Recent changes to this wiki:

--- /dev/null	2016-06-22 14:07:31.000000000 +0000
+++ wikisrc/users/conduct.mdwn	2016-06-22 14:07:40.000000000 +0000
@@ -0,0 +1,41 @@
+#### WORK IN PROGRESS
+
+**Conflict Resolution**
+
+contact point (membership-exec)
+
+----
+
+If a policy is suspected of being broken, a documentation of the event(s) needs to sent to membership-exec@NetBSD.org. Membership-Exec is to treat all information in the report as factual, potentially actionable until proven otherwise. It is responsible for preserving the privacy and confidence of all parties and the details to remain within the committee and the Board.
+
+Membership-Exec will form the First Responders Group of two committee members.
+
+The FRG is responsible for maintaining communication with the submitter for further questions, comments, updates, and presenting the resolution to the Membership-exec Committee. The FRG will be charged with quick, time-limited, examining the event and then deciding the process necessary to handle the event. This process can be all-encompassing such as negotiating and resolving disputes between Foundation members, to calling for termination of Foundation membership. This result is brought back to Membership-Exec for action and agreement upon the FRG result.
+
+Should FRG not reach a consensus, and/or the the Membership-Exec not reach a consensus or the action agreed is outside of its powers or abilities, the committee will immediately notify the Board of Directors.
+
+The Board will then decide on the action as a tie-breaker vote to Membership-Exec to complete the action, or the Board will create an ephemeral Policy Action Committee consisting of available non-executive board members and the First Responders Group. The PAC is charged with establishing and clarifying Foundation policy based on this event to solidify the future handling of it reoccurring.  The results of this will be brought back to the full Board for a vote to change a policy as well as order it applied to the current event while the notification of the Foundation occurs, per the Foundation Bylaws.
+
+
+
+
+
+
+
+----
+Process Flow:
+
+Event ->  Member notifies Membership-Exec
+
+Membership-Exec creates FRG
+
+First Responders Group reports back initial results [ranging from not enough to be actionable to urgently needs to be addressed] to Membership-Exec.  If enough data is available for Membership-Exec to make a decision of
+
+
+Membership-Exec decides if it goes to BOARD
+
+Board of Directors creates Policy Action Committee
+
+Policy Action Committee investigates and returns results to
+
+Full Board

Index: wikisrc/users/billc.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/billc.mdwn,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- wikisrc/users/billc.mdwn	25 Mar 2015 00:52:41 -0000	1.3
+++ wikisrc/users/billc.mdwn	22 Jun 2016 13:58:43 -0000	1.4
@@ -1,3 +1,10 @@
+WIP
+
+[[conduct]]
+
+
+
+
 Otherwise known as "Cryo".
 
 <http://cryo.ws>

Fix a typo
Index: wikisrc/security/cgdroot.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security/cgdroot.mdwn,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- wikisrc/security/cgdroot.mdwn	22 Jun 2016 09:02:18 -0000	1.6
+++ wikisrc/security/cgdroot.mdwn	22 Jun 2016 09:08:50 -0000	1.7
@@ -3,7 +3,7 @@
 
 It is possible to run NetBSD with [complete root filesystem encryption][1], thanks to the `cgdroot.kmod` kernel module. It really is a memory disk (also knows as RAM disk) that is expected to be loaded in the kernel while booting.
 
-Full disk encryption makes it more difficult for an attacker to modify the unencrypted part of the disk to plant a backdoor. With only partial encryption, the original [[!template id=man name="cgdconfig" section="8"]] binary may be modifiedto send the passphrase away, allowing an attacker with a disk dump to recover the data.
+Full disk encryption makes it more difficult for an attacker to modify the unencrypted part of the disk to plant a backdoor. With only partial encryption, the original [[!template id=man name="cgdconfig" section="8"]] binary may be modified to send the passphrase away, allowing an attacker with a disk dump to recover the data.
 
 The mechanism described here still requires one unencrypted partition to boot from (typically `wd0a`).
 

Document an issue with Xen DOM0
Index: wikisrc/security/cgdroot.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security/cgdroot.mdwn,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- wikisrc/security/cgdroot.mdwn	22 Jun 2016 08:54:30 -0000	1.5
+++ wikisrc/security/cgdroot.mdwn	22 Jun 2016 09:02:18 -0000	1.6
@@ -71,6 +71,8 @@
 
 This setup is not entirely safe against physical attacks. An attacker can modify the boot process to store the passphrase for later retrieval, or insert a backdoor while booting. To defend against such attacks, the bootloader, kernel and ramdisk all need to be signed and their integrity checked before booting (eg with [[!template id=man name="tpm" section="4"]]). Alternatively, it is possible to boot from a removable medium (eg USB stick), which can be protected against tampering attacks (eg secure storage, read-only volume...).
 
+It is also possible to boot a Xen DOM0 system with root filesystem encryption. However, Xen-enabled NetBSD kernels currently do not support loading modules at boot-time. The memory disk has to be placed directly inside the kernel instead (with [[!template id=man name="mdconfig" section="8"]] or a new kernel configuration).
+
 References
 ----------
 

Wording and rationale
Index: wikisrc/security/cgdroot.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security/cgdroot.mdwn,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- wikisrc/security/cgdroot.mdwn	22 Jun 2016 07:54:00 -0000	1.4
+++ wikisrc/security/cgdroot.mdwn	22 Jun 2016 08:54:30 -0000	1.5
@@ -3,14 +3,14 @@
 
 It is possible to run NetBSD with [complete root filesystem encryption][1], thanks to the `cgdroot.kmod` kernel module. It really is a memory disk (also knows as RAM disk) that is expected to be loaded in the kernel while booting.
 
-It still requires one unencrypted partition to boot from (typically `wd0a`).
+Full disk encryption makes it more difficult for an attacker to modify the unencrypted part of the disk to plant a backdoor. With only partial encryption, the original [[!template id=man name="cgdconfig" section="8"]] binary may be modifiedto send the passphrase away, allowing an attacker with a disk dump to recover the data.
+
+The mechanism described here still requires one unencrypted partition to boot from (typically `wd0a`).
 
 The boot process
 ----------------
 
-Instead of booting normally the GENERIC kernel and using the root filesystem, a
-kernel module is loaded at boot-time containing a memory disk. It contains a
-minimal filesystem image, which is then considered the actual root filesystem:
+Instead of booting normally the GENERIC kernel and using the root filesystem, a kernel module is loaded at boot-time containing a memory disk. This minimal filesystem image is then considered the actual root filesystem.
 
 The boot partition on disk only needs to contain:
 
@@ -67,9 +67,9 @@
 Caveats
 -------
 
-The biggest (known) issue with this setup occurs when firmware needs to be loaded early in the boot process (such as graphics drivers for the console). At the moment they need to be built as part of the memory disk. Some network interfaces, of which some wireless devices in particular, also require loading firmware to work properly.
+The biggest (known) issue with this setup occurs when firmware needs to be loaded early in the boot process (such as graphics drivers for the console). At the moment they need to be provided as part of the memory disk. Some network interfaces, of which some wireless devices in particular, also require loading firmware to work properly.
 
-This setup is not entirely safe against physical attacks. An attacker can modify the boot process to store the passphrase for later retrieval, or insert a backdoor while booting.
+This setup is not entirely safe against physical attacks. An attacker can modify the boot process to store the passphrase for later retrieval, or insert a backdoor while booting. To defend against such attacks, the bootloader, kernel and ramdisk all need to be signed and their integrity checked before booting (eg with [[!template id=man name="tpm" section="4"]]). Alternatively, it is possible to boot from a removable medium (eg USB stick), which can be protected against tampering attacks (eg secure storage, read-only volume...).
 
