From owner-freebsd-arch@FreeBSD.ORG Sun Mar 25 01:51:19 2012 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9B6C4106564A; Sun, 25 Mar 2012 01:51:19 +0000 (UTC) (envelope-from listlog2011@gmail.com) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 32A258FC1B; Sun, 25 Mar 2012 01:51:19 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q2P1pGkc007098; Sun, 25 Mar 2012 01:51:18 GMT (envelope-from listlog2011@gmail.com) Message-ID: <4F6E7A14.2090006@gmail.com> Date: Sun, 25 Mar 2012 09:51:16 +0800 From: David Xu User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:11.0) Gecko/20120312 Thunderbird/11.0 MIME-Version: 1.0 To: Robert Millan References: <20120324200014.GA91966@thorin> In-Reply-To: <20120324200014.GA91966@thorin> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: davidxu@freebsd.org, freebsd-arch@freebsd.org Subject: Re: [PATCH] add SIGSERVICE to sys/signal.h X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: davidxu@freebsd.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Mar 2012 01:51:19 -0000 On 2012/3/25 4:00, Robert Millan wrote: > Hi, > > As SIGSERVICE is de-facto reserved by librt, shouldn't it be defined (or at > least listed as such) in, just like SIGTHR/SIGLWP ? > > See attached patch. > Yes, but I think the signal name is too general, should it be SIGLIBRT or something else ? From owner-freebsd-arch@FreeBSD.ORG Sun Mar 25 19:08:45 2012 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 349941065673; Sun, 25 Mar 2012 19:08:45 +0000 (UTC) (envelope-from rmh.aybabtu@gmail.com) Received: from mail-iy0-f182.google.com (mail-iy0-f182.google.com [209.85.210.182]) by mx1.freebsd.org (Postfix) with ESMTP id E09BD8FC18; Sun, 25 Mar 2012 19:08:44 +0000 (UTC) Received: by iahk25 with SMTP id k25so9381595iah.13 for ; Sun, 25 Mar 2012 12:08:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:date:x-google-sender-auth:message-id:subject :from:to:cc:content-type; bh=7xN6W7RmTuR+6DZqmsepqKLiT9imNMa+Hkdul5mWf0Y=; b=eKsLLo45XhrA3wESQg8ooLX5DWxfDLojN4hFA6wZzPsRygL53CgtWUhJ1iV8x2vNP5 rcJ3xMvpT9Raf+cmzbW8u0IB6PcQILQWGtEIOskX+nrpVkCJBaergU4rpuLynjaYNZMA itNLkcIKnGHIf5pnJLZln5+/4vx5o9XTe4d/4BtJo841PgjtTfLjyjEqGzSQCUUMdGlt 7Wva/h0ldsn4nTkHvpdMD6HSjT3fAGMztmWRlNyhcWZ97xhMQ9aasiLkUr2XtJkGlzDe Mq02GnyYW5ayZDzh0iQSxY0hP412Vsv+W2ywOF3q5+YNIlSPTSyC04zBRN4EKhXV4nRV gHlQ== MIME-Version: 1.0 Received: by 10.50.203.74 with SMTP id ko10mr3880552igc.7.1332702524431; Sun, 25 Mar 2012 12:08:44 -0700 (PDT) Sender: rmh.aybabtu@gmail.com Received: by 10.43.130.201 with HTTP; Sun, 25 Mar 2012 12:08:44 -0700 (PDT) Date: Sun, 25 Mar 2012 21:08:44 +0200 X-Google-Sender-Auth: nEOoSiZyW9iWfZLIP46W3B0bEoU Message-ID: From: Robert Millan To: davidxu@freebsd.org Content-Type: multipart/mixed; boundary=14dae93407878f5ed704bc15fcba Cc: freebsd-arch@freebsd.org Subject: Re: [PATCH] add SIGLIBRT to sys/signal.h X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Mar 2012 19:08:45 -0000 --14dae93407878f5ed704bc15fcba Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable El 25 de mar=C3=A7 de 2012 3:51, David Xu ha escrit= : > Yes, but I think the signal name is too general, should it be SIGLIBRT or > something else ? Ok. Renaming makes the patch a bit larger, see attachment. Looks good? --=20 Robert Millan --14dae93407878f5ed704bc15fcba Content-Type: text/plain; charset=US-ASCII; name="siglibrt.diff" Content-Disposition: attachment; filename="siglibrt.diff" Content-Transfer-Encoding: base64 X-Attachment-Id: f_h08gncaj0 SW5kZXg6IGxpYi9saWJydC9zaWdldl90aHJlYWQuYwo9PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBsaWIvbGlicnQv c2lnZXZfdGhyZWFkLmMJKHJldmlzaW9uIDIzMzQzNSkKKysrIGxpYi9saWJydC9zaWdldl90aHJl YWQuYwkod29ya2luZyBjb3B5KQpAQCAtMjI0LDExICsyMjQsMTEgQEAKIAlzaWdldl9pZF90IGlk KQogewogCS8qCi0JICogQnVpbGQgYSBuZXcgc2lnZXZlbnQsIGFuZCB0ZWxsIGtlcm5lbCB0byBk