDZ for ; Mon, 22 Feb 2021 14:58:10 +0000 (UTC) (envelope-from darcy@druid.net) Received: from imp.druid.net (unknown [IPv6:2607:9880:1150:40:ea2a:eaff:fe28:7058]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: darcy) by mail.vex.net (Postfix) with ESMTPSA id BA02554466; Mon, 22 Feb 2021 09:58:09 -0500 (EST) To: Valeri Galtsev Cc: "Kevin P. Neal" , freebsd-questions@freebsd.org References: <69dcd9f7-b5f8-1111-8bea-9be93a493eba@druid.net> <88d75a8e-558c-bda8-6402-9644c15bb429@druid.net> From: D'Arcy Cain Subject: Re: Upgrade to 12.2 and permission weirdness Message-ID: <3b4740e0-f5ce-a2a1-6b75-21fe648c616a@druid.net> Date: Mon, 22 Feb 2021 09:58:09 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4Dklfq27wgz3lDZ X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of darcy@druid.net has no SPF policy when checking 98.158.132.68) smtp.mailfrom=darcy@druid.net X-Spamd-Result: default: False [-1.71 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[druid.net]; RBL_DBL_DONT_QUERY_IPS(0.00)[98.158.132.68:from]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[98.158.132.68:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-0.71)[-0.708]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:19842, ipnet:98.158.132.0/24, country:CA]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 14:58:12 -0000 On 2/22/21 8:50 AM, Valeri Galtsev wrote: > This made my day! : I actually stole it from someone else but I loved it. Interestingly you are the first person to comment on it. I have had the disclaimer on for months. I suspect that most people just see yet another long disclaimer and just ignore it. -- D'Arcy J.M. Cain | Democracy is three wolves http://www.druid.net/darcy/ | and a sheep voting on +1 416 788 2246 (DoD#0082) (eNTP) | what's for dinner. IM: darcy@VybeNetworks.com, VoIP: sip:darcy@druid.net Disclaimer: By sending an email to ANY of my addresses you are agreeing that: 1. I am by definition, "the intended recipient". 2. All information in the email is mine to do with as I see fit and make such financial profit, political mileage, or good joke as it lends itself to. In particular, I may quote it where I please. 3. I may take the contents as representing the views of your company if I so wish. 4. This overrides any disclaimer or statement of confidentiality that may be included or implied in your message. From owner-freebsd-questions@freebsd.org Mon Feb 22 15:26:39 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C4410542701 for ; Mon, 22 Feb 2021 15:26:39 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DkmHf42h4z3mvx for ; Mon, 22 Feb 2021 15:26:38 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.16.1/8.16.1) with ESMTPSA id 11MFQUGl005450 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Mon, 22 Feb 2021 09:26:30 -0600 (CST) (envelope-from tundra@tundraware.com) Subject: Re: Certbot crashes after update of python installed To: freebsd-questions@freebsd.org References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> <6b735533-ad9a-441d-817f-afb4100b43bc@yggdrasil.evilham.com> From: Tim Daneliuk Autocrypt: addr=tundra@tundraware.com; prefer-encrypt=mutual; keydata= xsFNBFlVgYoBEADIYD9W4mbKz5cEleX923hagDWkxyJl4kRiMJnz+dNAH71MItSdErMb0cFt CPxVncb4dR4R2ec0c0MjPcgVINNtbY1DMWsF7t31TKD8NG9ZjLqF6fZDFjgkRejqHytgjmCI UejrMSCf0UJsLtg+I3N1ZVVxd7ALj2bCvC/uc5S7j+YbNnhQvSoBbdFj/xOTjyOGGpk7WfB7 e42PGKq1NSgnI7tcY6HSaSH+LHeoc0yUpBb5A1ge+RhR1N9JTniEFe0qvOBi+HgUltEoxsk4 xb6IhpkDOTsxHvEg5h0ukfl8kG9cu+LrEBqwPaC8lPw3UmoTEAU+lXHanPE12JCF/54EtVCc rb4W0vqgGmLJzn5dRU/fWkar0FKPq4eoV0XMbGZKIC6pWQnMEsxEMpNvh7oefK6Kyn+LO+59 +sNYHbv1RImDJccmfHTOA6/jHdwOcnYy37U8UF7e+mGrwNs8GsMQx2AaQbR6VErakH3GBgft bMFOGQxiaRBkbzba7BZCQ060yhiC3/Mb/xHoVi7PBEmKig1SErTMA7Fh3CYPYIRDphNs6OSr tf9O4hbzUAsjbU3rxOfiWQjP3fSOM0KUBj4wpIWZlMrjAGnMIz2wHb211wsBiLqSaGiiO1LR 7RrcvbIFZvHQHiWe2tdRyuH3N/h7A316yoLfx+yy1gyP5weWsQARAQABzSRUaW0gRGFuZWxp dWsgPHR1bmRyYUB0dW5kcmF3YXJlLmNvbT7CwXcEEwEIACEFAllVgYoCGyMFCwkIBwIGFQgJ CgsCBBYCAwECHgECF4AACgkQdoOXo5EJFKntcA/9F9ags9Ik5C49N39iRq+yqBdn/Lr75rqv +Yg7JkjeVlwHpnQt1S6orTC7EaJc+AqY3szCEmhfuT0+E96Bw2k+G/XRnaedZ9SHSdImlmq0 RmOFpWLr67ScvlA9YG1tyR+QYraEFqK5EB6qhOWRJoz1BYtAAntK9b9gUTXt/277sT7lAWaj oPi4CDd4DofHc4E9VRsniMQNMLCWqc/ygAK07cWbK2Rh90tS2C4nK6OHFkNkK94zDilfxod1 NBFTUPPYfEU2CSa3eLlpfhYY3/2X7zNvmmCt+chHUnAhQLhldQ3WlqmTKP+ZK9LX002/bY1O M8Zk76WyA/A3EfsIUbnXBQvFyjwX6W4QEytlZWtp/yRIe64JOa3dZ8rkhragb2N4VgVLBVe3 jtZgfQ72pHrfNk/T0uT+hjFqInvIYiXkhxB2GiD7Ga28VuXojTmeoaW3GKcvoVxONSju7WzD XgyxWRmNpd5uifJcC3YU3tNNAosnQ0/5FW4wkducSEVwwqnAiSMQEMDDa/e6oP6GyOzes5SV LTNCRYdHWVKbxjetYU4SKm5RdLx9XuJo0qL9vO97mCNwdNkTM7gO2ycQ49qUiGbCZJOh2gpP ZRFrpJDxbloosAfOEB6IYjhb38u6jvbScJKK3bWA+a8TK4SrQpdRd1cAnW9sA8jCTV8ejZq0 CHnOwU0EWVWBigEQAJYuihAOOOe/kAn045Ayn+3is3S+6eV4IAgL6lJhoChkgUJJuFoRX9BY rd35z29+q2/UCoProzd4Mk66wXeWv6n4s5R79OUzjgMLCTVlVaMy4gjPL9NRDwMt7KYRF56g mnoKZwfPDi/oJ5toPPboW94FrMwonqbdqYM2Pyi/HPMe4e396WQ4TaA1CdhyzKHoFSpkGcjX zIQ5yQ5aaGS7wonRu/pg15dbu+8QOgxRNFa0bO+ntz/30u+VmxFqFVbExjuy3Or8fSBhJgx4 cfyrrunKLclpZ/52VeK3l53yWYpR8RaTZfzpu8Ih+ijAY4XLO5F8P1T6sEviMaTY2F0sbFRx ZJXsgFpiKeWPHUn7/LX7qcoFJYoFqG6b3n5km+qy39x6lMgJDuxKpeN6lYj//LB6xVzn0JI+ 4ZHPrEkFqxu8VkL7deCPTI67ZJik18jXjTH9sha1YBvgvxIPFMA7ZwXX2AwNu7PzdcCpWarS usOAHbjQBUsQ+ZPpI1oeFnsCPZ+8/mMcTjVRZyJxOPs3KnXZv2cXNuaa7lwkWS366gHzQI7O l6WdC8TyNjiOzR654cL8BgYQ/xNSW1vTXqPWSRU8/b/5IueY2tQJh0CKIvfoP0rk8976wa1R 8SRi08mwHX7+F5oSeXLRNHicQGpS1f0DywdRcQ0MFHyq/CV4dTltABEBAAHCwV8EGAEIAAkF AllVgYoCGwwACgkQdoOXo5EJFKkDNw//c8nailIVOV72l7Lze+2AuK9MYUCFb1i4qI1WTnG0 OHQlCAltPhdwZPAozJw/eNqIcuWQh8rZspve9ipj589wLSsVyaFRsuYXTiYZ9RlRsnJYa36h 2JML3ZGrRsSxaUEAggbiOKbwmw27JuOIPmC3Gln4tJuZ+nw6cfCgMI45bIzinVanxHwPLeLp BZKpaEYzAwtBykUfAXn3jDwrI95UlMJvhHDFuRgvb6uSyJIqmp5aR/BjnlSdEwICyWpRAVSt yqZeBMeHbCr1B97PIRzk/q0eHm9T+AoiZWwz1iVGGgkYdAaCfs2PBlNHmRm93cfgoEcaGvNb RbTXOe28niMJeYMQsnjOTy5AQIrhVKeP5E+qVs/oPK/inmLiTbjZcnrO2wR+uxpPGgmR6M/3 p8qyRdaOvT87HZXO+Wr+r9A4UnwhCPsfELwPlEo+TJQ/oE71Mlkx/ddQCWELcHjXrQF9YbzA Ml7g0zTkgHysh4DNkV5iYteOcmCwsWdOwn0H0yZfz6weyr8nEdPngyOjFNKMIpcTbeg8866c GxXAJj46dub4VdVwfvMRHfmmRJkjdId7YHWMgz2Kf7S7KPCROLis7WjlOdSS0q2m/7qy9WL/ ZW50YLS8ZZLMrnari5JxCyJX+8n6ZASo2AA93iTbKmYegK2LDwW1QLU1iAF3GyGOnSE= Message-ID: <410a3440-45a2-cad8-b186-19e7e7945366@tundraware.com> Date: Mon, 22 Feb 2021 09:26:24 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <6b735533-ad9a-441d-817f-afb4100b43bc@yggdrasil.evilham.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (oceanview.tundraware.com [45.55.60.57]); Mon, 22 Feb 2021 09:26:30 -0600 (CST) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: 11MFQUGl005450 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, score=-2.901, required 6, autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90, NICE_REPLY_A -0.00) X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-Rspamd-Queue-Id: 4DkmHf42h4z3mvx X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of tundra@tundraware.com designates 45.55.60.57 as permitted sender) smtp.mailfrom=tundra@tundraware.com X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[45.55.60.57:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[45.55.60.57:from:127.0.2.255]; ARC_NA(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_NA(0.00)[tundraware.com]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14061, ipnet:45.55.32.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 15:26:39 -0000 On 2/22/21 1:20 AM, Evilham wrote: > > It now requires version 3.2 or newer of the python cryptography package > but the version in the ports and packages is only 2.9.2. The best way around this is to install the 'pew' Python virtual environment manager and create a Python 3 virtualenv into which you install certbot. As a general practice, I avoid using system Python on any system under my control. I also do not pip install much for the system instance of the language. Pew/Virtualenvs give me a clean way to manage all that without soiling the base installation with odd additions and updates. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/ From owner-freebsd-questions@freebsd.org Mon Feb 22 15:52:35 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D2D3A543860 for ; Mon, 22 Feb 2021 15:52:35 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: from mail-qk1-x72e.google.com (mail-qk1-x72e.google.com [IPv6:2607:f8b0:4864:20::72e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DkmsZ5wtjz3qvQ for ; Mon, 22 Feb 2021 15:52:34 +0000 (UTC) (envelope-from jerry@seibercom.net) Received: by mail-qk1-x72e.google.com with SMTP id 81so13001568qkf.4 for ; Mon, 22 Feb 2021 07:52:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seibercom.net; s=google; h=date:from:to:subject:message-id:in-reply-to:references:reply-to :organization:mime-version; bh=v/mdtqQmjTbnKZrkuzw9kfaYTjKpoN3tyEImn9E1UP8=; b=VGaYYosag7UEaMzWjOONOSiU5iUZnze6SCUZrpWwNfIrSif9oqCfH2Y7cTOoZ2PWpc ndiNh8HdKS89l0GVdymsN4EAvhsdjZ4NRXFtPjX3mOoZfsNlMl5ka3bB6WsRDyiXPj+s SZE/He+oASvmU5Gb46QITuUG0ITheMo50h0SQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:in-reply-to :references:reply-to:organization:mime-version; bh=v/mdtqQmjTbnKZrkuzw9kfaYTjKpoN3tyEImn9E1UP8=; b=NuPxUXCtbnQOgE2BZ4AJ0aUPbDFXPAX5YzitB2vZZEdUy4DW8ZLPgv5U86PkXJ4qKK a9WvMQgPX6j6yV3oXokbfmHFSt5C0zmurXVUGuQGqbdXj1bnpy/RkXPw17qwUQSAiJov vW796pPtBcO598VtRtmEbIDArCkTKh2QgDNm1B7Pxf1/XlMwIXdwMgp3Zy04hBV7P9/R DtUslHOlpZmt0cDuVsKidGhaVjVqP6hQuDaKP5R32Re8n4WXBwyiZRZJhE6PbF/mj2Gg iq1IMsD6DEXMKTEoZajT7a0L0E+qZwf6z4pHjnvwis3bRY8CykW3K4IP6edtS85YqrIV eANQ== X-Gm-Message-State: AOAM5334NJvKIgMpYy5+LmxpSpHDiDmcy/wD3yfrqpZ7xj8DShXBIOAs 2BnDnpBkS9M1969JB5m9gFHP03IzucratA== X-Google-Smtp-Source: ABdhPJyMXsc++zSU3n5/CXXHlsACcwgAZwgt+3iGrDlT7Mh0TomOhgw7AZyKSDeqYD5TY47iUZmLqQ== X-Received: by 2002:ae9:f442:: with SMTP id z2mr5986452qkl.303.1614009153284; Mon, 22 Feb 2021 07:52:33 -0800 (PST) Received: from scorpio.seibercom.net (cpe-174-109-231-236.nc.res.rr.com. [174.109.231.236]) by smtp.gmail.com with ESMTPSA id y15sm2784990qtb.29.2021.02.22.07.52.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 22 Feb 2021 07:52:32 -0800 (PST) Received: from localhost (zeus.seibercom.net [192.168.1.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: jerry@seibercom.net) by scorpio.seibercom.net (Postfix) with ESMTPSA id 4DkmsW0NGZz1Fr4 for ; Mon, 22 Feb 2021 10:52:31 -0500 (EST) Date: Mon, 22 Feb 2021 10:52:12 -0500 From: Jerry To: freebsd-questions@freebsd.org Subject: Re: Certbot crashes after update of python installed Message-ID: <20210222105212.00004188@seibercom.net> In-Reply-To: <410a3440-45a2-cad8-b186-19e7e7945366@tundraware.com> References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> <6b735533-ad9a-441d-817f-afb4100b43bc@yggdrasil.evilham.com> <410a3440-45a2-cad8-b186-19e7e7945366@tundraware.com> Reply-To: freebsd-questions@freebsd.org Organization: seibercom.net X-Mailer: Claws Mail 3.17.4 (GTK+ 2.24.32; i686-w64-mingw32) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; boundary="Sig_/nJORgLCKPwiTQU1iLHYPndR"; protocol="application/pgp-signature" X-Rspamd-Queue-Id: 4DkmsZ5wtjz3qvQ X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dkim=pass header.d=seibercom.net header.s=google header.b=VGaYYosa; dmarc=none; spf=pass (mx1.freebsd.org: domain of jerry@seibercom.net designates 2607:f8b0:4864:20::72e as permitted sender) smtp.mailfrom=jerry@seibercom.net X-Spamd-Result: default: False [1.56 / 15.00]; HAS_REPLYTO(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; GREYLIST(0.00)[pass,meta]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; TO_DN_NONE(0.00)[]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; DKIM_TRACE(0.00)[seibercom.net:+]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RECEIVED_SPAMHAUS_PBL(0.00)[174.109.231.236:received]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; REPLYTO_EQ_TO_ADDR(5.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::72e:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.84)[-0.841]; R_DKIM_ALLOW(-0.20)[seibercom.net:s=google]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[seibercom.net]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::72e:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::72e:from]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 15:52:35 -0000 --Sig_/nJORgLCKPwiTQU1iLHYPndR Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On Mon, 22 Feb 2021 09:26:24 -0600, Tim Daneliuk stated: >On 2/22/21 1:20 AM, Evilham wrote: >>=20 >> It now requires version 3.2 or newer of the python cryptography >> package but=C2=A0the=C2=A0version=C2=A0in=C2=A0the=C2=A0ports=C2=A0and= =C2=A0packages=C2=A0is=C2=A0only=C2=A02.9.2. =20 > > >The best way around this is to install the 'pew' Python virtual >environment manager and create a Python 3 virtualenv into which you >install certbot. > >As a general practice, I avoid using system Python on any system under >my control. I also do not pip install much for the system instance of >the language. Pew/Virtualenvs give me a clean way to manage all that >without soiling the base installation with odd additions and updates. At the very least, there should be something in "UPDATING" that references this problem, and a reasonable method to work around this problem. --=20 Jerry --Sig_/nJORgLCKPwiTQU1iLHYPndR Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQGzBAEBCAAdFiEELeCiu2K+9VmEYYgTgHBP8gv9FXcFAmAz0zIACgkQgHBP8gv9 FXdprQv/esksOXeNGbPngOetsTvN4DlEcpIzxBei0YUVyRbCX0rrWacajN5xRU0m bcSv2HoNOcprq6DHzHzJJzlKeC+SXl8RqJOFY//IowXYd6lmprUynIpKJjJnsXQJ Zg7kuwJhOFMmhQ3LNGRs3h1opd9rGYq6hm/22MPVoLR1YUSK11eQibCIJifU1YgH JKxG8C7E/Va93fB83+9gs6REEOBQM+/uS5TIRLdLy1+8C2zcokhgRfyeNYeDkKi7 sGXvz/vWzSygMpwWiWwWOlIvvwDVo4GpJE4GXyFTU2pmUNkf8gO+L+eGNDspmH+z Ce27kGY6hDUBUQi155fk5Z4EcU3OsHYlwvsWMAhsvTijWiGYiLl7po8NgX474wmE n1VggdIawoJXmo+rOfKRjk/H4stZQIuk59q4fpdTx2pS9d+CIDB6HTy1TsLATE7b n9lna78+JIGTt9SG1wWq/r5ogxHMlpES+I/pnakf5WmhUHPmG8ojVPkfQzOk5PvC zWbigvyB =KH1Q -----END PGP SIGNATURE----- --Sig_/nJORgLCKPwiTQU1iLHYPndR-- From owner-freebsd-questions@freebsd.org Mon Feb 22 17:50:18 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 623BB547060 for ; Mon, 22 Feb 2021 17:50:18 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DkqTP3Fccz4Tgv for ; Mon, 22 Feb 2021 17:50:17 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.16.1/8.16.1) with ESMTPSA id 11MHo3KK026677 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Mon, 22 Feb 2021 11:50:03 -0600 (CST) (envelope-from tundra@tundraware.com) Subject: Re: Certbot crashes after update of python installed To: freebsd-questions@freebsd.org References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> <6b735533-ad9a-441d-817f-afb4100b43bc@yggdrasil.evilham.com> <410a3440-45a2-cad8-b186-19e7e7945366@tundraware.com> <20210222105212.00004188@seibercom.net> From: Tim Daneliuk Autocrypt: addr=tundra@tundraware.com; prefer-encrypt=mutual; keydata= xsFNBFlVgYoBEADIYD9W4mbKz5cEleX923hagDWkxyJl4kRiMJnz+dNAH71MItSdErMb0cFt CPxVncb4dR4R2ec0c0MjPcgVINNtbY1DMWsF7t31TKD8NG9ZjLqF6fZDFjgkRejqHytgjmCI UejrMSCf0UJsLtg+I3N1ZVVxd7ALj2bCvC/uc5S7j+YbNnhQvSoBbdFj/xOTjyOGGpk7WfB7 e42PGKq1NSgnI7tcY6HSaSH+LHeoc0yUpBb5A1ge+RhR1N9JTniEFe0qvOBi+HgUltEoxsk4 xb6IhpkDOTsxHvEg5h0ukfl8kG9cu+LrEBqwPaC8lPw3UmoTEAU+lXHanPE12JCF/54EtVCc rb4W0vqgGmLJzn5dRU/fWkar0FKPq4eoV0XMbGZKIC6pWQnMEsxEMpNvh7oefK6Kyn+LO+59 +sNYHbv1RImDJccmfHTOA6/jHdwOcnYy37U8UF7e+mGrwNs8GsMQx2AaQbR6VErakH3GBgft bMFOGQxiaRBkbzba7BZCQ060yhiC3/Mb/xHoVi7PBEmKig1SErTMA7Fh3CYPYIRDphNs6OSr tf9O4hbzUAsjbU3rxOfiWQjP3fSOM0KUBj4wpIWZlMrjAGnMIz2wHb211wsBiLqSaGiiO1LR 7RrcvbIFZvHQHiWe2tdRyuH3N/h7A316yoLfx+yy1gyP5weWsQARAQABzSRUaW0gRGFuZWxp dWsgPHR1bmRyYUB0dW5kcmF3YXJlLmNvbT7CwXcEEwEIACEFAllVgYoCGyMFCwkIBwIGFQgJ CgsCBBYCAwECHgECF4AACgkQdoOXo5EJFKntcA/9F9ags9Ik5C49N39iRq+yqBdn/Lr75rqv +Yg7JkjeVlwHpnQt1S6orTC7EaJc+AqY3szCEmhfuT0+E96Bw2k+G/XRnaedZ9SHSdImlmq0 RmOFpWLr67ScvlA9YG1tyR+QYraEFqK5EB6qhOWRJoz1BYtAAntK9b9gUTXt/277sT7lAWaj oPi4CDd4DofHc4E9VRsniMQNMLCWqc/ygAK07cWbK2Rh90tS2C4nK6OHFkNkK94zDilfxod1 NBFTUPPYfEU2CSa3eLlpfhYY3/2X7zNvmmCt+chHUnAhQLhldQ3WlqmTKP+ZK9LX002/bY1O M8Zk76WyA/A3EfsIUbnXBQvFyjwX6W4QEytlZWtp/yRIe64JOa3dZ8rkhragb2N4VgVLBVe3 jtZgfQ72pHrfNk/T0uT+hjFqInvIYiXkhxB2GiD7Ga28VuXojTmeoaW3GKcvoVxONSju7WzD XgyxWRmNpd5uifJcC3YU3tNNAosnQ0/5FW4wkducSEVwwqnAiSMQEMDDa/e6oP6GyOzes5SV LTNCRYdHWVKbxjetYU4SKm5RdLx9XuJo0qL9vO97mCNwdNkTM7gO2ycQ49qUiGbCZJOh2gpP ZRFrpJDxbloosAfOEB6IYjhb38u6jvbScJKK3bWA+a8TK4SrQpdRd1cAnW9sA8jCTV8ejZq0 CHnOwU0EWVWBigEQAJYuihAOOOe/kAn045Ayn+3is3S+6eV4IAgL6lJhoChkgUJJuFoRX9BY rd35z29+q2/UCoProzd4Mk66wXeWv6n4s5R79OUzjgMLCTVlVaMy4gjPL9NRDwMt7KYRF56g mnoKZwfPDi/oJ5toPPboW94FrMwonqbdqYM2Pyi/HPMe4e396WQ4TaA1CdhyzKHoFSpkGcjX zIQ5yQ5aaGS7wonRu/pg15dbu+8QOgxRNFa0bO+ntz/30u+VmxFqFVbExjuy3Or8fSBhJgx4 cfyrrunKLclpZ/52VeK3l53yWYpR8RaTZfzpu8Ih+ijAY4XLO5F8P1T6sEviMaTY2F0sbFRx ZJXsgFpiKeWPHUn7/LX7qcoFJYoFqG6b3n5km+qy39x6lMgJDuxKpeN6lYj//LB6xVzn0JI+ 4ZHPrEkFqxu8VkL7deCPTI67ZJik18jXjTH9sha1YBvgvxIPFMA7ZwXX2AwNu7PzdcCpWarS usOAHbjQBUsQ+ZPpI1oeFnsCPZ+8/mMcTjVRZyJxOPs3KnXZv2cXNuaa7lwkWS366gHzQI7O l6WdC8TyNjiOzR654cL8BgYQ/xNSW1vTXqPWSRU8/b/5IueY2tQJh0CKIvfoP0rk8976wa1R 8SRi08mwHX7+F5oSeXLRNHicQGpS1f0DywdRcQ0MFHyq/CV4dTltABEBAAHCwV8EGAEIAAkF AllVgYoCGwwACgkQdoOXo5EJFKkDNw//c8nailIVOV72l7Lze+2AuK9MYUCFb1i4qI1WTnG0 OHQlCAltPhdwZPAozJw/eNqIcuWQh8rZspve9ipj589wLSsVyaFRsuYXTiYZ9RlRsnJYa36h 