 References
 ----------

More formatting fixes
- Fix a list (need to be contained by a '\n' on the top and bottom)
- Fix references (Markdown does not (re)print footnote-like references, so it is
needed to be rewritten a second time at the end in the `References' section)
Members: 
	security/cgdroot.mdwn:1.3->1.4 

Index: wikisrc/security/cgdroot.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security/cgdroot.mdwn,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- wikisrc/security/cgdroot.mdwn	22 Jun 2016 07:40:39 -0000	1.3
+++ wikisrc/security/cgdroot.mdwn	22 Jun 2016 07:54:00 -0000	1.4
@@ -13,6 +13,7 @@
 minimal filesystem image, which is then considered the actual root filesystem:
 
 The boot partition on disk only needs to contain:
+
 * [[!template id=man name="boot" section="8"]], the second-stage bootloader
 * [[!template id=man name="boot.cfg" section="5"]], the configuration file for the bootloader (optional)
 * a GENERIC kernel
@@ -73,4 +74,6 @@
 References
 ----------
 
+* [Full Disk Encryption with cgd (well, almost)][1]
+
 [1]: https://mail-index.netbsd.org/current-users/2013/03/21/msg022311.html "Full Disk Encryption with cgd (well, almost)"

Improve a bit the formatting (no functional changes intended)
- Fix a reference to the current-users@ email and point to mail-index.NetBSD.org
(instead of Gmane)
- Use [[!template id=man]] for man pages
- Use [[!template id=filecontent]] for file contents (boot.cfg)
- Use [[!template id=programlisting]] for typescript of terminal sessions
Members: 
	security/cgdroot.mdwn:1.2->1.3 

Index: wikisrc/security/cgdroot.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security/cgdroot.mdwn,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- wikisrc/security/cgdroot.mdwn	22 Jun 2016 00:50:29 -0000	1.2
+++ wikisrc/security/cgdroot.mdwn	22 Jun 2016 07:40:39 -0000	1.3
@@ -1,7 +1,7 @@
 Root filesystem encryption
 ==========================
 
-It is possible to run NetBSD with ![complete root filesystem encryption][1], thanks to the `cgdroot.kmod` kernel module. It really is a memory disk (also knows as RAM disk) that is expected to be loaded in the kernel while booting.
+It is possible to run NetBSD with [complete root filesystem encryption][1], thanks to the `cgdroot.kmod` kernel module. It really is a memory disk (also knows as RAM disk) that is expected to be loaded in the kernel while booting.
 
 It still requires one unencrypted partition to boot from (typically `wd0a`).
 
@@ -13,13 +13,13 @@
 minimal filesystem image, which is then considered the actual root filesystem:
 
 The boot partition on disk only needs to contain:
-* `boot(8)`, the second-stage bootloader
-* `boot.cfg(5)`, the configuration file for the bootloader (optional)
+* [[!template id=man name="boot" section="8"]], the second-stage bootloader
+* [[!template id=man name="boot.cfg" section="5"]], the configuration file for the bootloader (optional)
 * a GENERIC kernel
 * the `cgdroot.kmod` kernel module
 * configuration and encryption key for the encrypted volume to start from (`cgd.conf`)
 
-Once loaded the memory disk mounts the `wd0a` partition onto `/etc/cgd`, and asks for the encryption passphrase as usual (with `cgdconfig(8)`). If successful, the `cgd0a` volume configured is mounted on `/altroot`, and `init(8)` is told via `sysctl(7)` to chroot into this volume before actually booting. The system then starts normally.
+Once loaded the memory disk mounts the `wd0a` partition onto `/etc/cgd`, and asks for the encryption passphrase as usual (with [[!template id=man name="cgdconfig" section="8"]]). If successful, the `cgd0a` volume configured is mounted on `/altroot`, and [[!template id=man name="init" section="8"]] is told via [[!template id=man name="sysctl" section="7"]] to chroot into this volume before actually booting. The system then starts normally.
 
 In practice the memory disk remains the real root, and the regular system is
 really ran from a chroot in `/altroot`.
@@ -33,16 +33,17 @@
 -----------------------------
 
 The kernel module needs to be available in the boot partition, alongside the desired kernel. The bootloader configuration in `/boot.cfg` should be modified to load the module, as in this example:
-<pre>
+
+[[!template id=filecontent name="/boot.cfg" text="""
 menu=Boot normally:rndseed /etc/entropy-file;load /cgdroot.kmod;boot /netbsd.gz -z
-</pre>
+"""]]
 
 Building the kernel module
 --------------------------
 
 The kernel module can be compiled in two steps from within the source tree for the NetBSD base system, once the distribution has been built. Change to the `distrib/<arch>/ramdisks/ramdisk-cgdroot` and use `nbmake-<arch>` to build:
 
-<pre>
+[[!template id=programlisting text="""
 src/distrib/amd64/ramdisks/ramdisk-cgdroot$ /path/to/tooldir/bin/nbmake-amd64
 [...]
      create  ramdisk-cgdroot/ramdisk-cgdroot.fs
@@ -54,13 +55,13 @@
  32,
 Populating `ramdisk-cgdroot.fs.tmp'
 Image `ramdisk-cgdroot.fs.tmp' complete
-</pre>
+"""]]
 
 Then the kernel module can be built:
 
-<pre>
+[[!template id=programlisting text="""
 src/distrib/amd64/kmod-cgdroot$ /path/to/tooldir/bin/nbmake-amd64
-</pre>
+"""]]
 
 Caveats
 -------
@@ -72,4 +73,4 @@
 References
 ----------
 
-[1]: http://permalink.gmane.org/gmane.os.netbsd.current/61341 "Full Disk Encryption with cgd (well, almost)"
+[1]: https://mail-index.netbsd.org/current-users/2013/03/21/msg022311.html "Full Disk Encryption with cgd (well, almost)"

Link to pkgsrc hardening
Index: wikisrc/security.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security.mdwn,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- wikisrc/security.mdwn	22 Jun 2016 00:55:03 -0000	1.2
+++ wikisrc/security.mdwn	22 Jun 2016 00:57:42 -0000	1.3
@@ -1,3 +1,4 @@
 [[!meta title="Security features and hardening"]]
 
+* [Hardening packages](../pkgsrc/hardening)
 * [Root filesystem encryption](cgdroot)

Link to security
Index: wikisrc/index.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/index.mdwn,v
retrieving revision 1.54
retrieving revision 1.55
diff -u -r1.54 -r1.55
--- wikisrc/index.mdwn	9 Jan 2014 15:30:49 -0000	1.54
+++ wikisrc/index.mdwn	22 Jun 2016 00:55:53 -0000	1.55
@@ -21,6 +21,7 @@
 * [[Projects]] -- The big list of work.  Get hacking!
 * [[pkgsrc]] -- pkgsrc docs - the NetBSD package manager
 * [[releng]] -- release engineering
+* [[security]] -- Security features and hardening
 * [[Users]] -- developer sandbox pages
 * [[Community|community]] -- known community resources
 * [[amazon_ec2]] -- NetBSD on amazon's EC2

Fix the link
Index: wikisrc/security.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security.mdwn,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- wikisrc/security.mdwn	22 Jun 2016 00:54:19 -0000	1.1
+++ wikisrc/security.mdwn	22 Jun 2016 00:55:03 -0000	1.2
@@ -1,3 +1,3 @@
 [[!meta title="Security features and hardening"]]
 
-* [Root filesystem encryption](security/cgdroot)
+* [Root filesystem encryption](cgdroot)

Link to root filesystem encryption
--- /dev/null	2016-06-22 00:52:20.000000000 +0000
+++ wikisrc/security.mdwn	2016-06-22 00:54:33.000000000 +0000
@@ -0,0 +1,3 @@
+[[!meta title="Security features and hardening"]]
+
+* [Root filesystem encryption](security/cgdroot)