ZWxpdmVyIFNJR1NFUlZJQ0UKKwkgKiBCdWlsZCBhIG5ldyBzaWdldmVudCwgYW5kIHRlbGwga2Vy bmVsIHRvIGRlbGl2ZXIgU0lHTElCUlQKIAkgKiBzaWduYWwgdG8gdGhlIG5ldyB0aHJlYWQuCiAJ ICovCiAJbmV3ZXZwLT5zaWdldl9ub3RpZnkgPSBTSUdFVl9USFJFQURfSUQ7Ci0JbmV3ZXZwLT5z aWdldl9zaWdubyAgPSBTSUdTRVJWSUNFOworCW5ld2V2cC0+c2lnZXZfc2lnbm8gID0gU0lHTElC UlQ7CiAJbmV3ZXZwLT5zaWdldl9ub3RpZnlfdGhyZWFkX2lkID0gKGx3cGlkX3Qpc24tPnNuX3Ru LT50bl9sd3BpZDsKIAluZXdldnAtPnNpZ2V2X3ZhbHVlLnNpdmFsX3B0ciA9ICh2b2lkICopaWQ7 CiB9CkBAIC0yNzksNyArMjc5LDcgQEAKIAlMSVNUX1JFTU9WRShzbiwgc25fbGluayk7CiAKIAlp ZiAoLS1zbi0+c25fdG4tPnRuX3JlZmNvdW50ID09IDApCi0JCV9wdGhyZWFkX2tpbGwoc24tPnNu X3RuLT50bl90aHJlYWQsIFNJR1NFUlZJQ0UpOworCQlfcHRocmVhZF9raWxsKHNuLT5zbl90bi0+ dG5fdGhyZWFkLCBTSUdMSUJSVCk7CiAJaWYgKHNuLT5zbl9mbGFncyAmIFNORl9XT1JLSU5HKQog CQlzbi0+c25fZmxhZ3MgfD0gU05GX1JFTU9WRUQ7CiAJZWxzZQpAQCAtMzI2LDcgKzMyNiw3IEBA CiAJTElTVF9JTlNFUlRfSEVBRCgmc2lnZXZfdGhyZWFkcywgdG4sIHRuX2xpbmspOwogCV9fc2ln ZXZfbGlzdF91bmxvY2soKTsKIAotCXNpZ2ZpbGxzZXQoJnNldCk7CS8qIFNJR1NFUlZJQ0UgaXMg bWFza2VkLiAqLworCXNpZ2ZpbGxzZXQoJnNldCk7CS8qIFNJR0xJQlJUIGlzIG1hc2tlZC4gKi8K IAlzaWdkZWxzZXQoJnNldCwgU0lHQlVTKTsKIAlzaWdkZWxzZXQoJnNldCwgU0lHSUxMKTsKIAlz aWdkZWxzZXQoJnNldCwgU0lHRlBFKTsKQEAgLTM3OCw3ICszNzgsNyBAQAogCV9fc2lnZXZfbGlz dF91bmxvY2soKTsKIAogCXNpZ2VtcHR5c2V0KCZzZXQpOwotCXNpZ2FkZHNldCgmc2V0LCBTSUdT RVJWSUNFKTsKKwlzaWdhZGRzZXQoJnNldCwgU0lHTElCUlQpOwogCWZvciAoOzspIHsKIAkJcmV0 ID0gc2lnd2FpdGluZm8oJnNldCwgJnNpKTsKIApJbmRleDogbGliL2xpYnJ0L3NpZ2V2X3RocmVh ZC5oCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT0KLS0tIGxpYi9saWJydC9zaWdldl90aHJlYWQuaAkocmV2aXNpb24gMjMz NDM1KQorKysgbGliL2xpYnJ0L3NpZ2V2X3RocmVhZC5oCSh3b3JraW5nIGNvcHkpCkBAIC02Nyw4 ICs2Nyw2IEBACiAjZGVmaW5lCVNORl9SRU1PVkVECQkweDAyCiAjZGVmaW5lCVNORl9TWU5DCQkw eDA0CiAKLSNkZWZpbmUJU0lHU0VSVklDRQkJKFNJR1RIUisxKQotCiBpbnQJX19zaWdldl9jaGVj a19pbml0KCk7CiBzdHJ1Y3Qgc2lnZXZfbm9kZSAqX19zaWdldl9hbGxvYyhpbnQsIGNvbnN0IHN0 cnVjdCBzaWdldmVudCAqLAogCXN0cnVjdCBzaWdldl9ub2RlICosIGludCk7CkluZGV4OiBzeXMv c3lzL3NpZ25hbC5oCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIHN5cy9zeXMvc2lnbmFsLmgJKHJldmlzaW9uIDIz MzQzNSkKKysrIHN5cy9zeXMvc2lnbmFsLmgJKHdvcmtpbmcgY29weSkKQEAgLTExMSw2ICsxMTEs NyBAQAogI2lmIF9fQlNEX1ZJU0lCTEUKICNkZWZpbmUJU0lHVEhSCQkzMgkvKiByZXNlcnZlZCBi eSB0aHJlYWQgbGlicmFyeS4gKi8KICNkZWZpbmUJU0lHTFdQCQlTSUdUSFIKKyNkZWZpbmUgU0lH TElCUlQJMzMJLyogcmVzZXJ2ZWQgYnkgcmVhbC10aW1lIGxpYnJhcnkuICovCiAjZW5kaWYKIAog I2RlZmluZQlTSUdSVE1JTgk2NQo= --14dae93407878f5ed704bc15fcba-- From owner-freebsd-arch@FreeBSD.ORG Mon Mar 26 01:19:23 2012 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BC5AF106566B; Mon, 26 Mar 2012 01:19:23 +0000 (UTC) (envelope-from listlog2011@gmail.com) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 8C3608FC1E; Mon, 26 Mar 2012 01:19:23 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.5/8.14.5) with ESMTP id q2Q1JLiK043158; Mon, 26 Mar 2012 01:19:22 GMT (envelope-from listlog2011@gmail.com) Message-ID: <4F6FC419.8050506@gmail.com> Date: Mon, 26 Mar 2012 09:19:21 +0800 From: David Xu User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:11.0) Gecko/20120312 Thunderbird/11.0 MIME-Version: 1.0 To: Robert Millan References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: davidxu@freebsd.org, freebsd-arch@freebsd.org Subject: Re: [PATCH] add SIGLIBRT to sys/signal.h X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: davidxu@freebsd.