We're aiming to work towards an examples/bgpd.conf file that is a good starting
point for real world deployments rather than a showcase of all capabilities
bgpd(8) has.
OK deraadt@ claudio@
with the syzkaller kernel fuzzer. So far, 8 distinct panics have been found and
fixed. This effort will continue.
kcov is limited to architectures using Clang as their default compiler and is
not enabled by default.
With help from mpi@, thanks!
ok kettenis@ mpi@ visa@
that, the macro used was password and if we changed it to something like
pass="secret" it would log it if the daemon was ran in verbose mode.
Hint and OK claudio@
harm if not deleted after the daemon is shutdown and at the same time we also
tackle another attack surface by not allowing the program to create/delete
any more files (by removing "cpath" promise from pledge(2)).
Discussion initiated by a question from deraadt@ OK florian@
currently doesn't call the function control_cleanup to do so. The solution is
to simply call that function just before the program quits.
"sure" henning@
to unveil. Unfortunately the auth subsystem uses _PATH_AUTHPROG =
"/usr/libexec/auth/login_", which it auth-program is appended to -- a
rather gross idea which now shows lack of wisdom.
This brings unveil into the tree, disabled by default - Currently
this will return EPERM on all attempts to use it until we are
fully certain it is ready for people to start using, but this
now allows for others to do more tweaking and experimentation.
Still needs to send the unveil's across forks and execs before
fully enabling.
Many thanks to robert@ and deraadt@ for extensive testing.
ok deraadt@
to running VMs (at least for OpenBSD ones), but the stop routine for system
daemons is not usually called at shutdown.
Earlier version with just "vmd stop" ok reyk@ kn@, ajacoutot@ reminded me
to hide the contextless "vmd(ok)" text which looks bad, I did so and wrapped
it with a "stopping VMs" message (it can take some time, especially when you
have multiple VMs, so better to have some clear feedback).
Show proper error message if a regular user executes netstart.
Only do the privilege check if the id binary is available,
which might not be the case during diskless system startup.
ok deraadt, jasper, jca, krw, rpe (who wrote the same diff), sthen
"root strip" was semantically incorrect and did cause some confusion
as it never stripped the root but the client's request path.
Discussed with many. Heads up: this is a grammar change that also
affects acme-client(1) configurations (see current.html).
OK claudio@
Adjust filters and comment them to explain the basic operation.
Use large-community and a prefix-set to ensure no bad prefixes are
leaked to eBGP speakers.
With and OK job@
immediately above also uses this notation, it's shorter, and it keeps
two examples in the man page which claim to be the same as the default config
(but with exceptions) in sync;
ok gilles
4.2 BSD takes a signal mask as argument while POSIX sigpause(int
sig) expects a single signal. Do not expose our traditional BSD
sigpause(3) to XPG/POSIX sources.
OK guenther@