Clarify there nbmake-amd64 comes from
Index: wikisrc/security/cgdroot.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/security/cgdroot.mdwn,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- wikisrc/security/cgdroot.mdwn	22 Jun 2016 00:45:04 -0000	1.1
+++ wikisrc/security/cgdroot.mdwn	22 Jun 2016 00:50:29 -0000	1.2
@@ -43,7 +43,7 @@
 The kernel module can be compiled in two steps from within the source tree for the NetBSD base system, once the distribution has been built. Change to the `distrib/<arch>/ramdisks/ramdisk-cgdroot` and use `nbmake-<arch>` to build:
 
 <pre>
-src/distrib/amd64/ramdisks/ramdisk-cgdroot$ nbmake-amd64
+src/distrib/amd64/ramdisks/ramdisk-cgdroot$ /path/to/tooldir/bin/nbmake-amd64
 [...]
      create  ramdisk-cgdroot/ramdisk-cgdroot.fs
 Calculated size of `ramdisk-cgdroot.fs.tmp': 5120000 bytes, 85 inodes
@@ -59,7 +59,7 @@
 Then the kernel module can be built:
 
 <pre>
-src/distrib/amd64/kmod-cgdroot$ nmake-amd64
+src/distrib/amd64/kmod-cgdroot$ /path/to/tooldir/bin/nbmake-amd64
 </pre>
 
 Caveats

Initial import
--- /dev/null	2016-06-22 00:40:01.000000000 +0000
+++ wikisrc/security/cgdroot.mdwn	2016-06-22 00:45:15.000000000 +0000
@@ -0,0 +1,75 @@
+Root filesystem encryption
+==========================
+
+It is possible to run NetBSD with ![complete root filesystem encryption][1], thanks to the `cgdroot.kmod` kernel module. It really is a memory disk (also knows as RAM disk) that is expected to be loaded in the kernel while booting.
+
+It still requires one unencrypted partition to boot from (typically `wd0a`).
+
+The boot process
+----------------
+
+Instead of booting normally the GENERIC kernel and using the root filesystem, a
+kernel module is loaded at boot-time containing a memory disk. It contains a
+minimal filesystem image, which is then considered the actual root filesystem:
+
+The boot partition on disk only needs to contain:
+* `boot(8)`, the second-stage bootloader
+* `boot.cfg(5)`, the configuration file for the bootloader (optional)
+* a GENERIC kernel
+* the `cgdroot.kmod` kernel module
+* configuration and encryption key for the encrypted volume to start from (`cgd.conf`)
+
+Once loaded the memory disk mounts the `wd0a` partition onto `/etc/cgd`, and asks for the encryption passphrase as usual (with `cgdconfig(8)`). If successful, the `cgd0a` volume configured is mounted on `/altroot`, and `init(8)` is told via `sysctl(7)` to chroot into this volume before actually booting. The system then starts normally.
+
+In practice the memory disk remains the real root, and the regular system is
+really ran from a chroot in `/altroot`.
+
+Obtaining the kernel module
+---------------------------
+
+The `cgdroot.kmod` kernel module is part of the regular NetBSD releases since NetBSD 7.0. It can be found in the `<arch>/installation/miniroot` folder from the release. For instance, for the amd64 architecture on the German mirror for the 7.0.1 release, download it at (ftp://ftp.de.netbsd.org/pub/NetBSD/NetBSD-7.0.1/amd64/installation/miniroot/cgdroot.kmod).
+
+Configuring the kernel module
+-----------------------------
+
+The kernel module needs to be available in the boot partition, alongside the desired kernel. The bootloader configuration in `/boot.cfg` should be modified to load the module, as in this example:
+<pre>
+menu=Boot normally:rndseed /etc/entropy-file;load /cgdroot.kmod;boot /netbsd.gz -z
+</pre>
+
+Building the kernel module
+--------------------------
+
+The kernel module can be compiled in two steps from within the source tree for the NetBSD base system, once the distribution has been built. Change to the `distrib/<arch>/ramdisks/ramdisk-cgdroot` and use `nbmake-<arch>` to build:
+
+<pre>
+src/distrib/amd64/ramdisks/ramdisk-cgdroot$ nbmake-amd64
+[...]
+     create  ramdisk-cgdroot/ramdisk-cgdroot.fs
+Calculated size of `ramdisk-cgdroot.fs.tmp': 5120000 bytes, 85 inodes
+Extent size set to 4096
+ramdisk-cgdroot.fs.tmp: 4.9MB (10000 sectors) block size 4096, fragment size 512
+        using 1 cylinder groups of 4.88MB, 1250 blks, 96 inodes.
+super-block backups (for fsck -b #) at:
+ 32,
+Populating `ramdisk-cgdroot.fs.tmp'
+Image `ramdisk-cgdroot.fs.tmp' complete
+</pre>
+
+Then the kernel module can be built:
+
+<pre>
+src/distrib/amd64/kmod-cgdroot$ nmake-amd64
+</pre>
+
+Caveats
+-------
+
+The biggest (known) issue with this setup occurs when firmware needs to be loaded early in the boot process (such as graphics drivers for the console). At the moment they need to be built as part of the memory disk. Some network interfaces, of which some wireless devices in particular, also require loading firmware to work properly.
+
+This setup is not entirely safe against physical attacks. An attacker can modify the boot process to store the passphrase for later retrieval, or insert a backdoor while booting.
+
+References
+----------
+
+[1]: http://permalink.gmane.org/gmane.os.netbsd.current/61341 "Full Disk Encryption with cgd (well, almost)"

Also escape a '*'
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -r1.34 -r1.35
--- wikisrc/releng/release-prep.mdwn	21 Jun 2016 09:19:37 -0000	1.34
+++ wikisrc/releng/release-prep.mdwn	21 Jun 2016 16:14:36 -0000	1.35
@@ -159,7 +159,7 @@
 export NEW_REL_VER="7.0.2"
 export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
 sed -i.orig -Ee "s;^(.*)\\\[$OLD_REL_VER]\\\($OLD_REL_URL\\\)$;\1\[$NEW_REL_VER\]\($NEW_REL_URL\);" ports.mdwn
-sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
+sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/\*.mdwn
 [ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
     """]]
 