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Mar 2012 01:19:23 -0000 On 2012/3/26 3:08, Robert Millan wrote: > El 25 de març de 2012 3:51, David Xu ha escrit: >> Yes, but I think the signal name is too general, should it be SIGLIBRT or >> something else ? > Ok. Renaming makes the patch a bit larger, see attachment. > > Looks good? > Looks fine to me. From owner-freebsd-arch@FreeBSD.ORG Mon Mar 26 15:10:55 2012 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E0632106566B for ; Mon, 26 Mar 2012 15:10:55 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from cyrus.watson.org (cyrus.watson.org [65.122.17.42]) by mx1.freebsd.org (Postfix) with ESMTP id B531D8FC08 for ; Mon, 26 Mar 2012 15:10:55 +0000 (UTC) Received: from bigwig.baldwin.cx (bigwig.baldwin.cx [96.47.65.170]) by cyrus.watson.org (Postfix) with ESMTPSA id 6CC7546B09 for ; Mon, 26 Mar 2012 11:10:55 -0400 (EDT) Received: from jhbbsd.localnet (unknown [209.249.190.124]) by bigwig.baldwin.cx (Postfix) with ESMTPSA id 031A5B93B for ; Mon, 26 Mar 2012 11:10:55 -0400 (EDT) From: John Baldwin To: arch@freebsd.org Date: Mon, 26 Mar 2012 11:10:54 -0400 User-Agent: KMail/1.13.5 (FreeBSD/8.2-CBSD-20110714-p10; KDE/4.5.5; amd64; ; ) MIME-Version: 1.0 Content-Type: Text/Plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <201203261110.54527.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (bigwig.baldwin.cx); Mon, 26 Mar 2012 11:10:55 -0400 (EDT) Cc: Subject: [PATCH] Teach procstat/fstat about details of a shm_open() object X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Mar 2012 15:10:56 -0000 This patch changes the kernel to export a few details (mode, size, and path) of an object created via shm_open() to userland via the kinfo_file structure. It then updates fstat and procstat to parse these details. A few questions I had: 1) Rather than creating a new sub-structure in kinfo_file for shm objects, I just populate two of the fields in the existing kf_file. 2) For the non-path details I just ran fo_stat() on the shm and used the returned buffer. In hindsight, it seems it might have been nice to make kinfo_file just include a 'struct stat' and use fo_stat() to populate it for each fd. Would have reduced the need for some of the current type-specific logic I think. 3) I think we should probably change procstat to always try to print the path if it is set (so make the current VNODE|SHM, etc. case the "default" case). 4) I made fstat print out the pathname of the shm in the "MOUNT" field. Not sure how to document this sanely in the fstat manpage though. 5) I make anonymous objects created with SHM_ANON report a path of "SHM_ANON". They could just as easily report a path of "-" like an unlinked shm, I just made this different so I could tell them apart. However, perhaps that is too weird and they should report an empty path instead (like an unlinked shm or unlinked file). http://www.FreeBSD.org/~jhb/patches/shm_info.patch I did not bother doing this for in-kernel POSIX semaphores since they are deprecated. -- John Baldwin From owner-freebsd-arch@FreeBSD.ORG Mon Mar 26 19:13:22 2012 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E8FFA106564A; Mon, 26 Mar 2012 19:13:22 +0000 (UTC) (envelope-from rmh.aybabtu@gmail.com) Received: from mail-gx0-f182.google.com (mail-gx0-f182.google.com [209.85.161.182]) by mx1.freebsd.org (Postfix) with ESMTP id 8E3E08FC14; Mon, 26 Mar 2012 19:13:22 +0000 (UTC) Received: by ggnk4 with SMTP id k4so5031500ggn.13 for ; Mon, 26 Mar 2012 12:13:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=eSOjXISyXydq/jFuXyJkzRgUWGMTeqbl0IgEzkzipEc=; b=QyosyXkkc1AzZB/tOcDx2nWjsCnZaj6sIvpRkVn86o7PqSAsZ2omgOGTWDorHeuSHt nFtey77tsO9rZ3ZyDiopiv4ZLPdJiwLM3l5f+2/m9qYMJLqgfoozMn031GZdE0tiXDsh izLig1W+jI1Y5mVY+xmXueD02GN1J5Iow7tuLOmQP3yzBtR3vm9AgqA7A0SbD+k7Hwm5 z1jFNc9GxVgpWTgpQMOzOhQT0JtFDY7zRo+hZbWwRJ5HL6mz4X7m833YFLVtbPZrjROm MPPA37CS6voyHUOHx9R0VhSvN4ZACU+rLg2RcAVxTOudax/sWSzSLlWd++BL0yszfUED vKdw== MIME-Version: 1.0 Received: by 10.50.156.170 with SMTP id wf10mr6626096igb.7.1332789201533; Mon, 26 Mar 2012 12:13:21 -0700 (PDT) Sender: rmh.aybabtu@gmail.com Received: by 10.43.130.201 with HTTP; Mon, 26 Mar 2012 12:13:21 -0700 (PDT) In-Reply-To: <4F6FC419.8050506@gmail.com> References: <4F6FC419.8050506@gmail.com> Date: Mon, 26 Mar 2012 21:13:21 +0200 X-Google-Sender-Auth: mzPuprvDsH4Jlcy1dQKQmWJEQqw Message-ID: From: Robert Millan To: davidxu@freebsd.