2JML3ZGrRsSxaUEAggbiOKbwmw27JuOIPmC3Gln4tJuZ+nw6cfCgMI45bIzinVanxHwPLeLp BZKpaEYzAwtBykUfAXn3jDwrI95UlMJvhHDFuRgvb6uSyJIqmp5aR/BjnlSdEwICyWpRAVSt yqZeBMeHbCr1B97PIRzk/q0eHm9T+AoiZWwz1iVGGgkYdAaCfs2PBlNHmRm93cfgoEcaGvNb RbTXOe28niMJeYMQsnjOTy5AQIrhVKeP5E+qVs/oPK/inmLiTbjZcnrO2wR+uxpPGgmR6M/3 p8qyRdaOvT87HZXO+Wr+r9A4UnwhCPsfELwPlEo+TJQ/oE71Mlkx/ddQCWELcHjXrQF9YbzA Ml7g0zTkgHysh4DNkV5iYteOcmCwsWdOwn0H0yZfz6weyr8nEdPngyOjFNKMIpcTbeg8866c GxXAJj46dub4VdVwfvMRHfmmRJkjdId7YHWMgz2Kf7S7KPCROLis7WjlOdSS0q2m/7qy9WL/ ZW50YLS8ZZLMrnari5JxCyJX+8n6ZASo2AA93iTbKmYegK2LDwW1QLU1iAF3GyGOnSE= Message-ID: <4e6bf84b-e68d-8506-281c-2810884cfee8@tundraware.com> Date: Mon, 22 Feb 2021 11:49:57 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20210222105212.00004188@seibercom.net> Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="8iyU0Ege5bstbQhjmp4Bb0fNjCvMCsaQn" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (oceanview.tundraware.com [45.55.60.57]); Mon, 22 Feb 2021 11:50:03 -0600 (CST) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: 11MHo3KK026677 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, score=-2.901, required 6, autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90, NICE_REPLY_A -0.00) X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-Rspamd-Queue-Id: 4DkqTP3Fccz4Tgv X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of tundra@tundraware.com designates 45.55.60.57 as permitted sender) smtp.mailfrom=tundra@tundraware.com X-Spamd-Result: default: False [-5.40 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[45.55.60.57:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; HAS_ATTACHMENT(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[45.55.60.57:from:127.0.2.255]; ARC_NA(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_NA(0.00)[tundraware.com]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~]; ASN(0.00)[asn:14061, ipnet:45.55.32.0/19, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 17:50:18 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --8iyU0Ege5bstbQhjmp4Bb0fNjCvMCsaQn Content-Type: multipart/mixed; boundary="TwLvMuURe9vVdK27RlMjnpJsbZh2gTi4Q" --TwLvMuURe9vVdK27RlMjnpJsbZh2gTi4Q Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable On 2/22/21 9:52 AM, Jerry wrote: > At the very least, there should be something in "UPDATING" that > references this problem, and a reasonable method to work around this > problem. Well, Python 2.x has been noted as on its way to EOL for several years and FreeBSD explicitly notes it as so. This seems like a non problem. I have Python software that depends on 2.x and 3.x. To avoid having to fiddle with what version is used where, I make use of the pew-based solution which is simple puts what you need in distinct containers. --TwLvMuURe9vVdK27RlMjnpJsbZh2gTi4Q-- --8iyU0Ege5bstbQhjmp4Bb0fNjCvMCsaQn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEGbsLm2w/DHHJGNYPdoOXo5EJFKkFAmAz7sYACgkQdoOXo5EJ FKn2zRAAvrkbwIs0H1KOPmQO8+iegNZVz29rZ9WuVH8m6FnmolMcvR9KVvUau+d7 OkzaO/V1/YyvD+veQT1hY94TaFYK72JU9oBvUZITFRxhlDy2d+9CRIC5sJWAUw57 4x3Si1/CQEK01LyAFxueQ+tn3Oog56/QymEo6jkSrqDBirUXe7C2w3UYJu9sPSvC gQ56zlWdxavfhqGX0cuIyErnGvvOiNDUGID8IH8F9IYvVAfFbnV9PbggtTzlmVVL QrsJG8vDlcYShFkc9JFT0xarQ7s94N88W0H9qgNKum9EH8JUc9AqMQpmBSJq6Oz3 Zc1sqQHIMLfU6wQMcJRT7Z0Z11OFwVtuml+fD/BYl2AxwTaUG6nLh8D4+irnjQut 2FqasJDh9Qnv2utxI+5+wNlJvvD+HGjyGmnqJbFTRK1DPWveBoRRNumojMxGeCDR VP5264MUNNRjF2Xo7jHMiaoWXe3A4mn3u5f6Gt368+yWwATJI/wXiwDN8sT3Mem1 tOX40EzY+Eq70wmHxFmLGErlVpIviUiDcxJ1cdq3BTjxQ9uFuUcmiWLTHHS9DHjM qa1oja7CexYVSzUXsjgSmrEAhV00NKjD6+FcWUDAjV+lTlx8GrLduVkanIpyNLKs r+mQJnqlbRpEbdaugOe4J3qYN4oiK61QIVrODaxF5HLZgxkArLU= =S5cJ -----END PGP SIGNATURE----- --8iyU0Ege5bstbQhjmp4Bb0fNjCvMCsaQn-- From owner-freebsd-questions@freebsd.org Mon Feb 22 18:16:22 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B44FD5493CD for ; Mon, 22 Feb 2021 18:16:22 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received: from webmail.dweimer.net (024-240-198-186.biz.spectrum.com [24.240.198.186]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "dweimer.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dkr3T71cHz4X0r for ; Mon, 22 Feb 2021 18:16:21 +0000 (UTC) (envelope-from dweimer@dweimer.net) Received-SPF: pass (webmail.dweimer.net: authenticated connection) receiver=webmail.dweimer.net; client-ip=10.9.5.1; helo=www.dweimer.net; envelope-from=dweimer@dweimer.net; x-software=spfmilter 2.001 http://www.acme.com/software/spfmilter/ with libspf2-1.2.10; Received: from www.dweimer.net (pfsense.dweimer.me [10.9.5.1]) (authenticated bits=0) by webmail.dweimer.net (8.16.1/8.16.1) with ESMTPSA id 11MIGJkF064221 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Mon, 22 Feb 2021 12:16:20 -0600 (CST) (envelope-from dweimer@dweimer.net) MIME-Version: 1.0 Date: Mon, 22 Feb 2021 12:16:14 -0600 From: "Dean E. Weimer" To: Tim Daneliuk Cc: freebsd-questions@freebsd.org Subject: Re: Certbot crashes after update of python installed Reply-To: dweimer@dweimer.net In-Reply-To: <4e6bf84b-e68d-8506-281c-2810884cfee8@tundraware.com> References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> <6b735533-ad9a-441d-817f-afb4100b43bc@yggdrasil.evilham.com> <410a3440-45a2-cad8-b186-19e7e7945366@tundraware.com> <20210222105212.00004188@seibercom.net> <4e6bf84b-e68d-8506-281c-2810884cfee8@tundraware.com> User-Agent: Roundcube Webmail/1.4.11 Message-ID: X-Sender: dweimer@dweimer.net Organization: dweimer.net Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Dkr3T71cHz4X0r X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; HAS_REPLYTO(0.00)[dweimer@dweimer.net]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:24.240.198.184/29]; REPLYTO_ADDR_EQ_FROM(0.00)[]; HAS_ORG_HEADER(0.00)[]; DKIM_TRACE(0.00)[dweimer.net:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[dweimer.net,reject]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[24.240.198.186:from]; ASN(0.00)[asn:20115, ipnet:24.240.196.0/22, country:US]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[dweimer.net:s=2017.01.31]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[24.240.198.186:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Feb 2021 18:16:22 -0000 On 2021-02-22 11:49 am, Tim Daneliuk wrote: > On 2/22/21 9:52 AM, Jerry wrote: >> At the very least, there should be something in "UPDATING" that >> references this problem, and a reasonable method to work around this >> problem. > > Well, Python 2.x has been noted as on its way to EOL for several years > and FreeBSD explicitly notes it as so. This seems like a non problem. > > > I have Python software that depends on 2.x and 3.x. To avoid having to > fiddle with what version is used where, I make use of the pew-based > solution which is simple puts what you need in distinct containers. Its not a Python 2.x to 3.x issue, its the Certbot dependency on py-openssl, the update made on Feb 19th to version 20.0.1 of py-openssl, missed a dependency requirement. I had mine working with python 3.9 for a while. It had recently broke after some updates, but I hadn't had time to look into yet. Here is what I found. from https://pypi.org/project/pyOpenSSL/ 20.0.0 (2020-11-27) Backward-incompatible changes: The minimum cryptography version is now 3.2. Remove deprecated OpenSSL.tsafe module. Removed deprecated OpenSSL.SSL.Context.set_npn_advertise_callback, OpenSSL.SSL.Context.set_npn_select_callback, and OpenSSL.SSL.Connection.get_next_proto_negotiated. Drop support for Python 3.4 Drop support for OpenSSL 1.0.1 and 1.0.2 So the real issue is the py-openssl port, and it looks like someone has already filed a bug report. https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253711 -- Thanks, Dean E. Weimer http://www.dweimer.net/ From owner-freebsd-questions@freebsd.org Tue Feb 23 10:23:19 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 606EF565A3C for ; Tue, 23 Feb 2021 10:23:19 +0000 (UTC) (envelope-from erwan@rail.eu.org) Received: from tgv.rail.eu.org (mail.rail.eu.org [IPv6:2001:bc8:30d3:ff17::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DlFWB3BXXz4lb7 for ; Tue, 23 Feb 2021 10:23:18 +0000 (UTC) (envelope-from erwan@rail.eu.org) Received: from [IPv6:2a01:e0a:2b7:70e1:b257:b500:781b:d14a] (unknown [IPv6:2a01:e0a:2b7:70e1:b257:b500:781b:d14a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) (Authenticated sender: erwan) by tgv.rail.eu.org (Postfix) with ESMTPSA id 0ED9FF75B for ; Tue, 23 Feb 2021 11:23:09 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=rail.eu.org; s=mail; t=1614075789; bh=Eab35JQ0d27oTShmetOJn4xYbaDUVAxpkzQxMAJxWvA=; h=To:From:Subject:Date:From; b=WXHc3RRS0caKB7FKvrv96VnZTFEWawKYlpvoEi4s7JEDkuaOHC9X7PegkFP+KsBXy uL5gWaKNm33zkQaSa70144VRPx2SOPUnDI4ZfKT1Q87XP3ND1uRamkErcQsnuJHaRm UFF1oWAR6tObvpAivEwpQCnOG0PmGLAC2U4byc48= To: freebsd-questions@freebsd.org From: Erwan David Subject: mounting webdav from nextcloud Message-ID: <2c146faa-ce58-ed38-7c5f-48bee07ede07@rail.eu.org> Date: Tue, 23 Feb 2021 11:23:08 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: fr Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4DlFWB3BXXz4lb7 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=rail.eu.org header.s=mail header.b=WXHc3RRS; dmarc=pass (policy=none) header.from=rail.eu.org; spf=pass (mx1.freebsd.org: domain of erwan@rail.eu.org designates 2001:bc8:30d3:ff17::2 as permitted sender) smtp.mailfrom=erwan@rail.eu.org X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[rail.eu.org:s=mail]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ptr]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2001:bc8:30d3:ff17::2:from:127.0.2.255]; ARC_NA(0.00)[]; DKIM_TRACE(0.00)[rail.eu.org:+]; DMARC_POLICY_ALLOW(-0.50)[rail.eu.org,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2001:bc8:30d3:ff17::2:from]; ASN(0.00)[asn:12876, ipnet:2001:bc8::/32, country:FR]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Feb 2021 10:23:19 -0000 Hi, I try to mount a webdav share (located on a nextcloud server). I sued to use fusefs-wdfs for this, but it is no more in the ports. I tried fusefs-webdavfs which refuses to mount read-write with message https:///remote.php/dav/files//: no PUT Range support, mounting read-only From a linux davfs2 can mount readwrite (but it the goal is to mount it on FreeBSD) do someone have an idea ? From owner-freebsd-questions@freebsd.org Wed Feb 24 07:12:55 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id BC00D552474 for ; Wed, 24 Feb 2021 07:12:55 +0000 (UTC) (envelope-from vladilen.kozin@gmail.com) Received: from mail-il1-x12a.google.com (mail-il1-x12a.google.com [IPv6:2607:f8b0:4864:20::12a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DlnF22lGZz4VrD for ; Wed, 24 Feb 2021 07:12:54 +0000 (UTC) (envelope-from vladilen.kozin@gmail.com) Received: by mail-il1-x12a.google.com with SMTP id e7so870020ile.7 for ; Tue, 23 Feb 2021 23:12:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=V4+ciiR9b58ZDx0S0rUrTuyYmK3AjqvPS1RoegKFWdU=; b=pUwuph0nC2hECqvPgdFgMOQwik9O1qqWVZg9GjZcHcNU/tH4M87VyUO/IlfUxP5ps8 EcQg0zQj/F75Lp+MlqKOpR4UIiwEN6/WT0psoeEaTyGSybeS0XyYjIMd2FHNxL94E+0p q1ihAWU+U0VdRS9rRs1f5nEH6/il83ZKyiFKj5mnpNpqnrS8IAyqfiPdZMbB/iFGSNs/ GFNYv5PnoNW9iqIEyoRvvKmo2pQA7XcRgDWJI1GAMhLKsirmjr33P2SfTyV+l8lY8cZ2 uUdxizD/+uVtwXwLcz7/QwlObIZdksVvF7PoofwuZOBkPACcAj0dDDnONNWz8BUDCm/B hBng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=V4+ciiR9b58ZDx0S0rUrTuyYmK3AjqvPS1RoegKFWdU=; b=bmwBu0ohtiixudpnmCMW0csOKh7EextUkihrtAGz116O6SUL32zByfTbdpAuQSOMJ4 ZUPxs4CvtYJgKmm6oz9+FNy6gP9LSi/knNa12e+vwLq0MQeiOE3o/93S7NALs2SoElIi QFZjzdTIhF00X6+SGxRMI5zxyxewQKtebltQ2y8MBlsD7n4QwXz6LXerk+MYiHhcDj2P DfuA5dVsrT9F+lrmDbsnZKpy9FRdSsGC8mxxWTdHggP3rO30YVUUwg/ppPNQO78xAVl5 H8n4loktjkLaD1ra0b4y/AmGnqcqzlg3fjyOXcv1dd3k1/vwOcCgbaUv+5OZDZSJfAXw K8IA== X-Gm-Message-State: AOAM531jcHCXZSsiZDE/H5f9b5PYCBmLaFSgEXiONCp4GFpj0DTYUrFE Cce74S4k288D/RIIQUKvxed3esWZNOgkK24XcuiboQeR X-Google-Smtp-Source: ABdhPJwZoJ2a5L11NThdtjA5LFkbcMVofimWk9BCBiYfyFQCiNlDgmNEhFDA8O8Tj6aG0h0fD+gbcwTcYUBx9XJQaBg= X-Received: by 2002:a92:d2c6:: with SMTP id w6mr6454005ilg.273.1614150773129; Tue, 23 Feb 2021 23:12:53 -0800 (PST) MIME-Version: 1.0 From: Vladilen Kozin Date: Wed, 24 Feb 2021 07:12:42 +0000 Message-ID: Subject: case of vanishing freebsd forum threads To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4DlnF22lGZz4VrD X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=pUwuph0n; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of vladilenkozin@gmail.com designates 2607:f8b0:4864:20::12a as permitted sender) smtp.mailfrom=vladilenkozin@gmail.com X-Spamd-Result: default: False [-2.00 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::12a:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::12a:from:127.0.2.255]; NEURAL_SPAM_SHORT(1.00)[1.000]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::12a:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 07:12:55 -0000 I don't know if anyone experienced it but here's a puzzling thing that I've no other way to report than to write to a mailing list. If people in charge of FreeBSD Forums are reading this, could you ... well dunno ... maybe investigate and fix please. I started a thread in Storage with the title roughly "hot swap drive behind RAID 0". It showed there for about an hour and then simply vanished. No longer shows up anywhere including my content or threads started by me. Silly me thought maybe I should post in Feedback about it. Well, what do you know that thread stayed there for about an hour pending approval or something and is now nowhere to be found either. Apologies for posting here but I've no other venue to report since forum doesn't appear to ... well ... forum. -- Best regards Vlad Kozin From owner-freebsd-questions@freebsd.org Wed Feb 24 07:52:15 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5E9F75533B8 for ; Wed, 24 Feb 2021 07:52:15 +0000 (UTC) (envelope-from c.brinkhaus@t-online.de) Received: from mailout08.t-online.de (mailout08.t-online.de [194.25.134.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailout00.t-online.de", Issuer "TeleSec ServerPass Class 2 CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dlp6Q2FCHz4Y9m for ; Wed, 24 Feb 2021 07:52:14 +0000 (UTC) (envelope-from c.brinkhaus@t-online.de) Received: from fwd28.aul.t-online.de (fwd28.aul.t-online.de [172.20.26.133]) by mailout08.t-online.de (Postfix) with SMTP id 0C7B1A0C06; Wed, 24 Feb 2021 08:52:12 +0100 (CET) Received: from celsius.local (ZZMASEZCgh7+FMN5iKHZ-ROun3ryX6gUmOeSZV9VXSEQXuQefzUqI74RfVT3dQxgCr@[217.226.182.236]) by fwd28.t-online.de with (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384 encrypted) esmtp id 1lEoxt-4FBB7A0; Wed, 24 Feb 2021 08:52:09 +0100 Received: by celsius.local (Postfix, from userid 1001) id 6EFD5100097; Wed, 24 Feb 2021 08:52:09 +0100 (CET) Date: Wed, 24 Feb 2021 08:52:09 +0100 From: Christoph Brinkhaus To: Vladilen Kozin Cc: freebsd-questions@freebsd.org Subject: Re: case of vanishing freebsd forum threads Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-ID: ZZMASEZCgh7+FMN5iKHZ-ROun3ryX6gUmOeSZV9VXSEQXuQefzUqI74RfVT3dQxgCr X-TOI-EXPURGATEID: 150726::1614153130-00000C65-E4FB88A3/0/0 CLEAN NORMAL X-TOI-MSGID: 40720a64-d646-4945-a567-eda48c7f0358 X-Rspamd-Queue-Id: 4Dlp6Q2FCHz4Y9m X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of c.brinkhaus@t-online.de has no SPF policy when checking 194.25.134.20) smtp.mailfrom=c.brinkhaus@t-online.de X-Spamd-Result: default: False [-1.60 / 15.00]; TO_DN_SOME(0.00)[]; FREEMAIL_FROM(0.00)[t-online.de]; RWL_MAILSPIKE_GOOD(0.00)[194.25.134.20:from]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[t-online.de]; ASN(0.00)[asn:3320, ipnet:194.25.0.0/16, country:DE]; RBL_DBL_DONT_QUERY_IPS(0.00)[194.25.134.20:from]; RECEIVED_SPAMHAUS_PBL(0.00)[217.226.182.236:received]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; TAGGED_RCPT(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[t-online.de]; AUTH_NA(1.00)[]; SPAMHAUS_ZRD(0.00)[194.25.134.20:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[194.25.134.20:from]; R_SPF_NA(0.00)[no SPF record]; MID_RHS_NOT_FQDN(0.50)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 07:52:15 -0000 Am Wed, Feb 24, 2021 at 07:12:42AM +0000 schrieb Vladilen Kozin: Hi Vladilen! > I don't know if anyone experienced it but here's a puzzling thing that > I've no other way to report than to write to a mailing list. If people > in charge of FreeBSD Forums are reading this, could you ... well dunno > ... maybe investigate and fix please. I am not a modertor. But for the first posts (10 or so) a moderator will review it. I think you just have to wait a few hours until a moderator has the time to do so. > > I started a thread in Storage with the title roughly "hot swap drive > behind RAID 0". It showed there for about an hour and then simply > vanished. No longer shows up anywhere including my content or threads > started by me. Silly me thought maybe I should post in Feedback about > it. Well, what do you know that thread stayed there for about an hour > pending approval or something and is now nowhere to be found either. Currently I do not see any new threads as described. > Apologies for posting here but I've no other venue to report since > forum doesn't appear to ... well ... forum. You are not the only one who has wondered about that. Just be a little patient. Kind regards, Christoph From owner-freebsd-questions@freebsd.org Wed Feb 24 08:35:04 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 49EE2555539 for ; Wed, 24 Feb 2021 08:35:04 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.netfence.it (mailserver.netfence.it [78.134.96.