Bump future_rel and changes_future to 8.0 and changes_cur to 7.0.
The user-visible change is that instead of having `NetBSD/<port> 6.0 changes'
and `NetBSD/<port> 7.0 changes' there will be respectively
`NetBSD/<port> 7.0 changes' and `NetBSD/<port> 8.0 changes'.
Members: 
	ports/acorn26.mdwn:1.9->1.10 
	ports/acorn32.mdwn:1.11->1.12 
	ports/algor.mdwn:1.9->1.10 
	ports/alpha.mdwn:1.9->1.10 
	ports/amd64.mdwn:1.17->1.18 
	ports/amiga.mdwn:1.12->1.13 
	ports/amigappc.mdwn:1.8->1.9 
	ports/arc.mdwn:1.9->1.10 
	ports/atari.mdwn:1.7->1.8 
	ports/bebox.mdwn:1.8->1.9 
	ports/cats.mdwn:1.8->1.9 
	ports/cesfic.mdwn:1.7->1.8 
	ports/cobalt.mdwn:1.7->1.8 
	ports/dreamcast.mdwn:1.7->1.8 
	ports/emips.mdwn:1.8->1.9 
	ports/epoc32.mdwn:1.3->1.4 
	ports/evbarm.mdwn:1.32->1.33 
	ports/evbmips.mdwn:1.11->1.12 
	ports/evbppc.mdwn:1.10->1.11 
	ports/evbsh3.mdwn:1.10->1.11 
	ports/ews4800mips.mdwn:1.8->1.9 
	ports/hp300.mdwn:1.12->1.13 
	ports/hpcarm.mdwn:1.6->1.7 
	ports/hpcmips.mdwn:1.12->1.13 
	ports/hpcsh.mdwn:1.10->1.11 
	ports/hppa.mdwn:1.2->1.3 
	ports/i386.mdwn:1.10->1.11 
	ports/ia64.mdwn:1.4->1.5 
	ports/ibmnws.mdwn:1.6->1.7 
	ports/iyonix.mdwn:1.8->1.9 
	ports/landisk.mdwn:1.8->1.9 
	ports/luna68k.mdwn:1.8->1.9 
	ports/mac68k.mdwn:1.12->1.13 
	ports/macppc.mdwn:1.10->1.11 
	ports/mipsco.mdwn:1.5->1.6 
	ports/mmeye.mdwn:1.9->1.10 
	ports/mvme68k.mdwn:1.10->1.11 
	ports/mvmeppc.mdwn:1.8->1.9 
	ports/netwinder.mdwn:1.7->1.8 
	ports/news68k.mdwn:1.9->1.10 
	ports/newsmips.mdwn:1.9->1.10 
	ports/next68k.mdwn:1.9->1.10 
	ports/ofppc.mdwn:1.8->1.9 
	ports/pmax.mdwn:1.10->1.11 
	ports/prep.mdwn:1.9->1.10 
	ports/rs6000.mdwn:1.7->1.8 
	ports/sandpoint.mdwn:1.15->1.16 
	ports/sbmips.mdwn:1.11->1.12 
	ports/sgimips.mdwn:1.9->1.10 
	ports/shark.mdwn:1.9->1.10 
	ports/sparc.mdwn:1.11->1.12 
	ports/sparc64.mdwn:1.17->1.18 
	ports/sun2.mdwn:1.10->1.11 
	ports/sun3.mdwn:1.10->1.11 
	ports/vax.mdwn:1.9->1.10 
	ports/x68k.mdwn:1.8->1.9 
	ports/xen.mdwn:1.14->1.15 
	ports/zaurus.mdwn:1.8->1.9 

Index: wikisrc/ports/acorn26.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/acorn26.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/ports/acorn26.mdwn	28 May 2016 09:34:10 -0000	1.9
+++ wikisrc/ports/acorn26.mdwn	21 Jun 2016 09:32:42 -0000	1.10
@@ -1,10 +1,10 @@
 [[!template id=port
 port="acorn26"
 cur_rel="7.0.1"
-future_rel="7.0"
+future_rel="8.0"
 pkg_rel="6.1"
-changes_cur="6.0"
-changes_future="7.0"
+changes_cur="7.0"
+changes_future="8.0"
 thumbnail="http://www.netbsd.org/images/ports/arm26/arch310.gif"
 about="""
 NetBSD/acorn26 is the port of NetBSD to ARMv2 and ARMv2a machines, primarily the
Index: wikisrc/ports/acorn32.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/acorn32.mdwn,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- wikisrc/ports/acorn32.mdwn	28 May 2016 09:34:10 -0000	1.11
+++ wikisrc/ports/acorn32.mdwn	21 Jun 2016 09:32:42 -0000	1.12
@@ -1,10 +1,10 @@
 [[!template id=port
 port="acorn32"
 cur_rel="7.0.1"
-future_rel="7.0"
+future_rel="8.0"
 pkg_rel="6.1"
-changes_cur="6.0"
-changes_future="7.0"
+changes_cur="7.0"
+changes_future="8.0"
 thumbnail="http://www.netbsd.org/images/ports/acorn32/riscpc.gif"
 about="""
 NetBSD/acorn32 is a port to ARM- and StrongARM-powered Acorn RiscPC compatible
Index: wikisrc/ports/algor.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/algor.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/ports/algor.mdwn	28 May 2016 09:34:10 -0000	1.9
+++ wikisrc/ports/algor.mdwn	21 Jun 2016 09:32:42 -0000	1.10
@@ -1,10 +1,10 @@
 [[!template id=port
 port="algor"
 cur_rel="7.0.1"
-future_rel="7.0"
+future_rel="8.0"
 pkg_rel="6.0"
-changes_cur="6.0"
-changes_future="7.0"
+changes_cur="7.0"
+changes_future="8.0"
 thumbnail="http://www.netbsd.org/images/ports/algor/alogo2.gif"
 about="""
 NetBSD/algor is the port of NetBSD to the Algorithmics, Ltd. MIPS evaluation
Index: wikisrc/ports/alpha.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/alpha.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/ports/alpha.mdwn	28 May 2016 09:34:10 -0000	1.9
+++ wikisrc/ports/alpha.mdwn	21 Jun 2016 09:32:42 -0000	1.10
@@ -2,9 +2,9 @@
 port="alpha"
 cur_rel="7.0.1"
 pkg_rel="7.0"
-future_rel="7.0"
-changes_cur="6.0"
-changes_future="7.0"
+future_rel="8.0"
+changes_cur="7.0"
+changes_future="8.0"
 thumbnail="http://www.netbsd.org/images/ports/alpha/au-1000.gif"
 about="""
 NetBSD/alpha is a true 64-bit system that fully implements the LP64 architecture,
Index: wikisrc/ports/amd64.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/amd64.mdwn,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- wikisrc/ports/amd64.mdwn	28 May 2016 09:34:10 -0000	1.17
+++ wikisrc/ports/amd64.mdwn	21 Jun 2016 09:32:43 -0000	1.18
@@ -1,10 +1,10 @@
 [[!template id=port
 port="amd64"
 cur_rel="7.0.1"
-future_rel="7.0"
+future_rel="8.0"
 pkg_rel="7.0"
-changes_cur="6.0"
-changes_future="7.0"
+changes_cur="7.0"
+changes_future="8.0"
 thumbnail="http://www.netbsd.org/images/ports/amd64/AMD_Opteron.gif"
 about="""
 NetBSD/amd64 is a port to the AMD64 family of processors; it
Index: wikisrc/ports/amiga.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/amiga.mdwn,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- wikisrc/ports/amiga.mdwn	28 May 2016 09:34:10 -0000	1.12
+++ wikisrc/ports/amiga.mdwn	21 Jun 2016 09:32:43 -0000	1.13
@@ -1,10 +1,10 @@
 [[!template id=port
 port="amiga"
 cur_rel="7.0.1"
-future_rel="7.0"
+future_rel="8.0"
 pkg_rel="6.0"
-changes_cur="6.0"
-changes_future="7.0"
+changes_cur="7.0"
+changes_future="8.0"
 thumbnail="http://www.netbsd.org/images/ports/amiga/header.gif"
 about="""
 NetBSD/amiga is the port of NetBSD to the Amiga line of personal computers by
Index: wikisrc/ports/amigappc.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/amigappc.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/amigappc.mdwn	28 May 2016 09:34:10 -0000	1.8
+++ wikisrc/ports/amigappc.mdwn	21 Jun 2016 09:32:43 -0000	1.9
@@ -3,9 +3,9 @@

(Diff truncated)
Properly use `\' (should fix syntax/formatting and semantic of the sed(1)
one-liner)
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.33
retrieving revision 1.34
diff -u -r1.33 -r1.34
--- wikisrc/releng/release-prep.mdwn	14 Jun 2016 15:00:37 -0000	1.33
+++ wikisrc/releng/release-prep.mdwn	21 Jun 2016 09:19:37 -0000	1.34
@@ -158,7 +158,7 @@
 export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
 export NEW_REL_VER="7.0.2"
 export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
-sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
+sed -i.orig -Ee "s;^(.*)\\\[$OLD_REL_VER]\\\($OLD_REL_URL\\\)$;\1\[$NEW_REL_VER\]\($NEW_REL_URL\);" ports.mdwn
 sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
 [ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
     """]]

move past:OSC2016hokkaido;add OSC2014-6okinawa
Index: wikisrc/events.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/events.mdwn,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- wikisrc/events.mdwn	8 Jun 2016 08:30:21 -0000	1.31
+++ wikisrc/events.mdwn	20 Jun 2016 01:38:24 -0000	1.32
@@ -8,14 +8,17 @@
 Future Events
 -------------
 
