search for: hawkey

Hi all, I have a Sun x2200 named Adra running OpenSolaris 2008.11 set up as a Dom0 per Levon''s instructions on this site. It hosts some production services and has been running nice and stable for a number of months now (with NetWare DomUs running GroupWise, believe it or not). The machine is pretty nicely speced out and there''s room for more virtualisation, so I was

...ms of time-to-run and resource requirements? What sort of pitfalls should I be aware of? Has anyone here done this? If so, would you care to share your scripts/techniques? Thanks, Dave -- ______________________ ______________________ \__________________ \ D. J. HAWKEY JR. / __________________/ \________________/\ hawkeyd@visi.com /\________________/ http://www.visi.com/~hawkeyd/

I seem to remember seeing somewhere (on this list/on the web -- don't remember) that there was some ``Snort-like'' software that was available under the BSD license. Unfortunately, I'm unable to find any information about such software. Was I dreaming, or can anybody else jog my memory? :) Kind regards, Devon H. O'Dell

There's been an ongoing discussion (started by Colin Percival's recent work on nologin) about environment-poisoning attacks via "login -p". I thought I saw a way to address this, but the more I learn, the uglier this looks. Maybe some of the good folks who read freebsd-security can puzzle this one out: Problem: login -p can be used to propagate environment flags in order to

I hope this isn't too off topic, but I'd like a quick solution to a problem. I have a small network behind a NAT firewall (FreeBSD of course) and I'd like to block/redirect all traffic from the internal network to the local mail server (same box as firewall) in order to prevent direct smtp requests to the outside world (mainly virus/trokan programs). I think I have it right in this

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:18.openssl Security Advisory The FreeBSD Project Topic: OpenSSL vulnerabilities in ASN.1 parsing Category: crypto Module: openssl Announced:

In regards to FreeBSD-SA-03:05.xdr, does anyone know which static binaries or tools under /bin or /sbin actually use that problem code? The recent XDR fixes the xdrmem_getlong_aligned(), xdrmem_putlong_aligned(), xdrmem_getlong_unaligned(), xdrmem_putlong_unaligned(), xdrmem_getbytes(), and/or xdrmem_putbytes() functions, but it is difficult to know what uses these (going backwards manually).

Hello, Some time ago I wrote PR conf/48170, which discussed the following problem: Syslog messages of facility LOG_AUTHPRIV and priority LOG_NOTICE (or higher) are sent by default to the world-readable log file /var/log/messages. That seems unacceptable since the facility LOG_AUTHPRIV is for hiding sensitive log messages inside a protected file, e.g., /var/log/auth.log. For example, login(1)

...e" "Minimal Install" bintray-tvheadend-stable 0.0? B/s |?? 0? B???? 00:00 Failed to synchronize cache for repo 'bintray-tvheadend-stable', ignoring this repo. Last metadata expiration check: 0:03:11 ago on Sat 16 May 2020 12:30:47 PM CDT. Error: ?Problem 1: package python3-hawkey-0.35.1-9.el8_1.x86_64 requires librpm.so.8()(64bit), but none of the providers can be installed ? - package python3-hawkey-0.35.1-9.el8_1.x86_64 requires librpmio.so.8()(64bit), but none of the providers can be installed ? - package python3-dnf-plugins-core-4.0.8-3.el8.noarch requires python3-...

...o many times... no checking whether struct passwd has pw_comment... yes checking whether struct passwd has pw_age... yes checking for poptGetContext in -lpopt... yes checking whether to use included popt... no checking configure summary... configure: error: summary failure. Aborting config root@ss-hawkeye# Config.log: configure:14007: checking whether struct passwd has pw_comment configure:14020: gcc -c -O -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 conftest.c 1>&5 configure:14045: checking whether struct passwd has pw_age configure:14058: gcc -c -O -D_LARGEFILE_SOURCE -D_FILE_OFFSET_B...

