* Openbsd update recommendation @ 2018-06-01 23:26 jungle Boogie 2018-06-02 3:15 ` Jason A. Donenfeld 0 siblings, 1 reply; 6+ messages in thread From: jungle Boogie @ 2018-06-01 23:26 UTC (permalink / raw) To: wireguard Hi All, For openBSD instructions here: https://www.wireguard.com/install/#packages Curl is not apart of base, so you can either assume the users have curl installed, or use ftp(1) in the example. If you're doing the latter, you'll need a pkg_add to also include curl. https://man.openbsd.org/ftp.1 Also, I already have a go path setup. How do I get around this? cd .gopath/src/git.zx2c4.com/wireguard-go && dep ensure -vendor-only -v /usr/src/wireguard/wireguard-go-0.0.20180531 is not within a known GOPATH/src gmake: *** [Makefile:33: vendor/.created] Error 1 gmake: Leaving directory '/usr/src/wireguard/wireguard-go-0.0.20180531' $ echo $GOPATH /home/jungle/gopath Thanks! -- ------- inum: 883510009027723 sip: jungleboogie@sip2sip.info ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Openbsd update recommendation 2018-06-01 23:26 Openbsd update recommendation jungle Boogie @ 2018-06-02 3:15 ` Jason A. Donenfeld 2018-06-02 7:08 ` Jungle Boogie 2018-06-02 11:56 ` Matthias Urlichs 0 siblings, 2 replies; 6+ messages in thread From: Jason A. Donenfeld @ 2018-06-02 3:15 UTC (permalink / raw) To: jungle Boogie; +Cc: WireGuard mailing list Hey Jungle, On Sat, Jun 2, 2018 at 1:26 AM, jungle Boogie <jungleboogie0@gmail.com> wrote: > Hi All, > > For openBSD instructions here: > https://www.wireguard.com/install/#packages > > Curl is not apart of base, so you can either assume the users have > curl installed, or use ftp(1) in the example. If you're doing the > latter, you'll need a pkg_add to also include curl. > > https://man.openbsd.org/ftp.1 I love how OpenBSD commands keep evolving over time. Thanks for the suggestion. I've updated the page. > Also, I already have a go path setup. How do I get around this? > > cd .gopath/src/git.zx2c4.com/wireguard-go && dep ensure -vendor-only -v > /usr/src/wireguard/wireguard-go-0.0.20180531 is not within a known GOPATH/src > gmake: *** [Makefile:33: vendor/.created] Error 1 > gmake: Leaving directory '/usr/src/wireguard/wireguard-go-0.0.20180531' Somebody mentioned this on IRC the other day (maybe you?), but I didn't figure out what was going on then. I just now triaged the issue: in ksh(1), before exec'ing a new process, it resolves all symlinks of pwd. Try for yourself: # ksh # mkdir a # ln -s a b # cd b # ksh -c pwd /root/a That's pretty weird behavior, but maybe there's an interesting reason for it; I'll poke around tomorrow and see if I can figure it out. In any case, I've worked around it now in the install script and tested on a fresh OpenBSD 6.3 install, so you should now be able to run: # ftp -o - https://xn--4db.cc/IKuBc62Z | sh Let me know how it goes, and thanks for the report. Regards, Jason ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Openbsd update recommendation 2018-06-02 3:15 ` Jason A. Donenfeld @ 2018-06-02 7:08 ` Jungle Boogie 2018-06-02 14:39 ` Jason A. Donenfeld 2018-06-02 11:56 ` Matthias Urlichs 1 sibling, 1 reply; 6+ messages in thread From: Jungle Boogie @ 2018-06-02 7:08 UTC (permalink / raw) To: Jason A. Donenfeld; +Cc: WireGuard mailing list Hi Jason, On Sat 02 Jun 2018 5:15 AM, Jason A. Donenfeld wrote: > Hey Jungle, > > On Sat, Jun 2, 2018 at 1:26 AM, jungle Boogie <jungleboogie0@gmail.com> wrote: > > Hi All, > > > > For openBSD instructions here: > > https://www.wireguard.com/install/#packages > > > > Curl is not apart of base, so you can either assume the users have > > curl installed, or use ftp(1) in the example. If you're doing the > > latter, you'll need a pkg_add to also include curl. > > > > https://man.openbsd.org/ftp.1 > > I love how OpenBSD commands keep evolving over time. Thanks for the > suggestion. I've updated the page. > Yeah, the ftp command from way back is different on Linux than on openBSD. It can still do the plain ol' ftp connections, though. ;) > > Also, I already have a go path setup. How do I get around this? > > > > cd .gopath/src/git.zx2c4.com/wireguard-go && dep ensure -vendor-only -v > > /usr/src/wireguard/wireguard-go-0.0.20180531 is not within a known GOPATH/src > > gmake: *** [Makefile:33: vendor/.created] Error 1 > > gmake: Leaving directory '/usr/src/wireguard/wireguard-go-0.0.20180531' > > Somebody mentioned this on IRC the other day (maybe you?), but I > didn't figure out what was going on then. I just now triaged the > issue: in ksh(1), before exec'ing a new process, it resolves all > symlinks of pwd. Try for yourself: > > # ksh > # mkdir a > # ln -s a b > # cd b > # ksh -c pwd > /root/a > > That's pretty weird behavior, but maybe there's an interesting reason > for it; I'll poke around tomorrow and see if I can figure it out. > Interesting behavior. I don't know the reason behind it, though. > In any case, I've worked around it now in the install script and > tested on a fresh OpenBSD 6.3 install, so you should now be able to > run: > > # ftp -o - https://xn--4db.cc/IKuBc62Z | sh > > Let me know how it goes, and thanks for the report. > It went great! I was able to install wireguard on two amd64 arch platform machines. I do still see this in the install file: curl -sLO "$URI_KMODTOOLS" curl -sLO "$URI_GO" I'd still recommend adding curl to the pkg_add section for fewer errors during install. The process for getting the tunnel working on openBSD is similar to linux, but the interface is tun and starts with tun0. Once I'm more confident with the steps, I'll write something up. > Regards, > Jason Thanks, j.b. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Openbsd update recommendation 2018-06-02 7:08 ` Jungle Boogie @ 2018-06-02 14:39 ` Jason A. Donenfeld 2018-06-02 20:07 ` Jungle Boogie 0 siblings, 1 reply; 6+ messages in thread From: Jason A. Donenfeld @ 2018-06-02 14:39 UTC (permalink / raw) To: Jungle Boogie; +Cc: WireGuard mailing list Hey Jungle, On Sat, Jun 2, 2018 at 9:08 AM, Jungle Boogie <jungleboogie0@gmail.com> wrote: > Interesting behavior. I don't know the reason behind it, though. I figured the whole thing out, and wrote up a really detailed commit here: https://git.zx2c4.com/wireguard-go/commit/?id=a050431f2660d73e191ab8100d2f0934c8aedbf9 Might be of general interest. > I do still see this in the install file: > curl -sLO "$URI_KMODTOOLS" > curl -sLO "$URI_GO" Nice catch -- I changed these to ftp(1) as well. > The process for getting the tunnel working on openBSD is similar to linux, but > the interface is tun and starts with tun0. Yea, OpenBSD annoyingly does not support arbitrary network interface names, so I have to do a fake mapping in wg-quick. > > Once I'm more confident with the steps, I'll write something up. Great, thanks. Any status on actually getting these made into proper packages, so people aren't as inclined to rely on the script, which is only intended as a stopgap solution? Jason ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Openbsd update recommendation 2018-06-02 14:39 ` Jason A. Donenfeld @ 2018-06-02 20:07 ` Jungle Boogie 0 siblings, 0 replies; 6+ messages in thread From: Jungle Boogie @ 2018-06-02 20:07 UTC (permalink / raw) To: Jason A. Donenfeld; +Cc: WireGuard mailing list Hey Jason, On Sat 02 Jun 2018 4:39 PM, Jason A. Donenfeld wrote: > Hey Jungle, > > On Sat, Jun 2, 2018 at 9:08 AM, Jungle Boogie <jungleboogie0@gmail.com> wrote: > > Interesting behavior. I don't know the reason behind it, though. > > I figured the whole thing out, and wrote up a really detailed commit here: > https://git.zx2c4.com/wireguard-go/commit/?id=a050431f2660d73e191ab8100d2f0934c8aedbf9 > > Might be of general interest. > Good info! Thanks for taking the time to keep things running smootly across many different platforms. > > > > Once I'm more confident with the steps, I'll write something up. > > Great, thanks. Any status on actually getting these made into proper > packages, so people aren't as inclined to rely on the script, which is > only intended as a stopgap solution? > I haven't seen any updates on the thread you wrote about. Maybe I'll drop a line. However, your script is probably the best option until you make a 1.0, or non-snapshot release. The reason is the package may not be updated weekly, and each week, you seem to bring in useful improvements and changes. The -release build of openBSD doesn't receive new package updates. If your snapshot was made into a port/package a few weeks before the 6.4 -release, it would be the only available option until the next release. Fortunately, -release builds happen very often, every six months. > Jason Best, j.b. ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Openbsd update recommendation 2018-06-02 3:15 ` Jason A. Donenfeld 2018-06-02 7:08 ` Jungle Boogie @ 2018-06-02 11:56 ` Matthias Urlichs 1 sibling, 0 replies; 6+ messages in thread From: Matthias Urlichs @ 2018-06-02 11:56 UTC (permalink / raw) To: wireguard On 02.06.2018 05:15, Jason A. Donenfeld wrote: > # ksh -c pwd > /root/a > > That's pretty weird behavior, but maybe there's an interesting reason > for it Yes. # mv ../a ../xx # /bin/pwd Basically you have three choices, (a) check whether $PWD points to the current directory, (b) reconstruct the current path by walking up and "readdir()" on each level, (c) ask the kernel. In order to make some interesting attacks via symlinks more difficult, (b) is somewhat safer. However, it's also significantly more expensive. (c) works on Linux, just readlink("/proc/self/cwd"); it's equivalent to (b). I don't know whether OpenBSD can do that, though. -- -- Matthias Urlichs ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2018-06-02 20:04 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2018-06-01 23:26 Openbsd update recommendation jungle Boogie 2018-06-02 3:15 ` Jason A. Donenfeld 2018-06-02 7:08 ` Jungle Boogie 2018-06-02 14:39 ` Jason A. Donenfeld 2018-06-02 20:07 ` Jungle Boogie 2018-06-02 11:56 ` Matthias Urlichs
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).