-### `Jun 2016` - Open Source Conference 2016 Hokkaido
+### `Jul 2016` - Open Source Conference 2016 Okinawa
 
-*Jun. 17-18, 2016, [Sapporo Convention Center](http://www.sora-scc.jp/access/index.html), Sapporo, Japan*
+*Jul. 2, 2016, [Okinawa Convention
+Center](http://www.oki-conven.jp/en/modules/tinyd7/page/page1.html) ,
+Okinawa, Japan*
 
 At the [Open Source Conference 2016
-Hokkaido](http://www.ospn.jp/osc2016-do/), there was a NetBSD
+Okinawa](http://www.ospn.jp/osc2016-okinawa/) , there will be a NetBSD
 booth staffed by members of the [Japan NetBSD Users'
-Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations. 
+Group](http://www.jp.NetBSD.org/) with NetBSD gadgets demonstration.
+
 
 
 ### `Jul 2016` - pkgsrcCon 2016, Kraków, Poland
@@ -41,6 +44,16 @@
 Past Events
 -----------
 
+### `Jun 2016` - Open Source Conference 2016 Hokkaido
+
+*Jun. 17-18, 2016, [Sapporo Convention Center](http://www.sora-scc.jp/access/index.html), Sapporo, Japan*
+
+At the [Open Source Conference 2016
+Hokkaido](http://www.ospn.jp/osc2016-do/), there was a NetBSD
+booth staffed by members of the [Japan NetBSD Users'
+Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations. 
+[Report on netbsd-advocacy](http://mail-index.netbsd.org/netbsd-advocacy/2016/06/20/msg000709.html).
+
 ### `May 2016` - Open Source Conference 2016 Nagoya
 
 *May. 28, 2016, [Fukiage Hall](http://www.nipc.or.jp/fukiage/index.html), Nagoya, Japan*
@@ -197,6 +210,18 @@
 Group](http://www.jp.NetBSD.org/ja/JP/JNUG/) with many gadget
 demonstrations.[Report on netbsd-advocacy](http://mail-index.netbsd.org/netbsd-advocacy/2015/08/22/msg000692.html).
 
+### `Jul 2015` - Open Source Conference 2015 Okinawa
+
+*Jul. 4, 2015, [Okinawa Convention
+Center](http://www.oki-conven.jp/en/modules/tinyd7/page/page1.html) ,
+Okinawa, Japan*
+
+At the [Open Source Conference 2015
+Okinawa](http://www.ospn.jp/osc2015-okinawa/) , there was a NetBSD
+booth staffed by members of the [Japan NetBSD Users'
+Group](http://www.jp.NetBSD.org/) with NetBSD gadgets demonstration.
+[Report on NetBSD-advocacy](http://mail-index.netbsd.org/netbsd-advocacy/2015/07/04/msg000688.html).
+
 
 ### `Jun 2015` - Open Source Conference 2015 Hokkaido
 
@@ -292,6 +317,20 @@
 with NetBSD gadget demonstrations ( [hpcarm](../ports/hpcarm/),
 [hpcmips](../ports/hpcmips/), [hpcsh](../ports/hpcsh/)).
 
+
+### `May 2014` - Open Source Conference 2014 Okinawa
+
+*May. 6, 2014, [Okinawa Convention
+Center](http://www.oki-conven.jp/en/modules/tinyd7/page/page1.html) ,
+Okinawa, Japan*
+
+At the [Open Source Conference 2014
+Okinawa](http://www.ospn.jp/osc2014-okinawa/) , there was a NetBSD
+booth staffed by members of the [Japan NetBSD Users'
+Group](http://www.jp.NetBSD.org/) with NetBSD gadgets demonstration.
+[more detail on togetter](http://togetter.com/li/671580).
+
+
 ### `Mar 2014` - Open Source Conference 2014 Hamanako
 
 *Mar. 22, 2014, [Hamamatsu Shimin Kyodo

Added a comment: Emulating RPI2 on Qemu?
--- /dev/null	2016-06-20 00:40:01.000000000 +0000
+++ wikisrc/ports/evbarm/raspberry_pi/comment_18_8cd187a3b03cec17e897f29545fa6318._comment	2016-06-20 00:44:53.000000000 +0000
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="paul@f0c191796f3c93a5a8e45943cfbd5c6cdaa81a7a"
+ nickname="paul"
+ subject="Emulating RPI2 on Qemu?"
+ date="2016-06-20T00:44:37Z"
+ content="""
+Has anyone successfully gotten the RPI2 build running under the Qemu emulator?
+"""]]

Recently WRKSRC reflects tarball filename
Index: wikisrc/users/ryoon/how_to_update_www_firefox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/ryoon/how_to_update_www_firefox.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/users/ryoon/how_to_update_www_firefox.mdwn	6 Jun 2016 12:14:56 -0000	1.8
+++ wikisrc/users/ryoon/how_to_update_www_firefox.mdwn	19 Jun 2016 09:21:40 -0000	1.9
@@ -101,7 +101,6 @@
 	$ vi Makefile
 	(Update version)
 	(Remove PKGREVISION)
-	(Fix WRKSRC variable)
 	$ make mdi
 	$ make extract
 	$ pushd ${WRKOBJDIR}/www/firefox/work/mozilla-beta

Note DTB change date and reason
Index: wikisrc/ports/evbarm/tegra.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbarm/tegra.mdwn,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -r1.37 -r1.38
--- wikisrc/ports/evbarm/tegra.mdwn	18 Jun 2016 06:44:48 -0000	1.37
+++ wikisrc/ports/evbarm/tegra.mdwn	18 Jun 2016 18:35:55 -0000	1.38
@@ -52,7 +52,7 @@
 
 # Generating a boot script
 
-The Tegra kernels need a .dtb for your board to boot. [NVIDIA Jetson TK1 .dtb](http://ftp.netbsd.org/pub/NetBSD/misc/skrll/tegra/tegra124-jetson-tk1.dtb)
+The Tegra kernels need a .dtb for your board to boot. The dtb here was updated on 18th June 2016 to fix an issue with the USB port. [NVIDIA Jetson TK1 .dtb](http://ftp.netbsd.org/pub/NetBSD/misc/skrll/tegra/tegra124-jetson-tk1.dtb)
 
 [[!template  id=programlisting text="""
 $ cat boot.txt

Point to a DTB that enables the USB port correctly.
Index: wikisrc/ports/evbarm/tegra.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbarm/tegra.mdwn,v
retrieving revision 1.36
retrieving revision 1.37
diff -u -r1.36 -r1.37
--- wikisrc/ports/evbarm/tegra.mdwn	13 Dec 2015 18:07:52 -0000	1.36
+++ wikisrc/ports/evbarm/tegra.mdwn	18 Jun 2016 06:44:48 -0000	1.37
@@ -52,7 +52,7 @@
 
 # Generating a boot script
 
-The Tegra kernels need a .dtb for your board to boot. [NVIDIA Jetson TK1 .dtb](http://ftp.netbsd.org/pub/NetBSD/misc/jmcneill/tegra/tegra124-jetson-tk1.dtb)
+The Tegra kernels need a .dtb for your board to boot. [NVIDIA Jetson TK1 .dtb](http://ftp.netbsd.org/pub/NetBSD/misc/skrll/tegra/tegra124-jetson-tk1.dtb)
 
 [[!template  id=programlisting text="""
 $ cat boot.txt

Get rid of list-nested-list-foobarbaz-template-etc.
Index: wikisrc/sandbox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/sandbox.mdwn,v
retrieving revision 1.20
retrieving revision 1.21
diff -u -r1.20 -r1.21
--- wikisrc/sandbox.mdwn	14 Jun 2016 14:59:15 -0000	1.20
+++ wikisrc/sandbox.mdwn	14 Jun 2016 15:26:43 -0000	1.21
@@ -43,17 +43,3 @@
 Remember Cyrix: <img src="http://www.netbsd.org/images/ports/i386/header.gif" />
 
 fnord again
-
-1. List
-
-    - nested foo
-    - nested bar
-
-    [[!template id=programlisting text="""
-$ nested
-$ baz
-    """]]
-
-2. List-again
-
-3. Again-again-again!

