From nobody Thu Feb 22 13:12:23 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TgYc91Jbpz5CbGJ for ; Thu, 22 Feb 2024 13:18:17 +0000 (UTC) (envelope-from li-fbsd@citylink.dinoex.sub.org) Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840::12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "uucp.dinoex.sub.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TgYc66pdrz571X for ; Thu, 22 Feb 2024 13:18:14 +0000 (UTC) (envelope-from li-fbsd@citylink.dinoex.sub.org) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of li-fbsd@citylink.dinoex.sub.org designates 2a0b:f840::12 as permitted sender) smtp.mailfrom=li-fbsd@citylink.dinoex.sub.org; dmarc=none; arc=pass ("uucp.dinoex.org:s=M20221114:i=1") Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12]) by uucp.dinoex.org (8.18.1/8.18.1) with ESMTPS id 41MDI6Db067197 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Thu, 22 Feb 2024 14:18:06 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) ARC-Seal: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114; t=1708607889; cv=none; b=KLXaHHVMSXXVL0FNj3BG6Ff1n9r0SPTKu+g2ovLd78juzjAtKPDzOPaPq4i+EUL50ohAiXJY/X80ZYCFV8c6pRRreEFsION72JHR1hwhVr+PL80BS6FImVVnfdS5qBwBDVonip5zdf0fNsuNEw5Ido/UrwzX/pVN2HWFTwHp/18= ARC-Message-Signature: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114; t=1708607889; c=relaxed/simple; bh=MYa4NY9PazCGbctfWIWCFHFMlfcjVCAu8YyX3nJEqDw=; h=Received:Received:Received:X-Authentication-Warning:From: X-Newsgroups:Subject:Date:Message-ID:References:Injection-Date: Injection-Info:User-Agent:To:X-Milter:X-Greylist; b=i0fAqf2yhiSLe7hdNH+i55O9+tY7HAbGbpTGrb73ufWBLskK21nYtuWIgVaGjrgroWDS77Vpnsz6zaq6EKHF+LGuTavlY0bsuLPq/fae/6J34Fk3h8Hdp5i9Cc5zouXJA3sWMBFJ6CbU7Gs/+gEpR253hLw2xuGXtV2/Oe96u0w= ARC-Authentication-Results: i=1; uucp.dinoex.org X-MDaemon-Deliver-To: Received: (from uucp@localhost) by uucp.dinoex.org (8.18.1/8.18.1/Submit) with UUCP id 41MDI6eY067196 for freebsd-stable@freebsd.org; Thu, 22 Feb 2024 14:18:06 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) Received: from admn.intra.daemon.contact (localhost [127.0.0.1]) by admn.intra.daemon.contact (8.17.1/8.17.1) with ESMTPS id 41MDCS0A052863 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Thu, 22 Feb 2024 14:12:28 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) Received: from intra.daemon.contact (news@localhost) by admn.intra.daemon.contact (8.17.1/8.17.1/Submit) with NNTP id 41MDCNBO052814 for freebsd-stable@freebsd.org; Thu, 22 Feb 2024 14:12:23 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) X-Authentication-Warning: admn.intra.daemon.contact: news set sender to li-fbsd@citylink.dinoex.sub.org using -f From: "Peter 'PMc' Much" X-Newsgroups: m2n.fbsd.stable Subject: Re: gpart device permissions security hole (/dev/geom.ctl) Date: Thu, 22 Feb 2024 13:12:23 -0000 (UTC) Message-ID: References: Injection-Date: Thu, 22 Feb 2024 13:12:23 -0000 (UTC) Injection-Info: admn.intra.daemon.contact; logging-data="46450"; mail-complaints-to="usenet@citylink.dinoex.sub.org" User-Agent: slrn/1.0.3 (FreeBSD) To: freebsd-stable@freebsd.org X-Milter: Spamilter (Reciever: uucp.dinoex.org; Sender-ip: 0:0:2a0b:f840::; Sender-helo: uucp.dinoex.org;) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12]); Thu, 22 Feb 2024 14:18:09 +0100 (CET) X-Rspamd-Queue-Id: 4TgYc66pdrz571X X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.23 / 15.00]; ARC_ALLOW(-1.00)[uucp.dinoex.org:s=M20221114:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FORGED_SENDER(0.30)[pmc@citylink.dinoex.sub.org,li-fbsd@citylink.dinoex.sub.org]; NEURAL_HAM_SHORT(-0.23)[-0.229]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; HAS_XAW(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:205376, ipnet:2a0b:f840::/32, country:DE]; R_DKIM_NA(0.00)[]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; MIME_TRACE(0.00)[0:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; DMARC_NA(0.00)[sub.org]; RCVD_TLS_LAST(0.00)[]; FROM_NEQ_ENVFROM(0.00)[pmc@citylink.dinoex.sub.org,li-fbsd@citylink.dinoex.sub.org] List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org On 2024-02-17, Vincent Stemen wrote: > > I have been a Unix systems administrator for well over 35 years and It's not > uncommon for administrators to belong to the operator group for restricted > admin tasks. It is completely unexpected to discover the user can wipe out > the whole system. Removing the number plate from your house doesn't destroy the house. It only might stop it from being accessed by people. From nobody Thu Feb 22 21:23:24 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TgmN5179Qz5BRN2 for ; Thu, 22 Feb 2024 21:23:33 +0000 (UTC) (envelope-from vince@hightek.org) Received: from mail.ngtek.org (ngtek.org [IPv6:2001:19f0:6400:8963:5400:ff:fe09:9585]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TgmN40Cddz420Z for ; Thu, 22 Feb 2024 21:23:31 +0000 (UTC) (envelope-from vince@hightek.org) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of vince@hightek.org designates 2001:19f0:6400:8963:5400:ff:fe09:9585 as permitted sender) smtp.mailfrom=vince@hightek.org; dmarc=none Received: from [170.39.28.55] (helo=marble.hightek.org) by mail.ngtek.org with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89 (FreeBSD)) (envelope-from ) id 1rdGXM-0001OE-G5 for freebsd-stable@freebsd.org; Thu, 22 Feb 2024 15:23:24 -0600 Received: from vince by marble.hightek.org with local (Exim 4.95 (FreeBSD)) (envelope-from ) id 1rdGXM-000C4U-TU for freebsd-stable@freebsd.org; Thu, 22 Feb 2024 15:23:24 -0600 Date: Thu, 22 Feb 2024 15:23:24 -0600 From: Vincent Stemen To: freebsd-stable@freebsd.org Subject: Re: gpart device permissions security hole (/dev/geom.ctl) Message-ID: References: List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4TgmN40Cddz420Z X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.90 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.90)[-0.901]; FORGED_SENDER(0.30)[vince.bsd@hightek.org,vince@hightek.org]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:6400::/38, country:US]; MIME_TRACE(0.00)[0:+]; R_DKIM_NA(0.00)[]; MID_RHS_MATCH_FROMTLD(0.00)[]; DMARC_NA(0.00)[hightek.org]; FROM_NEQ_ENVFROM(0.00)[vince.bsd@hightek.org,vince@hightek.org]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; RCVD_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[] On Thu, Feb 22, 2024 at 01:12:23PM -0000, Peter 'PMc' Much wrote: > On 2024-02-17, Vincent Stemen wrote: > > > > I have been a Unix systems administrator for well over 35 years and It's not > > uncommon for administrators to belong to the operator group for restricted > > admin tasks. It is completely unexpected to discover the user can wipe out > > the whole system. > > Removing the number plate from your house doesn't destroy the house. > It only might stop it from being accessed by people. BTW, correction to my original statement. The operator can only modify unmounted partitions. So any unmounted partitions or partitioned drives on standby for failover, backups, etc, can have their partitions deleted or changed, which will certainly stop access to the data on those devices. So stopping access to your data isn't much different than destroying it if you can never find it again. If you have a house somewhere in the country, with no address, other than perhaps what state it is in (which drive), have fun finding it. So your analogy is a distinction without a difference. Not only that, if the partition table gets modified without the sys-admin realizing it, and it gets written to, it most certainly can destroy the data. The way it is currently, there is apparently no way to grant individual permissions to a user, through the operator or any other group to, for example, partition a thumb drive, because permission to modify partitions is controlled for all geom devices via the one /dev/geom.ctl file. We also discussed this issue more extensively in the forum. https://forums.freebsd.org/threads/gpart-device-permissions-security-hole-dev-geom-ctl.92397/ From nobody Fri Feb 23 23:15:34 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ThQpx2x8Sz5BjkS for ; Fri, 23 Feb 2024 23:15:37 +0000 (UTC) (envelope-from henrichhartzer@tuta.io) Received: from w1.tutanota.de (w1.tutanota.de [81.3.6.