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mailserver.netfence.it", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dlq3p6WCqz4g5Z for ; Wed, 24 Feb 2021 08:35:02 +0000 (UTC) (envelope-from ml@netfence.it) Received: from alamar.ventu (mailserver.netfence.it [78.134.96.152]) (authenticated bits=0) by soth.netfence.it (8.16.1/8.16.1) with ESMTPSA id 11O8YrBv026707 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Wed, 24 Feb 2021 09:34:53 +0100 (CET) (envelope-from ml@netfence.it) X-Authentication-Warning: soth.netfence.it: Host mailserver.netfence.it [78.134.96.152] claimed to be alamar.ventu To: freebsd-questions@freebsd.org From: Andrea Venturoli Subject: openssl advisories Message-ID: Date: Wed, 24 Feb 2021 09:34:53 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.83 X-Rspamd-Queue-Id: 4Dlq3p6WCqz4g5Z X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=netfence.it; spf=pass (mx1.freebsd.org: domain of ml@netfence.it designates 78.134.96.152 as permitted sender) smtp.mailfrom=ml@netfence.it X-Spamd-Result: default: False [-3.80 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[78.134.96.152:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:78.134.96.152]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; HAS_XAW(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[78.134.96.152:from:127.0.2.255]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[netfence.it,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_COUNT_ONE(0.00)[1]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:35612, ipnet:78.134.0.0/17, country:IT]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 08:35:04 -0000 Hello. I saw OpenSSL has published some security updates last week, which some other OSes have already provided updated packages for. So I was kinda expecting a batch of security advisories for FreeBSD in these days. I was surprised, however, to see nothing openssl related coming. Are we not affected? Is such an SA expected in a few days? I'd just hate to begin upgrading every system and need to start over again before I even finish :) bye & Thanks av. From owner-freebsd-questions@freebsd.org Wed Feb 24 08:58:03 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C287C55609A for ; Wed, 24 Feb 2021 08:58:03 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.netfence.it (mailserver.netfence.it [78.134.96.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mailserver.netfence.it", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DlqZL5TcVz4hPc for ; Wed, 24 Feb 2021 08:58:02 +0000 (UTC) (envelope-from ml@netfence.it) Received: from alamar.ventu (mailserver.netfence.it [78.134.96.152]) (authenticated bits=0) by soth.netfence.it (8.16.1/8.16.1) with ESMTPSA id 11O8vwCv029706 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Wed, 24 Feb 2021 09:57:58 +0100 (CET) (envelope-from ml@netfence.it) X-Authentication-Warning: soth.netfence.it: Host mailserver.netfence.it [78.134.96.152] claimed to be alamar.ventu From: Andrea Venturoli Subject: SSL Certificates in base To: freebsd-questions@freebsd.org Message-ID: <0d404f23-b248-b05a-d6e0-2aafcd80e609@netfence.it> Date: Wed, 24 Feb 2021 09:57:58 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.83 X-Rspamd-Queue-Id: 4DlqZL5TcVz4hPc X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=netfence.it; spf=pass (mx1.freebsd.org: domain of ml@netfence.it designates 78.134.96.152 as permitted sender) smtp.mailfrom=ml@netfence.it X-Spamd-Result: default: False [-3.80 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[78.134.96.152:from]; R_SPF_ALLOW(-0.20)[+ip4:78.134.96.152:c]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[78.134.96.152:from:127.0.2.255]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[netfence.it,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_COUNT_ONE(0.00)[1]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:35612, ipnet:78.134.0.0/17, country:IT]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 08:58:03 -0000 Hello again. Sorry if this a dumb question or FAQ: I tried, but failed to find any official documentation on this. In the past, I've always installed security/ca_root_nss to let SSL work, as there were no CA certificates in base. 12.2 (and possibly older 12.x, I don't know) already provide several certificates in /usr/share/certs/trusted. How are we expected to deal with this? Is security/ca_root_nss still needed/suggested? Is it expected to be obsoleted (although easier to update)? What's the correct procedure to add additional certificates? I guess just dropping them in /usr/share/certs/trusted won't be enough... bye & Thanks av. From owner-freebsd-questions@freebsd.org Wed Feb 24 09:25:03 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EF5F755683D for ; Wed, 24 Feb 2021 09:25:03 +0000 (UTC) (envelope-from herbert@gojira.at) Received: from mail.bsd4all.net (mail.bsd4all.net [IPv6:2a01:4f8:13b:240c::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail.bsd4all.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dlr9W0F0Mz4jkZ for ; Wed, 24 Feb 2021 09:25:02 +0000 (UTC) (envelope-from herbert@gojira.at) Date: Wed, 24 Feb 2021 10:24:54 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gojira.at; s=mail202005; t=1614158694; bh=wBsjF20EP8ZVT7Rzqqbs/YRch/A7me0S7KL1PYQHlts=; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type; b=GEMImtKvBekrRPwdzUCuH+YzVSVaOmrckdZwnuPLuF7Z2gM3rcQMfDQcMy4xKYAkw 95Nq/JYQt4yKQpAlpVtYRWCt1uEBdw714FSkIqsWjLsjoIjLAFgaYmX+c0erjY9Mvp t0vE/abfpk+P9fNlOmf4PzdkqKftTcgmvseDYIE5SwY8h08OfgmY99ZGn/9gjBjVmF kK/uGWaQcCihTmNhFEMVBLszb2/Q2JAL0XNIwexsg2XAUUjYc4XDljXKcCEJbIluvz ydQjPO57Ah3F+2i9EykXuOxMkgdg6LFoVcH37LTlUtpwm0G5ub/k6KtJUMbkt2rP6e dvNW2j0maZGBQ== From: "Herbert J. Skuhra" To: freebsd-questions@freebsd.org Subject: Re: openssl advisories Message-ID: References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4Dlr9W0F0Mz4jkZ X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gojira.at header.s=mail202005 header.b=GEMImtKv; dmarc=none; spf=pass (mx1.freebsd.org: domain of herbert@gojira.at designates 2a01:4f8:13b:240c::25 as permitted sender) smtp.mailfrom=herbert@gojira.at X-Spamd-Result: default: False [-3.31 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gojira.at:s=mail202005]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a01:4f8:13b:240c::25]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[gojira.at]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a01:4f8:13b:240c::25:from:127.0.2.255]; DKIM_TRACE(0.00)[gojira.at:+]; NEURAL_HAM_SHORT(-0.81)[-0.813]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCVD_COUNT_ZERO(0.00)[0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a01:4f8:13b:240c::25:from]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/29, country:DE]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 09:25:04 -0000 On Wed, Feb 24, 2021 at 09:34:53AM +0100, Andrea Venturoli wrote: > Hello. > > I saw OpenSSL has published some security updates last week, which some > other OSes have already provided updated packages for. > So I was kinda expecting a batch of security advisories for FreeBSD in these > days. > I was surprised, however, to see nothing openssl related coming. > > Are we not affected? Is such an SA expected in a few days? > > I'd just hate to begin upgrading every system and need to start over again > before I even finish :) - current has openssl-1.1.1j. - stable/12 and stable/13 have openssl-1.1.1j. - stable/11 has backported patches. CVE-2021-23839 unpatched? - releng/13.0 has openssl-1.1.1j. - releng/12.2 has openssl-1.1.1h and is obviously unpatched (CVE-2021-23840 and CVE-2021-23841): https://cgit.freebsd.org/src/log/crypto/openssl?h=releng/12.2 - the openssl port (head and 2021Q1) has openssl-1.1.1j Yes, the information is missing at https://www.freebsd.org/security/advisories/ -- Herbert From owner-freebsd-questions@freebsd.org Wed Feb 24 11:45:16 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 019A25595DD for ; Wed, 24 Feb 2021 11:45:16 +0000 (UTC) (envelope-from jmc-freebsd2@milibyte.co.uk) Received: from cp160176.hpdns.net (cp160176.hpdns.net [91.238.160.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4DlvHG6gGsz4rqk for ; Wed, 24 Feb 2021 11:45:14 +0000 (UTC) (envelope-from jmc-freebsd2@milibyte.co.uk) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=milibyte.co.uk; s=default; h=Content-Type:Content-Transfer-Encoding: MIME-Version:Message-ID:Date:Subject:To:From:Sender:Reply-To:Cc:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=ghUzD0/upBySBDDgg3jlgOf5K2/aXhupROVO9Y1/mjM=; b=q16KspdqgEkr0EQcku95VJe/Nf fZK4hEWkTrerecMUJ2jVrKyfuSIDPVgSzfW8iGzbfMTILDyW9yy1gHqOsDJMfmoOIXsOHcZj9jFzf 2hTwYzyXEfloAQ45goXpC6gRGXgwRBC8m5igeqH22S/8EH1Y7QcI5mVL1k5opLjQCz9ZMrocsWiLU DZZqkh12o4meihBMuC16QCbj1WUxJ0HFACJOtZ6fN5GAWYDFSD2iJg+lXWkOeXYO53yunRslsJNyu 8AIKecmkKos12SFmoZ8wkuBUi0e1t+MlNe9/RfsZaS22eOWD7eXT8B1Ka+wBj41OUeZL40UPBxZw7 wjCvOogg==; Received: from 82-71-56-121.dsl.in-addr.zen.co.uk ([82.71.56.121]:26860 helo=curlew.milibyte.co.uk) by cp160176.hpdns.net with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1lEsbG-001tFf-8H for freebsd-questions@freebsd.org; Wed, 24 Feb 2021 11:45:02 +0000 Received: from [127.0.0.1] (helo=curlew.localnet) by curlew.milibyte.co.uk with esmtp (Exim 4.94) (envelope-from ) id 1lEsbF-0001Xk-If for freebsd-questions@freebsd.org; Wed, 24 Feb 2021 11:45:01 +0000 From: Mike Clarke To: FreeBSD questions Subject: Checksum mismatch for e2fsprogs package Date: Wed, 24 Feb 2021 11:45:01 +0000 Message-ID: <2012261.cYikG52F1y@curlew> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: jmc-freebsd2@milibyte.co.uk X-SA-Exim-Scanned: No (on curlew.milibyte.co.uk); SAEximRunCond expanded to false X-YourOrg-MailScanner-Information: Please contact the ISP for more information X-YourOrg-MailScanner-ID: 1lEsbG-001tFf-8H X-YourOrg-MailScanner: Found to be clean X-YourOrg-MailScanner-SpamCheck: X-YourOrg-MailScanner-From: jmc-freebsd2@milibyte.co.uk X-Spam-Status: No X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - cp160176.hpdns.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - milibyte.co.uk X-Get-Message-Sender-Via: cp160176.hpdns.net: authenticated_id: mailpool@milibyte.co.uk X-Authenticated-Sender: cp160176.hpdns.net: mailpool@milibyte.co.uk X-Source: X-Source-Args: X-Source-Dir: X-Rspamd-Queue-Id: 4DlvHG6gGsz4rqk X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=milibyte.co.uk header.s=default header.b=q16Kspdq; dmarc=none; spf=pass (mx1.freebsd.org: domain of jmc-freebsd2@milibyte.co.uk designates 91.238.160.176 as permitted sender) smtp.mailfrom=jmc-freebsd2@milibyte.co.uk X-Spamd-Result: default: False [-2.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; HAS_X_SOURCE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[milibyte.co.uk:+]; NEURAL_HAM_SHORT(-1.00)[-1.000]; HAS_X_ANTIABUSE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[91.238.160.176:from]; CTE_CASE(0.50)[]; ASN(0.00)[asn:12703, ipnet:91.238.160.0/22, country:GB]; HAS_X_AS(0.00)[mailpool@milibyte.co.uk]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[milibyte.co.uk:s=default]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[milibyte.co.uk]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[91.238.160.176:from:127.0.2.255]; HAS_X_GMSV(0.00)[mailpool@milibyte.co.uk]; MID_RHS_NOT_FQDN(0.50)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 11:45:16 -0000 curlew:root# freebsd-version -ku 12.2-RELEASE-p3 12.2-RELEASE-p3 I recently used tar to move /usr/local to a new location. In the process tar reported that it was unable to copy hard links for some files in /usr/local/ sbin, all of which belonged to e2fsprogs. To remedy the situation I uninstalled and reinstalled e2fsprogs and confirmed that the hard links had been created. And I also checked e2fsck for checksum errors: curlew:/root# pkg check -s e2fsprogs Checking e2fsprogs: 0% e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/e2fsck e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck.ext2 e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck.ext3 e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck.ext4 e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck_ext2fs Checking e2fsprogs: 100% So I then uninstalled e2fsprogs and and reinstalled it after updating the package database but still had the checksum errors: curlew:/root# pkg delete e2fsprogs Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): Installed packages to be REMOVED: e2fsprogs: 1.46.1 Number of packages to be removed: 1 The operation will free 6 MiB. Proceed with deinstalling packages? [y/N]: y [1/1] Deinstalling e2fsprogs-1.46.1... [1/1] Deleting files for e2fsprogs-1.46.1: 100% curlew:/root# pkg update -f Updating FreeBSD repository catalogue... Fetching meta.conf: 100% 163 B 0.2kB/s 00:01 Fetching packagesite.txz: 100% 6 MiB 6.4MB/s 00:01 Processing entries: 100% FreeBSD repository update completed. 30233 packages processed. All repositories are up to date. curlew:/root# pkg install e2fsprogs Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): New packages to be INSTALLED: e2fsprogs: 1.46.1 Number of packages to be installed: 1 The process will require 6 MiB more space. Proceed with this action? [y/N]: y [1/1] Installing e2fsprogs-1.46.1... [1/1] Extracting e2fsprogs-1.46.1: 100% ===== Message from e2fsprogs-1.46.1: -- Note: this is a modified version of the e2fsprogs package, not the official package. Report all building and run-time trouble that originates in the package to the port maintainer, mandree@FreeBSD.org. curlew:/root# pkg check -s e2fsprogs Checking e2fsprogs: 0% e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/e2fsck e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck.ext2 e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck.ext3 e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck.ext4 e2fsprogs-1.46.1: checksum mismatch for /usr/local/sbin/fsck_ext2fs Checking e2fsprogs: 100% curlew:/root# ls -li /usr/local/sbin/e2fsck /usr/local/sbin/fsck.ext[234] / usr/local/sbin/fsck_ext2fs 1574606 -r-xr-xr-x 5 root wheel 838304 13 Feb 01:20 /usr/local/sbin/ e2fsck* 1574607 -r-xr-xr-x 2 root wheel 8168 13 Feb 01:20 /usr/local/sbin/ fsck_ext2fs* 1574606 -r-xr-xr-x 5 root wheel 838304 13 Feb 01:20 /usr/local/sbin/ fsck.ext2* 1574606 -r-xr-xr-x 5 root wheel 838304 13 Feb 01:20 /usr/local/sbin/ fsck.ext3* 1574606 -r-xr-xr-x 5 root wheel 838304 13 Feb 01:20 /usr/local/sbin/ fsck.ext4* These are all hard links to files in /sbin curlew:/root# find /sbin -inum 1574606 -ls -or -inum 1574607 -ls 1574607 17 -r-xr-xr-x 2 root wheel 8168 13 Feb 01:20 /sbin/fsck_ext2fs 1574606 1113 -r-xr-xr-x 5 root wheel 838304 13 Feb 01:20 /sbin/e2fsck curlew:/root# sum /sbin/fsck_ext2fs /sbin/e2fsck 57859 8 /sbin/fsck_ext2fs 10611 819 /sbin/e2fsck One point which may or may not be relevant is that before moving /usr/local it had its own mountpoint so the links to /sbin/fsck_ext2fs and /sbin/e2fsck were soft links but they are now hard links due to /usr/local being part of /usr. I'm confident there were no checksum errors before I moved /usr/local so what have I overlooked while making the move? -- Mike Clarke From owner-freebsd-questions@freebsd.org Wed Feb 24 12:30:36 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id E544055BC8B for ; Wed, 24 Feb 2021 12:30:36 +0000 (UTC) (envelope-from corey.stephan@marquette.edu) Received: from NAM11-BN8-obe.outbound.protection.outlook.com (mail-bn8nam11on2047.outbound.protection.outlook.com [40.107.236.