Apply the hack to correctly format a template inside a nested list (hopefully!).
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:52:54 -0000	1.32
+++ wikisrc/releng/release-prep.mdwn	14 Jun 2016 15:00:37 -0000	1.33
@@ -153,7 +153,7 @@
     - Update [[wikisrc/releng.mdwn|releng]]
     - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
 
-[[!template id=programlisting text="""
+    [[!template id=programlisting text="""
 export OLD_REL_VER="7\.0\.1"
 export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
 export NEW_REL_VER="7.0.2"
@@ -161,7 +161,7 @@
 sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
 sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
 [ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
-"""]]
+    """]]
 
 16. Update <code>/pub/NetBSD/README</code> to mention the new release
 

take 2 (we're probably near the workaround!)
Index: wikisrc/sandbox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/sandbox.mdwn,v
retrieving revision 1.19
retrieving revision 1.20
diff -u -r1.19 -r1.20
--- wikisrc/sandbox.mdwn	14 Jun 2016 14:58:16 -0000	1.19
+++ wikisrc/sandbox.mdwn	14 Jun 2016 14:59:15 -0000	1.20
@@ -50,8 +50,8 @@
     - nested bar
 
     [[!template id=programlisting text="""
-    $ nested
-    $ baz
+$ nested
+$ baz
     """]]
 
 2. List-again

List-nested-list-and-a-template-inside!
Index: wikisrc/sandbox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/sandbox.mdwn,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- wikisrc/sandbox.mdwn	9 May 2016 07:26:42 -0000	1.18
+++ wikisrc/sandbox.mdwn	14 Jun 2016 14:58:16 -0000	1.19
@@ -43,3 +43,17 @@
 Remember Cyrix: <img src="http://www.netbsd.org/images/ports/i386/header.gif" />
 
 fnord again
+
+1. List
+
+    - nested foo
+    - nested bar
+
+    [[!template id=programlisting text="""
+    $ nested
+    $ baz
+    """]]
+
+2. List-again
+
+3. Again-again-again!

Reorder instructions regarding wikisrc updates and revert previous commit
to honor the nested lists.
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:27:31 -0000	1.31
+++ wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:52:54 -0000	1.32
@@ -150,7 +150,8 @@
 
 15. Update the wiki.
 
- - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
+    - Update [[wikisrc/releng.mdwn|releng]]
+    - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
 
 [[!template id=programlisting text="""
 export OLD_REL_VER="7\.0\.1"
@@ -162,8 +163,6 @@
 [ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
 """]]
 
- - Update [[wikisrc/releng.mdwn|releng]]
-
 16. Update <code>/pub/NetBSD/README</code> to mention the new release
 
 17. Announce the release on netbsd-announce@ and the blog.

Use just one space for the `<li>'s (in `Update wiki')
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:14:44 -0000	1.30
+++ wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:27:31 -0000	1.31
@@ -150,7 +150,7 @@
 
 15. Update the wiki.
 
-    - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
+ - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
 
 [[!template id=programlisting text="""
 export OLD_REL_VER="7\.0\.1"
@@ -162,7 +162,7 @@
 [ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
 """]]
 
-    - Update [[wikisrc/releng.mdwn|releng]]
+ - Update [[wikisrc/releng.mdwn|releng]]
 
 16. Update <code>/pub/NetBSD/README</code> to mention the new release
 

Give up and use programlisting.
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:12:07 -0000	1.29
+++ wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:14:44 -0000	1.30
@@ -152,13 +152,15 @@
 
     - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
 
-	export OLD_REL_VER="7\.0\.1"
-	export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
-	export NEW_REL_VER="7.0.2"
-	export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
-	sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
-	sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
-	[ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
+[[!template id=programlisting text="""
+export OLD_REL_VER="7\.0\.1"
+export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
+export NEW_REL_VER="7.0.2"
+export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
+sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
+sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
+[ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
+"""]]
 
     - Update [[wikisrc/releng.mdwn|releng]]
 

Try to get the <pre> using the \t (instead of 8 blanks).
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:07:29 -0000	1.28
+++ wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:12:07 -0000	1.29
@@ -152,13 +152,13 @@
 
     - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
 
-        export OLD_REL_VER="7\.0\.1"
-        export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
-        export NEW_REL_VER="7.0.2"
-        export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
-        sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
-        sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
-        [ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
+	export OLD_REL_VER="7\.0\.1"
+	export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
+	export NEW_REL_VER="7.0.2"
+	export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
+	sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
+	sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
+	[ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
 
     - Update [[wikisrc/releng.mdwn|releng]]
 

Delete the `$ ' (PS1) for consistency with existents examples.
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.27
retrieving revision 1.28
diff -u -r1.27 -r1.28
--- wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:05:13 -0000	1.27
+++ wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:07:29 -0000	1.28
@@ -152,13 +152,13 @@
 
     - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
 
-        $ export OLD_REL_VER="7\.0\.1"
-        $ export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
-        $ export NEW_REL_VER="7.0.2"
-        $ export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
-        $ sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
-        $ sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
-	[ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
+        export OLD_REL_VER="7\.0\.1"
+        export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
+        export NEW_REL_VER="7.0.2"
+        export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
+        sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
+        sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
+        [ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
 
     - Update [[wikisrc/releng.mdwn|releng]]
 

Separate instructions for wikisrc and provide some useful sed(1) one-liners.
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.26
retrieving revision 1.27
diff -u -r1.26 -r1.27
--- wikisrc/releng/release-prep.mdwn	28 May 2016 09:11:47 -0000	1.26
+++ wikisrc/releng/release-prep.mdwn	14 Jun 2016 14:05:13 -0000	1.27
@@ -147,12 +147,24 @@
     - Update htdocs/docs/guide/en/chap-fetch.xml
     - Update htdocs/ports/history.xml
     - Top-level regen of everything
-    - Port pages in wikisrc -- sed? :\ (don't bother with xen)
+
+15. Update the wiki.
+
+    - Update [[wikisrc/ports.mdwn|ports]] and [[wikisrc/ports/*.mdwn|ports]], e.g.:
+
+        $ export OLD_REL_VER="7\.0\.1"
+        $ export OLD_REL_URL="http://www.netbsd.org/releases/formal-7/"
+        $ export NEW_REL_VER="7.0.2"
+        $ export NEW_REL_URL="http://www.netbsd.org/releases/formal-7/"
+        $ sed -i.orig -Ee "s;^(.*)\[$OLD_REL_VER]\($OLD_REL_URL\)$;\1[$NEW_REL_VER]($NEW_REL_URL);" ports.mdwn
+        $ sed -i.orig -e "/cur_rel/ s/$OLD_REL_VER/$NEW_REL_VER/" ports/*.mdwn
+	[ if it is a major release please also bump future_rel, changes_cur and changes_future similarly ]
+
     - Update [[wikisrc/releng.mdwn|releng]]
 
-15. Update <code>/pub/NetBSD/README</code> to mention the new release
+16. Update <code>/pub/NetBSD/README</code> to mention the new release
 
-16. Announce the release on netbsd-announce@ and the blog.
+17. Announce the release on netbsd-announce@ and the blog.
 