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: freebsd-arch@freebsd.org Subject: Re: [PATCH] add SIGLIBRT to sys/signal.h X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Mar 2012 19:13:23 -0000 El 26 de mar=C3=A7 de 2012 3:19, David Xu ha escrit= : > On 2012/3/26 3:08, Robert Millan wrote: >> >> El 25 de mar=C3=A7 de 2012 3:51, David Xu =C2=A0h= a escrit: >>> >>> Yes, but I think the signal name is too general, should it be SIGLIBRT = or >>> something else ? >> >> Ok. =C2=A0Renaming makes the patch a bit larger, see attachment. >> >> Looks good? >> > Looks fine to me. Committed, thanks for review. --=20 Robert Millan From owner-freebsd-arch@FreeBSD.ORG Fri Mar 30 15:16:23 2012 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 6F529106567C for ; Fri, 30 Mar 2012 15:16:23 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from tower.berklix.org (tower.berklix.org [83.236.223.114]) by mx1.freebsd.org (Postfix) with ESMTP id D13628FC1F for ; Fri, 30 Mar 2012 15:16:22 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBF32C.dip.t-dialin.net [217.251.243.44]) (authenticated bits=0) by tower.berklix.org (8.14.2/8.14.2) with ESMTP id q2UFGJt4040496 for ; Fri, 30 Mar 2012 15:16:20 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id q2UFG9xI026729 for ; Fri, 30 Mar 2012 17:16:09 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.4/8.14.4) with ESMTP id q2UFG3ee013758 for ; Fri, 30 Mar 2012 17:16:09 +0200 (CEST) (envelope-from jhs@fire.js.berklix.net) Message-Id: <201203301516.q2UFG3ee013758@fire.js.berklix.net> To: arch@freebsd.org From: "Julian H. Stacey" Organization: http://berklix.com BSD Linux Unix Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://www.berklix.com/free/ X-URL: http://www.berklix.com/~jhs/cv/ Date: Fri, 30 Mar 2012 17:16:03 +0200 Sender: jhs@berklix.com Cc: Subject: Should standard binaries & directories revert from uid=root to bin ? X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Mar 2012 15:16:23 -0000 Hi arch@ Time was, (& I can go back over 25 years here, but more recently too :-) When standard Unix non SUID executables such as wc would be UID=bin, GID=bin, & not root. Ditto bin/ & lib/ etc directories. One advantage was: Anything that showed up with ls -l as UID=0 was either a SUID special, known to the admin's eye, or some administrative dropping, mistakenly created by someone logged in as root, to be reviewed/ regenerated/ deleted. Now all is UID=0. Why ? What advantage did it bring ? Obviously some SUID & SGID executables need 0 (some could need just bin!) but most files & directories do not need UID 0. BTW, How I noticed this : I was tracing why /usr/sbin/sshd -d -d -d -D was erroring: debug3: secure_filename: checking '/.amd_mnt/sshd_host/ad4s1/usr1/home' Authentication refused: bad ownership or modes for directory /.amd_mnt/sshd_host/ad4s1/usr1/home just because my ~/.ssh was symbolicaly linked via AMD+NFS mounted on another host, & there an intermediate directory was owned by bin & not root, ls -la /host/sshd_host/ad4s1/usr1/home drwxr-xr-x 18 bin bin 512 Mar 6 11:56 ./ so I had to chown root:wheel /ad4s1/usr1/home Just to satisfy sshd being pointlessly strict, as directory was 755. So we have sshd that's pointlessly strict, & ownerships that seem to have near all lost their precision. A funny combo ;-) Might others tackle the generic over use of root ? If so I could create a patch to send-pr ssh ? (but as ssh is an import, maybe just report & not [yet?] patch ?) Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, & indent with "> ". Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ From owner-freebsd-arch@FreeBSD.ORG Fri Mar 30 18:57:30 2012 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9DE741065670 for ; Fri, 30 Mar 2012 18:57:30 +0000 (UTC) (envelope-from adrian.chadd@gmail.com) Received: from mail-pb0-f54.google.com (mail-pb0-f54.google.com [209.85.160.54]) by mx1.freebsd.org (Postfix) with ESMTP id 705248FC16 for ; Fri, 30 Mar 2012 18:57:30 +0000 (UTC) Received: by pbcwz17 with SMTP id wz17so2413200pbc.13 for ; Fri, 30 Mar 2012 11:57:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=xdNhAhpkAVqAibuXE6ool0zAll9CAaN1Qh3FVkzT1IY=; b=PUxgz7DCrqNjfuHfVMzYtk+9cpW/TJqbVDtUcfHF08mwuAhWFH/eUaufshZDpdm7Zp gZ0BxmFJneb1WG7hhMQDnD3GNZ/pkwLGFQIA1+MWbcUadSUfBqZLCQeQXXiOefkYO9o8 EfGcywLM4SpuZFenl18RZuz3TJnb+YzqR+GERFYglBiB7+O9eONUko1OhZZkMxMWRuQ8 JXQiYhepDmjiYk5YWspzimW7IcLrJ/0wrJR83pvdewi6nUPd9O4JyzOcPdJHMZjvKLy9 c+pHH5JmCSPSlzYyZ4a83Ccdh9jJSdmWvo4Vl/eu5YIfWO1nb4iZ+yuoMoWJdKrVV8dE 2StQ== MIME-Version: 1.0 Received: by 10.68.234.134 with SMTP id ue6mr12113789pbc.14.1333133849994; Fri, 30 Mar 2012 11:57:29 -0700 (PDT) Sender: adrian.chadd@gmail.com Received: by 10.143.19.19 with HTTP; Fri, 30 Mar 2012 11:57:29 -0700 (PDT) In-Reply-To: <201203301516.q2UFG3ee013758@fire.js.berklix.net> References: <201203301516.q2UFG3ee013758@fire.js.berklix.net> Date: Fri, 30 Mar 2012 11:57:29 -0700 X-Google-Sender-Auth: zQzVQmxPnlpEYhpjn0in-yUUryM Message-ID: From: Adrian Chadd To: "Julian H. Stacey" Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Cc: arch@freebsd.org Subject: Re: Should standard binaries & directories revert from uid=root to bin ? X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Mar 2012 18:57:30 -0000 hi, because id=3D0 defaults to being squashed via nfs. But if you have a filesystem full of uid=3Dbin/gid=3Dbin binaries, a slightly insecure NFS setup would allow NFS clients to simply set their uid=3Dbin and change these binaries. :-) Adrian On 30 March 2012 08:16, Julian H. Stacey wrote: > Hi arch@ > Time was, (& I can go back over 25 years here, but more recently too :-) > When standard Unix non SUID executables such as wc would be UID=3Dbin, > GID=3Dbin, & not root. =A0Ditto bin/ & lib/ etc directories. > > One advantage was: > =A0Anything that showed up with ls -l as UID=3D0 was either a SUID > =A0special, known to the admin's eye, or some administrative dropping, > =A0mistakenly created by someone logged in as root, to be reviewed/ > =A0regenerated/ deleted. > > Now all is UID=3D0. =A0Why ? What advantage did it bring ? > > Obviously some SUID & SGID executables need 0 (some could need just bin!) > but most files & directories do not need UID 0. > > BTW, How I noticed this : > =A0I was tracing why > =A0 =A0 =A0 =A0/usr/sbin/sshd -d -d -d -D > =A0was erroring: > =A0 =A0 =A0 =A0debug3: secure_filename: checking '/.amd_mnt/sshd_host/ad4= s1/usr1/home' > =A0 =A0 =A0 =A0Authentication refused: bad ownership or modes for directo= ry > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 /.amd_mnt/sshd_host/ad4s1/usr1/home > =A0just because my ~/.ssh was symbolicaly linked via AMD+NFS mounted on a= nother > =A0host, & there an intermediate directory was owned by bin & not root, > =A0 =A0 =A0 =A0ls -la /host/sshd_host/ad4s1/usr1/home > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0drwxr-xr-x =A018 bin =A0 =A0 bin =A0 =A0 = =A0 512 Mar =A06 11:56 ./ > =A0so I had to > =A0 =A0 =A0 =A0chown root:wheel /ad4s1/usr1/home > =A0Just to satisfy sshd being pointlessly strict, as directory was 755. > > So we have sshd that's pointlessly strict, & ownerships that seem > to have near all lost their precision. A funny combo ;-) > > Might others tackle the generic over use of root ? > If so I could create a patch to send-pr ssh =A0? > (but as ssh is an import, maybe just report & not [yet?] patch ?) > > Cheers, > Julian > -- > Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix= .com > =A0Reply below not above, cumulative like a play script, & indent with ">= ". > =A0Format: Plain text. Not HTML, multipart/alternative, base64, quoted-pr= intable. > =A0 =A0 =A0 =A0Mail from @yahoo dumped @berklix. =A0http://berklix.org/ya= hoo/ > _______________________________________________ > freebsd-arch@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" From owner-freebsd-arch@FreeBSD.ORG Fri Mar 30 20:16:40 2012 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 97D6F106564A; Fri, 30 Mar 2012 20:16:40 +0000 (UTC) (envelope-from jhs@berklix.com) Received: from tower.berklix.org (tower.berklix.org [83.236.223.114]) by mx1.freebsd.org (Postfix) with ESMTP id 3A1A98FC0A; Fri, 30 Mar 2012 20:16:39 +0000 (UTC) Received: from mart.js.berklix.net (pD9FBF32C.dip.t-dialin.net [217.251.243.44]) (authenticated bits=0) by tower.berklix.org (8.14.2/8.14.2) with ESMTP id q2UKGcDj042253; Fri, 30 Mar 2012 20:16:38 GMT (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (fire.js.berklix.net [192.168.91.41]) by mart.js.berklix.net (8.14.3/8.14.3) with ESMTP id q2UKGS7g027861; Fri, 30 Mar 2012 22:16:28 +0200 (CEST) (envelope-from jhs@berklix.com) Received: from fire.js.berklix.net (localhost [127.0.0.1]) by fire.js.berklix.net (8.14.4/8.14.4) with ESMTP id q2UKGMHP016165; Fri, 30 Mar 2012 22:16:28 +0200 (CEST) (envelope-from jhs@fire.js.berklix.net) Message-Id: <201203302016.q2UKGMHP016165@fire.js.berklix.net> To: Adrian Chadd From: "Julian H. Stacey" Organization: http://berklix.com BSD Unix Linux Consultancy, Munich Germany User-agent: EXMH on FreeBSD http://berklix.com/free/ X-URL: http://www.berklix.com In-reply-to: Your message "Fri, 30 Mar 2012 11:57:29 PDT." Date: Fri, 30 Mar 2012 22:16:22 +0200 Sender: jhs@berklix.com Cc: arch@freebsd.org Subject: Re: Should standard binaries & directories revert from uid=root to bin ? X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Mar 2012 20:16:40 -0000 Hi Adrian & arch@ Please don't top post to arch@freebsd.org Please don't emit messy quoted-printable hex. '\xa0' for clean spaces. Adrian Chadd wrote: > hi, > > because id=0 defaults to being squashed via nfs. Not a sentence. Please clarify. > But if you have a > filesystem full of uid=bin/gid=bin binaries, a slightly insecure NFS > setup would allow NFS clients to simply set their uid=bin and change > these binaries. :-) I don't understand your meaning. I do understand SUID though. Please clarify whay you mean. Do you mean if something like /usr/sbin/lpd was uid=bin on one system, it might slip via a bad NFS to be seen as UID=0 on another ? & remotely excutable on 2nd system as a UID=0 ? If that's what you mean, bear in mind /usr/sbin/lpd is currently already uid=0. Also bear in mind NFS man exports -maproot Are you stating? or just speculating ? if [flakey?] NFS was the reason FreeBSD changed from bin to root ? I hadn't considered NFS lax security when I asked the question. (I had merely mentioned NFS in context of explaining how I (re-)noticed the wholesale conversion from bin to root. It's possible NFS might have been a reason ? but I don't see you made an explanation [yet] as to how a return from root to bin would be dangerous with a flakey NFS ? Not that I'm saying it would/ wouldn't be an issue, I am just asking why we changed, & if a move back would be good ? As I see one loss from the change. There may have been other issues though ? Anyone know ? > On 30 March 2012 08:16, Julian H. Stacey wrote: > > Hi arch@ > > Time was, (& I can go back over 25 years here, but more recently too :-) > > When standard Unix non SUID executables such as wc would be UID=bin, > > GID=bin, & not root.  Ditto bin/ & lib/ etc directories. > > > > One advantage was: > >  Anything that showed up with ls -l as UID=0 was either a SUID > >  special, known to the admin's eye, or some administrative dropping, > >  mistakenly created by someone logged in as root, to be reviewed/ > >  regenerated/ deleted. > > > > Now all is UID=0.  