search for: smueller

On Fri, Jul 29, 2016 at 7:40 AM, Stephan Mueller <smueller at chronox.de> wrote: > And finally, you have a coding error that is very very common but fatal when > reading from /dev/random: you do not account for short reads which implies > that your loop continues even in the case of short reads. > > Fix your code with something like the f...

On Fri, Jul 29, 2016 at 7:40 AM, Stephan Mueller <smueller at chronox.de> wrote: > And finally, you have a coding error that is very very common but fatal when > reading from /dev/random: you do not account for short reads which implies > that your loop continues even in the case of short reads. > > Fix your code with something like the f...

...f looks like: user_attrs = homedir=home,uidnumber=uid,primaryGroupID=gid,quotanumber=quota=maildir:storage This works (as tested - I guess, it works as long as the quota entry is the last entry) and you also see it in the logs: Jun 11 19:10:36 inet dovecot: auth(default): master out: USER^I8^Ismueller^Iuid= 76340^Igid=513^Iquota=maildir:storage=90000000^Ihome=/home/dozenten/smueller/ Question now: is this intended (meaning, is this configuration possibility here to stay)? If yes, can you please update the wiki? Second issue: according to the description, the quota number is the size in KB. I...

Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 12:24:27 +0200 > > Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote: > > On Fri, Jul 29, 2016 at 7:40 AM, Stephan Mueller > > > > <smueller at chronox.de> wrote: > > > And finally, you have a coding error that is very very common but > > > fatal when reading from /dev/random: you do not account for short > > > reads which implies that your loop continues even in the case of > > > short reads. >...

Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 12:24:27 +0200 > > Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote: > > On Fri, Jul 29, 2016 at 7:40 AM, Stephan Mueller > > > > <smueller at chronox.de> wrote: > > > And finally, you have a coding error that is very very common but > > > fatal when reading from /dev/random: you do not account for short > > > reads which implies that your loop continues even in the case of > > > short reads. >...

...I want to ''tag'' and ''throttle'' the bandwidth to and from a particular client on my lan side. Better yet, I just want to throttle smtp traffic, per say, for that ip. ----lan----------eth1-[linux.box]-eth0----------internet I have used the technique provided by smueller@chronox.de and his limit.conn-0.2 perl script, which basically does the following: iptables --append PREROUTING --in-interface eth0 --table mangle \ --protocol tcp --source $SERVERIP \ --source-port $SERVERPORT --jump MARK --set-mark 0x1 tc qdisc add dev eth0 handle ff...

On Fri, 29 Jul 2016 15:12:30 +0200 Stephan Mueller <smueller at chronox.de> wrote as excerpted: > Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: > > In my opinion, assuming I am not doing something terribly wrong, > > this constitutes a bug in the kernel's handling of getrandom calls > > at boot, possibly only when the...

...am support Product: Portable OpenSSH Version: -current Platform: All OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: smueller at atsec.com Version: openssh-3.2.3p1 It is not possible to change expired passwords. Reason: in auth-pam.c the case statement of PAM_NEW_AUTHTOK_REQD is commended out. If you remove the #if 0 everything runs smoothly again. ------- You are receiving this mail because: ------- You are the a...

http://bugzilla.mindrot.org/show_bug.cgi?id=188 stevesk at pobox.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |smueller at atsec.com ------- Additional Comments From stevesk at pobox.com 2002-07-18 15:46 ------- *** Bug 256 has been marked as a duplicate of this bug. *** ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

Am Freitag, 29. Juli 2016, 10:14:07 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 15:12:30 +0200 > > Stephan Mueller <smueller at chronox.de> wrote as excerpted: > > Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: > > > In my opinion, assuming I am not doing something terribly wrong, > > > this constitutes a bug in the kernel's handling of getrandom calls > > > at boot, pos...

Am Freitag, 29. Juli 2016, 10:14:07 CEST schrieb Alex Xu: Hi Alex, > On Fri, 29 Jul 2016 15:12:30 +0200 > > Stephan Mueller <smueller at chronox.de> wrote as excerpted: > > Am Freitag, 29. Juli 2016, 09:03:45 CEST schrieb Alex Xu: > > > In my opinion, assuming I am not doing something terribly wrong, > > > this constitutes a bug in the kernel's handling of getrandom calls > > > at boot, pos...

On Fri, 29 Jul 2016 12:24:27 +0200 Nikos Mavrogiannopoulos <nmav at gnutls.org> wrote: > On Fri, Jul 29, 2016 at 7:40 AM, Stephan Mueller > <smueller at chronox.de> wrote: > > And finally, you have a coding error that is very very common but > > fatal when reading from /dev/random: you do not account for short > > reads which implies that your loop continues even in the case of > > short reads. > > > > Fix...

On Fri, 29 Jul 2016 19:03:51 +0200 Stephan Mueller <smueller at chronox.de> wrote as excerpted: > Am Freitag, 29. Juli 2016, 10:14:07 CEST schrieb Alex Xu: > > I don't follow. Assuming you are correct and this is the issue, then > > reading 128 bits (16 bytes) from /dev/random should "exhaust the > > supply" and then bot...

Linux 4.6, also tried 4.7, qemu 2.6, using this C program: #include <fcntl.h> #include <stdlib.h> #include <syscall.h> #include <unistd.h> int main(int argc, char *argv[]) { char buf[16]; int fd; if (argc != 2) return 1; for (int i = 0; i < atoi(argv[1]); i++) { sleep(1); if ((fd = open("/dev/random", O_RDONLY)) ==

Linux 4.6, also tried 4.7, qemu 2.6, using this C program: #include <fcntl.h> #include <stdlib.h> #include <syscall.h> #include <unistd.h> int main(int argc, char *argv[]) { char buf[16]; int fd; if (argc != 2) return 1; for (int i = 0; i < atoi(argv[1]); i++) { sleep(1); if ((fd = open("/dev/random", O_RDONLY)) ==

Am Donnerstag, 28. Juli 2016, 18:07:32 CEST schrieb Alex Xu: Hi Alex, > Linux 4.6, also tried 4.7, qemu 2.6, using this C program: I am not sure what problem you are referring to, but that is an expected behavior. You get partial reads when reading from /dev/random with a minimum of 64 bits. On the other hand getrandom(2) is woken up after the input_pool received 128 bits of entropy. In

Hi there, is there any reason why the code for supporting expired PAM accounts in auth-pam.c:do_pam_account is commented out? Ie. it is not possible to log in to an expired account. When you enable this, the login procedure asks for a new password - all of this seems to work fine. This was enabled in version 3.1 or so, but now? Thanks Stephan -- Stephan M?ller

Hi there, when enabling the option PAMAuthenticationViaKbdInt, a login with password is always possible, even though when you disabled it with PasswordAuthentication no and PermitRootLogin without-password! Is this intended? Why is there no documentation about this (or at least a waring in the default configuration file)? The problem is, it is enabled in the default installation of Debian