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DlwHc05zSz3BpM for ; Wed, 24 Feb 2021 12:30:35 +0000 (UTC) (envelope-from corey.stephan@marquette.edu) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EdpeYrY4eWdUPZep3eODjvEc91IUUhf4q0saWPMiU2QbzxSOyKZQIwrTdv6tZ1zIKmdmwZhS8grWwRs5gVES7IPc4k1EXdMXH1LsvPXCGZ8Z05RlaCc/LNTlDDlb53hFyqxkD8V9CmAXCOF6Y/w8fCIYa9spj1ARc/k4CXSFiaPFCHL0il0F7EpNjU1LMhPuoqVdmCrDt4KbP4KBqT451tIJ13uImkpkx/f4klMadlvlBgz7efugzhGm23SCIylhYXwg3z++SBEJWEQa4UGr69rHeFfuUsEXWDQ4+172sHmDu9gpdGUZq9sfAU/Fmz8Hy/uwOD0pkyVc4DU9tuhLIg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=s25BRfiboFBEsphOGb8MxTBIn3vgD13nRzwa5jIb+8w=; b=ftesFvGUFG5liU489G/bFQWFjE361En803shAG1i6tW97YARPswYE0UFu0HtCTt0zVuL7P0+ns8PSBCb04TzNVn3OjDzvNFNoDU02eQm65Qnzwg05X+DP16SyolE0TPLnIan0/ZPljgw87D2AlYR1d+57ABT3v3Ir7eq6dpM1lVUuFjjI2Swb5Dzslu48ucxWuusP/vvlM8NURCQpqmX6TB24vU6oB1bU67xG2CGkf32RIl8DHfKmQs0KKfh2yeCpTRbBEzJi6t4MebA4chLaTqWV77wppq/sMr+Kv0QInbJKVOZw0sx3ZC0oQH3P2OJAztujqMZs2+WRFA9gZEXqQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=marquette.edu; dmarc=pass action=none header.from=marquette.edu; dkim=pass header.d=marquette.edu; arc=none Received: from DM6PR01MB4747.prod.exchangelabs.com (2603:10b6:5:6c::23) by DM6PR01MB4507.prod.exchangelabs.com (2603:10b6:5:7d::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3890.19; Wed, 24 Feb 2021 12:30:33 +0000 Received: from DM6PR01MB4747.prod.exchangelabs.com ([fe80::412c:6bfa:cebd:bff0]) by DM6PR01MB4747.prod.exchangelabs.com ([fe80::412c:6bfa:cebd:bff0%4]) with mapi id 15.20.3868.033; Wed, 24 Feb 2021 12:30:33 +0000 From: "Stephan, Corey" To: "freebsd-questions@freebsd.org" Subject: 13Beta2, i386-wine: "Wine cannot find the ncurses library" & other errors (Zotero + other binaries) Thread-Topic: 13Beta2, i386-wine: "Wine cannot find the ncurses library" & other errors (Zotero + other binaries) Thread-Index: AQHXCqjYKFI1ctyXN0+e66Uv2n0AYQ== Date: Wed, 24 Feb 2021 12:30:33 +0000 Message-ID: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [65.30.129.133] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 8eba6660-4b60-46f0-d175-08d8d8bffae1 x-ms-traffictypediagnostic: DM6PR01MB4507: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: ifGJ8zgyrBnIfolY9i+sKevJk/gsvkVajYd9QKd/cK1vQUTSiJU2wdzsg9orKUJPF0Uc1n2wUiS1iUv30FUwUkCHjSaUvGkWeTsnmsysQuFfaVPLMWK8LnrCz8gBgamomUtENfnZ5gy2jkgPKxacTV7yZNwW+tQbA1ed0mbPmq/rDeyQOzzd/VBtiEY8YG6w1Zne77hp7eeQ9qbWztjGQCsEDEn2LrT6AHxIwYLirmle0Bh7eFoTAjmnhkvRbNOPYypUGRi06piI24EmJOg0FKYQmM+ETcftzAxSvDjS8x+qocYwT3isEkOdEURH8bDlcM41V1ecW2JKlN63S4pxEIuLquf1glbEra/P+BfKNUVtX2re2HQgohwhY8Lwdo8RlOcXxmMCyXojuW6L9mVNp+k3PNdvTKuTg1ZiURvQF2z0OYWs9ziVdilLHUNqCJNpAmb1MS1N/47lVkiVhlW1IhcgTsE7iXiKv+xO6fO1UNyiYh/xPRrxYfxpgCjDyeThQ6m0yUCE5uowFwuaeCgZR3GXcBYDzH8xeaPN/YfLmI4NzhtI+6g1cr/y/pZUja/hmCtqOoN2fA6I3Zu0HRC046utXmCwwJDdKfJep2wPp3SDuQVuFHaQDzA2Lwz8t3WgLD1S7n56SHokoSgg0mFQuTSWKOL+7oC2ephO+5/to2l5ThMUTWuENxrx5pd/2wU7 x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DM6PR01MB4747.prod.exchangelabs.com; PTR:; CAT:NONE; SFS:(4636009)(346002)(39850400004)(376002)(136003)(366004)(396003)(83380400001)(9686003)(478600001)(52536014)(75432002)(6916009)(5660300002)(786003)(966005)(2906002)(316002)(76116006)(26005)(71200400001)(8676002)(186003)(66946007)(66476007)(86362001)(66446008)(66556008)(64756008)(33656002)(6506007)(55016002)(8936002)(91956017)(7696005)(10126625002)(460985005); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: =?us-ascii?Q?YVn8AnV9cEG75uvGhwDFCobr0E5+WGSqKuYUuunb7E+DgFF6LvjaXqta2pSz?= =?us-ascii?Q?eFuJLJ0vvikzJcD8EqAsIDRKrWV/AfTJNIV8fqRbh8nLVKzcbVK41C3ey8H8?= =?us-ascii?Q?tXKKZsPcsGiaFBfokDQCxl4Z8gXVjbMKufRv4xoWa5hAVjAGiDqKj3XUkVXa?= =?us-ascii?Q?GtM7BlBHsVwlAhN64POaX1rIZDiCkqhIvYRtJ8l1t4BjcP/ZFcbhhI4N/tsN?= =?us-ascii?Q?Kx2prykZjEKpiTwEks3kZYa/kurV5LyqBKasn9Zz5no2a5yI0wNbmZb0nEFf?= =?us-ascii?Q?D1utrj/nJHzMa7/2fOnudEhFAcuaSGnu8XAlUH4h0McKHerQtmoq2KE9HHUG?= =?us-ascii?Q?hrhQDhjQmD0Upe56jIiPE93hHZMWEDLbdA52J/14Ec1ctrwf3osZvEdPQaKg?= =?us-ascii?Q?S5e+Et3N5hqvibT/1NGHzuZ+mTsffMvm8/yY3prRGH2i3YxexzfgZic7UC69?= =?us-ascii?Q?XaKOeFwnW1eD3VGxHNvcO8nNAZo/SQdSWGZXpnZJ5NwGX3oCfFpxZRhyZim1?= =?us-ascii?Q?2/aYpnoD+G/Mv4PmIi7TXCYVzTeDTVNM0I/1igSeI9oEIOEqWbmuCeSsEnzo?= =?us-ascii?Q?s+AFqercM06dHEF1ll1pEDNzQAWduVphG6rsl1nFmKDalvETE4WH1jPH3ojt?= =?us-ascii?Q?K4oInW5B5mYC1hitS3riRZml86OyxqmmfR8E6GYPNHIzgF2cALQw9TY/t5bT?= =?us-ascii?Q?CJtx0liYjGL+bdJd+26m2yfqCQ2eusYE7m23Ork9BpYDBSVqM+9Kls9p/0V1?= =?us-ascii?Q?ILm73wO05kZnCCdf9A0vz9HOQd3XHrfaFVEdFrI/z8YyO3A8ulZH1pBT59Ft?= =?us-ascii?Q?G2ISTM6HjITj8saa/4rk9/uu4eizO8U2Bcnt1FDWq3GCMtDBFK+xnZ1+TDmS?= =?us-ascii?Q?4CVMV3o+MpudeMvhVzUcGIn08v0ZdEL2MFMy66ldhkBlk/mABvyz1v62xqTS?= =?us-ascii?Q?aktHo7aMkOJGD+rC3EGnpzoed7YvSNaPUgiRFsMD4E0Tw9x5BCbb0dV31ipU?= =?us-ascii?Q?NGElI3A5n0MJ0HqGM4zLbU8Ou5j/s2XogO5v99qAndEQNESCXUucGLjqbpJB?= =?us-ascii?Q?YijlmQpuKbOq0oJv6hQFzrMrqQkoYE7NeGW0fUTB4X/v5EUuDyNM2xmm70po?= =?us-ascii?Q?AteKmjePO0V9n1JXRhfRkumfArBDy4o5COKNQLL4TZa3ZttkTdl6YAei4Z8e?= =?us-ascii?Q?LS7RLGV0x6qlKf4ug8eElKf2/U339EPRFkf4K1lmaN5OhQN/vJX+YvO0qE84?= =?us-ascii?Q?1chyMOk0UZIh1PQSB/dmWp660U4S84YhxFDKAplyQWOgqVWteMX1QMNTdYB3?= =?us-ascii?Q?1qk=3D?= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: marquette.edu X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR01MB4747.prod.exchangelabs.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8eba6660-4b60-46f0-d175-08d8d8bffae1 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Feb 2021 12:30:33.1282 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: abe32f68-c72d-420d-b5bd-750c63a268e4 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: D5jb+XFhCdRdzEFAv6Q2NV5qkusuovMiEG/xvHUhmzKSSHi/rOYlA9wYWVSlcGtsRavCARIFIBo66pIMpAfbRyYr7tcEAOYbFO6F2yQiQM8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR01MB4507 X-Rspamd-Queue-Id: 4DlwHc05zSz3BpM X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=none; arc=pass (microsoft.com:s=arcselector9901:i=1); dmarc=pass (policy=none) header.from=marquette.edu; spf=pass (mx1.freebsd.org: domain of corey.stephan@marquette.edu designates 40.107.236.47 as permitted sender) smtp.mailfrom=corey.stephan@marquette.edu X-Spamd-Result: default: False [-4.80 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RBL_DBL_DONT_QUERY_IPS(0.00)[40.107.236.47:from]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; HAS_XOIP(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:40.107.0.0/16]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[40.107.236.47:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_SHORT(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[marquette.edu,none]; RCVD_IN_DNSWL_NONE(0.00)[40.107.236.47:from]; TO_DN_EQ_ADDR_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8075, ipnet:40.104.0.0/14, country:US]; RCVD_TLS_LAST(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions]; RWL_MAILSPIKE_POSSIBLE(0.00)[40.107.236.47:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 12:30:37 -0000 Hello, everyone. I think that this is a bug, but as I am rather new to Free= BSD,=20 I decided that it was more prudent to ask for guidance in the general help = mailing list than to file a bug report straight away. FreeBSD 13 Beta 2, Default Kernel, AMD64 Hardware: Ryzen 1500X, RX 580 (kld_list=3D"boot/modules/amdgpu.ko") Desktop: Xorg, spectrwm, gtk Relevant packages (pkg): i386-wine-5.0_1,1 wine-gecko-2.47.1 wine-mono-4.9.4_1 Zotero worked perfectly for me when I last tested it inside FreeBSD with Wi= ne (12.2 in Virtualbox), and others report it to work well (https://forums.zotero.org/discussion/72331/zotero-on-freebsd), but there n= ow seems to be a problem with Wine's=20 internal linking to 'ncurses' (and possibly a problem with 'amdgpu').=20 The following error output happens on a brand new Wine prefix with a fresh = installation of the=20 packages above, and it happens with packages other than Zotero (not a singl= e-binary exclusive problem).=20 i386-wine-devel and the development releases of wine-gecko and wine-mono yi= eld different but related error messages. Might someone be able to help me with this?=20 Main error messages (full in pastebin): Wine cannot find the ncurses library (libncurses.so.9). libGL error: unable to load driver: radeonsi_dri.so Full terminal output for i386-wine (stable), 'wine /usr/home/corey/.wine/dr= ive_c/Program\ Files/Zotero/zotero.exe': https://pastebin.com/46f2LWz6 Thanks, Corey Corey Stephan corey.stephan@marquette.edu= From owner-freebsd-questions@freebsd.org Wed Feb 24 13:53:40 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 76F9D55DC75 for ; Wed, 24 Feb 2021 13:53:40 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dly7S27ryz3J1J for ; Wed, 24 Feb 2021 13:53:40 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from mail-qk1-f175.google.com (mail-qk1-f175.google.com [209.85.222.175]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: kevans) by smtp.freebsd.org (Postfix) with ESMTPSA id 373C2A7FD for ; Wed, 24 Feb 2021 13:53:40 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: by mail-qk1-f175.google.com with SMTP id l132so893355qke.7 for ; Wed, 24 Feb 2021 05:53:40 -0800 (PST) X-Gm-Message-State: AOAM532+YEM2H0M+TEys3OxNa0eiDpl5g0gpBi/JfSL4IOrkF0VPPbBn yPXc0ZfMDy7ZNyxYrfbj0sdGawY/r6/2n4QQIKs= X-Google-Smtp-Source: ABdhPJzRDaviHK4btNAqTyevyNBYS564sgV8K/5yKmMpUyWWO1aUO1fEeIHO5MPYncilkP/7zJx+Scus/GmfYJL+xLo= X-Received: by 2002:a05:620a:b8a:: with SMTP id k10mr32914361qkh.120.1614174819849; Wed, 24 Feb 2021 05:53:39 -0800 (PST) MIME-Version: 1.0 References: <0d404f23-b248-b05a-d6e0-2aafcd80e609@netfence.it> In-Reply-To: <0d404f23-b248-b05a-d6e0-2aafcd80e609@netfence.it> From: Kyle Evans Date: Wed, 24 Feb 2021 07:53:27 -0600 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: SSL Certificates in base To: Andrea Venturoli Cc: FreeBSD Mailing List Content-Type: text/plain; charset="UTF-8" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 13:53:40 -0000 On Wed, Feb 24, 2021 at 2:58 AM Andrea Venturoli wrote: > > Hello again. > > Sorry if this a dumb question or FAQ: I tried, but failed to find any > official documentation on this. > > In the past, I've always installed security/ca_root_nss to let SSL work, > as there were no CA certificates in base. > 12.2 (and possibly older 12.x, I don't know) already provide several > certificates in /usr/share/certs/trusted. > 12.2 is indeed the first here, though 11.4 has the infrastructure for it. > How are we expected to deal with this? > Is security/ca_root_nss still needed/suggested? > Is it expected to be obsoleted (although easier to update)? > For most people, stuff 'just works'. If you need to add your own roots to the trust store, then security/ca_root_nss may (will?) be a problem. Too much stuff has a hard dependency on it, so I have a side branch to add a USES=caroot and remove that dependency on FreeBSD versions that can do so. > What's the correct procedure to add additional certificates? > I guess just dropping them in /usr/share/certs/trusted won't be enough... > The current model (which is, IMO, still a little wrong path-wise) is that you should add your own to /usr/local/share/certs then execute `certctl rehash`. The exact path is going to change and that one specifically will be phased out in favor of mirroring the base hierarchy as we should have done, but we'll make sure those changes are communicated properly. Thanks, Kyle Evans From owner-freebsd-questions@freebsd.org Wed Feb 24 15:20:48 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 396115602A3 for ; Wed, 24 Feb 2021 15:20:48 +0000 (UTC) (envelope-from jmc-freebsd2@milibyte.co.uk) Received: from cp160176.hpdns.net (cp160176.hpdns.net [91.238.160.176]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dm03y70KDz3PgX for ; Wed, 24 Feb 2021 15:20:46 +0000 (UTC) (envelope-from jmc-freebsd2@milibyte.co.uk) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=milibyte.co.uk; s=default; h=Content-Type:Content-Transfer-Encoding: MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From:Sender :Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=uYfmOmcwmRsb7XXHcf7jLIP33fHnr4miLQ1sC3qz6Is=; b=EI7CSPFnIIqcunkIhIFoSw01vF LqdeS0SRnn6LdFUC64P3235KIGaHIxv4jSpFE+QRyvZqymKS1KYcQI9Z5Xd4Kaa8Vj4dAcA8Jw2xT VLehYkWK5fBhBNrUE+Xo3O5WlStRuAOezlCO08GeQyAbJY2g0Kv2mcbi+HFnsVwIKzPBzyrQornyk 9lO4KjW6FT1FBqo9C5zrW+Ldd/hDoWAI0EpqXlkGhiWyZHJ4mA/c+64G6qh7w6IuEivdLT/GnVQ7T EOhxPzNf691P5TBTLxvcZ+VnYHjdquxWzyLzzEhhokoh62BeVW4oXyees6uF91K9OKr3UDz5bTYj8 81vRhfJw==; Received: from 82-71-56-121.dsl.in-addr.zen.co.uk ([82.71.56.121]:20537 helo=curlew.milibyte.co.uk) by cp160176.hpdns.net with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from ) id 1lEvxU-0010Tq-UF; Wed, 24 Feb 2021 15:20:12 +0000 Received: from [127.0.0.1] (helo=curlew.localnet) by curlew.milibyte.co.uk with esmtp (Exim 4.94) (envelope-from ) id 1lEvxV-0000oD-KR; Wed, 24 Feb 2021 15:20:12 +0000 From: Mike Clarke To: freebsd-questions@freebsd.org Subject: Re: SSL Certificates in base Date: Wed, 24 Feb 2021 15:20:12 +0000 Message-ID: <9071232.RH3biPoPvx@curlew> In-Reply-To: <0d404f23-b248-b05a-d6e0-2aafcd80e609@netfence.it> References: <0d404f23-b248-b05a-d6e0-2aafcd80e609@netfence.it> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="UTF-8" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: jmc-freebsd2@milibyte.co.uk X-SA-Exim-Scanned: No (on curlew.milibyte.co.uk); SAEximRunCond expanded to false X-YourOrg-MailScanner-Information: Please contact the ISP for more information X-YourOrg-MailScanner-ID: 1lEvxU-0010Tq-UF X-YourOrg-MailScanner: Found to be clean X-YourOrg-MailScanner-SpamCheck: X-YourOrg-MailScanner-From: jmc-freebsd2@milibyte.co.uk X-Spam-Status: No X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - cp160176.hpdns.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - milibyte.co.uk X-Get-Message-Sender-Via: cp160176.hpdns.net: authenticated_id: mailpool@milibyte.co.uk X-Authenticated-Sender: cp160176.hpdns.net: mailpool@milibyte.co.uk X-Source: X-Source-Args: X-Source-Dir: X-Rspamd-Queue-Id: 4Dm03y70KDz3PgX X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=milibyte.co.uk header.s=default header.b=EI7CSPFn; dmarc=none; spf=pass (mx1.freebsd.org: domain of jmc-freebsd2@milibyte.co.uk designates 91.238.160.176 as permitted sender) smtp.mailfrom=jmc-freebsd2@milibyte.co.uk X-Spamd-Result: default: False [-2.50 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; HAS_X_SOURCE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[milibyte.co.uk:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-0.998]; HAS_X_ANTIABUSE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[91.238.160.176:from]; CTE_CASE(0.50)[]; ASN(0.00)[asn:12703, ipnet:91.238.160.0/22, country:GB]; HAS_X_AS(0.00)[mailpool@milibyte.co.uk]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[milibyte.co.uk:s=default]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[milibyte.co.uk]; SPAMHAUS_ZRD(0.00)[91.238.160.176:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; HAS_X_GMSV(0.00)[mailpool@milibyte.co.uk]; MID_RHS_NOT_FQDN(0.50)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 15:20:48 -0000 On Wednesday, 24 February 2021 08:57:58 GMT Andrea Venturoli wrote: > In the past, I've always installed security/ca_root_nss to let SSL work, > as there were no CA certificates in base. > 12.2 (and possibly older 12.x, I don't know) already provide several > certificates in /usr/share/certs/trusted. > > How are we expected to deal with this? > Is security/ca_root_nss still needed/suggested? Some packages still require it curlew:/home/mike% pkg info -r ca_root_nss ca_root_nss-3.61: curl-7.75.0 fetchmail-6.4.14 p11-kit-0.23.22 qt5-network-5.15.2_1 claws-mail-3.17.8 gnome-keyring-3.36.0_1 glib-networking-2.66.0 neon-0.31.2 qca-qt5-2.3.1_1 gnutls-3.6.15 vm-bhyve-1.4.2 -- Mike Clarke From owner-freebsd-questions@freebsd.org Wed Feb 24 15:51:20 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 07E77560B62 for ; Wed, 24 Feb 2021 15:51:20 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.netfence.it (mailserver.netfence.it [78.134.96.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mailserver.netfence.it", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dm0lB5ybxz3hdL for ; Wed, 24 Feb 2021 15:51:18 +0000 (UTC) (envelope-from ml@netfence.it) Received: from alamar.ventu (mailserver.netfence.it [78.134.96.152]) (authenticated bits=0) by soth.netfence.it (8.16.1/8.16.1) with ESMTPSA id 11OFp8P2045884 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Wed, 24 Feb 2021 16:51:08 +0100 (CET) (envelope-from ml@netfence.it) X-Authentication-Warning: soth.netfence.it: Host mailserver.netfence.it [78.134.96.152] claimed to be alamar.ventu Subject: Re: SSL Certificates in base To: freebsd-questions@freebsd.org References: <0d404f23-b248-b05a-d6e0-2aafcd80e609@netfence.it> <9071232.RH3biPoPvx@curlew> From: Andrea Venturoli Message-ID: <18544615-2337-20d0-4720-1b7d3c50ffaa@netfence.it> Date: Wed, 24 Feb 2021 16:51:08 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: <9071232.RH3biPoPvx@curlew> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.83 X-Rspamd-Queue-Id: 4Dm0lB5ybxz3hdL X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=pass (policy=none) header.from=netfence.it; spf=pass (mx1.freebsd.org: domain of ml@netfence.it designates 78.134.96.152 as permitted sender) smtp.mailfrom=ml@netfence.it X-Spamd-Result: default: False [-3.80 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[78.134.96.152:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:78.134.96.152]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[78.134.96.152:from:127.0.2.255]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[netfence.it,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_COUNT_ONE(0.00)[1]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:35612, ipnet:78.134.0.0/17, country:IT]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 15:51:20 -0000 On 2/24/21 4:20 PM, Mike Clarke wrote: > On Wednesday, 24 February 2021 08:57:58 GMT Andrea Venturoli wrote: >> In the past, I've always installed security/ca_root_nss to let SSL work, >> as there were no CA certificates in base. >> 12.2 (and possibly older 12.x, I don't know) already provide several >> certificates in /usr/share/certs/trusted. >> >> How are we expected to deal with this? >> Is security/ca_root_nss still needed/suggested? > > Some packages still require it I know. What confuses me is: will those packages get any cert from /usr/share/certs/trusted or /usr/local/share/certs or what it may become, if ca_root_nss is installed? Will installing ca_root_nss override the base certs as a whole? Does anything that uses certs get the union of the two? bye & Thanks av. From owner-freebsd-questions@freebsd.org Wed Feb 24 17:56:35 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 66442563E3D for ; Wed, 24 Feb 2021 17:56:35 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from oceanview.tundraware.com (oceanview.tundraware.com [45.55.60.57]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mailman.tundraware.com", Issuer "mailman.tundraware.