Why ? What advantage did it bring ? > > > > Obviously some SUID & SGID executables need 0 (some could need just bin!) > > but most files & directories do not need UID 0. > > > > BTW, How I noticed this : > >  I was tracing why > >        /usr/sbin/sshd -d -d -d -D > >  was erroring: > >        debug3: secure_filename: checking '/.amd_mnt/sshd_host/ad4s1/usr1/home' > >        Authentication refused: bad ownership or modes for directory > >                 /.amd_mnt/sshd_host/ad4s1/usr1/home > >  just because my ~/.ssh was symbolicaly linked via AMD+NFS mounted on another > >  host, & there an intermediate directory was owned by bin & not root, > >        ls -la /host/sshd_host/ad4s1/usr1/home > >                drwxr-xr-x  18 bin     bin       512 Mar  6 11:56 ./ > >  so I had to > >        chown root:wheel /ad4s1/usr1/home > >  Just to satisfy sshd being pointlessly strict, as directory was 755. > > > > So we have sshd that's pointlessly strict, & ownerships that seem > > to have near all lost their precision. A funny combo ;-) > > > > Might others tackle the generic over use of root ? > > If so I could create a patch to send-pr ssh  ? > > (but as ssh is an import, maybe just report & not [yet?] patch ?) > > > > Cheers, > > Julian > > -- > > Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklixcom > >  Reply below not above, cumulative like a play script, & indent with "> ". > >  Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. > >        Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/ > > _______________________________________________ > > freebsd-arch@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > _______________________________________________ > freebsd-arch@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > > Cheers, Julian -- Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com Reply below not above, cumulative like a play script, & indent with "> ". Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ From owner-freebsd-arch@FreeBSD.ORG Fri Mar 30 20:43:29 2012 Return-Path: Delivered-To: arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 17CD71065674; Fri, 30 Mar 2012 20:43:29 +0000 (UTC) (envelope-from bright@elvis.mu.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.freebsd.org (Postfix) with ESMTP id 012B38FC14; Fri, 30 Mar 2012 20:43:28 +0000 (UTC) Received: by elvis.mu.org (Postfix, from userid 1192) id CDF561A3C5F; Fri, 30 Mar 2012 13:35:42 -0700 (PDT) Date: Fri, 30 Mar 2012 13:35:42 -0700 From: Alfred Perlstein To: "Julian H. Stacey" Message-ID: <20120330203542.GV36229@elvis.mu.org> References: <201203302016.q2UKGMHP016165@fire.js.berklix.net> Mime-Version: 1.0 Content-Type: text/plain; charset=unknown-8bit Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <201203302016.q2UKGMHP016165@fire.js.berklix.net> User-Agent: Mutt/1.4.2.3i Cc: arch@freebsd.org, Adrian Chadd Subject: Re: Should standard binaries & directories revert from uid=root to bin ? X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Mar 2012 20:43:29 -0000 [[ Top post replying just for lols. ]] Julian, please read up on how maproot works with NFS. I think Adrian's paranoia trumps your convenience, but I'm open to being convinced otherwise. -Alfred * Julian H. Stacey [120330 13:17] wrote: > Hi Adrian & arch@ > Please don't top post to arch@freebsd.org > Please don't emit messy quoted-printable hex. '\xa0' for clean spaces. > > Adrian Chadd wrote: > > hi, > > > > because id=0 defaults to being squashed via nfs. > > Not a sentence. Please clarify. > > > > But if you have a > > filesystem full of uid=bin/gid=bin binaries, a slightly insecure NFS > > setup would allow NFS clients to simply set their uid=bin and change > > these binaries. :-) > > I don't understand your meaning. I do understand SUID though. > Please clarify whay you mean. > > Do you mean if something like /usr/sbin/lpd was uid=bin on one > system, it might slip via a bad NFS to be seen as UID=0 on another ? > & remotely