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.tutanota.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4ThQpw4SHQz4JC7 for ; Fri, 23 Feb 2024 23:15:36 +0000 (UTC) (envelope-from henrichhartzer@tuta.io) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=tuta.io header.s=s1 header.b="ad2FN/9z"; dmarc=pass (policy=quarantine) header.from=tuta.io; spf=pass (mx1.freebsd.org: domain of henrichhartzer@tuta.io designates 81.3.6.162 as permitted sender) smtp.mailfrom=henrichhartzer@tuta.io Received: from tutadb.w10.tutanota.de (unknown [192.168.1.10]) by w1.tutanota.de (Postfix) with ESMTP id 8567FFBFB7E; Fri, 23 Feb 2024 23:15:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1708730134; s=s1; d=tuta.io; h=From:From:To:To:Subject:Subject:Content-Description:Content-ID:Content-Type:Content-Type:Content-Transfer-Encoding:Content-Transfer-Encoding:Cc:Cc:Date:Date:In-Reply-To:In-Reply-To:MIME-Version:MIME-Version:Message-ID:Message-ID:Reply-To:References:References:Sender; bh=VatLyysDg8tmmsaOw4Qu15qMTW+vL94d2thtHaOy590=; b=ad2FN/9zUAshLUnZ4s2RckW9ZiYZJOVZdYVFbYphhRIFAVaMhp6vTwah2zh1WpgH YG5qSzvIm+/GBzRhcO+AywP6kdpJCM1lcqqBobCQNmeaxlWcjcQqDh4pHOrAn3/SniX bznEd5BDiBP02zmZ6j1M0OkRHBFoOYvbkTUU8cZWYhUPRTkKwDzBjoQ89LVQFxbJStQ MZ46l3dvY9nwx8QnzbIGp0soh9FBojGg5ltLRAbqTW8FzvrUDhojuQ7c+1KVI+1zpkH qalktUlPTeV14UdOrC/4+XVrZ0oYGOLqW5rBsIgcHUFsRg/Dewk1Yudufq5dR/7HbFN QGPP/+jhNQ== Date: Sat, 24 Feb 2024 00:15:34 +0100 (CET) From: henrichhartzer@tuta.io To: Vincent Stemen Cc: Freebsd Stable Message-ID: In-Reply-To: References: Subject: Re: gpart device permissions security hole (/dev/geom.ctl) List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.998]; DMARC_POLICY_ALLOW(-0.50)[tuta.io,quarantine]; R_SPF_ALLOW(-0.20)[+ip4:81.3.6.160/28]; R_DKIM_ALLOW(-0.20)[tuta.io:s=s1]; ONCE_RECEIVED(0.10)[]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[81.3.6.162:from]; RCPT_COUNT_TWO(0.00)[2]; FROM_NO_DN(0.00)[]; ASN(0.00)[asn:24679, ipnet:81.3.0.0/18, country:DE]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[tuta.io:+] X-Rspamd-Queue-Id: 4ThQpw4SHQz4JC7 I agree that this doesn't make much sense. Read only access should not imply any kind of writing functionality. What would it take to change this? I'm not familiar enough to say. Thanks for posting, Vincent! -Henrich Feb 22, 2024, 21:23 by vince.bsd@hightek.org: > On Thu, Feb 22, 2024 at 01:12:23PM -0000, Peter 'PMc' Much wrote: > >> On 2024-02-17, Vincent Stemen wrote: >> > >> > I have been a Unix systems administrator for well over 35 years and It's not >> > uncommon for administrators to belong to the operator group for restricted >> > admin tasks. It is completely unexpected to discover the user can wipe out >> > the whole system. >> >> Removing the number plate from your house doesn't destroy the house. >> It only might stop it from being accessed by people. >> > > BTW, correction to my original statement. The operator can only modify > unmounted partitions. So any unmounted partitions or partitioned drives > on standby for failover, backups, etc, can have their partitions deleted > or changed, which will certainly stop access to the data on those > devices. > > So stopping access to your data isn't much different than destroying it > if you can never find it again. If you have a house somewhere in the > country, with no address, other than perhaps what state it is in (which > drive), have fun finding it. So your analogy is a distinction without > a difference. Not only that, if the partition table gets modified > without the sys-admin realizing it, and it gets written to, it most > certainly can destroy the data. > > The way it is currently, there is apparently no way to grant individual > permissions to a user, through the operator or any other group to, for > example, partition a thumb drive, because permission to modify > partitions is controlled for all geom devices via the one /dev/geom.ctl > file. > > We also discussed this issue more extensively in the forum. > https://forums.freebsd.org/threads/gpart-device-permissions-security-hole-dev-geom-ctl.92397/ > From nobody Sat Feb 24 14:12:22 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Thpjl5B5tz59rkd for ; Sat, 24 Feb 2024 14:12:27 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Received: from forward103c.mail.yandex.net (forward103c.mail.yandex.net [178.154.239.214]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Thpjk578Fz49F9 for ; Sat, 24 Feb 2024 14:12:26 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yandex.ru header.s=mail header.b=nq2Cgjn8; dmarc=pass (policy=none) header.from=yandex.ru; spf=pass (mx1.freebsd.org: domain of serguey-grigoriev@yandex.ru designates 178.154.239.214 as permitted sender) smtp.mailfrom=serguey-grigoriev@yandex.ru Received: from mail-nwsmtp-mxback-production-main-29.sas.yp-c.yandex.net (mail-nwsmtp-mxback-production-main-29.sas.yp-c.yandex.net [IPv6:2a02:6b8:c08:ed9f:0:640:b07:0]) by forward103c.mail.yandex.net (Yandex) with ESMTPS id 456F9608FB for ; Sat, 24 Feb 2024 17:12:23 +0300 (MSK) Received: from mail.yandex.ru (2a02:6b8:c08:eda5:0:640:79fb:0 [2a02:6b8:c08:eda5:0:640:79fb:0]) by mail-nwsmtp-mxback-production-main-29.sas.yp-c.yandex.net (mxback/Yandex) with HTTP id FCWPJD41heA0-1v13oCrw; Sat, 24 Feb 2024 17:12:22 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1708783942; bh=5RgTKK767BV78E3oAGQfKIZj0ByyPGT/6JpEhnV1M3I=; h=Message-Id:Date:Subject:To:From; b=nq2Cgjn8NqpJQ6fmBYD4MymI+8rpUBOFu2Y1vOkdIduXHUGfY8bZIyv6pm5fA5BE+ bS416ts1pHtcM7bx9Ho6ExI9dH0i7UzSej2yDRwv1btBKy0XxF++FLmhftR55+PLE1 WanulN3AB16DQciPqTQE7lGZcqWpYEJUBk6WI/sU= Received: by wckjnuw7tehz7zgt.sas.yp-c.yandex.net with HTTP; Sat, 24 Feb 2024 17:12:22 +0300 From: S.N.Grigoriev To: FreeBSD Stable Subject: USB CD drive does not work with 14-Stable List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Sat, 24 Feb 2024 17:12:22 +0300 Message-Id: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.99)[-0.992]; DMARC_POLICY_ALLOW(-0.50)[yandex.ru,none]; R_SPF_ALLOW(-0.20)[+ip4:178.154.239.208/28]; R_DKIM_ALLOW(-0.20)[yandex.ru:s=mail]; MIME_GOOD(-0.10)[text/plain]; DWL_DNSWL_NONE(0.00)[yandex.ru:dkim]; FREEMAIL_ENVFROM(0.00)[yandex.ru]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:200350, ipnet:178.154.224.0/19, country:RU]; FREEMAIL_FROM(0.00)[yandex.ru]; ARC_NA(0.00)[]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; RCVD_IN_DNSWL_NONE(0.00)[178.154.239.214:from]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; TO_DN_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[yandex.ru:+] X-Rspamd-Queue-Id: 4Thpjk578Fz49F9 Hi, list, I've found out that my USB CD drive does not work with my 14-Stable (amd64). It works fine with Linux and Windows and in past worked fine with 12-Stable. The following is from /var/log/messages: kernel: usb_alloc_device: set address 2 failed (USB_ERR_TIMEOUT, ignored) kernel: usbd_setup_device_desc: getting device