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dm3Wk49Plz3sDf for ; Wed, 24 Feb 2021 17:56:34 +0000 (UTC) (envelope-from tundra@tundraware.com) Received: from [192.168.0.2] (ozzie.tundraware.com [75.145.138.73]) (authenticated bits=0) by oceanview.tundraware.com (8.16.1/8.16.1) with ESMTPSA id 11OHuMnU022208 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO) for ; Wed, 24 Feb 2021 11:56:23 -0600 (CST) (envelope-from tundra@tundraware.com) Subject: Re: How do I know if my 13-stable has security patches? To: FreeBSD Mailing List References: From: Tim Daneliuk Autocrypt: addr=tundra@tundraware.com; prefer-encrypt=mutual; keydata= xsFNBFlVgYoBEADIYD9W4mbKz5cEleX923hagDWkxyJl4kRiMJnz+dNAH71MItSdErMb0cFt CPxVncb4dR4R2ec0c0MjPcgVINNtbY1DMWsF7t31TKD8NG9ZjLqF6fZDFjgkRejqHytgjmCI UejrMSCf0UJsLtg+I3N1ZVVxd7ALj2bCvC/uc5S7j+YbNnhQvSoBbdFj/xOTjyOGGpk7WfB7 e42PGKq1NSgnI7tcY6HSaSH+LHeoc0yUpBb5A1ge+RhR1N9JTniEFe0qvOBi+HgUltEoxsk4 xb6IhpkDOTsxHvEg5h0ukfl8kG9cu+LrEBqwPaC8lPw3UmoTEAU+lXHanPE12JCF/54EtVCc rb4W0vqgGmLJzn5dRU/fWkar0FKPq4eoV0XMbGZKIC6pWQnMEsxEMpNvh7oefK6Kyn+LO+59 +sNYHbv1RImDJccmfHTOA6/jHdwOcnYy37U8UF7e+mGrwNs8GsMQx2AaQbR6VErakH3GBgft bMFOGQxiaRBkbzba7BZCQ060yhiC3/Mb/xHoVi7PBEmKig1SErTMA7Fh3CYPYIRDphNs6OSr tf9O4hbzUAsjbU3rxOfiWQjP3fSOM0KUBj4wpIWZlMrjAGnMIz2wHb211wsBiLqSaGiiO1LR 7RrcvbIFZvHQHiWe2tdRyuH3N/h7A316yoLfx+yy1gyP5weWsQARAQABzSRUaW0gRGFuZWxp dWsgPHR1bmRyYUB0dW5kcmF3YXJlLmNvbT7CwXcEEwEIACEFAllVgYoCGyMFCwkIBwIGFQgJ CgsCBBYCAwECHgECF4AACgkQdoOXo5EJFKntcA/9F9ags9Ik5C49N39iRq+yqBdn/Lr75rqv +Yg7JkjeVlwHpnQt1S6orTC7EaJc+AqY3szCEmhfuT0+E96Bw2k+G/XRnaedZ9SHSdImlmq0 RmOFpWLr67ScvlA9YG1tyR+QYraEFqK5EB6qhOWRJoz1BYtAAntK9b9gUTXt/277sT7lAWaj oPi4CDd4DofHc4E9VRsniMQNMLCWqc/ygAK07cWbK2Rh90tS2C4nK6OHFkNkK94zDilfxod1 NBFTUPPYfEU2CSa3eLlpfhYY3/2X7zNvmmCt+chHUnAhQLhldQ3WlqmTKP+ZK9LX002/bY1O M8Zk76WyA/A3EfsIUbnXBQvFyjwX6W4QEytlZWtp/yRIe64JOa3dZ8rkhragb2N4VgVLBVe3 jtZgfQ72pHrfNk/T0uT+hjFqInvIYiXkhxB2GiD7Ga28VuXojTmeoaW3GKcvoVxONSju7WzD XgyxWRmNpd5uifJcC3YU3tNNAosnQ0/5FW4wkducSEVwwqnAiSMQEMDDa/e6oP6GyOzes5SV LTNCRYdHWVKbxjetYU4SKm5RdLx9XuJo0qL9vO97mCNwdNkTM7gO2ycQ49qUiGbCZJOh2gpP ZRFrpJDxbloosAfOEB6IYjhb38u6jvbScJKK3bWA+a8TK4SrQpdRd1cAnW9sA8jCTV8ejZq0 CHnOwU0EWVWBigEQAJYuihAOOOe/kAn045Ayn+3is3S+6eV4IAgL6lJhoChkgUJJuFoRX9BY rd35z29+q2/UCoProzd4Mk66wXeWv6n4s5R79OUzjgMLCTVlVaMy4gjPL9NRDwMt7KYRF56g mnoKZwfPDi/oJ5toPPboW94FrMwonqbdqYM2Pyi/HPMe4e396WQ4TaA1CdhyzKHoFSpkGcjX zIQ5yQ5aaGS7wonRu/pg15dbu+8QOgxRNFa0bO+ntz/30u+VmxFqFVbExjuy3Or8fSBhJgx4 cfyrrunKLclpZ/52VeK3l53yWYpR8RaTZfzpu8Ih+ijAY4XLO5F8P1T6sEviMaTY2F0sbFRx ZJXsgFpiKeWPHUn7/LX7qcoFJYoFqG6b3n5km+qy39x6lMgJDuxKpeN6lYj//LB6xVzn0JI+ 4ZHPrEkFqxu8VkL7deCPTI67ZJik18jXjTH9sha1YBvgvxIPFMA7ZwXX2AwNu7PzdcCpWarS usOAHbjQBUsQ+ZPpI1oeFnsCPZ+8/mMcTjVRZyJxOPs3KnXZv2cXNuaa7lwkWS366gHzQI7O l6WdC8TyNjiOzR654cL8BgYQ/xNSW1vTXqPWSRU8/b/5IueY2tQJh0CKIvfoP0rk8976wa1R 8SRi08mwHX7+F5oSeXLRNHicQGpS1f0DywdRcQ0MFHyq/CV4dTltABEBAAHCwV8EGAEIAAkF AllVgYoCGwwACgkQdoOXo5EJFKkDNw//c8nailIVOV72l7Lze+2AuK9MYUCFb1i4qI1WTnG0 OHQlCAltPhdwZPAozJw/eNqIcuWQh8rZspve9ipj589wLSsVyaFRsuYXTiYZ9RlRsnJYa36h 2JML3ZGrRsSxaUEAggbiOKbwmw27JuOIPmC3Gln4tJuZ+nw6cfCgMI45bIzinVanxHwPLeLp BZKpaEYzAwtBykUfAXn3jDwrI95UlMJvhHDFuRgvb6uSyJIqmp5aR/BjnlSdEwICyWpRAVSt yqZeBMeHbCr1B97PIRzk/q0eHm9T+AoiZWwz1iVGGgkYdAaCfs2PBlNHmRm93cfgoEcaGvNb RbTXOe28niMJeYMQsnjOTy5AQIrhVKeP5E+qVs/oPK/inmLiTbjZcnrO2wR+uxpPGgmR6M/3 p8qyRdaOvT87HZXO+Wr+r9A4UnwhCPsfELwPlEo+TJQ/oE71Mlkx/ddQCWELcHjXrQF9YbzA Ml7g0zTkgHysh4DNkV5iYteOcmCwsWdOwn0H0yZfz6weyr8nEdPngyOjFNKMIpcTbeg8866c GxXAJj46dub4VdVwfvMRHfmmRJkjdId7YHWMgz2Kf7S7KPCROLis7WjlOdSS0q2m/7qy9WL/ ZW50YLS8ZZLMrnari5JxCyJX+8n6ZASo2AA93iTbKmYegK2LDwW1QLU1iAF3GyGOnSE= Message-ID: Date: Wed, 24 Feb 2021 11:56:17 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.6.4 (oceanview.tundraware.com [45.55.60.57]); Wed, 24 Feb 2021 11:56:23 -0600 (CST) X-TundraWare-MailScanner-Information: Please contact the ISP for more information X-TundraWare-MailScanner-ID: 11OHuMnU022208 X-TundraWare-MailScanner: Found to be clean X-TundraWare-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (not cached, score=-2.824, required 6, autolearn=not spam, ALL_TRUSTED -1.00, BAYES_00 -1.90, NICE_REPLY_A -0.00, TW_SV 0.08) X-TundraWare-MailScanner-From: tundra@tundraware.com X-Spam-Status: No X-Rspamd-Queue-Id: 4Dm3Wk49Plz3sDf X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of tundra@tundraware.com designates 45.55.60.57 as permitted sender) smtp.mailfrom=tundra@tundraware.com X-Spamd-Result: default: False [-2.30 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[45.55.60.57:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[45.55.60.57:from:127.0.2.255]; DMARC_NA(0.00)[tundraware.com]; TO_DN_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14061, ipnet:45.55.32.0/19, country:US]; SUBJECT_ENDS_QUESTION(1.00)[]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Feb 2021 17:56:35 -0000 On 2/24/21 11:35 AM, Kevin Oberman wrote: > In the svn days, I could just look at my svn revision to check on whether a > security patch was required. Now I have a git hash. I have no idea how to > tell if my system running 13-STABLE of a few days ago has the patch. > > Branch/path Revision > - ------------------------------------------------------------------------- > stable/13/ 894360bacd42f021551f76518edd445f6d299f2e > releng/13.0/ 9f00cb5fa8a438e7b9efb2158f2e2edc730badd1 > stable/12/ r369312 > releng/12.2/ r369353 > > Is there a git command that can confirm whether a given hash is covered in > my system? 'uname -a' should show you the truncated (rightmost) part of the commit hash of the source tree used to build the running kernel, as well as the date of that build. If you cd to the source tree (usually /usr/src/), 'git log' will show you the history of commits and their respective hashes. -- ---------------------------------------------------------------------------- Tim Daneliuk tundra@tundraware.com PGP Key: http://www.tundraware.com/PGP/ From owner-freebsd-questions@freebsd.org Thu Feb 25 01:30:57 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3BC31551E89 for ; Thu, 25 Feb 2021 01:30:57 +0000 (UTC) (envelope-from hmurray@megapathdsl.net) Received: from ip-64-139-1-69.sjc.megapath.net (ip-64-139-1-69.sjc.megapath.net [64.139.1.69]) by mx1.freebsd.org (Postfix) with ESMTP id 4DmFbz6vMPz3Cd3 for ; Thu, 25 Feb 2021 01:30:55 +0000 (UTC) (envelope-from hmurray@megapathdsl.net) Received: from shuksan (localhost [127.0.0.1]) by ip-64-139-1-69.sjc.megapath.net (Postfix) with ESMTP id 31F0F40605C; Wed, 24 Feb 2021 17:30:38 -0800 (PST) X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.3 To: Andrea Venturoli cc: freebsd-questions@freebsd.org, hmurray@megapathdsl.net From: Hal Murray Subject: Re: SSL Certificates in base In-Reply-To: Message from Andrea Venturoli of "Wed, 24 Feb 2021 16:51:08 +0100." <18544615-2337-20d0-4720-1b7d3c50ffaa@netfence.it> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 24 Feb 2021 17:30:38 -0800 Message-Id: <20210225013038.31F0F40605C@ip-64-139-1-69.sjc.megapath.net> X-Rspamd-Queue-Id: 4DmFbz6vMPz3Cd3 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of hmurray@megapathdsl.net has no SPF policy when checking 64.139.1.69) smtp.mailfrom=hmurray@megapathdsl.net X-Spamd-Result: default: False [0.50 / 15.00]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[64.139.1.69:from]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[megapathdsl.net]; AUTH_NA(1.00)[]; NEURAL_SPAM_SHORT(1.00)[1.000]; SPAMHAUS_ZRD(0.00)[64.139.1.69:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:4565, ipnet:64.139.0.0/18, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2021 01:30:57 -0000 ml@netfence.it said: > Will installing ca_root_nss override the base certs as a whole? Does anything > that uses certs get the union of the two? The client side API in OpenSSL is use this directory and this file for the default root certificate collection. The file is a collection of certs cat-ed together. It gets read in at when the API is called. The directory is a collection of hashed names that link over to another directory of cert files. There is a utility that sets up the hash links. Details in SSL_CTX_set_default_verify_paths I'm pretty sure you can set things up so you can add your certificates in there. I don't have the details. but it feels like a simple HOWTO would cover it once somebody figures out how to do it. -- These are my opinions. I hate spam. From owner-freebsd-questions@freebsd.org Thu Feb 25 04:38:39 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 32C7F556300; Thu, 25 Feb 2021 04:38:39 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DmKmZ4v33z3Pbf; Thu, 25 Feb 2021 04:38:38 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: by mail-ej1-x633.google.com with SMTP id w1so6579039ejf.11; Wed, 24 Feb 2021 20:38:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to:cc; bh=yBmBem/so8lEw88qbUitkdESVAqQMgvs3lO+uea7UA0=; b=ljb+jOlgHuZDwyFdHTuB4NDV+BEmLwAR5aOxPoJCyIDd4Xg0ul+6UUuChPk933Vu+Y fCyBeQYe8kldZePBVUZQYI01RsXreZOkqsnAy4jJrRYV1qxtRrk/AcGxyzuLXxAaTkzF lRjtnk3NTTCuEqlD0LooeehyRii8kqJoAuFxQfBHZugUBYnZcEdHI4IM1dNvqoIxux1w 3Az05CwBzmuXb7hB5com/18zO9GBjIdh4nHQzyIZY4artHDaG53ChzQS4W0rDzfhtknt 4B2DIg1cA9UyvYkMf477IGEIeFVa9M8OS7A8ITOeu16ZMF9Y8y/5jJuTW+0WPhypHqf6 lFZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc; bh=yBmBem/so8lEw88qbUitkdESVAqQMgvs3lO+uea7UA0=; b=UocfJfGpZMNeIbrtQ4yxYmZuGn+ICqwe+AC4uCFKP2YTggRzM4BOhIvdwU2yOUyj4U VHF95f6kIhNwBmQ3rIY92WB8Hb1FwHihKNGk464mljVwxU+dE+OQGpMNgdKHbw11Rzwp RGuNGnxjfIloREPhrOex0MKe5cJ9DjG1hGvWT+UV84eMMUjh378Fhs9TZNsImTqnumIt u0wl+SHBhN92wQGkd3LjOppq8dxcnUd2YmWhRvr1NsSIrmkvhw8jr87nfMDBT6R8SXQP 1fnPZ6EvWGrJHdrH74YH5yYxSBZr+rfqH5XDx4KdECAqwhMZiySAldGFdiQAjqZ4yE/E btRA== X-Gm-Message-State: AOAM530az1n6Vr2PycrfbBNVLI0vMlW3bGqbN7BPKY4sVMN00l9x3a+D SBWkGFQevUCgBWiEUM5BzpWiBeER5b7wtJ5oHOumRmrVpSWBpg== X-Google-Smtp-Source: ABdhPJzMq6P9/74fvIuyUQLiY2d5hn+ddtQT+LA96rkI0hVHUHjgNe/JrLmMwG0as+wID5a+qjBbBSyW9AgQMSxiPEs= X-Received: by 2002:a17:906:3916:: with SMTP id f22mr922064eje.328.1614227917472; Wed, 24 Feb 2021 20:38:37 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a54:3148:0:0:0:0:0 with HTTP; Wed, 24 Feb 2021 20:38:36 -0800 (PST) From: grarpamp Date: Wed, 24 Feb 2021 23:38:36 -0500 Message-ID: Subject: CA's TLS Certificate Bundle in base = BAD To: freebsd-security@freebsd.org Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: 4DmKmZ4v33z3Pbf X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=ljb+jOlg; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates 2a00:1450:4864:20::633 as permitted sender) smtp.mailfrom=grarpamp@gmail.com X-Spamd-Result: default: False [-2.18 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::633:from]; FREEMAIL_FROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::633:from:127.0.2.255]; NEURAL_SPAM_SHORT(0.82)[0.818]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::633:from]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-security,freebsd-questions]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2021 04:38:39 -0000 FYI... Third party CA's are an untrusted automagical nightmare of global and local MITM risk... - CA's issuer gone wrong... Govt, Corp, Bribe, Rogue, Court, War, Force Majeure, Crime, Hack, Spies, Lulz, etc. - CA's store bundler gone wrong... Mozilla, Microsoft, Apple, BSD, etc in same ways above. - Undetected stolen unrevoked unchecked CA's, intermediates, server keys, etc. - Total/targeted IP/DNS traffic user interception by agents, vpn's, proxies, tor, mitmproxy, sslstrip, etc. - Base asserting trust over all that, when reality none is due. There should be no non-FreeBSD.Org/Foundation CA's shipped in base. Its shipped pubkey fingerprint sets can bootstrap TLS infra pubkeys/prints off bsd keyserver, to then pubkey pin TLS fetch(1) / pkg(8) / git(1) to reach pkg ca_root_cert, git src ports repos, update, iso, etc. See curl(1) --pinned-pubkey, GPG, etc. https://www.zdnet.com/article/surveillance-firm-asks-mozilla-to-be-included-in-firefoxs-certificate-whitelist/ https://en.wikipedia.org/wiki/Edward_Snowden https://duckduckgo.com/?q=rogue+CA+root+certificate https://www.win.tue.nl/hashclash/rogue-ca/ Users should delete all those ~139 garbage CA's, only add in the ones they find they need during use, easily scripted and tooled, start with say the... - LetsEncrypt chain And force TLS pubkey fingerprint pin check on critical services. Search web for howtos. At minimum require user / install to ack before use... mv /etc/ssl/certs.shipped_disabled /etc/ssl/certs From owner-freebsd-questions@freebsd.org Thu Feb 25 14:17:17 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 72E28564D86 for ; Thu, 25 Feb 2021 14:17:17 +0000 (UTC) (envelope-from adm.poliveira@gmail.com) Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com [IPv6:2a00:1450:4864:20::12a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DmZcD0wzTz4nN3 for ; Thu, 25 Feb 2021 14:17:15 +0000 (UTC) (envelope-from adm.poliveira@gmail.com) Received: by mail-lf1-x12a.google.com with SMTP id e7so8818048lft.2 for ; Thu, 25 Feb 2021 06:17:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=93yNJimss6J2YbD3u939DfaDyx4CRxTXp/DNJfNjGfc=; b=W2O4qtphAjYlT2+f+1IWqi8/HjyKv+8r5gbpVGCLsXkJ8Ppv8txDumhxkiH2bcvGFm c2ZH/0BSq2POON+Zx00n90gFPT/MdkB03//v0qsq9W3cRoYdYJjTjBz/4Lwg8OuzczOx YnOoj1+7rHCptpBsA+xC9JQ6xc4zMqIegEMCslRz6SDhZwL7agr0MdzKo4bntPaNwHch 8lEFNwIYU+Hjo3nz6p9LFr1TuTJuqvlGa7cG2NTVc5PbPtTwjPEcdR3L8rZoNrjQAla0 xh43AvUMQyXwM+5SWF+KdVi3X1GGJFf+g1vZgyrgXWIukRh+eCK1NMOFHOjaE0pyePHY CRVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=93yNJimss6J2YbD3u939DfaDyx4CRxTXp/DNJfNjGfc=; b=VwHlDWzAUjQd4dnrxmEblcZtGHCA6bqCWp8ApSOdbg9BDItlLp9ykZIXJEnfdPhUT8 Rd8dEkNlAEKNe7A9Q5I4YqVPicKk51FG6tRty4E+Wu3AixZDfuIJjON9cq7kmBWUX1E+ s5lgorjOiyrNhIY+nupVG7W7vP0mau4yoaUyR4NOX0pWApB5UAmReY8VwfLzdAondEva zzSNL7WWClqUq0dWzZ6w2mJ4mHHU6oYMQRUuJVFkQTbL+Griv+Jis5ZMa0wdfdnDlTb6 BepnPGbFYqkR7OAUMKRtk7TEYcV0XweAX30uArPYcXpROUpTIerSSsFUF+SPhTKxo/WQ EKVA== X-Gm-Message-State: AOAM532+OhLGI56MMTaeEm25rBBGslWcM/f9aPb93scmhE/+fm/EM3lo NVNQePmuPRoikF/fyr2C0niUfsS3RRoK9cfSrOmpBXQlGMlVSw== X-Google-Smtp-Source: ABdhPJxra5QwB0n2PMvUeiJNj6rUh6B7FfdK/r85En+IWbDHvxaOfim1+/9N7Lq0O9Qn14NhfEdBYhws3G8i3ecdFKM= X-Received: by 2002:a05:6512:4d9:: with SMTP id w25mr2054912lfq.436.1614262633809; Thu, 25 Feb 2021 06:17:13 -0800 (PST) MIME-Version: 1.0 From: Pedro Oliveira Date: Thu, 25 Feb 2021 11:17:02 -0300 Message-ID: Subject: Driver for RTL8192EE PCIe Wireless Network Adapter - chip=0x818b10ec To: freebsd-questions@freebsd.org X-Rspamd-Queue-Id: 4DmZcD0wzTz4nN3 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=W2O4qtph; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of admpoliveira@gmail.com designates 2a00:1450:4864:20::12a as permitted sender) smtp.mailfrom=admpoliveira@gmail.com X-Spamd-Result: default: False [-4.00 / 15.00]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::12a:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::12a:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::12a:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2021 14:17:17 -0000 Dear, *Do you know if there is a driver for RTL8192EE PCIe Wireless Network Adapter - chip=0x818b10ec compatible with FreeBSD 12.2-RELEASE?* I have on hand a Realtek RTL8192EE PCIe Wireless Network Adapter with chip=0x818b10ec, but it isn't detected on Firewall pfSense 2.5.0-RELEASE. Since I have it on hands I would like to assure that I don't need to buy another one. The Firewall is serving one small business, so if this card could work fine, the separated AP connected to the firewall nowadays could be moved for another department. Logs can be found in https://forum.netgate.com/topic/161257/rtl8192ee-pcie-wireless-network-adapter-chip-0x818b10ec/1 Thanks! Regards Pedro Oliveira From owner-freebsd-questions@freebsd.org Thu Feb 25 16:42:34 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2DF9E569394 for ; Thu, 25 Feb 2021 16:42:34 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from p-impout001.msg.pkvw.co.charter.net (p-impout001aa.msg.pkvw.co.charter.net [47.43.26.