Hmm, what would happen if one were to set /dev/null as the home dir in /etc/passwd? (instead of /nonexistent)

probbly nothing good

some users use /var/empty, which exists but is immutably empty

Is /nonexistent a historical artifact or something? I mean if there's nothing special about it and it's just assumed to not exist, I wonder if there's a potential attack vector there.

oh, creating it would cause all kinds of fun

Like if /nonexistent is set as some users home dir, but an attacker manages to somehow create one through some exploit in some service...well, then I do know there are a bunch of accounts with that set as the default, so that would potentially open up those accounts to use as part of a further exploit?

Ah yeah ok makes snese.

Oh dear lord

I think /var/empty (or if it really needs to not exist, /var/empty/nonexistent ) makes rather more sense

though even with /var/empty, you're trusting that the schg flag is properly set, and root can still turn that off unless you're running with an elevated securelevel

Hmm, well at least it's a child of the door directory, so I guess an exec running under one of those accounts would need to have suid set to be able to create one (easily anyway).

*root

Just theoretically, could it be set to a specific dev device instead that basically just logs reads/writes to it and returns whatever the ENOEXIST error is for it?

you could probably rig devfs to do something of the sort

i noticed that on freebsd, when i switch to root with doas it still keeps the users home directory as $HOME

Does "doas" have "-" argument|option to do the "normal" login as "su -" does?

"Installed packages to be UPGRADED: clamav: 1.1.0_1,1 -> 1.1.1,1" <- Yay!

Cool news of the morning.

someone have experience with framework laptop and FreeBSD?

they just opened the purchases to Spain :)

carlavilla: Have you read this? xyinn.org/md/freebsd/framework_laptop

Title: FreeBSD on the Framework Laptop | @fearedbliss

Also, of course: wiki.freebsd.org/Laptops/Framework_Laptop

Title: Laptops/Framework_Laptop - FreeBSD Wiki

This machine is now on Linux. No further FreeBSD updates will be provided on this page. <<< :'(

vkarlsen: thanks, I'm gonna take a look

Hi everyone, I setup a new FreeBSD 12 server using AWS Lightsail and while configuring the ssmtp by mistake changed the permissions of the $USER folder. How can I know the default permissions of the $USER folder and change it?

Fixed it now. Thanks!

anandprabhu: umask?

TommyC - nope updated the user folder permissions using chmod

Well, the skeleton file for sh in /usr/share/skel/dot.shrc includes a umask while it's commented out for csh (and therefore also tcsh), so it depends on what shell you set.

umask(2) defines what that means.

I see opensbi 1.3.1 at freshports maintained by mhorne but I do not see a clear u-boot package that makes sense. For qemu do I still need u-boot for RISC-V ?

I have 3 usb spinning disk attached how do I get iostat to show the work they are doing?

it seems to not show da1 da2

gstat -p is better

Have you tried specifying them as parameters to iostat?

gstat -p is nicer

let me try

iostat -d da0 -d da1 -d da2 4 works

hello

more bugs searching and less chachara

Hello. Does FreeBSD needs a kernel patch for AMD Inception like linux? Or the only way is to wait for the microcode update from AMD?

CyberCr33p: I'm assuming you reported this just now? bugs.freebsd.org/bugzilla/show_bug.cgi?id=273238

Title: 273238 – cpu-microcode-amd: AMD "Inception" security vulnerability fix for Zen 3 and Zen 4 processors

kenrap yes I did. But this is only for zen 3 & 4. I have some zen 2 servers too.

kenrap I guess AMD will release microcode for zen 2 soon

kenrap I found this part in an article: "AMD's Zen 3 and Zen 4 CPUs are affected by what is known as the 'Inception' vulnerability. Like many recent attacks, this one is a side channel attack that can lead to the exposure of otherwise secure data. AMD says its Zen 1 and Zen 2 generations are unaffected."

kenrap so it looks like no update is needed for zen 2

checkpoint: You're new to IRC? I think not. But silence is better than spouting off topic.

CyberCr33p: Hopefully AMD will release those microcode updates. Right now there is a lot of hustle from the FreeBSD developers in getting the stable/14 branch ready and they've been working extremely hard to refactor and cleanup the src.