Hello Folks, Just a status on upcoming advisories. FreeBSD-SA-03:15.openssh This is in final review and should be released today. Fixes for this issue entered the tree on September 24. I apologize for the delay in getting this one out. FreeBSD-SA-03:16.filedesc A reference counting bug was discovered that could lead to kernel memory disclosure or a system panic.

In http://docs.freebsd.org/cgi/mid.cgi?200402260743.IAA18903 it seems RELENG_4 is vulnerable. Is there any work around to a system that has to have ports open ? Version: 1 2/18/2004@03:47:29 GMT >Initial report > <<https://ialert.idefense.com/KODetails.jhtml?irId=207650>https://ialert.idefense.com/KODetails.jhtml?irId=207650; >ID#207650: >FreeBSD Memory Buffer

This affects only 3.7p1 and 3.7.1p1. The advice to leave PAM disabled is far from heartening, nor is the semi-lame blaming the PAM spec for implementation bugs. I happen to like OPIE for remote access. Subject: Portable OpenSSH Security Advisory: sshpam.adv This document can be found at: http://www.openssh.com/txt/sshpam.adv 1. Versions affected: Portable OpenSSH versions 3.7p1

Hello everybody, I'm a newbie in this list, so I don't know if it's the appropriate place for my question. Anyway, I'd be happy to find out the solution. Please, has anyone simple answer for: I'm looking for an exact list of files, which: 1. MUST have... 2. HAVE FROM BSD INSTALLATION... 3. DO NOT NEED... 4. NEVER MAY... ...the suid-bit set. Of course, it's no problem to

From bugtraq :-( >-----BEGIN PGP SIGNED MESSAGE----- > >Sendmail, Inc., and the Sendmail Consortium announce the availability >of sendmail 8.12.9. It contains a fix for a critical security >problem discovered by Michal Zalewski whom we thank for bringing >this problem to our attention. Sendmail urges all users to either >upgrade to sendmail 8.12.9 or apply a patch for

...dules and kernels out of sync is bad potentially, so NO_KLD helps keep that from being an issue. Just my thoughts, we will be patching roughly 5,000 machines for this in our first round of deployments. Deepak Jain AiNET Crist J. Clark wrote: > On Sat, Sep 08, 2001 at 10:53:08AM -0500, D J Hawkey Jr wrote: > >>On Sep 08, at 06:37 PM, Peter Pentchev wrote: >> >>>>Q: Can the kernel be "forced" to load a module from within itself? That >>>>is, does a cracker need to be in userland? >>> >>>Yes, certainly; all kldload(8) does is...

OK, an official OpenSSH advisory was released, see here: <URL: http://www.mindrot.org/pipermail/openssh-unix-announce/2003-September/000063.html > The fix is currently in FreeBSD -CURRENT and -STABLE. It will be applied to the security branches as well today. Attached are patches: buffer46.patch -- For FreeBSD 4.6-RELEASE and later buffer45.patch -- For FreeBSD 4.5-RELEASE and

Heya.. Yesterday someone "attacked" by box by connection to several ports.. In other words, a simple portscan.. yet, since my box has "log_in_vain" enabled, so it tries to log everything to /var/log/messages, since the logfile got full and the size went over 100K, it tried to rotate the log to save diskspace. (Apr 16 21:00:00 omikron newsyslog[32137]: logfile turned over due

Hi all, please, is there some utility/command/... to list all installed kernel modules ? Peter Rosa

...,13 @@ Can we get the %post scripts and store them in a directory in the appliance? -Directories ------------ - -Reconstruction is tied to having directories being created before they -are used. We should try to remove this limitation as it's really -quite unnecessary. - - -Use libsolv or hawkey for dependency resolution ------------------------------------------------ - -Using Python + yum to resolve RPM dependencies is sucky and slow. We -should look at the combination of DNF, libsolv and hawkey to replace -them: - -https://fedoraproject.org/wiki/Features/DNF -https://github.com/openSUS...