descriptor at addr 2 failed, USB_ERR_IOERROR kernel: usb_msc_auto_quirk: UQ_MSC_NO_GETMAXLUN set for USB mass storage device MediaTek Inc MT1956 (0x0e8d:0x1956) kernel: usb_alloc_device: Failure selecting configuration index 0:USB_ERR_STALLED, port 5, addr 2 (ignored) kernel: ugen3.2: at usbus3 Any tips are appreciated. Regards, Serguey. From nobody Sat Feb 24 15:40:00 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Thrfz58gKz5B1SS for ; Sat, 24 Feb 2024 15:40:11 +0000 (UTC) (envelope-from SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Thrfy6wd5z4Qt5 for ; Sat, 24 Feb 2024 15:40:10 +0000 (UTC) (envelope-from SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quip.cz header.s=private header.b=Re9biVJf; dkim=pass header.d=quip.cz header.s=private header.b=LUbDcgML; dmarc=none; spf=none (mx1.freebsd.org: domain of "SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz" has no SPF policy when checking 94.124.105.4) smtp.mailfrom="SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz" Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id E7619D788F for ; Sat, 24 Feb 2024 16:40:01 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private; t=1708789201; bh=tnjzZMfgC+jzidF82t/9TfDpvvjCqAeCWQQZycOvZQw=; h=Date:Subject:To:References:From:In-Reply-To; b=Re9biVJffsqAXFUzSsUkIbQBrHTlVMx81BQLxQd9vOzGXrUBQZPLwMWpWxyCbEsGZ ii9rO5Y+Hd9FEgt8ZMYb8u98Caug59LzCyg0Kuu3Bt/gxgJ5uq/qtfKZdcP1XUUL0C m6Nuv8MAdZzy1bnUI7N01gF9KOc6L0LquCXAp2YE= Received: from [192.168.145.49] (ip-89-177-27-225.bb.vodafone.cz [89.177.27.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id E69CED7884 for ; Sat, 24 Feb 2024 16:40:00 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private; t=1708789200; bh=tnjzZMfgC+jzidF82t/9TfDpvvjCqAeCWQQZycOvZQw=; h=Date:Subject:To:References:From:In-Reply-To; b=LUbDcgML/C2NisFfNugYG9JZEcfXecgCcCb6VVGh26IuYswpEJxAlSdZtNts+B8IC GCZkf9ZF6r+fGRahJAg7HkefYF5OY4EJ/fS/i+0Ir9LCNXudhnD1GZrQY0cKnE546s cf064S8rd99ypPCcag6G8bnvkpRmyVHbHPHDHrTY= Message-ID: <2421f1a5-d924-4912-abff-e000e41f5459@quip.cz> Date: Sat, 24 Feb 2024 16:40:00 +0100 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: gpart device permissions security hole (/dev/geom.ctl) To: stable@freebsd.org References: Content-Language: en-US From: Miroslav Lachman <000.fbsd@quip.cz> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.99 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.997]; FORGED_SENDER(0.30)[000.fbsd@quip.cz,SRS0=G@elsa.codelab.cz]; R_DKIM_ALLOW(-0.20)[quip.cz:s=private]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; R_SPF_NA(0.00)[no SPF record]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[quip.cz]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:42000, ipnet:94.124.104.0/21, country:CZ]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[stable@freebsd.org]; ARC_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_NEQ_ENVFROM(0.00)[000.fbsd@quip.cz,SRS0=G@elsa.codelab.cz]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org]; TAGGED_FROM(0.00)[MS=KB=quip.cz=000.fbsd]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[quip.cz:+] X-Rspamd-Queue-Id: 4Thrfy6wd5z4Qt5 On 22/02/2024 22:23, Vincent Stemen wrote: > On Thu, Feb 22, 2024 at 01:12:23PM -0000, Peter 'PMc' Much wrote: >> On 2024-02-17, Vincent Stemen wrote: >>> >>> I have been a Unix systems administrator for well over 35 years and It's not >>> uncommon for administrators to belong to the operator group for restricted >>> admin tasks. It is completely unexpected to discover the user can wipe out >>> the whole system. >> >> Removing the number plate from your house doesn't destroy the house. >> It only might stop it from being accessed by people. > > BTW, correction to my original statement. The operator can only modify > unmounted partitions. So any unmounted partitions or partitioned drives > on standby for failover, backups, etc, can have their partitions deleted > or changed, which will certainly stop access to the data on those > devices. > > So stopping access to your data isn't much different than destroying it > if you can never find it again. If you have a house somewhere in the > country, with no address, other than perhaps what state it is in (which > drive), have fun finding it. So your analogy is a distinction without > a difference. Not only that, if the partition table gets modified > without the sys-admin realizing it, and it gets written to, it most > certainly can destroy the data. I agree with this security problem. Just a small note - there are backups of partitions (/var/backups/gpart.*) created by periodic script /etc/periodic/daily/221.backup-gpart (if you have daily_backup_gpart_enable="YES" in your /etc/periodic.conf or in a /etc/defaults/periodic.conf which is the default). That way you can get back the number plate on you house in some cases. Kind regards Miroslav Lachman From nobody Sat Feb 24 19:43:20 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Thy3Z3yWyz5BSr8 for ; Sat, 24 Feb 2024 19:43:22 +0000 (UTC) (envelope-from henrichhartzer@tuta.io) Received: from w1.tutanota.de (w1.tutanota.de [81.3.6.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.tutanota.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Thy3Z1n6Sz46Qk for ; Sat, 24 Feb 2024 19:43:22 +0000 (UTC) (envelope-from henrichhartzer@tuta.io) Authentication-Results: mx1.freebsd.org; none Received: from tutadb.w10.tutanota.de (unknown [192.168.1.10]) by w1.tutanota.de (Postfix) with ESMTP id 62519FBFA0C; Sat, 24 Feb 2024 19:43:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1708803800; s=s1; d=tuta.io; h=From:From:To:To:Subject:Subject:Content-Description:Content-ID:Content-Type:Content-Type:Content-Transfer-Encoding:Content-Transfer-Encoding:Cc:Cc:Date:Date:In-Reply-To:In-Reply-To:MIME-Version:MIME-Version:Message-ID:Message-ID:Reply-To:References:References:Sender; bh=K8OYZydNYAHKk2owDsZ01J91Y3+Oq9G9sNfzy0eA4kg=; b=vpHhVXkkE7KCYIPy2tuK2rC4tpbrs7vtyI7HA4uCq06YpnEx9dRcPZ8b7XQzkONi FluYaJ8VKweMMITRbKY2FdJ43X1YY4LVl1moWBLvAyaUyqNjZ2UyU+h3TE9MReYeX/g n4a30c6X6xYe2dK64uj/kW3/VxCPV0bwKjOsMb1tXngVFWKIohTgjtyEvpLUpMhuKjw sbHyxpv/ls5dVjCZ8KNtx38Qq9GJsC1F09LL+echGMaYuxulSyQatue8gDNYkgFz1L5 EUd6l56By50gzABfuJWdRGb1TtVdQ6qPNvgSSQWzpGiamq/x0aXJcjxeUtrxfz9Bwsq WPLlEIA4og== Date: Sat, 24 Feb 2024 20:43:20 +0100 (CET) From: henrichhartzer@tuta.io To: "S.N.Grigoriev" Cc: FreeBSD Stable Message-ID: In-Reply-To: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> References: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> Subject: Re: USB CD drive does not work with 14-Stable List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:24679, ipnet:81.3.0.0/18, country:DE] X-Rspamd-Queue-Id: 4Thy3Z1n6Sz46Qk Hi Serguey, I just want to say that my USB CD drive works fine on 14.0-RELEASE. No idea about 14-Stable. We do likely have different drives, however. I don't have any other insights to offer right now. -Henrich Feb 24, 2024, 14:12 by serguey-grigoriev@yandex.ru: > > Hi, list, > > I've found out that my USB CD drive does not work with my 14-Stable (amd64). > It works fine with Linux and Windows and in past worked fine with 12-Stable. > > The following is from /var/log/messages: > > kernel: usb_alloc_device: set address 2 failed (USB_ERR_TIMEOUT, ignored) > kernel: usbd_setup_device_desc: getting device descriptor at addr 2 failed, USB_ERR_IOERROR > kernel: usb_msc_auto_quirk: UQ_MSC_NO_GETMAXLUN set for USB mass storage device MediaTek Inc MT1956 (0x0e8d:0x1956) > kernel: usb_alloc_device: Failure selecting configuration index 0:USB_ERR_STALLED, port 5, addr 2 (ignored) > kernel: ugen3.2: at usbus3 > > Any tips are appreciated. > > Regards, > Serguey. > From nobody Sat Feb 24 20:00:42 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ThyRk4slYz5BV87 for ; Sat, 24 Feb 2024 20:00:50 +0000 (UTC) (envelope-from vince@hightek.org) Received: from mail.ngtek.org (ngtek.org [IPv6:2001:19f0:6400:8963:5400:ff:fe09:9585]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4ThyRk0988z49PP for ; Sat, 24 Feb 2024 20:00:49 +0000 (UTC) (envelope-from vince@hightek.org) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of vince@hightek.org designates 2001:19f0:6400:8963:5400:ff:fe09:9585 as permitted sender) smtp.mailfrom=vince@hightek.org Received: from [170.39.28.55] (helo=marble.hightek.org) by mail.ngtek.org with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89 (FreeBSD)) (envelope-from ) id 1rdyCQ-000777-Bv for stable@freebsd.org; Sat, 24 Feb 2024 14:00:42 -0600 Received: from vince by marble.hightek.org with local (Exim 4.95 (FreeBSD)) (envelope-from ) id 1rdyCQ-000Eg4-4z for stable@freebsd.org; Sat, 24 Feb 2024 14:00:42 -0600 Date: Sat, 24 Feb 2024 14:00:42 -0600 From: Vincent Stemen To: stable@freebsd.org Subject: Re: gpart device permissions security hole (/dev/geom.ctl) Message-ID: References: <2421f1a5-d924-4912-abff-e000e41f5459@quip.cz> List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2421f1a5-d924-4912-abff-e000e41f5459@quip.cz> X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.94 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-0.996]; NEURAL_HAM_SHORT(-0.94)[-0.943]; FORGED_SENDER(0.30)[vince.bsd@hightek.org,vince@hightek.org]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:6400::/38, country:US]; MIME_TRACE(0.00)[0:+]; R_DKIM_NA(0.00)[]; MID_RHS_MATCH_FROMTLD(0.00)[]; DMARC_NA(0.00)[hightek.org]; FROM_NEQ_ENVFROM(0.00)[vince.bsd@hightek.org,vince@hightek.org]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[stable@freebsd.org]; RCVD_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[] X-Rspamd-Queue-Id: 4ThyRk0988z49PP On Sat, Feb 24, 2024 at 04:40:00PM +0100, Miroslav Lachman wrote: > I agree with this security problem. Just a small note - there are > backups of partitions (/var/backups/gpart.*) created by periodic script > /etc/periodic/daily/221.backup-gpart (if you have > daily_backup_gpart_enable="YES" in your /etc/periodic.conf or in a > /etc/defaults/periodic.conf which is the default). That way you can get > back the number plate on you house in some cases. Thanks. That's good to know. I was not aware of those features of periodic. From nobody Sat Feb 24 20:40:13 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ThzKL4p1dz5BYZW for ; Sat, 24 Feb 2024 20:40:22 +0000 (UTC) (envelope-from SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz) Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4ThzKK2W5tz4Lc7 for ; Sat, 24 Feb 2024 20:40:21 +0000 (UTC) (envelope-from SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quip.cz header.s=private header.b=WZg3c08+; dkim=pass header.d=quip.cz header.s=private header.b="D/Fz8W/Z"; dmarc=none; spf=none (mx1.freebsd.org: domain of "SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz" has no SPF policy when checking 94.124.105.4) smtp.mailfrom="SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz" Received: from elsa.codelab.cz (localhost [127.0.0.1]) by elsa.codelab.cz (Postfix) with ESMTP id 835FFD788F for ; Sat, 24 Feb 2024 21:40:18 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private; t=1708807218; bh=p5qSWmSh0LREX0yBBv1F/uW9yFLOwadAT6auLBSiObA=; h=Date:Subject:To:References:From:In-Reply-To; b=WZg3c08+ciOXE0E6lYJouMPUQoVKZsJkmN65CWm6slrLi19V1DPwL9uCmnoyVfh0A vO8MhQnRZ7TdjN1mIa4fhh7kFlLjqQ2bxy3V+xe1BjSqBcDk16Fc/xsTXg6eQZ+ar/ OT8iFUWc3yuGA9+xuNMbNvCVlg1d0L80PvHf9Ll4= Received: from [192.168.145.49] (ip-89-177-27-225.bb.vodafone.cz [89.177.27.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by elsa.codelab.cz (Postfix) with ESMTPSA id 51E35D7884 for ; Sat, 24 Feb 2024 21:40:14 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private; t=1708807214; bh=p5qSWmSh0LREX0yBBv1F/uW9yFLOwadAT6auLBSiObA=; h=Date:Subject:To:References:From:In-Reply-To; b=D/Fz8W/ZkO4k6AnuMT051pKmNqHB5TkppjWAjYYQBC5IaXRUIJq1ieEYRVolDvBrh pCLSttUyUOjvQwRXeFazUDJtr1jeryVj32vhTm54c7jYyS+N/cyfAGhWusI72/FGUo qffv7H54wM0Z81/ShCnXcsFvXIk++uSm/eFh2EVk= Message-ID: <4de9c605-c93d-4286-a402-0bc52e9d62ff@quip.cz> Date: Sat, 24 Feb 2024 21:40:13 +0100 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: gpart device permissions security hole (/dev/geom.ctl) Content-Language: en-US To: stable@freebsd.org References: <2421f1a5-d924-4912-abff-e000e41f5459@quip.cz> From: Miroslav Lachman <000.fbsd@quip.cz> In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.98 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.99)[-0.991]; FORGED_SENDER(0.30)[000.fbsd@quip.cz,SRS0=G@elsa.codelab.cz]; R_DKIM_ALLOW(-0.20)[quip.cz:s=private]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; R_SPF_NA(0.00)[no SPF record]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[quip.cz]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:42000, ipnet:94.124.104.0/21, country:CZ]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[stable@freebsd.org]; ARC_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_NEQ_ENVFROM(0.00)[000.fbsd@quip.cz,SRS0=G@elsa.codelab.cz]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org]; TAGGED_FROM(0.00)[MS=KB=quip.cz=000.fbsd]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[quip.cz:+] X-Rspamd-Queue-Id: 4ThzKK2W5tz4Lc7 On 24/02/2024 21:00, Vincent Stemen wrote: > On Sat, Feb 24, 2024 at 04:40:00PM +0100, Miroslav Lachman wrote: >> I agree with this security problem. Just a small note - there are >> backups of partitions (/var/backups/gpart.*) created by periodic script >> /etc/periodic/daily/221.backup-gpart (if you have >> daily_backup_gpart_enable="YES" in your /etc/periodic.conf or in a >> /etc/defaults/periodic.conf which is the default). That way you can get >> back the number plate on you house in some cases. > > Thanks. That's good to know. I was not aware of those features of > periodic. Almost nobody knows. There are 3 scripts to backup disk information: 221.backup-gpart 222.backup-gmirror 223.backup-zfs They are "newly" in base but was in some PR for many years. I'm the co-author. With these 3 periodic scripts I think more than 95% users can recover / restore disk layout. Some corner cases with different GEOM classes are not covered, but usual gmirror + UFS, or ZFS should be covered. Kind regards Miroslav Lachman From nobody Sat Feb 24 23:12:45 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Tj2jc3pmDz5Bnp1 for ; Sat, 24 Feb 2024 23:13:08 +0000 (UTC) (envelope-from void@f-m.fm) Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4Tj2jb5spQz4gC2 for ; Sat, 24 Feb 2024 23:13:07 +0000 (UTC) (envelope-from void@f-m.fm) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=f-m.fm header.s=fm1 header.b=tEwoWnLC; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=ZidScHt1; dmarc=pass (policy=none) header.from=f-m.fm; spf=pass (mx1.freebsd.org: domain of void@f-m.fm designates 64.147.123.21 as permitted sender) smtp.mailfrom=void@f-m.fm Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id 104BB3200A09 for ; Sat, 24 Feb 2024 18:13:05 -0500 (EST) Received: from imap46 ([10.202.2.96]) by compute6.internal (MEProxy); Sat, 24 Feb 2024 18:13:06 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=f-m.fm; h=cc :content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1708816385; x=1708902785; bh=34tpTK4mk8 