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "Client", Issuer "CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dmdqs0lfrz50vp for ; Thu, 25 Feb 2021 16:42:32 +0000 (UTC) (envelope-from freebsd@twc.com) Received: from [192.168.1.5] ([74.132.18.25]) by cmsmtp with ESMTPA id FJibluk703zKgFJiblrqGa; Thu, 25 Feb 2021 16:42:25 +0000 X-Authority-Analysis: v=2.3 cv=ZLOpZkzb c=1 sm=1 tr=0 a=6dKv8Xy78h5PIHsve0hi3A==:117 a=6dKv8Xy78h5PIHsve0hi3A==:17 a=IkcTkHD0fZMA:10 a=WAsR5ml0AAAA:8 a=6I5d2MoRAAAA:8 a=9R_tvCWaS4ghHo9M-AQA:9 a=QEXdDO2ut3YA:10 a=e1hkA_7M0PtsVxwlwkgz:22 a=IjZwj45LgO3ly-622nXo:22 Subject: Re: Driver for RTL8192EE PCIe Wireless Network Adapter - chip=0x818b10ec To: freebsd-questions@freebsd.org References: From: Steven Friedrich Message-ID: <5115e951-8d42-e5cc-1cec-5adba74578a0@TWC.com> Date: Thu, 25 Feb 2021 11:42:25 -0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US X-CMAE-Envelope: MS4wfMO/ndayVH2+935hHCP+UlxK5T8pS8wzwYjHJNOIIQdcvz5A0TVeoojg3mC+ldtqqkuZp6bUhNjOIm0QaEG6aASwsoPJukhW8wZnf7urrpBuQ5wfUZm6 CWzyW/GK+X+PQX2hMY5W36uNPHJBDTvKYUQ9C2WX1Kh1trEYjUbvcsQM4z1lmctG0NzSxjMqa3G2Jw== X-Rspamd-Queue-Id: 4Dmdqs0lfrz50vp X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@twc.com designates 47.43.26.132 as permitted sender) smtp.mailfrom=freebsd@twc.com X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_TLS_LAST(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[47.43.26.132:from]; FREEMAIL_FROM(0.00)[TWC.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[47.43.26.132:from:127.0.2.255]; RECEIVED_SPAMHAUS_PBL(0.00)[74.132.18.25:received]; DMARC_NA(0.00)[TWC.com]; R_SPF_ALLOW(-0.20)[+ip4:47.43.26.0/24]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; FREEMAIL_ENVFROM(0.00)[twc.com]; ASN(0.00)[asn:40294, ipnet:47.43.24.0/21, country:US]; MIME_TRACE(0.00)[0:+]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2021 16:42:34 -0000 Try rtwn. On 2/25/2021 9:17 AM, Pedro Oliveira wrote: > Dear, > > *Do you know if there is a driver for RTL8192EE PCIe Wireless Network > Adapter - chip=0x818b10ec compatible with FreeBSD 12.2-RELEASE?* > > I have on hand a Realtek RTL8192EE PCIe Wireless Network Adapter with > chip=0x818b10ec, but it isn't detected on Firewall pfSense 2.5.0-RELEASE. > Since I have it on hands I would like to assure that I don't need to buy > another one. The Firewall is serving one small business, so if this card > could work fine, the separated AP connected to the firewall nowadays could > be moved for another department. > > Logs can be found in > https://forum.netgate.com/topic/161257/rtl8192ee-pcie-wireless-network-adapter-chip-0x818b10ec/1 > > Thanks! Regards > > Pedro Oliveira > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" From owner-freebsd-questions@freebsd.org Thu Feb 25 18:30:35 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AEE2156C024 for ; Thu, 25 Feb 2021 18:30:35 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from mx32.harte-lyne.ca (mx32.harte-lyne.ca [216.185.71.32]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mx32.harte-lyne.ca", Issuer "CA_HLL_ISSUER_2016" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DmhDT2ydTz59Ds for ; Thu, 25 Feb 2021 18:30:32 +0000 (UTC) (envelope-from byrnejb@harte-lyne.ca) Received: from mx32.harte-lyne.ca (localhost [127.0.32.1]) by mx32.harte-lyne.ca (Postfix) with ESMTP id 4A1355B546; Thu, 25 Feb 2021 13:30:28 -0500 (EST) X-Virus-Scanned: amavisd-new at harte-lyne.ca Received: from mx32.harte-lyne.ca ([127.0.32.1]) by mx32.harte-lyne.ca (mx32.harte-lyne.ca [127.0.32.1]) (amavisd-new, port 10024) with ESMTP id vk8WMyIbKm36; Thu, 25 Feb 2021 13:30:26 -0500 (EST) Received: from webmail.harte-lyne.ca (webmail.hamilton.harte-lyne.ca [216.185.71.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx32.harte-lyne.ca (Postfix) with ESMTPSA id BA20E5B53B; Thu, 25 Feb 2021 13:30:25 -0500 (EST) Received: from 216.185.71.41 (SquirrelMail authenticated user byrnejb_hll) by webmail.harte-lyne.ca with HTTP; Thu, 25 Feb 2021 13:30:26 -0500 Message-ID: <3e5785862e9208f26fe9b95106120a44.squirrel@webmail.harte-lyne.ca> In-Reply-To: References: Date: Thu, 25 Feb 2021 13:30:26 -0500 Subject: Re: SSL Certificates in base From: "James B. Byrne" To: "Andrea Venturoli" Cc: freebsd-questions@freebsd.org Reply-To: byrnejb@harte-lyne.ca User-Agent: SquirrelMail/1.4.23 [SVN] MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Rspamd-Queue-Id: 4DmhDT2ydTz59Ds X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.70 / 15.00]; HAS_REPLYTO(0.00)[byrnejb@harte-lyne.ca]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:216.185.71.0/26]; REPLYTO_ADDR_EQ_FROM(0.00)[]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; RCVD_IN_DNSWL_MED(-0.20)[216.185.71.32:from]; RCPT_COUNT_TWO(0.00)[2]; HAS_X_PRIO_THREE(0.00)[3]; DKIM_TRACE(0.00)[harte-lyne.ca:+]; DMARC_POLICY_ALLOW(-0.50)[harte-lyne.ca,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:12021, ipnet:216.185.64.0/20, country:CA]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; RCVD_COUNT_FIVE(0.00)[5]; R_DKIM_ALLOW(-0.20)[harte-lyne.ca:s=dkim_hll]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DWL_DNSWL_LOW(-1.00)[harte-lyne.ca:dkim]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2021 18:30:35 -0000 We provide our own CAs and in consequence our certificates are not part of the ca_root_nss package. What we did was to produce our own ca_bundle, but it in /usr/local/share/certs and append these to the bundle installed by ca_root_nss. We have a script that manages this for us that needs to be run after each nss update: cat bin/mv_nss_cert.sh #!/usr/local/bin/bash # mv_nss_cert.sh 2019-03-24 JBB mv /usr/local/share/certs/ca-root-nss.crt \ /usr/local/share/certs/ca-root-nss.crt-$(date +"%Y%m%d") ;\ cat /usr/local/share/certs/ca-root-nss.crt-$(date +"%Y%m%d") \ /usr/local/share/certs/CA_HLL_PKI_2016_ca-bundle.crt \ /usr/local/share/certs/CA_HLL_PKI_2008_ca-bundle.crt \ > /usr/local/share/certs/ca-root-nss.crt && \ cp -p /usr/local/share/certs/ca-root-nss.crt \ /usr/local/share/certs/ca-root-nss-hll.crt && \ cp -p /usr/local/share/certs/ca-root-nss-hll.crt \ /usr/local/etc/pki/tls/certs/ && \ cp -p /usr/local/share/certs/ca-root-nss-hll.crt \ /usr/local/etc/pki/tls/certs/ca-bundle.crt #EOF We use /usr/local/etc/pki/tls/ for our application specific keys and certs, which is why that part of the script exists. You can just delete the last two cps. The script saves the original updated nss ca_bundle with a date stamp appended to the file name. It then appends our ca bundle to the update bundle and copies that file to a local version. The locations of application certs and keys are specific to each application. Typically these locations are configured in application specific .conf files. What we add to the nss bundle simply allows certs issued by our CAs to be recognized as trusted. On Wed, February 24, 2021 03:57, Andrea Venturoli wrote: > Hello again. > > Sorry if this a dumb question or FAQ: I tried, but failed to find any > official documentation on this. > > In the past, I've always installed security/ca_root_nss to let SSL work, > as there were no CA certificates in base. > 12.2 (and possibly older 12.x, I don't know) already provide several > certificates in /usr/share/certs/trusted. > > How are we expected to deal with this? > Is security/ca_root_nss still needed/suggested? > Is it expected to be obsoleted (although easier to update)? > > What's the correct procedure to add additional certificates? > I guess just dropping them in /usr/share/certs/trusted won't be enough... > > bye & Thanks > av. > > -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Unencrypted messages have no legal claim to privacy Do NOT open attachments nor follow links sent by e-Mail James B. Byrne mailto:ByrneJB@Harte-Lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 From owner-freebsd-questions@freebsd.org Thu Feb 25 15:35:29 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DF67F566E0E for ; Thu, 25 Feb 2021 15:35:29 +0000 (UTC) (envelope-from rmsickler@gmail.com) Received: from mail-lf1-x133.google.com (mail-lf1-x133.google.com [IPv6:2a00:1450:4864:20::133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DmcLT1HqYz4tNq for ; Thu, 25 Feb 2021 15:35:28 +0000 (UTC) (envelope-from rmsickler@gmail.com) Received: by mail-lf1-x133.google.com with SMTP id 18so623845lff.6 for ; Thu, 25 Feb 2021 07:35:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=Pv3ipAb8vaQD3hYwA4NjSmtJh5QgBM8FLzZUkL9jnlI=; b=jsF3mKAHuf1bKFBpdfTxw4mEM1hUIfV0ZcdEpliR8fIsHk9kEqzfIEoDi1kljzg2pK FBPMTzI/o9ZxpMIeFAdg824q0acymFbvh1JrAipgGkSOFaCwHOEgPjsrYT0UqFLylFl1 qtlenqUwkMS/mAw5uIpdEvthalPbzOvhSuTqjqlOIt3YRNXj4d9wUEYao+Kg8gD32OH+ bhSTgu/douMOEkuHDU+QWyX8nbMzf2tf7bTq6L8cv1Es65Q/X/0Dw1YigwGLqwdWhlO4 FYDoeLbvyRinRqQEBQZM2ysYlOTM/Kx6yZ0rwbHT3PFmNfybgIAUaztXsnj+ReLTOk3Q +E0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=Pv3ipAb8vaQD3hYwA4NjSmtJh5QgBM8FLzZUkL9jnlI=; b=cg2fa4Q6x2hwQszoECa7p3+Mhw2ClTWeHwpk57CiQa9itSvUXOZ4tA3Z4BxGEARA7S S26IDdg4ntHo9QpBi4ScXDI+xkWUzw/p2tZSpIy3GgiKIStzYBLqEhMya4Aqy0H0d2Uq w9h+zH611xVxc75eSKYldFkAibGT9DJHP3NicUiEsFoTxcjOrGLWra89M/heFdk1BWrx eFaAPn7Ioksj+wP6LdUvlcqYk1RG0GbAn3ju5PhrLbjPnsjQqLkCxzzuSHmt3GJPAEVC DyX4ArMOTmFqBDbGUfuROJPjTAh4INP//R0qbiITgUKrYRCbrNw9gPpjcIBzXAUG5pt2 Gh2Q== X-Gm-Message-State: AOAM530iXkyZAEJMPb3MWEQBBj+ORQkg8cUQXiZipkzDcUqLtps1oMwP LxBL61lytJsWYQttwRgeGoxojYtFNmlyQo8yzI1KbJ2bwB0= X-Google-Smtp-Source: ABdhPJywdQFM4eugaVP2OfqW4tyr7qkv1lSgL9i3R94Kh1rDf+MazvJJmHYN1itqi5+J1x1U/PrGO4iuZr2et0wmFTc= X-Received: by 2002:a19:e007:: with SMTP id x7mr2355050lfg.280.1614267326671; Thu, 25 Feb 2021 07:35:26 -0800 (PST) MIME-Version: 1.0 From: Raymond Sickler Date: Thu, 25 Feb 2021 10:35:13 -0500 Message-ID: Subject: Freebsd-update To: freebsd-questions@freebsd.org X-Rspamd-Queue-Id: 4DmcLT1HqYz4tNq X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=jsF3mKAH; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of rmsickler@gmail.com designates 2a00:1450:4864:20::133 as permitted sender) smtp.mailfrom=rmsickler@gmail.com X-Spamd-Result: default: False [-3.99 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.99)[-0.992]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::133:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::133:from:127.0.2.255]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::133:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-Mailman-Approved-At: Thu, 25 Feb 2021 19:18:12 +0000 Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2021 15:35:29 -0000 In the manual it says: Freebsd-update fetch Freebsd-update install If you put it in one line: Freebsd-update fetch install It works perfectly No need to re-run freebsd-update install. Thank you Raymond Sickler From owner-freebsd-questions@freebsd.org Thu Feb 25 19:46:23 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0CD3B56E33C for ; Thu, 25 Feb 2021 19:46:23 +0000 (UTC) (envelope-from Norman.Gray@glasgow.ac.uk) Received: from plockton.cent.gla.ac.uk (plockton.cent.gla.ac.uk [130.209.16.75]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dmjvx4hPpz3JmW for ; Thu, 25 Feb 2021 19:46:21 +0000 (UTC) (envelope-from Norman.Gray@glasgow.ac.uk) Received: from cas07.campus.gla.ac.uk ([130.209.14.164]) by plockton.cent.gla.ac.uk with esmtp (Exim 4.72) (envelope-from ) id 1lFMaZ-0007av-BM for freebsd-questions@freebsd.org; Thu, 25 Feb 2021 19:46:19 +0000 Received: from cas07.campus.gla.ac.uk (130.209.14.164) by cas07.campus.gla.ac.uk (130.209.14.164) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Thu, 25 Feb 2021 19:46:18 +0000 Received: from GBR01-CWL-obe.outbound.protection.outlook.com (104.47.20.54) by cas07.campus.gla.ac.uk (130.209.14.164) with Microsoft SMTP Server (TLS) id 15.0.1497.2 via Frontend Transport; Thu, 25 Feb 2021 19:46:18 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=NctjrDxvSAZcBCb/gidYgCX7Rd+rresBwnDZkdiEOTgy6TVr1i6MKGaMiYuET2t391peYf/Tf4GqOvHdKwbIXi5P7dhEWUWJ6OT3WOKiZIsvHC24fkPFzFhu4ah4n8LhrT/FBmQnVTG6dHVh45VxQx3T1048I3MoRZIe+G3x1A9anFhQpYI6KdkBXV0Ifc3oIbB94C8ZBEXyk9+T3nCiQe6c98tG2QeMH3JAW39WpqTkSQAu0oAZYuquKXsG5zM7CiG93H0kFNYYwn9BVRfWOeuJ/MT8GetUSC71IuNgRdhv3hdAt1olMqukzmyNC58WENUwKmnRzigfTTyZDZ1LGQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wXZ0LDi2n4+xKq90Bcrul+qMTIrkqJo/RkFAnphf0GM=; b=iT2AiyMakYQN4/2b282BaeNBUkYe4LVb7ZoOjULlUkr0Wfi9Rq0AqFtZVa+Rm77aEBEESUJhQHCR6wYUA5c0Nh4PP7GSCvDYV1DDmq9HE1v35vaw05fB762bQwIJcZIGReK/DNERnOUC0IAPtWOIVd9LuhdKLNJnnxyaHhlvJ5x57+sOiMokcuS5K7cUGte3N3iq1V/E8xF48i+J+Ekno/qNWhRpZ2ggAZIKUWx1xi0jGS7B3XivW8fTN/A2tn4uytHu+uZ/5nGEewveRVtiIsPl18tycQmhAj+E3X/7ix4xWliDjd0rZmnJpzpHf1GuSE+D6OTCwbgJpKnuMKVvwg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=glasgow.ac.uk; dmarc=pass action=none header.from=glasgow.ac.uk; dkim=pass header.d=glasgow.ac.uk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gla.onmicrosoft.com; s=selector2-gla-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wXZ0LDi2n4+xKq90Bcrul+qMTIrkqJo/RkFAnphf0GM=; b=LaVCf4lG/cA4BpbIJLEEU6VpGAdk73OkEhmxvJaJdjXuH0zwgvawsZULRWoD7LCUZ5P/LNYcZmTzw64AuwEonWq4vrwQ7KQncEE3nS+PEqoRUoiigtw628508Jsxav8sCI1qwSjgOIM+dsMb/rsCOGYjvDUnSMj9jKpFcin4Rmc= Received: from CWLP265MB3604.GBRP265.PROD.OUTLOOK.COM (2603:10a6:400:f3::6) by CWLP265MB3044.GBRP265.PROD.OUTLOOK.COM (2603:10a6:400:d0::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.31; Thu, 25 Feb 2021 19:46:18 +0000 Received: from CWLP265MB3604.GBRP265.PROD.OUTLOOK.COM ([fe80::5cc2:2eae:6fc7:6e42]) by CWLP265MB3604.GBRP265.PROD.OUTLOOK.COM ([fe80::5cc2:2eae:6fc7:6e42%7]) with mapi id 15.20.3868.034; Thu, 25 Feb 2021 19:46:18 +0000 From: Norman Gray To: FreeBSD Mailing List Subject: Package manifest documentation Date: Thu, 25 Feb 2021 19:46:16 +0000 X-Mailer: MailMate (1.14r5769) Message-ID: <036EF329-A35D-42F1-A1B8-2D8B4D8DA90D@glasgow.ac.uk> Content-Type: text/plain; format=flowed Content-Transfer-Encoding: quoted-printable X-Originating-IP: [81.2.70.164] X-ClientProxiedBy: LO3P265CA0001.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:bb::6) To CWLP265MB3604.GBRP265.PROD.OUTLOOK.COM (2603:10a6:400:f3::6) MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from [130.209.151.245] (81.2.70.164) by LO3P265CA0001.GBRP265.PROD.OUTLOOK.COM (2603:10a6:600:bb::6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.30 via Frontend Transport; Thu, 25 Feb 2021 19:46:18 +0000 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 8c2c4abf-9d6e-48bc-5d04-08d8d9c604de X-MS-TrafficTypeDiagnostic: CWLP265MB3044: X-MS-Exchange-Transport-Forked: True X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:10000; X-MS-Exchange-SenderADCheck: 1 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: evYCJT/j3Ra2szBqJi/NZwSqFM58U4g60bewHIUIFdGKRxLWsJ1463Aqi9CTbReKFDF/f5nDyy910ohlpNDSjELINkfburZDWY2Sv0Hf0YsCN3phP83IQbGpQJiApHKfn5CQnHT+unX6sMjwux9E9xP/O4+7c2oso7h63mD2VF9kmx7Hfd+/WwdjS5pVYLXPCskDdbwZHqD8QqYSXwHEzFDL/2ZXS3mCT9o8M/vbdwqcP8++AvjZoVELRtH7Db+K/tjc5A3qeFYEswVBdROFJ+jtMiqgSPpCP8Re19zHbEv3IwmFQF3aJ9DSOrzSWzzsTsafwhcSS340sHVD8H+2OLyS0YbtZw0GhIEH0KTcKR+lYJFUtRClS67oEf/gtWqjhenSLWhA3dzIGmeWlPnAMtGUL6nB7EfPXqU/jJJvqT6zgAJ0MX/iuxnbfx8rCG3TacDHKwqMKzYSrGzm9ekTXrt6PvCSZmaZ++14udubOHWStVJeBPfFST6GOCIB/z3mhmlnKLQ7FTVPklNWbvS/cmCRWY96MonOP9W4G6kyq5TvUHIKrXgs63eW/MvUSE3z6RSu3Q+nl40bKJ+OdHCIM3HEuB5cyiDrcglwP9yOTtu1Y0ZQNvx7wPfWpOOIE9SYVcGFi1K7BgVdMzsW2P/zf6YQ5Y+3djo1zDxjbAL/Dei/vdK/RHnpuZ7WcBy8hYE6tJG21b9sjNDfrBMm7SpfMw== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CWLP265MB3604.GBRP265.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(4636009)(346002)(376002)(366004)(39860400002)(136003)(396003)(3480700007)(6916009)(83380400001)(6706004)(66476007)(66946007)(36756003)(7116003)(66556008)(86362001)(786003)(2906002)(316002)(966005)(478600001)(16576012)(6486002)(956004)(8676002)(186003)(16526019)(33656002)(8936002)(5660300002)(2616005)(26005)(44832011)(78286007)(45980500001)(130860200001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData: =?us-ascii?Q?l0jtiQkDrG9vnW5cb8tgkeu/1sRpEKbtRUxrAtahJ0bZ71X739p7+vxbXtFC?= =?us-ascii?Q?rfPVquAkyIQFgEmWvJPJCxE6htj0LteNyq4lD0Ymdc75l2kS7iS6Q5/9if7x?= =?us-ascii?Q?IUcD1mZfmtxp/ybYvz3K0l3KLXNMUHuBaFeAvMSSTClqGp1IZW4u5VSEfYXQ?= =?us-ascii?Q?lBts2GTGCJ/c7fl4z+D/bpWSaVq8YdXu7kiIeopBjQEIE4fcZwYQKsRhId3P?= =?us-ascii?Q?Wi0OSB04SatSNYupVSHux1YKaBxbn0hc89U7kaDvy0XSzjL9f8l9zEjvYAR6?= =?us-ascii?Q?LLc5HI+WdfC6Nl1PHrNGDMAmHcMSWdx8jKli+CRZkfVL3oCOYCy+C4z4Fzw5?= =?us-ascii?Q?BBlo8KOxnCOypSDcweGoErgHtX8ktAGNrfEjESNGxIsfTmQggzg5UFGcYp0j?= =?us-ascii?Q?jhy3Lk4QwkfgCrgUXFxJ0apZax4vYT9w/90JjPZ3wj78tpVIhcVQKqTDinRO?= =?us-ascii?Q?MXw6PgNvi1uWfodqPNXGbJVJ74xp/nl1hreWDgUxrHyaftrBy707liu5Z9b8?= =?us-ascii?Q?WbyDATm7a54n1neyAHv/D6fe9LS1HRltRfA0L+S8FYkQExOQFM9827FgwUCh?= =?us-ascii?Q?msePLOMEUskUHpZ0FNoLLPp9M8ddhdLR58Mt8BJf81LC0V8bRzah3GDItLhb?= =?us-ascii?Q?Z5wfH9ZfR8nCF9xnQfa65/xxohhLackofzutL5Oaj6gZ9lom2Emm4vuk6Et7?= =?us-ascii?Q?Ir8DD5WJeYhcRhPQ03NjLLVq6aEZsvHSmUb58PWErdTqXjH9s39E3YbGRBFD?= =?us-ascii?Q?VK0kb9tCjM3ji+tw3abFSIMH37QV5N5nQWmBnpHzly6J9xJ2c7GgzH+nxCn6?= =?us-ascii?Q?UfBYEzo4zgvAgz8aPqOLVk/taJK+YpAYVM2IoYNNpUvrgbXiQ7rEKotF+GYo?= =?us-ascii?Q?qQ4RqI9eOAcXedQO2SwfrhQ1DOZS8qcxSM4TxB0DSomCMgyAHo/9rn0jdWo8?= =?us-ascii?Q?D1xEuTYcWlW00m0PlvvnO7UmVLO7phQfKbPxfiDPlOsvyNa08CkS+phjlQTR?= =?us-ascii?Q?Ie+BicjgJkaM/8t3iLJZVb02ll51+DcWt7H2TfUWZULNzhgtWFV1dE/wSUzV?= =?us-ascii?Q?kqLLrrpWOAIgx9fym0hZXboO7abbOkSn+PwkBkfQcTVw7Ogj1vCtUgdSkodU?= =?us-ascii?Q?XSVOu5PNsJsq+esEvU2QUcUWNdNziojCojavZ62EUcGUWpTlZuzwmge40aiI?= =?us-ascii?Q?3MPQUsuFt5gy6lMIT7pSL3qgFjxqet1BQciAVhq5E1wALICJ90kq/MzgD6z1?= =?us-ascii?Q?0CYTC7edU9HsGJwEpnQ/H4XiOfHQ7SXxghLawrXYFs9sCNn+eM2TlEQ/XArH?= =?us-ascii?Q?YfYWB9Uk8K/fVXjLmshXg5ws?= X-MS-Exchange-CrossTenant-Network-Message-Id: 8c2c4abf-9d6e-48bc-5d04-08d8d9c604de X-MS-Exchange-CrossTenant-AuthSource: CWLP265MB3604.GBRP265.