excutable on 2nd system as a UID=0 ? > If that's what you mean, bear in mind /usr/sbin/lpd is currently already > uid=0. Also bear in mind NFS man exports -maproot > > Are you stating? or just speculating ? if [flakey?] NFS was the > reason FreeBSD changed from bin to root ? > > I hadn't considered NFS lax security when I asked the question. > (I had merely mentioned NFS in context of explaining how I > (re-)noticed the wholesale conversion from bin to root. > > It's possible NFS might have been a reason ? > but I don't see you made an explanation [yet] as to how > a return from root to bin would be dangerous with a flakey NFS ? > > Not that I'm saying it would/ wouldn't be an issue, > I am just asking why we changed, & if a move back would be good ? > As I see one loss from the change. > There may have been other issues though ? Anyone know ? > > > > On 30 March 2012 08:16, Julian H. Stacey wrote: > > > Hi arch@ > > > Time was, (& I can go back over 25 years here, but more recently too :-) > > > When standard Unix non SUID executables such as wc would be UID=bin, > > > GID=bin, & not root.  Ditto bin/ & lib/ etc directories. > > > > > > One advantage was: > > >  Anything that showed up with ls -l as UID=0 was either a SUID > > >  special, known to the admin's eye, or some administrative dropping, > > >  mistakenly created by someone logged in as root, to be reviewed/ > > >  regenerated/ deleted. > > > > > > Now all is UID=0.  Why ? What advantage did it bring ? > > > > > > Obviously some SUID & SGID executables need 0 (some could need just bin!) > > > but most files & directories do not need UID 0. > > > > > > BTW, How I noticed this : > > >  I was tracing why > > >        /usr/sbin/sshd -d -d -d -D > > >  was erroring: > > >        debug3: secure_filename: checking '/.amd_mnt/sshd_host/ad4s1/usr1/home' > > >        Authentication refused: bad ownership or modes for directory > > >                 /.amd_mnt/sshd_host/ad4s1/usr1/home > > >  just because my ~/.ssh was symbolicaly linked via AMD+NFS mounted on another > > >  host, & there an intermediate directory was owned by bin & not root, > > >        ls -la /host/sshd_host/ad4s1/usr1/home > > >                drwxr-xr-x  18 bin     bin       512 Mar  6 11:56 ./ > > >  so I had to > > >        chown root:wheel /ad4s1/usr1/home > > >  Just to satisfy sshd being pointlessly strict, as directory was 755. > > > > > > So we have sshd that's pointlessly strict, & ownerships that seem > > > to have near all lost their precision. A funny combo ;-) > > > > > > Might others tackle the generic over use of root ? > > > If so I could create a patch to send-pr ssh  ? > > > (but as ssh is an import, maybe just report & not [yet?] patch ?) > > > > > > Cheers, > > > Julian > > > -- > > > Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklixcom > > >  Reply below not above, cumulative like a play script, & indent with "> ". > > >  Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. > > >        Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/ > > > _______________________________________________ > > > freebsd-arch@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > > > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > > _______________________________________________ > > freebsd-arch@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" > > > > > > > Cheers, > Julian > -- > Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com > Reply below not above, cumulative like a play script, & indent with "> ". > Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable. > Mail from @yahoo dumped @berklix. http://berklix.org/yahoo/ > _______________________________________________ > freebsd-arch@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" -- - Alfred Perlstein .- VMOA #5191, 03 vmax, 92 gs500, 85 ch250, 07 zx10 .- FreeBSD committer