ATHyxT0hvKlXKuop1AIr2SxJVbK0BxkeU=; b=tEwoWnLCgJL3Ui1Wl2FNee5JZC cLxjagC+apL4DCAPgSU76VEpKpIaUgUErZeACgU42vn5EBUGnhOun2cnDqwGjuLy IDilOxMXu/s3XYPxO0cCsGdFITsCnJaW7hIoR2AU6D0JJap+ZVy0Lo66cLCogQnS aOsnln8j43VPssBzczI7A6Om8uYYXe4JZ45hQ6bKiT+5SRFy8jgj8aaPSSAf6rJ8 vb2GDQVpDR5adeLCnzEXS3q9yuVuUTYFnzTWBNBdhU0wGX0uEKjZgpIG3AFJSWBg wHPoLj+dr9ZR9lxj7wySmJ407YpUO+Iz9jlp5hwRa1Vzkmc0Btn5Pv97IwZA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1708816385; x=1708902785; bh=34tpTK4mk8ATHyxT0hvKlXKuop1A Ir2SxJVbK0BxkeU=; b=ZidScHt1Cnz7KhcAhMJaFeFYNSIEUgxHNPBmLecPv3ZE f2UkGFlKHEXNr+CORMMKOKP0Uy6VmNV3zXaiiHQ4zHJnL5afjIZvfpQ6KsrEM6wr ZwmUSXYDluumI/hFru64gb/TrzwT2273TMxyMcXOYRwdS9j7OTq2H/mg1QOI864C s/vgQEoZG0ufi6LhQasLzCE7ywC601c4Y+BmO3odMoCgwnqOhTradd7/rwBqPJWs mZHBs30TVhXADWMtUiwCYDqH1ETQ7gWu8JnIehYRtb/osQNhn2Z4JxLf5afJTAav rm9+OlR9/1Kjtkhmlyx9YMc41xykJ+UlHR+USuAzyw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrfeelgddtjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepvhhoihguuceovhhoihgusehfqdhmrdhfmheqnecuggftrfgr thhtvghrnhepieetvdeuhedthedtvdfhuefhveehvdeiledvieffheevleehgeefudelje dukedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep vhhoihgusehfqdhmrdhfmh X-ME-Proxy: Feedback-ID: i2541463c:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id 53C712A20090; Sat, 24 Feb 2024 18:13:05 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.11.0-alpha0-153-g7e3bb84806-fm-20240215.007-g7e3bb848 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Message-Id: <3c8667a2-770c-4c35-9b33-572f43d9f1ea@app.fastmail.com> In-Reply-To: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> References: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> Date: Sat, 24 Feb 2024 23:12:45 +0000 From: void To: stable@freebsd.org Subject: Re: USB CD drive does not work with 14-Stable Content-Type: text/plain X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.07 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.98)[-0.979]; DMARC_POLICY_ALLOW(-0.50)[f-m.fm,none]; R_DKIM_ALLOW(-0.20)[f-m.fm:s=fm1,messagingengine.com:s=fm1]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.21]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.21:from]; XM_UA_NO_VERSION(0.01)[]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:29838, ipnet:64.147.123.0/24, country:US]; MIME_TRACE(0.00)[0:+]; DWL_DNSWL_NONE(0.00)[messagingengine.com:dkim]; FREEMAIL_FROM(0.00)[f-m.fm]; FREEMAIL_ENVFROM(0.00)[f-m.fm]; ARC_NA(0.00)[]; MLMMJ_DEST(0.00)[stable@freebsd.org]; RCVD_COUNT_THREE(0.00)[3]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[f-m.fm:+,messagingengine.com:+] X-Rspamd-Queue-Id: 4Tj2jb5spQz4gC2 On Sat, 24 Feb 2024, at 14:12, S.N.Grigoriev wrote: > Hi, list, > > I've found out that my USB CD drive does not work with my 14-Stable (amd64). > It works fine with Linux and Windows and in past worked fine with 12-Stable. > > The following is from /var/log/messages: > > kernel: usb_alloc_device: set address 2 failed (USB_ERR_TIMEOUT, > ignored) > kernel: usbd_setup_device_desc: getting device descriptor at addr 2 > failed, USB_ERR_IOERROR > kernel: usb_msc_auto_quirk: UQ_MSC_NO_GETMAXLUN set for USB mass > storage device MediaTek Inc MT1956 (0x0e8d:0x1956) > kernel: usb_alloc_device: Failure selecting configuration index > 0:USB_ERR_STALLED, port 5, addr 2 (ignored) > kernel: ugen3.2: at usbus3 Hi, can you post your kernel config please, and uname -aKU From nobody Sun Feb 25 06:45:39 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjDxs651Sz5Bpkn for ; Sun, 25 Feb 2024 06:54:25 +0000 (UTC) (envelope-from li-fbsd@citylink.dinoex.sub.org) Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840::12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "uucp.dinoex.sub.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjDxr1lN6z4GnB for ; Sun, 25 Feb 2024 06:54:24 +0000 (UTC) (envelope-from li-fbsd@citylink.dinoex.sub.org) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of li-fbsd@citylink.dinoex.sub.org designates 2a0b:f840::12 as permitted sender) smtp.mailfrom=li-fbsd@citylink.dinoex.sub.org; arc=pass ("uucp.dinoex.org:s=M20221114:i=1") Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12]) by uucp.dinoex.org (8.18.1/8.18.1) with ESMTPS id 41P6s5FJ003350 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Sun, 25 Feb 2024 07:54:06 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) ARC-Seal: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114; t=1708844048; cv=none; b=Dn1rNZ8qKH2gKhwWZk+YR6qMNarb8QJekkPRq/D7pJ/Eo+1/3nwbJNJy/ZqXYOfzoIouxjqpkMpb2gCeSFIlKFPMjwRAhK4k8SYFxK3gpMXKl7aCsPkKSL+xMgZcfY0zHn18TCp9MrqIkgSDtTS2saSoJvvBNdULl28vMFHgPWI= ARC-Message-Signature: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114; t=1708844048; c=relaxed/simple; bh=2H+u2NfKsbhJl5N08+j0RkJ+V2h1PSY4d8e3wemMUwY=; h=Received:Received:Received:X-Authentication-Warning:From: X-Newsgroups:Subject:Date:Message-ID:References:Injection-Date: Injection-Info:User-Agent:To:X-Milter:X-Greylist; b=kNa3xsXTXbQOO2/murb1Bx0Er0OLdVbi0jQA8wssDKeX9fz1GflN5n1lEBPgh1uThTQabsJZeflk2jhl5zhOhI2638in0ZDk4UN+GLgYO7IAdoxA+Ld/UTIKaG5bILJLokiCPBpddI58M1h6Kr59MlZwkfOgKpvNlvZa+//nrBA= ARC-Authentication-Results: i=1; uucp.dinoex.org X-MDaemon-Deliver-To: Received: (from uucp@localhost) by uucp.dinoex.org (8.18.1/8.18.1/Submit) with UUCP id 41P6s5S8003349 for freebsd-stable@freebsd.org; Sun, 25 Feb 2024 07:54:05 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) Received: from admn.intra.daemon.contact (localhost [127.0.0.1]) by admn.intra.daemon.contact (8.17.1/8.17.1) with ESMTPS id 41P6k1ja013462 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Sun, 25 Feb 2024 07:46:02 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) Received: from intra.daemon.contact (news@localhost) by admn.intra.daemon.contact (8.17.1/8.17.1/Submit) with NNTP id 41P6jdMu013066 for freebsd-stable@freebsd.org; Sun, 25 Feb 2024 07:45:39 +0100 (CET) (envelope-from li-fbsd@citylink.dinoex.sub.org) X-Authentication-Warning: admn.intra.daemon.contact: news set sender to li-fbsd@citylink.dinoex.sub.org using -f From: "Peter 'PMc' Much" X-Newsgroups: m2n.fbsd.stable Subject: Re: gpart device permissions security hole (/dev/geom.ctl) Date: Sun, 25 Feb 2024 06:45:39 -0000 (UTC) Message-ID: References: <2421f1a5-d924-4912-abff-e000e41f5459@quip.cz> <4de9c605-c93d-4286-a402-0bc52e9d62ff@quip.cz> Injection-Date: Sun, 25 Feb 2024 06:45:39 -0000 (UTC) Injection-Info: admn.intra.daemon.contact; logging-data="13065"; mail-complaints-to="usenet@citylink.dinoex.sub.org" User-Agent: slrn/1.0.3 (FreeBSD) To: freebsd-stable@freebsd.org X-Milter: Spamilter (Reciever: uucp.dinoex.org; Sender-ip: 0:0:2a0b:f840::; Sender-helo: uucp.dinoex.org;) X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12]); Sun, 25 Feb 2024 07:54:08 +0100 (CET) X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; ARC_ALLOW(-1.00)[uucp.dinoex.org:s=M20221114:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; FORGED_SENDER(0.30)[pmc@citylink.dinoex.sub.org,li-fbsd@citylink.dinoex.sub.org]; R_SPF_ALLOW(-0.20)[+mx]; MIME_GOOD(-0.10)[text/plain]; FROM_HAS_DN(0.00)[]; R_DKIM_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; HAS_XAW(0.00)[]; ASN(0.00)[asn:205376, ipnet:2a0b:f840::/32, country:DE]; FROM_NEQ_ENVFROM(0.00)[pmc@citylink.dinoex.sub.org,li-fbsd@citylink.dinoex.sub.org]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org]; MIME_TRACE(0.00)[0:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_THREE(0.00)[4]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; DMARC_NA(0.00)[sub.org]; RCVD_TLS_LAST(0.00)[]; TO_DN_NONE(0.00)[] X-Rspamd-Queue-Id: 4TjDxr1lN6z4GnB List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org On 2024-02-24, Miroslav Lachman <000.fbsd@quip.cz> wrote: > On 24/02/2024 21:00, Vincent Stemen wrote: >> On Sat, Feb 24, 2024 at 04:40:00PM +0100, Miroslav Lachman wrote: >>> I agree with this security problem. Just a small note - there are >>> backups of partitions (/var/backups/gpart.