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Feb 2021 19:46:18.3230 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 6e725c29-763a-4f50-81f2-2e254f0133c8 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 074FegobkGCa+OxaEC/0YNsO1LWSvaqdhvGzK5jzxznSMyWUAwF0rQXOG4r5DdPXsEwZB6Tfj12BBDxBCQgYzGqkD03jczBB3i6UG62QyjA= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CWLP265MB3044 X-OriginatorOrg: glasgow.ac.uk X-Rspamd-Queue-Id: 4Dmjvx4hPpz3JmW X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gla.onmicrosoft.com header.s=selector2-gla-onmicrosoft-com header.b=LaVCf4lG; arc=pass (microsoft.com:s=arcselector9901:i=1); dmarc=none; spf=none (mx1.freebsd.org: domain of Norman.Gray@glasgow.ac.uk has no SPF policy when checking 130.209.16.75) smtp.mailfrom=Norman.Gray@glasgow.ac.uk X-Spamd-Result: default: False [-2.50 / 15.00]; MID_RHS_MATCH_FROM(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gla.onmicrosoft.com:s=selector2-gla-onmicrosoft-com]; HAS_XOIP(0.00)[]; FROM_HAS_DN(0.00)[]; RWL_MAILSPIKE_GOOD(0.00)[130.209.16.75:from]; R_MISSING_CHARSET(2.50)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[glasgow.ac.uk]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.00)[-1.000]; TO_DN_ALL(0.00)[]; RCVD_IN_DNSWL_MED(-0.20)[130.209.16.75:from]; DKIM_TRACE(0.00)[gla.onmicrosoft.com:+]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:786, ipnet:130.209.0.0/16, country:GB]; RCVD_COUNT_SEVEN(0.00)[7]; MAILMAN_DEST(0.00)[freebsd-questions]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Feb 2021 19:46:23 -0000 Greetings. Is there any comprehensive documentation of the format of pkg manifest = files? Answer: yes, there does appear to be (see at end), but it's much harder = to find than I think it should be. Re which, read on. The pkg-create(8) manpage mentions some relevant keywords for the file, = but doesn't say anything about the syntax. It illustrates the 'desc' keyword with a here-string after an '=3D' sign,= = but illustrates 'deps' with some JSON-like syntax, complete with quotes = around keywords. I see issue [1] from 2015, which is asking the same question. I could I = suppose add a +1 to this issue. Dumping a package manifest with `pkg info -R` I see something I can = probably imitate, but there are plenty of keywords in there that aren't = mentioned in pkg-create. Are these documenting the same file? Issues such as [2] mention a UCL syntax in passing, but libucl(3) = mentions only a library for parsing this syntax, not what the syntax is. = 'UCL' isn't mentioned in pkg-create(8) at all. Templates elsewhere online (eg [3]) illustrate a 'key: value' syntax, = which _appears_, from the dumped manifest, to be current. Also, has the syntax changed? I have a manifest file which I wrote = myself some while ago (11.x, I think?), which has a files { hash = filename ... } entry, which doesn't work with 12.x, and I now see only a = 'file' key mentioned in pkg-create(8). Looking at a dumped manifest, it = appears that this should now be files: { file: hash,...}. The Handbook doesn't mention package creation at all, nor does the = Developers' Handbook. In the Porter's Handbook [4] I do see a link to UCL [5] (hooray!), but = that seems to document four _different_ syntaxes, which is interesting = but not particularly helpful (since it's three more than I want to learn = about right now). This handbook somewhat surprisingly doesn't seem to = mention pkg-create at all, but does mention pkg-plist (Sect.3.2.2), = which pkg-create describes as 'legacy'. I'm getting a picture as follows: * the manifest is in a 'UCL' syntax, which is documented only on = github * since this has multiple syntaxes (presumably I can use any of the = UCL syntaxes in here?), the pkg-create(8) manpage only documents key = names * there are more manifest keywords available than are mentioned in = pkg-create(8) * the syntax for pkg-create manifests has changed significantly in = recent releases Is that right? I also see a FreeBSD bug [6] mentioning the file/files thing I mentioned = above. At _this_ point, pointed to from the bugparade, I find = , which is about 'pkg', not 'pkgng', and = which points to the Github page at as = the source, which does include an example. A suggestion: It would be *ahem* really useful if the manpage could lead = me to this information by a slightly more direct route. It would = probably be more efficient, in fact, if the sections on 'manifest file = details' and 'plist format' were simply deleted from the manpage, and = replaced by a pointer to GitHub. Best wishes, Norman [1] https://github.com/freebsd/pkg/issues/1331 [2] https://github.com/freebsd/pkg/issues/1933 [3] = https://github.com/dwcarder/oneoff-pkg-create/blob/master/manifest_templa= te.example [4] https://docs.freebsd.org/en/books/porters-handbook/#pkg-files [5] https://github.com/vstakhov/libucl [6] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D250834 -- = Norman Gray : http://www.astro.gla.ac.uk/users/norman/it/ Research IT Coordinator SUPA School of Physics and Astronomy, University of Glasgow, UK Charity number SC004401 From owner-freebsd-questions@freebsd.org Fri Feb 26 01:07:59 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 713AF55050B; Fri, 26 Feb 2021 01:07:59 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dms331vbsz4Vyf; Fri, 26 Feb 2021 01:07:58 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 11Q17pTX069165 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 25 Feb 2021 17:07:51 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 11Q17pTp069164; Thu, 25 Feb 2021 17:07:51 -0800 (PST) (envelope-from jmg) Date: Thu, 25 Feb 2021 17:07:50 -0800 From: John-Mark Gurney To: grarpamp Cc: freebsd-security@freebsd.org, freebsd-questions@freebsd.org Subject: Re: CA's TLS Certificate Bundle in base = BAD Message-ID: <20210226010750.GY5246@funkthat.com> Mail-Followup-To: grarpamp , freebsd-security@freebsd.org, freebsd-questions@freebsd.org References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Thu, 25 Feb 2021 17:07:51 -0800 (PST) X-Rspamd-Queue-Id: 4Dms331vbsz4Vyf X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-Mailman-Approved-At: Fri, 26 Feb 2021 06:27:43 +0000 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Feb 2021 01:07:59 -0000 grarpamp wrote this message on Wed, Feb 24, 2021 at 23:38 -0500: > FYI... > > Third party CA's are an untrusted automagical nightmare of global and > local MITM risk... Do you delete all the CA's from your browsers then? Having tried to verify the certificate for a bank when verisign f'd up their cert really doesn't work, trust me I've tried it, the support has zero clue what you're talking about, and they have no process to handle such a question... > - CA's issuer gone wrong... Govt, Corp, Bribe, Rogue, Court, War, > Force Majeure, Crime, Hack, Spies, Lulz, etc. > - CA's store bundler gone wrong... Mozilla, Microsoft, Apple, BSD, etc > in same ways above. > - Undetected stolen unrevoked unchecked CA's, intermediates, server keys, etc. > - Total/targeted IP/DNS traffic user interception by agents, vpn's, > proxies, tor, mitmproxy, sslstrip, etc. > - Base asserting trust over all that, when reality none is due. It's even worse if you disable ALL cert checking, and force people to use --no-verify-peer, as then anyone can MitM the connection instead of a reduced set of people.. Considering that pkg used to, by default, d/l packages in clear text, it was very easy to know if a FreeBSD box has CA installed or not, making someone who wants to MitM FreeBSD hosts have an idea of what machines they could likely MitM w/o getting caught making this even MORE dangerous... > There should be no non-FreeBSD.Org/Foundation CA's shipped in base. Except that FreeBSD.org doesn't have it's own CA. This means that either there isn't ANY certificate, and people couldn't securely d/l from www.freebsd.org out of the box, OR, we use let's encrypt cert, which means that 240 million+ websites would be supported out of the box... And as you say below, you really have a axe to grind w/ Let's Encrypt, despite them being more secure because of the short expiration of certs... Because CRL's are pretty much universally ignored... so, even if a CA (or a user) revokes a certificate, it's still likely mostly valid... > Its shipped pubkey fingerprint sets can bootstrap TLS infra pubkeys/prints > off bsd keyserver, to then pubkey pin TLS fetch(1) / pkg(8) / git(1) to reach > pkg ca_root_cert, git src ports repos, update, iso, etc. > See curl(1) --pinned-pubkey, GPG, etc. pkg install ca_root_cert was already able to be securely installed before this using a similar method.. > Users should delete all those ~139 garbage CA's, > only add in the ones they find they need during use, > easily scripted and tooled, start with say the... > - LetsEncrypt chain That's what the certctl tool is for, to let users easily able to do this.. certctl list | tail -n +2 | awk '{ print $1 }' | xargs -n 1 certctl blacklist > And force TLS pubkey fingerprint pin check on critical services. > > Search web for howtos. > > At minimum require user / install to ack before use... > mv /etc/ssl/certs.shipped_disabled /etc/ssl/certs Last I checked no browser requires users to ack to install those CA's have you attempted to pressure them to? I'm personally much happier to have them installed by default then before where people were using --no-verify-peer to d/l stuff. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-questions@freebsd.org Fri Feb 26 19:59:38 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B8E8D54D491 for ; Fri, 26 Feb 2021 19:59:38 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Received: from mail-wr1-x42f.google.com (mail-wr1-x42f.google.com [IPv6:2a00:1450:4864:20::42f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DnL8p0056z4pDg for ; Fri, 26 Feb 2021 19:59:37 +0000 (UTC) (envelope-from grahamperrin@gmail.com) Received: by mail-wr1-x42f.google.com with SMTP id l12so9711469wry.2 for ; Fri, 26 Feb 2021 11:59:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=OCNhuFZlgiU+bSemCadTZFkqXPVsR0zP8avpeex0c3s=; b=NuuoSxrosFfoYgW+DbAX9VSHCP44Fk5FQcUij+dUxWzIOcQWzWxRh7F07GtvLOKeaA xUjA8fKHtEhVxKqPQFram6PGxvmEChL7kqSwpu3G4GvzuWPIXIQT3Qk4VAOrS8AcXhh9 EjuQYtzSSWixINYHbwpIi1Ue8h+hwCNpkhol2xcJm10sRqpXEpy2qlykJ5CbFV47A9XH ZBBRZNrG1YhcLX5p9ZQi8QC4gI8xC3azbvxuF0sg0KE3uuz3XDe08EiM78O19Gy8exap w2K6HrpZrvOolHq6zxjA3pBAy+mjBk4h6tTLjlkYIpVysipo3qUnDf+OLBgal7m2b0sr J3Ng== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:cc:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=OCNhuFZlgiU+bSemCadTZFkqXPVsR0zP8avpeex0c3s=; b=qMg/Q9dft6+BmiQgSC5E3jMoeNq2mC+MV22lbEx7OJdu7WcFoFM2Ma99EE00Hh7/Sb bijUU/yF9e2TuGo9E6rxtn+R6Ep3IiJ5T2juIlt+XaOHlqSlo1Lu6LELJOCGLNzahE23 +qFA1rKp0TjixgU6pZBhb4wiTT01leWfMSXNVNwbTH2XmA+1ii0TQflOBwS86+trx47X iRVZdERHUqrpXb8pz2LDa3UwS35IBJ1r5akmEdUOHWiPhaiWHLowG1qmoStyVnkY0lGX sn52sl0qEscLGe/oK3GVqqmop5LsWmOvt2Krjg+2T91Ogx4TqyiVWnsX0OCAFY/vYroI 2XmA== X-Gm-Message-State: AOAM531bKBNIGMxzV+9r7XPQLCGyZRmmAEtTgxUlUSRtLJJwkrk8pkbL GIBCf4guIlDT6zZle+PPysqMYWxsXVEGkg== X-Google-Smtp-Source: ABdhPJzsoA/WFW0Br7fHR4fmHN8daWzyTIErPEvRb3XZMxvsAK2DDQb66u62FSMQRNCmycGRjf8wag== X-Received: by 2002:adf:fbce:: with SMTP id d14mr4716967wrs.44.1614369575917; Fri, 26 Feb 2021 11:59:35 -0800 (PST) Received: from [192.168.1.13] (88-105-96-80.dynamic.dsl.as9105.com. [88.105.96.80]) by smtp.gmail.com with ESMTPSA id f16sm13466217wrt.21.2021.02.26.11.59.35 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 26 Feb 2021 11:59:35 -0800 (PST) Subject: FreeBSD wiki for pkg (was: Package manifest documentation) To: Norman Gray References: <036EF329-A35D-42F1-A1B8-2D8B4D8DA90D@glasgow.ac.uk> Cc: FreeBSD Mailing List From: Graham Perrin Message-ID: <3a8d46ec-9419-72cf-d983-8605ca551218@gmail.com> Date: Fri, 26 Feb 2021 19:59:34 +0000 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.8.0 MIME-Version: 1.0 In-Reply-To: <036EF329-A35D-42F1-A1B8-2D8B4D8DA90D@glasgow.ac.uk> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-GB X-Rspamd-Queue-Id: 4DnL8p0056z4pDg X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=NuuoSxro; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grahamperrin@gmail.com designates 2a00:1450:4864:20::42f as permitted sender) smtp.mailfrom=grahamperrin@gmail.com X-Spamd-Result: default: False [-2.43 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RECEIVED_SPAMHAUS_PBL(0.00)[88.105.96.80:received]; FROM_EQ_ENVFROM(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::42f:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MID_RHS_MATCH_FROM(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; NEURAL_SPAM_SHORT(0.57)[0.566]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::42f:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::42f:from]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Feb 2021 19:59:38 -0000 Dear Glasgow, On 25/02/2021 19:46, Norman Gray wrote: > > Greetings. > > … , which is about 'pkg', not 'pkgng', … Wiki page updated. Yours affectionately, Sussex From owner-freebsd-questions@freebsd.org Sat Feb 27 00:28:02 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 63B8E554F1E for ; Sat, 27 Feb 2021 00:28:02 +0000 (UTC) (envelope-from paul@ifdnrg.com) Received: from smtp-01.ifdnrg.com (smtp-01.ifdnrg.com [193.200.99.57]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp-01.ifdnrg.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DnS6T18l9z3PCh for ; Sat, 27 Feb 2021 00:28:00 +0000 (UTC) (envelope-from paul@ifdnrg.com) Received: from outbound.ifdnrg.com (outbound.ifdnrg.com [193.200.98.22]) by smtp-01.ifdnrg.com (8.16.1/8.15.2) with ESMTPS id 11R0Rojg029254 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=FAIL) for ; Sat, 27 Feb 2021 00:27:50 GMT (envelope-from paul@ifdnrg.com) Received: from [192.168.0.182] (cpc145274-sgyl44-2-0-cust211.18-2.cable.virginm.net [92.236.80.212]) (authenticated bits=0) by outbound.ifdnrg.com (8.16.1/8.15.2) with ESMTPSA id 11R0RlZ9071571 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Sat, 27 Feb 2021 00:27:47 GMT (envelope-from paul@ifdnrg.com) Subject: Re: Certbot crashes after update of python installed To: freebsd-questions@freebsd.org References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> <014901d7090d$8f28ce80$ad7a6b80$@seibercom.net> From: Paul Macdonald Message-ID: <2e7fced3-af02-8757-ea87-d67ecb09df0a@ifdnrg.com> Date: Sat, 27 Feb 2021 00:27:53 +0000 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: <014901d7090d$8f28ce80$ad7a6b80$@seibercom.net> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-GB X-Rspamd-Queue-Id: 4DnS6T18l9z3PCh X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:193.200.98.0/23]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[ifdnrg.com:+]; DMARC_POLICY_ALLOW(-0.50)[ifdnrg.com,quarantine]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[193.200.99.57:from]; ASN(0.00)[asn:20860, ipnet:193.200.98.0/23, country:GB]; MID_RHS_MATCH_FROM(0.00)[]; RECEIVED_SPAMHAUS_PBL(0.00)[92.236.80.212:received]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[ifdnrg.com:s=ifdnrg-default]; FREEFALL_USER(0.00)[paul]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[193.200.99.57:from:127.0.2.255]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Feb 2021 00:28:02 -0000 > I search, and a PR has already been filed against it. < > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253756>. For anyone watching this, its fixed. just update security/py-openssl Paul -- ------------------------- Paul Macdonald IFDNRG Ltd Web and video hosting ------------------------- t: 0131 5548070 m: 07970339546 e: paul@ifdnrg.com w: http://www.ifdnrg.com ------------------------- IFDNRG 40 Maritime Street Edinburgh EH6 6SA ---------------------------------------------------- High Specification Dedicated Servers from £100.00pm ---------------------------------------------------- From owner-freebsd-questions@freebsd.org Sat Feb 27 01:47:26 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id AD892556D5C for ; Sat, 27 Feb 2021 01:47:26 +0000 (UTC) (envelope-from parv.0zero9@gmail.com) Received: from mail-wr1-x430.google.com (mail-wr1-x430.google.com [IPv6:2a00:1450:4864:20::430]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DnTt56k0Bz3jHD for ; Sat, 27 Feb 2021 01:47:25 +0000 (UTC) (envelope-from parv.0zero9@gmail.com) Received: by mail-wr1-x430.google.com with SMTP id h98so10300406wrh.11 for ; Fri, 26 Feb 2021 17:47:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=De25c7QiTk4N5mSBkRF71sWIKJ+KARRPx3zFAU9+NwU=; b=KF7dOkrglq7diTLB1fF042msblLO0YzeoX6mHxNGnJu1pciAZMr8XyzGpWGTqAz66/ C58JM+5rBOlqLXT06JXShN8hnVesZDLjYdETLUJokL/4fwMlUE3kNg2xiQqWOb2frcWM PUcRxXa0eB8ko5j8srmWG5tbWILLavp8JcjNNHn/cijuM6lJaW6/4C1fZIn6KeISih4q 7XzZnFvK4x4hFLQfuhw6dUyk8bpX2oZiMckul8GjQnPZ3NBZ7iBIcon8DgxEjZgk4dWp OhXeia1Rm6FMlq8XgJ/LgaTI872bSYDCaczeJUtDbhRcL8CppguGi92mIdxnmt+tq0HJ sa2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=De25c7QiTk4N5mSBkRF71sWIKJ+KARRPx3zFAU9+NwU=; b=nRcvIBAtZs5sFmYpElo7SCWDF11KsI8LnCSqM9Z2/Z8IEgdwyD9TnxiBjsPYVvpvDZ Pe3ORULqM6+It7LN8NT+fjX7YjGY21HLx8i1GtQAoMdZ61q6QH1rvNrKp674UKQnashN