 ============ 
 

Update for NetBSD 7.0.1.
Index: wikisrc/ports.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/ports.mdwn	9 Oct 2015 09:20:44 -0000	1.9
+++ wikisrc/ports.mdwn	14 Jun 2016 06:38:15 -0000	1.10
@@ -20,14 +20,14 @@
 
 [[!table data="""
 Port		|CPU		|Machines						|Latest Release
-[[amd64]]	|x86_64		|64-bit x86-family machines with AMD and Intel CPUs	|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[evbarm]]	|arm		|ARM evaluation boards					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[evbmips]]	|mips		|MIPS-based evaluation boards				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[evbppc]]	|powerpc	|PowerPC-based evaluation boards			|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[hpcarm]]	|arm		|StrongARM based Windows CE PDA machines		|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[i386]]	|i386		|32-bit x86-family generic machines ("PC clones")	|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[sparc64]]	|sparc		|Sun UltraSPARC (64-bit)				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[xen]]		|i386, x86_64	|Xen Virtual Machine Monitor				|[7.0](http://www.netbsd.org/releases/formal-7/)
+[[amd64]]	|x86_64		|64-bit x86-family machines with AMD and Intel CPUs	|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[evbarm]]	|arm		|ARM evaluation boards					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[evbmips]]	|mips		|MIPS-based evaluation boards				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[evbppc]]	|powerpc	|PowerPC-based evaluation boards			|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[hpcarm]]	|arm		|StrongARM based Windows CE PDA machines		|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[i386]]	|i386		|32-bit x86-family generic machines ("PC clones")	|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[sparc64]]	|sparc		|Sun UltraSPARC (64-bit)				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[xen]]		|i386, x86_64	|Xen Virtual Machine Monitor				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
 """]]
 
 
@@ -44,55 +44,55 @@
 
 [[!table data="""
 Port		|CPU		|Machines								|Latest Release
-[[acorn32]]	|arm		|Acorn RiscPC/A7000/NC and compatibles					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[algor]]	|mips		|Algorithmics MIPS evaluation boards					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[alpha]]	|alpha		|Digital Alpha (64-bit)							|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[amiga]]	|m68k		|Commodore Amiga, MacroSystem DraCo					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[amigappc]]	|powerpc	|PowerPC-based Amiga boards						|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[arc]]		|mips		|Machines following the Advanced RISC Computing spec			|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[atari]]	|m68k		|Atari TT030, Falcon, Hades						|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[bebox]]	|powerpc	|Be Inc's BeBox								|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[cats]]	|arm		|Chalice Technology's Strong Arm evaluation board			|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[cesfic]]	|m68k		|CES's FIC8234 VME processor board					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[cobalt]]	|mips		|Cobalt Networks' Microservers						|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[dreamcast]]	|[[sh3]]	|Sega Dreamcast game console						|[7.0](http://www.netbsd.org/releases/formal-7/)
+[[acorn32]]	|arm		|Acorn RiscPC/A7000/NC and compatibles					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[algor]]	|mips		|Algorithmics MIPS evaluation boards					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[alpha]]	|alpha		|Digital Alpha (64-bit)							|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[amiga]]	|m68k		|Commodore Amiga, MacroSystem DraCo					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[amigappc]]	|powerpc	|PowerPC-based Amiga boards						|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[arc]]		|mips		|Machines following the Advanced RISC Computing spec			|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[atari]]	|m68k		|Atari TT030, Falcon, Hades						|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[bebox]]	|powerpc	|Be Inc's BeBox								|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[cats]]	|arm		|Chalice Technology's Strong Arm evaluation board			|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[cesfic]]	|m68k		|CES's FIC8234 VME processor board					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[cobalt]]	|mips		|Cobalt Networks' Microservers						|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[dreamcast]]	|[[sh3]]	|Sega Dreamcast game console						|[7.0.1](http://www.netbsd.org/releases/formal-7/)
 [[epoc32]]	|arm		|32bit PSION EPOC PDA							|none
-[[emips]]	|mips		|Machines based on "Extensible MIPS"					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[evbsh3]]	|[[sh3]]	|Evaluation boards with Renesas (Hitachi) Super-H SH3 and SH4 CPUs	|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[ews4800mips]]	|mips		|NEC's MIPS based EWS4800 workstations					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[hp300]]	|m68k		|Hewlett-Packard 9000/300 and 400 series				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[hppa]]	|hppa		|Hewlett-Packard 9000/700 series					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[hpcmips]]	|mips		|MIPS based Windows CE PDA machines					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[hpcsh]]	|[[sh3]]	|Renesas (Hitachi) SH3 and SH4 based Windows CE PDA machines		|[7.0](http://www.netbsd.org/releases/formal-7/)
+[[emips]]	|mips		|Machines based on "Extensible MIPS"					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[evbsh3]]	|[[sh3]]	|Evaluation boards with Renesas (Hitachi) Super-H SH3 and SH4 CPUs	|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[ews4800mips]]	|mips		|NEC's MIPS based EWS4800 workstations					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[hp300]]	|m68k		|Hewlett-Packard 9000/300 and 400 series				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[hppa]]	|hppa		|Hewlett-Packard 9000/700 series					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[hpcmips]]	|mips		|MIPS based Windows CE PDA machines					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[hpcsh]]	|[[sh3]]	|Renesas (Hitachi) SH3 and SH4 based Windows CE PDA machines		|[7.0.1](http://www.netbsd.org/releases/formal-7/)
 [[ia64]]	|itanium	|Itanium family of processors						|none
-[[ibmnws]]	|powerpc	|IBM Network Station Series 1000					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[iyonix]]	|arm		|Iyonix ARM pc								|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[landisk]]	|[[sh3]]	|SH4 based NAS appliances by I-O DATA					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[luna68k]]	|m68k		|OMRON Tateisi Electronics' LUNA series					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[mac68k]]	|m68k		|Apple Macintosh							|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[macppc]]	|powerpc	|Apple Power Macintosh and clones					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[mipsco]]	|mips		|Mips family of workstations and servers				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[mmeye]]	|[[sh3]]	|Brains' mmEye Multi Media Server					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[mvme68k]]	|m68k		|Motorola MVME 68k SBCs							|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[mvmeppc]]	|powerpc	|Motorola MVME PowerPC SBCs						|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[netwinder]]	|arm		|StrongARM based NetWinder machines					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[news68k]]	|arm		|Sony's m68k based "NET WORK STATION" series				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[newsmips]]	|mips		|Sony's MIPS based "NET WORK STATION" series				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[next68k]]	|m68k		|NeXT 68k 'black' hardware						|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[ofppc]]	|powerpc	|Generic OpenFirmware compliant PowerPC machines			|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[pmax]]	|mips		|Digital MIPS-based DECstations and DECsystems				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[prep]]	|powerpc	|PReP (PowerPC Reference Platform) and CHRP machines			|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[rs6000]]	|powerpc	|MCA-based IBM RS/6000 workstations					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[sandpoint]]	|powerpc	|Motorola Sandpoint reference platform					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[sbmips]]	|mips		|Broadcom SiByte evaluation boards					|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[sgimips]]	|mips		|Silicon Graphics' MIPS-based workstations				|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[shark]]	|arm		|Digital DNARD ("shark")						|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[sparc]]	|sparc		|Sun SPARC (32-bit)							|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[sun2]]	|m68k		|Sun 2									|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[sun3]]	|m68k		|Sun 3 and 3x								|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[vax]]		|vax		|Digital VAX								|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[x68k]]	|m68k		|Sharp X680x0 series							|[7.0](http://www.netbsd.org/releases/formal-7/)
-[[zaurus]]	|arm		|Sharp C7x0/C860/C1000/C3x00 series PDA					|[7.0](http://www.netbsd.org/releases/formal-7/)
+[[ibmnws]]	|powerpc	|IBM Network Station Series 1000					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[iyonix]]	|arm		|Iyonix ARM pc								|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[landisk]]	|[[sh3]]	|SH4 based NAS appliances by I-O DATA					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[luna68k]]	|m68k		|OMRON Tateisi Electronics' LUNA series					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[mac68k]]	|m68k		|Apple Macintosh							|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[macppc]]	|powerpc	|Apple Power Macintosh and clones					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[mipsco]]	|mips		|Mips family of workstations and servers				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[mmeye]]	|[[sh3]]	|Brains' mmEye Multi Media Server					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[mvme68k]]	|m68k		|Motorola MVME 68k SBCs							|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[mvmeppc]]	|powerpc	|Motorola MVME PowerPC SBCs						|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[netwinder]]	|arm		|StrongARM based NetWinder machines					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[news68k]]	|arm		|Sony's m68k based "NET WORK STATION" series				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[newsmips]]	|mips		|Sony's MIPS based "NET WORK STATION" series				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[next68k]]	|m68k		|NeXT 68k 'black' hardware						|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[ofppc]]	|powerpc	|Generic OpenFirmware compliant PowerPC machines			|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[pmax]]	|mips		|Digital MIPS-based DECstations and DECsystems				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[prep]]	|powerpc	|PReP (PowerPC Reference Platform) and CHRP machines			|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[rs6000]]	|powerpc	|MCA-based IBM RS/6000 workstations					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[sandpoint]]	|powerpc	|Motorola Sandpoint reference platform					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[sbmips]]	|mips		|Broadcom SiByte evaluation boards					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[sgimips]]	|mips		|Silicon Graphics' MIPS-based workstations				|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[shark]]	|arm		|Digital DNARD ("shark")						|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[sparc]]	|sparc		|Sun SPARC (32-bit)							|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[sun2]]	|m68k		|Sun 2									|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[sun3]]	|m68k		|Sun 3 and 3x								|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[vax]]		|vax		|Digital VAX								|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[x68k]]	|m68k		|Sharp X680x0 series							|[7.0.1](http://www.netbsd.org/releases/formal-7/)
+[[zaurus]]	|arm		|Sharp C7x0/C860/C1000/C3x00 series PDA					|[7.0.1](http://www.netbsd.org/releases/formal-7/)
 """]]
 