*) created by periodic script >>> /etc/periodic/daily/221.backup-gpart (if you have >>> daily_backup_gpart_enable="YES" in your /etc/periodic.conf or in a >>> /etc/defaults/periodic.conf which is the default). That way you can get >>> back the number plate on you house in some cases. >> >> Thanks. That's good to know. I was not aware of those features of >> periodic. > > Almost nobody knows. Oh, now I see why there is a problem. Actually I found the partition tables missing when I planned for desaster recovery, and thought it would be helpful to have a copy of them. So I implemented such periodic backup long before it was officially provided. I think there are many possibilities how things can go wrong, and evil action is only one of them. So my first imperative is to get the data savely into backup (and then the backup to offsite). That accomplished, we can in a relaxed mood think about what we will do to the person who actually manages to delete the partition table... cheerio, PMc From nobody Sun Feb 25 10:07:59 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjKFJ0dddz5C87W; Sun, 25 Feb 2024 10:08:04 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Received: from forward500a.mail.yandex.net (forward500a.mail.yandex.net [178.154.239.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjKFH4xwtz4lcQ; Sun, 25 Feb 2024 10:08:03 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Authentication-Results: mx1.freebsd.org; none Received: from mail-nwsmtp-mxback-production-main-60.vla.yp-c.yandex.net (mail-nwsmtp-mxback-production-main-60.vla.yp-c.yandex.net [IPv6:2a02:6b8:c1d:659d:0:640:e939:0]) by forward500a.mail.yandex.net (Yandex) with ESMTPS id 7489060C55; Sun, 25 Feb 2024 13:08:00 +0300 (MSK) Received: from mail.yandex.ru (2a02:6b8:c18:4784:0:640:b1ab:0 [2a02:6b8:c18:4784:0:640:b1ab:0]) by mail-nwsmtp-mxback-production-main-60.vla.yp-c.yandex.net (mxback/Yandex) with HTTP id a7TBAR4O5iE0-JxQEsREp; Sun, 25 Feb 2024 13:08:00 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1708855680; bh=vbVVl86WCUSaSw03LbraZ1iLoEJe8WfEas3NDmIx/G0=; h=Message-Id:References:Date:Cc:Subject:In-Reply-To:To:From; b=r+xHQvQEF2oeOLVcMoVUxGXMNaphNk6Dvw04vjpvpjRlXGkitSbK60wsOTtrvXxxR H6ixkYId8gVB71+1+qR8ZVPJ3iuEUp4q8i4oSxA704uVmlUraFVdSiG6WYPFeF7Pgf vQp86lNK9dlLkNSwdkFzXZoVi55figg8bwqskUOg= Received: by vpfns56j3qv6ec2k.vla.yp-c.yandex.net with HTTP; Sun, 25 Feb 2024 13:07:59 +0300 From: S.N.Grigoriev To: void , FreeBSD Stable Cc: stable@freebsd.org In-Reply-To: <3c8667a2-770c-4c35-9b33-572f43d9f1ea@app.fastmail.com> References: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> <3c8667a2-770c-4c35-9b33-572f43d9f1ea@app.fastmail.com> Subject: Re: USB CD drive does not work with 14-Stable List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Sun, 25 Feb 2024 13:07:59 +0300 Message-Id: <4609701708855679@vpfns56j3qv6ec2k.vla.yp-c.yandex.net> Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:200350, ipnet:178.154.224.0/19, country:RU] X-Rspamd-Queue-Id: 4TjKFH4xwtz4lcQ > On Sat, 24 Feb 2024, at 14:12, S.N.Grigoriev wrote: > >> Hi, list, >> >> I've found out that my USB CD drive does not work with my 14-Stable (amd64). >> It works fine with Linux and Windows and in past worked fine with 12-Stable. >> >> The following is from /var/log/messages: >> >> kernel: usb_alloc_device: set address 2 failed (USB_ERR_TIMEOUT, >> ignored) >> kernel: usbd_setup_device_desc: getting device descriptor at addr 2 >> failed, USB_ERR_IOERROR >> kernel: usb_msc_auto_quirk: UQ_MSC_NO_GETMAXLUN set for USB mass >> storage device MediaTek Inc MT1956 (0x0e8d:0x1956) >> kernel: usb_alloc_device: Failure selecting configuration index >> 0:USB_ERR_STALLED, port 5, addr 2 (ignored) >> kernel: ugen3.2: at usbus3 > > Hi, can you post your kernel config please, and uname -aKU Hi, void, thank you for your response! My kernel config is: ########## include GENERIC ident GEN # No sound support nodevice sound nodevice snd_cmi nodevice snd_csa nodevice snd_emu10kx nodevice snd_es137x nodevice snd_hda nodevice snd_ich nodevice snd_via8233 ########### uname -aKU output: FreeBSD amico.pltel.ru 14.0-STABLE FreeBSD 14.0-STABLE #0 stable/14-n266870-e705ac7788b2: Sat Feb 24 15:47:37 MSK 2024 root@amico.pltel.ru:/usr/obj/usr/src/amd64.amd64/sys/GEN amd64 1400509 1400509 Regards, Serguey. From nobody Sun Feb 25 14:16:00 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjQls1jl5z5BKy3 for ; Sun, 25 Feb 2024 14:16:25 +0000 (UTC) (envelope-from void@f-m.fm) Received: from wout5-smtp.messagingengine.com (wout5-smtp.messagingengine.com [64.147.123.21]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjQlr1LD0z4RwV for ; Sun, 25 Feb 2024 14:16:24 +0000 (UTC) (envelope-from void@f-m.fm) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=f-m.fm header.s=fm1 header.b=nQtdsWvg; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=FPS5xXRR; dmarc=pass (policy=none) header.from=f-m.fm; spf=pass (mx1.freebsd.org: domain of void@f-m.fm designates 64.147.123.21 as permitted sender) smtp.mailfrom=void@f-m.fm Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id E4C53320015C for ; Sun, 25 Feb 2024 09:16:22 -0500 (EST) Received: from imap46 ([10.202.2.96]) by compute6.internal (MEProxy); Sun, 25 Feb 2024 09:16:23 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=f-m.fm; h=cc :content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1708870582; x=1708956982; bh=GiI1nMzfRz /4eeRP2O/ncIvbmEAbhYQc4Jhm5t5KQwI=; b=nQtdsWvg+6dXlmpg6bfTQCQzWe DUW2czKmrje+zLaQgu5IKdU9muPe9+HBVWprGucUDE1MToguFJjdEP5QDm/GIOsC K7g9AvnlE2WeyULDSlgOd+xMZVkXjz+D76tLgCtQ3dRiiILKPRz1t5OPOeAKHJOv 2GxKLHqWLtUngFM5ystCP8pmFroArvryxTAUl4/7xiq1yfBCkMU486OTkJ5ZpN6M +KB7qlEWygMqPc2qRONaI6sZadM7XkzbZYxDR6s+Hw1FrUvvP4PDiOxwHzK/eitB EEob031z2EqfIE1huhOKh9q7z7FYN/W4zImuCpU4X23hgqrm8LpwnGvrlkgw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1708870582; x=1708956982; bh=GiI1nMzfRz/4eeRP2O/ncIvbmEAb hYQc4Jhm5t5KQwI=; b=FPS5xXRROULJcoZtujBrCXhRi7rh08SYbJDwSmW5rMyl 7Vj0lt3S0+ba6ozLXI4WX5cJnhOBGmWWt9YyBtZw5gwOdd1UgMr8tDqS2hj9i/wi DjFAmKH6F+vhih7Tv0dAJQEecLd4chiK8WXuVgotzlVqiKWtDh1dq0b89OYPU/a/ 8zxeMTL05B6AssZZ0WE9JnblkpsP6ThDIpMCCDx0xMgDdzU8SMn7Som2Sheqkysj yomTTnOUpNNji4MvQ/5SVZsGODlPuK8DNMGHSIK7dvjut1snVh35hNuVwdRLRece ApVStQNpwBl5CZu4AJezPL8dSNuF8NSyXF4e3OZMbQ== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrgedtgdeiudcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepvhhoihguuceovhhoihgusehfqdhmrdhfmheqnecuggftrfgr thhtvghrnhepuddvjedvhfehvdfftdekveegtddvgfeiudeljefhvdekudelgfegtdelte duvedunecuffhomhgrihhnpehplhhtvghlrdhruhenucevlhhushhtvghrufhiiigvpedt necurfgrrhgrmhepmhgrihhlfhhrohhmpehvohhiugesfhdqmhdrfhhm X-ME-Proxy: Feedback-ID: i2541463c:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id 2B4F12A2008B; Sun, 25 Feb 2024 09:16:22 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.11.0-alpha0-153-g7e3bb84806-fm-20240215.007-g7e3bb848 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Message-Id: <511954d9-74b4-45c3-b16e-342ad29751f7@app.fastmail.com> In-Reply-To: <4609701708855679@vpfns56j3qv6ec2k.vla.yp-c.yandex.net> References: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> <3c8667a2-770c-4c35-9b33-572f43d9f1ea@app.fastmail.com> <4609701708855679@vpfns56j3qv6ec2k.vla.yp-c.yandex.net> Date: Sun, 25 Feb 2024 14:16:00 +0000 From: void To: stable@freebsd.org Subject: Re: USB CD drive does not work with 14-Stable Content-Type: text/plain X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.09 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[f-m.fm,none]; R_DKIM_ALLOW(-0.20)[f-m.fm:s=fm1,messagingengine.com:s=fm1]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.21]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.21:from]; XM_UA_NO_VERSION(0.01)[]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:29838, ipnet:64.147.123.0/24, country:US]; MIME_TRACE(0.00)[0:+]; DWL_DNSWL_NONE(0.00)[messagingengine.com:dkim]; FREEMAIL_FROM(0.00)[f-m.fm]; FREEMAIL_ENVFROM(0.00)[f-m.fm]; ARC_NA(0.00)[]; MLMMJ_DEST(0.00)[stable@freebsd.org]; RCVD_COUNT_THREE(0.00)[3]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[f-m.fm:+,messagingengine.com:+] X-Rspamd-Queue-Id: 4TjQlr1LD0z4RwV On Sun, 25 Feb 2024, at 10:07, S.N.Grigoriev wrote: > Hi, void, > > thank you for your response! My kernel config is: > > ########## > include GENERIC > > ident GEN > > # No sound support > nodevice sound > nodevice snd_cmi > nodevice snd_csa > nodevice snd_emu10kx > nodevice snd_es137x > nodevice snd_hda > nodevice snd_ich > nodevice snd_via8233 > ########### > > uname -aKU output: > > FreeBSD amico.pltel.ru 14.0-STABLE FreeBSD 14.0-STABLE #0 > stable/14-n266870-e705ac7788b2: Sat Feb 24 15:47:37 MSK 2024 > root@amico.pltel.ru:/usr/obj/usr/src/amd64.amd64/sys/GEN amd64 1400509 > 1400509 OK - that GENERIC is unmodified? If so, then the kernel has all the usb stuff needed. make sure you have misc/usbids sysutils/usbutils and sysutils/usbhid-dump (I also have devel/libpci misc/pciids and sysutils/pciutils) installed, for diagnostics like lsusb. In the past, on a couple of boards, I have had to disable usb3 in the kernel (or in the bios) and just had usb2 working. Can you try a usb2 port? Next step would be to disable one or the other in the bios, and try with one or the other after changing each one. good luck, From nobody Sun Feb 25 14:20:56 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjQsY0jKwz5BLMH for ; Sun, 25 Feb 2024 14:21:21 +0000 (UTC) (envelope-from void@f-m.fm) Received: from wfhigh4-smtp.messagingengine.com (wfhigh4-smtp.messagingengine.com [64.147.123.155]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjQsX2Ym0z4Snk for ; Sun, 25 Feb 2024 14:21:20 +0000 (UTC) (envelope-from void@f-m.fm) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=f-m.fm header.s=fm1 header.b=d2CeFtnC; dkim=pass header.d=messagingengine.com header.s=fm1 header.b=kP4afFvq; dmarc=pass (policy=none) header.from=f-m.fm; spf=pass (mx1.freebsd.org: domain of void@f-m.fm designates 64.147.123.155 as permitted sender) smtp.mailfrom=void@f-m.fm Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailfhigh.west.internal (Postfix) with ESMTP id 58B5F1800072 for ; Sun, 25 Feb 2024 09:21:18 -0500 (EST) Received: from imap46 ([10.202.2.96]) by compute6.internal (MEProxy); Sun, 25 Feb 2024 09:21:18 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=f-m.fm; h=cc :content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:subject :subject:to:to; s=fm1; t=1708870877; x=1708957277; bh=gJbESmPDKd UVBSVNSsuT53eX0YyDgVuqi2V+bdw/0hs=; b=d2CeFtnC/rGWDctumwRfVS0Xh4 CZaB7kPc5asBPF/FJqJzXj1DJAuEgLtn+HkcwfjAiD/tDetdHMVToC4Y8aIg2IYk nxrqo6opoY7E9kPzHd00hv9kjhu1gpx5bocf+9ftytNs574c+lbSLUucCX6Zz5Ft MYRYEddzSN4UBc2m8WxYaaPE+zi7sP0zSd8jr6rMh0HmeGnhy5TX/FslpB02uNCD o0f9qjln4yzbkCZJsGleBS9euzSEI5e+X+T5f9/htePLwcjWoRnXpo6jmatosuc9 iqqeVjhFbDJmenywP8ZudjDbUXzb6wwKiFkuPd4mtq1ZW+Gkx/y4ijS2nlcw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:subject:subject:to :to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm1; t=1708870877; x=1708957277; bh=gJbESmPDKdUVBSVNSsuT53eX0YyD gVuqi2V+bdw/0hs=; b=kP4afFvqS3074RUnHYr5v05DmgpheGl87OzAEP6mSZvD kk6502zTZR+NSe4nIkvtk/TWRqIVJ7MB/iQe58Krq+vsI5nehfxxmU52CsGwT1Ro jgNq2sK+aH/LsRnRaI9To2ZNWFhHn8dPgPlcACk36B5C9PbQu0E1WlU+1oORkXn8 pnfzzFvqzPqiIS1ZI++oYexhTEpB1p3LQq20ob1QCFN8zZ+0aUQrj5u7SBm9cM5U U4sYpBmkYMUQ2soEPcDb7d1bowcHu02cXGMYufvrTHvbzUA8T8AOJzboq4iqVCFH gUE5mm6Rb9E7coZGArPrU3fLYQcuOFpd3IELZgT6aw== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrgedtgdeivdcutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfghnecu uegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkjghffffhvffutgesthdtre dtreertdenucfhrhhomhepvhhoihguuceovhhoihgusehfqdhmrdhfmheqnecuggftrfgr thhtvghrnhepieetvdeuhedthedtvdfhuefhveehvdeiledvieffheevleehgeefudelje dukedvnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep vhhoihgusehfqdhmrdhfmh X-ME-Proxy: Feedback-ID: i2541463c:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id A171B2A2008B; Sun, 25 Feb 2024 09:21:17 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.11.0-alpha0-153-g7e3bb84806-fm-20240215.007-g7e3bb848 List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Message-Id: In-Reply-To: <511954d9-74b4-45c3-b16e-342ad29751f7@app.fastmail.com> References: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> <3c8667a2-770c-4c35-9b33-572f43d9f1ea@app.fastmail.com> <4609701708855679@vpfns56j3qv6ec2k.vla.yp-c.yandex.net> <511954d9-74b4-45c3-b16e-342ad29751f7@app.fastmail.com> Date: Sun, 25 Feb 2024 14:20:56 +0000 From: void To: stable@freebsd.org Subject: Re: USB CD drive does not work with 14-Stable Content-Type: text/plain X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.09 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[f-m.fm,none]; R_DKIM_ALLOW(-0.20)[f-m.fm:s=fm1,messagingengine.com:s=fm1]; R_SPF_ALLOW(-0.20)[+ip4:64.147.123.128/27:c]; MIME_GOOD(-0.10)[text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[64.147.123.155:from]; XM_UA_NO_VERSION(0.01)[]; ARC_NA(0.00)[]; ASN(0.00)[asn:29838, ipnet:64.147.123.0/24, country:US]; MIME_TRACE(0.00)[0:+]; DWL_DNSWL_NONE(0.00)[messagingengine.com:dkim]; FREEMAIL_FROM(0.00)[f-m.fm]; FREEMAIL_ENVFROM(0.00)[f-m.fm]; RCPT_COUNT_ONE(0.00)[1]; MLMMJ_DEST(0.00)[stable@freebsd.org]; RCVD_COUNT_THREE(0.00)[3]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[f-m.fm:+,messagingengine.com:+] X-Rspamd-Queue-Id: 4TjQsX2Ym0z4Snk Another thing maybe worthwhile trying is to just have that one thing plugged into the usb subsystem. Beforehand, tail -f /var/log/messages in an xterm, unplug everything usb (2&3), plug in the cd drive, observe messages. From nobody Sun Feb 25 16:14:30 2024 X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjTNC06t1z5BWs8; Sun, 25 Feb 2024 16:14:35 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Received: from forward501c.mail.yandex.net (forward501c.mail.yandex.net [178.154.239.209]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjTN96lKkz4j6q; Sun, 25 Feb 2024 16:14:33 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yandex.ru header.s=mail header.b=CFa1vVDC; dmarc=pass (policy=none) header.from=yandex.ru; spf=pass (mx1.freebsd.org: domain of serguey-grigoriev@yandex.ru designates 178.154.239.209 as permitted sender) smtp.mailfrom=serguey-grigoriev@yandex.ru Received: from mail-nwsmtp-mxback-production-main-96.sas.yp-c.yandex.net (mail-nwsmtp-mxback-production-main-96.sas.yp-c.yandex.net [IPv6:2a02:6b8:c14:d26:0:640:8689:0]) by forward501c.mail.yandex.net (Yandex) with ESMTPS id E426A60B1D; Sun, 25 Feb 2024 19:14:30 +0300 (MSK) Received: from mail.yandex.ru (2a02:6b8:c14:4298:0:640:fa56:0 [2a02:6b8:c14:4298:0:640:fa56:0]) by mail-nwsmtp-mxback-production-main-96.sas.yp-c.yandex.net (mxback/Yandex) with HTTP id QEZAu06qb4Y0-jX9geltI; Sun, 25 Feb 2024 19:14:30 