GgRKi1LI95ZyWIArw99xtEyonajvTQN70ja3urhOnHsJpWnLfVQN9gN4cGJRDoSATguU JV3rMbB5MY+xSV/hx2sqo+NcyRdXasIIksctZjbiOwt60SgumFyUOkaD4rho44/ajog/ JTE7Cmkn+/oXFd74uuGKULqII+sM7hO7v+5NKCAlS+fWtV+jRb7uAGiwpJa8MbzYz8XF FVhw== X-Gm-Message-State: AOAM5315YvDCRe5g+78GA+YjrUHf1c7SBNepOhojZlOKrALOJMlU8AGF 8ninlfkIlliTXt3tUyOunPCBtn8pDr1KqtCy4EONpdub X-Google-Smtp-Source: ABdhPJwVwTeBaEHbUc3L/eo0R95+gc3KiSUl30fVHhI8tnRyGK/oQhApgUYQTQv9Y64rDjHdwkLXM9hORcpfgLRpExY= X-Received: by 2002:adf:f1c4:: with SMTP id z4mr6126149wro.404.1614390443460; Fri, 26 Feb 2021 17:47:23 -0800 (PST) MIME-Version: 1.0 References: <018a01d70888$7b2fe5b0$718fb110$@seibercom.net> <20210221205146.364356E6BDB0@ary.qy> <014901d7090d$8f28ce80$ad7a6b80$@seibercom.net> <2e7fced3-af02-8757-ea87-d67ecb09df0a@ifdnrg.com> In-Reply-To: <2e7fced3-af02-8757-ea87-d67ecb09df0a@ifdnrg.com> From: "parv/freebsd" Date: Fri, 26 Feb 2021 15:46:41 -1000 Message-ID: Subject: Re: Certbot crashes after update of python installed To: Paul Macdonald Cc: freebsd-questions@freebsd.org X-Rspamd-Queue-Id: 4DnTt56k0Bz3jHD X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=KF7dOkrg; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of parv0zero9@gmail.com designates 2a00:1450:4864:20::430 as permitted sender) smtp.mailfrom=parv0zero9@gmail.com X-Spamd-Result: default: False [-3.91 / 15.00]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.91)[-0.907]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::430:from]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; TAGGED_FROM(0.00)[freebsd]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::430:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::430:from]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Feb 2021 01:47:26 -0000 On Fri, Feb 26, 2021 at 2:28 PM Paul Macdonald via freebsd-questions wrote: > > > I search, and a PR has already been filed against it. < > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253756>. > > > For anyone watching this, its fixed. > py-openssl was updated(?) to the version before Rust dependence, so "fixed" is only a workaround. Actual fix would account for Rust dependency on one way (install Rust) or other (py-openssl wheel built with Rust). - parv > just update security/py-openssl > From owner-freebsd-questions@freebsd.org Sat Feb 27 20:25:47 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id B0715551FA1 for ; Sat, 27 Feb 2021 20:25:47 +0000 (UTC) (envelope-from bsd@lordcow.org) Received: from mail.lordcow.org (lordcow.org [IPv6:2c0f:fb18:402:5::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "devaux.za.net", Issuer "R3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DnyhV2Thgz3rBF for ; Sat, 27 Feb 2021 20:25:45 +0000 (UTC) (envelope-from bsd@lordcow.org) Received: from lordcow.org (localhost [127.0.0.1]) by mail.lordcow.org (8.16.1/8.15.2) with ESMTPS id 11RKPXPB072876 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT) for ; Sat, 27 Feb 2021 22:25:33 +0200 (SAST) (envelope-from lordcow@lordcow.org) X-Authentication-Warning: lordcow.org: Host localhost [127.0.0.1] claimed to be lordcow.org Received: (from lordcow@localhost) by lordcow.org (8.16.1/8.15.2/Submit) id 11RKPSVE072849 for freebsd-questions@freebsd.org; Sat, 27 Feb 2021 22:25:28 +0200 (SAST) (envelope-from lordcow) Date: Sat, 27 Feb 2021 22:25:28 +0200 From: Gareth de Vaux To: freebsd-questions@freebsd.org Subject: user account disappeared Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on lordcow.org X-Rspamd-Queue-Id: 4DnyhV2Thgz3rBF X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of bsd@lordcow.org designates 2c0f:fb18:402:5::2 as permitted sender) smtp.mailfrom=bsd@lordcow.org X-Spamd-Result: default: False [-3.30 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; FREEFALL_USER(0.00)[bsd]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[2c0f:fb18:402:5::2:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2c0f:fb18:402:5::2:from:127.0.2.255]; TO_DN_NONE(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2c0f:fb18:402:5::2/64]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_NA(0.00)[lordcow.org]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:37199, ipnet:2c0f:fb18::/32, country:ZA]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-Mailman-Approved-At: Sat, 27 Feb 2021 20:52:30 +0000 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Feb 2021 20:25:47 -0000 Hi all, one of my users in a jail has mysteriously half disappeared. I've renamed the user to 'lostuser', the password hash, and the process it's running to protect privacy below: I suddenly can't log in over ssh: sshd[22485]: Invalid user lostuser from XYZ # su - lostuser su: unknown login: lostuser # ls -ld /home/lostuser drwx------ 8 1012 users 18 Jan 23 11:19 /home/lostuser $HOME still exists but only showing the userid. # egrep "1012|lostuser" /etc/passwd lostuser:*:1012:1000:User &:/home/lostuser:/usr/local/bin/bash # egrep "1012|lostuser" /etc/master.passwd lostuser:$6$9xxxxx/:1012:1000::0:0:User &:/home/lostuser:/usr/local/bin/bash Entries are still in /etc/*passwd ? # ls -l /etc/*passwd /etc/group -rw-r--r-- 1 root wheel 605 Nov 6 16:52 /etc/group -rw------- 1 root wheel 4092 Jan 23 12:22 /etc/master.passwd -rw-r--r-- 1 root wheel 2621 Jan 23 12:22 /etc/passwd This process is still running, which is a network server which is still functioning: # ps aux | grep lostuser 1012 56261 0.0 0.1 44952 21288 7 S+J 3Dec20 9:52.21 /usr/local/bin/python3.6 /home/lostuser/xyz also obviously showing the userid and not the username. # grep lostuser /var/log/auth.log ... Dec 31 10:56:34 ns1 sshd[43798]: Accepted publickey for lostuser from xyz Dec 31 10:56:57 ns1 sshd[44133]: Disconnected from user lostuser Jan 10 09:37:05 ns1 sshd[9679]: Accepted publickey for lostuser from xyz Jan 10 09:37:09 ns1 sshd[10241]: Disconnected from user lostuser Jan 23 11:19:11 ns1 sshd[45905]: Accepted publickey for lostuser from xyz Jan 23 11:19:14 ns1 sshd[46228]: Disconnected from user lostuser Feb 27 18:06:49 ns1 sshd[93323]: Invalid user lostuser from xyz Feb 27 18:06:49 ns1 sshd[93323]: Connection closed by invalid user lostuser xyz 23 Jan 2021 was the last successful login, and later that day /etc/*passwd was touched due to me changing the password of a different user, confirmed as the only change from diff'ing against backups. Last buildworld upgrade on 3 Nov 2020 (host and jail): $ uname -a FreeBSD ns1.lordcow.org 11.4-STABLE FreeBSD 11.4-STABLE #0 r367290: Tue Nov 3 12:11:29 SAST 2020 root@lordcow.org:/usr/obj/usr/src/sys/GENERIC amd64 The last ports upgrade was 13 Feb 2021, before that I'm not sure. The last entry in /var/log/userlog was 23 Jul 2020, and: # ls -l /var/log/userlog -rw------- 1 root wheel 4202 Jul 23 2020 /var/log/userlog ie. timeline: 23 Jul 2020 Last userlog change 3 Nov 2020 buildkernel/buildworld and reboot 3 Dec 2020 lostuser network server process spawned and still functioning 23 Jan 2021 Last successful login to lostuser 23 Jan 2021 Unrelated user's password intentionally changed with passwd 13 Feb 2021 ports upgrade 27 Feb 2021 Discover user doesn't exist anymore but still has entries in /etc/*passwd and a process running Any ideas? From owner-freebsd-questions@freebsd.org Sat Feb 27 21:39:22 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3ED3B554600 for ; Sat, 27 Feb 2021 21:39:22 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from holgerdanske.com (holgerdanske.com [184.105.128.27]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "www.holgerdanske.com", Issuer "www.holgerdanske.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dp0KP1fMPz3vtG for ; Sat, 27 Feb 2021 21:39:21 +0000 (UTC) (envelope-from dpchrist@holgerdanske.com) Received: from 99.100.19.101 (99-100-19-101.lightspeed.frokca.sbcglobal.net [99.100.19.101]) by holgerdanske.com with ESMTPSA (TLS_AES_128_GCM_SHA256:TLSv1.3:Kx=any:Au=any:Enc=AESGCM(128):Mac=AEAD) (SMTP-AUTH username dpchrist@holgerdanske.com, mechanism PLAIN) for ; Sat, 27 Feb 2021 13:39:11 -0800 Subject: Re: user account disappeared To: freebsd-questions@freebsd.org References: From: David Christensen Message-ID: <3a853381-8da5-d520-ce6b-4e193e47396c@holgerdanske.com> Date: Sat, 27 Feb 2021 13:39:06 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Dp0KP1fMPz3vtG X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of dpchrist@holgerdanske.com has no SPF policy when checking 184.105.128.27) smtp.mailfrom=dpchrist@holgerdanske.com X-Spamd-Result: default: False [-2.08 / 15.00]; RCVD_TLS_ALL(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[184.105.128.27:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; AUTH_NA(1.00)[]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[184.105.128.27:from:127.0.2.255]; ARC_NA(0.00)[]; NEURAL_HAM_SHORT(-0.98)[-0.981]; DMARC_NA(0.00)[holgerdanske.com]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:6939, ipnet:184.104.0.0/15, country:US]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Feb 2021 21:39:22 -0000 On 2/27/21 12:25 PM, Gareth de Vaux wrote: > Hi all, one of my users in a jail has mysteriously half disappeared. I've renamed the user to 'lostuser', the password hash, and the process it's running to protect privacy below: > > I suddenly can't log in over ssh: > > sshd[22485]: Invalid user lostuser from XYZ > > # su - lostuser > su: unknown login: lostuser > > # ls -ld /home/lostuser > drwx------ 8 1012 users 18 Jan 23 11:19 /home/lostuser > > $HOME still exists but only showing the userid. > > # egrep "1012|lostuser" /etc/passwd > lostuser:*:1012:1000:User &:/home/lostuser:/usr/local/bin/bash > > # egrep "1012|lostuser" /etc/master.passwd > lostuser:$6$9xxxxx/:1012:1000::0:0:User &:/home/lostuser:/usr/local/bin/bash > > Entries are still in /etc/*passwd ? Are you using NIS, LDAP, Kerberos, etc.? Is authentication working for root on the console? Via su(1)? Via local ssh(1)? Via network ssh(1)? Is authentication working for lostuser on the console? Via su(1)? Via local ssh(1)? Via network ssh(1)? Is authentication working for other accounts on the console? Via su(1)? Via local ssh(1)? Via network ssh(1)? David From owner-freebsd-questions@freebsd.org Sat Feb 27 22:23:11 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 56F63556147 for ; Sat, 27 Feb 2021 22:23:11 +0000 (UTC) (envelope-from yuripv@yuripv.dev) Received: from wnew3-smtp.messagingengine.com (wnew3-smtp.messagingengine.com [64.147.123.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dp1Hy1vxMz4T6r for ; Sat, 27 Feb 2021 22:23:09 +0000 (UTC) (envelope-from yuripv@yuripv.dev) Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailnew.west.internal (Postfix) with ESMTP id 6C51B6D4; Sat, 27 Feb 2021 17:23:08 -0500 (EST) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Sat, 27 Feb 2021 17:23:08 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yuripv.dev; h= subject:to:references:from:message-id:date:mime-version :in-reply-to:content-type:content-transfer-encoding; s=fm1; bh=S cc7d7fkEkBCYQB+jYydDS/sHxyiDhi11HZeUbksV9E=; b=VyYb10Cw7LXmZu4cw Xyc9CU6k38M5+vqgGiUL0FW37pf5FSFedPUvOBNU+z/By9AR88UhYKSYYJ8dCE+F XvIVLqqPhBbOWXdYAeMdRCuWJ+VavdujDYeQ/URSUtuY5G6p13kUou82GbWnIuBf POfsDdrNTdFgMFvlORMQ+kYr8O71s+yPt+1+CTHXO2lcnYYKYfGUWe2Ox1YLmmnW pOZF1jxKJzdgYVEy0HUyW2LZcFRsJPqEL92wYPSa0bjdM2QDvOTk0jIDtBTwSyNl +cU9N5c2rfiYaK1wU4DTU9rTW0EXM8TTRgq7jCYmfKriFkH0gRRjjO6g5L6vZF/J DNENg== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:content-type :date:from:in-reply-to:message-id:mime-version:references :subject:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; bh=Scc7d7fkEkBCYQB+jYydDS/sHxyiDhi11HZeUbksV 9E=; b=LGgrpQtUNE7Ousudo7fLoynkJ+Gnn2bhmYV+4mU3+8kIt3uWPOc4McxKc nMa7ZjZYGoYMUyvOOuQqMkTPlecVdgSRg0bYwEp6tRMTjXXs9E4OlC9zcIBS0sA8 Riy41HzVJcU9gHGgsUyfNu8QCObIT+oOqyWu/qcFrpesV57QUPOpd9ZGxMILxbg9 DW4b44nNE1o1e+/Hb7HGN7DWJZ1qVmZIgch5Jl0gItSBAbvWgjmrFADZm6xK1aY2 sl3NYeUbBuoM1TxPh2Tgno93nq7TCpSiY5eLxWen5oXZ1NwV8PSYsGJJwfMedpth xMbOYqUEPTqcarfaaNEw27xHwYTIA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrleefgdduiedvucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefuvfhfhffkffgfgggjtgfgsehtje ertddtfeejnecuhfhrohhmpegjuhhrihcurfgrnhhkohhvuceohihurhhiphhvseihuhhr ihhpvhdruggvvheqnecuggftrfgrthhtvghrnhepleefiedtffdugeeivdfgudeiudegff duteevvdffleevteekteejudfgueekveejnecuffhomhgrihhnpehlohhruggtohifrdho rhhgnecukfhppeeluddrvdegtddruddvgedrudefjeenucevlhhushhtvghrufhiiigvpe dtnecurfgrrhgrmhepmhgrihhlfhhrohhmpeihuhhrihhpvheshihurhhiphhvrdguvghv X-ME-Proxy: Received: from [192.168.1.6] (unknown [91.240.124.137]) by mail.messagingengine.com (Postfix) with ESMTPA id 96E0324005A; Sat, 27 Feb 2021 17:23:05 -0500 (EST) Subject: Re: user account disappeared To: Gareth de Vaux , freebsd-questions@freebsd.org References: From: Yuri Pankov Message-ID: Date: Sun, 28 Feb 2021 01:23:01 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4Dp1Hy1vxMz4T6r X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yuripv.dev header.s=fm1 header.b=VyYb10Cw; dkim=pass header.d=messagingengine.com header.s=fm2 header.b=LGgrpQtU; dmarc=none; spf=pass (mx1.freebsd.org: domain of yuripv@yuripv.dev designates 64.147.123.17 as permitted sender) smtp.mailfrom=yuripv@yuripv.dev X-Spamd-Result: default: False [-3.60 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[yuripv.dev:s=fm1,messagingengine.com:s=fm2]; FREEFALL_USER(0.00)[yuripv]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.17]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[yuripv.dev]; RBL_DBL_DONT_QUERY_IPS(0.00)[64.147.123.17:from]; SPAMHAUS_ZRD(0.00)[64.147.123.17:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[yuripv.dev:+,messagingengine.com:+]; RCPT_COUNT_TWO(0.00)[2]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:11403, ipnet:64.147.123.0/24, country:US]; MID_RHS_MATCH_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.17:from] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 27 Feb 2021 22:23:11 -0000 Gareth de Vaux wrote: > Hi all, one of my users in a jail has mysteriously half disappeared. I've renamed the user to 'lostuser', the password hash, and the process it's running to protect privacy below: > > I suddenly can't log in over ssh: > > sshd[22485]: Invalid user lostuser from XYZ > > # su - lostuser > su: unknown login: lostuser > > # ls -ld /home/lostuser > drwx------ 8 1012 users 18 Jan 23 11:19 /home/lostuser > > $HOME still exists but only showing the userid. > > # egrep "1012|lostuser" /etc/passwd > lostuser:*:1012:1000:User &:/home/lostuser:/usr/local/bin/bash > > # egrep "1012|lostuser" /etc/master.passwd > lostuser:$6$9xxxxx/:1012:1000::0:0:User &:/home/lostuser:/usr/local/bin/bash > > Entries are still in /etc/*passwd ? > > # ls -l /etc/*passwd /etc/group > -rw-r--r-- 1 root wheel 605 Nov 6 16:52 /etc/group > -rw------- 1 root wheel 4092 Jan 23 12:22 /etc/master.passwd > -rw-r--r-- 1 root wheel 2621 Jan 23 12:22 /etc/passwd You should remember that authentication generally does NOT use textual /etc/passwd and /etc/master.passwd directly and rather relies on /etc/spwd.db database (see pwd_mkdb(8)) -- what is the timestamp on it? If it's out of sync, recreate the database using: /usr/sbin/pwd_mkdb -p /etc/master.passwd If that helps, *why* it is out of sync is the real question. > This process is still running, which is a network server which is still functioning: > > # ps aux | grep lostuser > 1012 56261 0.0 0.1 44952 21288 7 S+J 3Dec20 9:52.21 /usr/local/bin/python3.6 /home/lostuser/xyz > > also obviously showing the userid and not the username. > > > # grep lostuser /var/log/auth.log > ... > Dec 31 10:56:34 ns1 sshd[43798]: Accepted publickey for lostuser from xyz > Dec 31 10:56:57 ns1 sshd[44133]: Disconnected from user lostuser > Jan 10 09:37:05 ns1 sshd[9679]: Accepted publickey for lostuser from xyz > Jan 10 09:37:09 ns1 sshd[10241]: Disconnected from user lostuser > Jan 23 11:19:11 ns1 sshd[45905]: Accepted publickey for lostuser from xyz > Jan 23 11:19:14 ns1 sshd[46228]: Disconnected from user lostuser > Feb 27 18:06:49 ns1 sshd[93323]: Invalid user lostuser from xyz > Feb 27 18:06:49 ns1 sshd[93323]: Connection closed by invalid user lostuser xyz > > 23 Jan 2021 was the last successful login, and later that day /etc/*passwd was touched due to me changing the > password of a different user, confirmed as the only change from diff'ing against backups. > > Last buildworld upgrade on 3 Nov 2020 (host and jail): > > $ uname -a > FreeBSD ns1.lordcow.org 11.4-STABLE FreeBSD 11.4-STABLE #0 r367290: Tue Nov 3 12:11:29 SAST 2020 root@lordcow.org:/usr/obj/usr/src/sys/GENERIC amd64 > > The last ports upgrade was 13 Feb 2021, before that I'm not sure. > > The last entry in /var/log/userlog was 23 Jul 2020, and: > > # ls -l /var/log/userlog > -rw------- 1 root wheel 4202 Jul 23 2020 /var/log/userlog > > > ie. timeline: > > 23 Jul 2020 Last userlog change > 3 Nov 2020 buildkernel/buildworld and reboot > 3 Dec 2020 lostuser network server process spawned and still functioning > 23 Jan 2021 Last successful login to lostuser > 23 Jan 2021 Unrelated user's password intentionally changed with passwd > 13 Feb 2021 ports upgrade > 27 Feb 2021 Discover user doesn't exist anymore but still has entries in /etc/*passwd and a process running > > Any ideas?