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1708877670; bh=jrpZ6LAx64JxAmz6zIqPX3mgVx3aX8AstLR/tnujtNY=; h=Message-Id:References:Date:Cc:Subject:In-Reply-To:To:From; b=CFa1vVDCKb6VTnpp7dOHvSXX9J8LH8a13nV95JNhBe8W3gfI7ZzyVjBbm1t9apoVw s4UZir27wPWAcKweEyQ9xB/XPjH0J+Q82gEKJM4VnZOTZk5XwfgXRxzvBGKoaQ0dZ8 IeXFg570bu/O41EX3+vwiYGbCdHgk1FMx6m+Uqg4= Received: by z7oys7c4urhdnodv.sas.yp-c.yandex.net with HTTP; Sun, 25 Feb 2024 19:14:30 +0300 From: S.N.Grigoriev To: FreeBSD Stable Cc: stable@freebsd.org In-Reply-To: References: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> <3c8667a2-770c-4c35-9b33-572f43d9f1ea@app.fastmail.com> <4609701708855679@vpfns56j3qv6ec2k.vla.yp-c.yandex.net> <511954d9-74b4-45c3-b16e-342ad29751f7@app.fastmail.com> Subject: Re: USB CD drive does not work with 14-Stable List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Sun, 25 Feb 2024 19:14:30 +0300 Message-Id: <478521708877670@z7oys7c4urhdnodv.sas.yp-c.yandex.net> Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.10 / 15.00]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[yandex.ru,none]; R_SPF_ALLOW(-0.20)[+ip4:178.154.239.208/28]; R_DKIM_ALLOW(-0.20)[yandex.ru:s=mail]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[178.154.239.209:from]; RCVD_COUNT_THREE(0.00)[3]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; ASN(0.00)[asn:200350, ipnet:178.154.224.0/19, country:RU]; TO_DN_SOME(0.00)[]; FREEMAIL_ENVFROM(0.00)[yandex.ru]; FREEMAIL_FROM(0.00)[yandex.ru]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; DWL_DNSWL_NONE(0.00)[yandex.ru:dkim]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org,stable@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[178.154.239.209:from]; DKIM_TRACE(0.00)[yandex.ru:+] X-Rspamd-Queue-Id: 4TjTN96lKkz4j6q > Another thing maybe worthwhile trying is to just have that one thing > plugged into the usb subsystem. Beforehand, tail -f /var/log/messages > in an xterm, unplug everything usb (2&3), plug in the cd drive, > observe messages. I've done it. The same result. Regards, Serguey. From nobody Sun Feb 25 16:14:30 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjTNC06t1z5BWs8; Sun, 25 Feb 2024 16:14:35 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Received: from forward501c.mail.yandex.net (forward501c.mail.yandex.net [178.154.239.209]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjTN96lKkz4j6q; Sun, 25 Feb 2024 16:14:33 +0000 (UTC) (envelope-from serguey-grigoriev@yandex.ru) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=yandex.ru header.s=mail header.b=CFa1vVDC; dmarc=pass (policy=none) header.from=yandex.ru; spf=pass (mx1.freebsd.org: domain of serguey-grigoriev@yandex.ru designates 178.154.239.209 as permitted sender) smtp.mailfrom=serguey-grigoriev@yandex.ru Received: from mail-nwsmtp-mxback-production-main-96.sas.yp-c.yandex.net (mail-nwsmtp-mxback-production-main-96.sas.yp-c.yandex.net [IPv6:2a02:6b8:c14:d26:0:640:8689:0]) by forward501c.mail.yandex.net (Yandex) with ESMTPS id E426A60B1D; Sun, 25 Feb 2024 19:14:30 +0300 (MSK) Received: from mail.yandex.ru (2a02:6b8:c14:4298:0:640:fa56:0 [2a02:6b8:c14:4298:0:640:fa56:0]) by mail-nwsmtp-mxback-production-main-96.sas.yp-c.yandex.net (mxback/Yandex) with HTTP id QEZAu06qb4Y0-jX9geltI; Sun, 25 Feb 2024 19:14:30 +0300 X-Yandex-Fwd: 1 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1708877670; bh=jrpZ6LAx64JxAmz6zIqPX3mgVx3aX8AstLR/tnujtNY=; h=Message-Id:References:Date:Cc:Subject:In-Reply-To:To:From; b=CFa1vVDCKb6VTnpp7dOHvSXX9J8LH8a13nV95JNhBe8W3gfI7ZzyVjBbm1t9apoVw s4UZir27wPWAcKweEyQ9xB/XPjH0J+Q82gEKJM4VnZOTZk5XwfgXRxzvBGKoaQ0dZ8 IeXFg570bu/O41EX3+vwiYGbCdHgk1FMx6m+Uqg4= Received: by z7oys7c4urhdnodv.sas.yp-c.yandex.net with HTTP; Sun, 25 Feb 2024 19:14:30 +0300 From: S.N.Grigoriev To: FreeBSD Stable Cc: stable@freebsd.org In-Reply-To: References: <5813111708783942@wckjnuw7tehz7zgt.sas.yp-c.yandex.net> <3c8667a2-770c-4c35-9b33-572f43d9f1ea@app.fastmail.com> <4609701708855679@vpfns56j3qv6ec2k.vla.yp-c.yandex.net> <511954d9-74b4-45c3-b16e-342ad29751f7@app.fastmail.com> Subject: Re: USB CD drive does not work with 14-Stable List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 X-Mailer: Yamail [ http://yandex.ru ] 5.0 Date: Sun, 25 Feb 2024 19:14:30 +0300 Message-Id: <478521708877670@z7oys7c4urhdnodv.sas.yp-c.yandex.net> Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.10 / 15.00]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[yandex.ru,none]; R_SPF_ALLOW(-0.20)[+ip4:178.154.239.208/28]; R_DKIM_ALLOW(-0.20)[yandex.ru:s=mail]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[178.154.239.209:from]; RCVD_COUNT_THREE(0.00)[3]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; ASN(0.00)[asn:200350, ipnet:178.154.224.0/19, country:RU]; TO_DN_SOME(0.00)[]; FREEMAIL_ENVFROM(0.00)[yandex.ru]; FREEMAIL_FROM(0.00)[yandex.ru]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; DWL_DNSWL_NONE(0.00)[yandex.ru:dkim]; MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org,stable@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[178.154.239.209:from]; DKIM_TRACE(0.00)[yandex.ru:+] X-Rspamd-Queue-Id: 4TjTN96lKkz4j6q > Another thing maybe worthwhile trying is to just have that one thing > plugged into the usb subsystem. Beforehand, tail -f /var/log/messages > in an xterm, unplug everything usb (2&3), plug in the cd drive, > observe messages. I've done it. The same result. Regards, Serguey. From nobody Sun Feb 25 18:03:32 2024 X-Original-To: stable@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TjWp00ZxMz5Bj29 for ; Sun, 25 Feb 2024 18:03:36 +0000 (UTC) (envelope-from vince@hightek.org) Received: from mail.ngtek.org (ngtek.org [IPv6:2001:19f0:6400:8963:5400:ff:fe09:9585]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TjWnz0B70z45hg for ; Sun, 25 Feb 2024 18:03:34 +0000 (UTC) (envelope-from vince@hightek.org) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of vince@hightek.org designates 2001:19f0:6400:8963:5400:ff:fe09:9585 as permitted sender) smtp.mailfrom=vince@hightek.org Received: from [170.39.28.55] (helo=marble.hightek.org) by mail.ngtek.org with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89 (FreeBSD)) (envelope-from ) id 1reIqZ-0009j2-Kq for stable@freebsd.org; Sun, 25 Feb 2024 12:03:31 -0600 Received: from vince by marble.hightek.org with local (Exim 4.95 (FreeBSD)) (envelope-from ) id 1reIqa-000FhG-0y for stable@freebsd.org; Sun, 25 Feb 2024 12:03:32 -0600 Date: Sun, 25 Feb 2024 12:03:32 -0600 From: Vincent Stemen To: stable@freebsd.org Subject: Re: gpart device permissions security hole (/dev/geom.ctl) Message-ID: References: List-Id: Production branch of FreeBSD source code List-Archive: https://lists.freebsd.org/archives/freebsd-stable List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-stable@freebsd.org X-BeenThere: freebsd-stable@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.11 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FORGED_SENDER(0.30)[vince.bsd@hightek.org,vince@hightek.org]; R_SPF_ALLOW(-0.20)[+a]; NEURAL_HAM_SHORT(-0.11)[-0.108]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:6400::/38, country:US]; MIME_TRACE(0.00)[0:+]; R_DKIM_NA(0.00)[]; MID_RHS_MATCH_FROMTLD(0.00)[]; DMARC_NA(0.00)[hightek.org]; FROM_NEQ_ENVFROM(0.00)[vince.bsd@hightek.org,vince@hightek.org]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[stable@freebsd.org]; RCVD_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[] X-Rspamd-Queue-Id: 4TjWnz0B70z45hg I have now posted a bug report on this issue. https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277228