 

Index: wikisrc/ports/macppc.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/macppc.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/ports/macppc.mdwn	28 May 2016 09:34:11 -0000	1.9
+++ wikisrc/ports/macppc.mdwn	12 Jun 2016 16:04:58 -0000	1.10
@@ -45,8 +45,8 @@
 [Apple Power Macintosh](http://www.NetBSD.org/ports/macppc/models.html#powermac)
 
 -   Performa 4400, 54xx, 5500, 6300/160, 6360, 6400, 6500
+-   Power Macintosh 7200, 7500
 -   Power Macintosh 7300, 7600, 8500
--   Power Macintosh 7500 with new [CPU card](http://www.netbsd.org/ports/macppc/faq.html#601)
 -   Power Macintosh 8600/200,250,300
 -   Power Macintosh 9500/120,133
 -   Power Macintosh 9500/150,180,180MP,200

add OSC 2015/6 Hokkaido
Index: wikisrc/events.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/events.mdwn,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- wikisrc/events.mdwn	25 May 2016 01:01:13 -0000	1.30
+++ wikisrc/events.mdwn	8 Jun 2016 08:30:21 -0000	1.31
@@ -8,12 +8,12 @@
 Future Events
 -------------
 
-### `May 2016` - Open Source Conference 2016 Nagoya
+### `Jun 2016` - Open Source Conference 2016 Hokkaido
 
-*May. 28, 2016, [Fukiage Hall](http://www.nipc.or.jp/fukiage/index.html), Nagoya, Japan*
+*Jun. 17-18, 2016, [Sapporo Convention Center](http://www.sora-scc.jp/access/index.html), Sapporo, Japan*
 
 At the [Open Source Conference 2016
-Nagoya](http://www.ospn.jp/osc2016-nagoya/), there will be a NetBSD
+Hokkaido](http://www.ospn.jp/osc2016-do/), there was a NetBSD
 booth staffed by members of the [Japan NetBSD Users'
 Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations. 
 
@@ -41,6 +41,17 @@
 Past Events
 -----------
 
+### `May 2016` - Open Source Conference 2016 Nagoya
+
+*May. 28, 2016, [Fukiage Hall](http://www.nipc.or.jp/fukiage/index.html), Nagoya, Japan*
+
+At the [Open Source Conference 2016
+Nagoya](http://www.ospn.jp/osc2016-nagoya/), there was a NetBSD
+booth staffed by members of the [Japan NetBSD Users'
+Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations. 
+[Report on netbsd-advocacy](http://mail-index.netbsd.org/netbsd-advocacy/2016/05/30/msg000707.html).
+
+
 ### `May 2016` - Open Source Conference 2016 Gunma
 
 *May. 14, 2016, [LABI1 Takasaki](http://www.yamadalabi.com/takasaki/access/index.html), Gunma, Japan*
@@ -186,6 +197,18 @@
 Group](http://www.jp.NetBSD.org/ja/JP/JNUG/) with many gadget
 demonstrations.[Report on netbsd-advocacy](http://mail-index.netbsd.org/netbsd-advocacy/2015/08/22/msg000692.html).
 
+
+### `Jun 2015` - Open Source Conference 2015 Hokkaido
+
+*Jun. 12-13, 2015, [Sapporo Convention Center](http://www.sora-scc.jp/access/index.html), Sapporo, Japan*
+
+At the [Open Source Conference 2015
+Hokkaido](http://www.ospn.jp/osc2015-do/), there was a NetBSD
+booth staffed by members of the [Japan NetBSD Users'
+Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations.
+[Report on netbsd-advocacy](http://mail-index.netbsd.org/netbsd-advocacy/2015/06/13/msg000687.html).
+
+
 ### `Mar 2015` - AsiaBSDCon 2015
 
 *Mar. 12-15, 2015, Tokyo, Japan*

Update updating procedure for www/firefox
Index: wikisrc/users/ryoon/how_to_update_www_firefox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/ryoon/how_to_update_www_firefox.mdwn,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- wikisrc/users/ryoon/how_to_update_www_firefox.mdwn	16 Jan 2015 14:04:45 -0000	1.7
+++ wikisrc/users/ryoon/how_to_update_www_firefox.mdwn	6 Jun 2016 12:14:56 -0000	1.8
@@ -26,18 +26,19 @@
 
 Find latest release.
 
-	$ hg branches | grep 2901
-	GECKO2901_2014050617_RELBRANCH 207485:3fd2b5510ccf
+	$ hg tags|grep 46_
+	(snip)
+	FIREFOX_46_0_1_RELEASE		341775:0b8492c110be
 	(snip)
 
 Checkout the branch.
 
-	$ hg checkout GECKO2901_2014050617_RELBRANCH
+	$ hg checkout FIREFOX_46_0_1_RELEASE
 
 Create named branch for applying pkgsrc patches
 
-	$ hg branch pkgsrc_firefox-29.0.1
-	$ hg commit -m "Create pkgsrc_firefox-29.0.1 branch for applying pkgsrc patches"
+	$ hg branch pkgsrc_firefox-46.0.1
+	$ hg commit -m "Create pkgsrc_firefox-46.0.1 branch for applying pkgsrc patches"
 
 Add .*\.orig$ to .hgignore, and commit this change
 
@@ -51,59 +52,46 @@
 	$ popd
 	$ cat /usr/pkgsrc/www/firefox/patches/patch-*|patch -p0
 	$ hg add ...(necessary files)
-	$ hg commit -m "Apply pkgsrc patches for firefox-29.0.1nb2"
+	$ hg commit -m "Apply pkgsrc patches for firefox-46.0.1nb1"
 
 
 # Checkout latest beta source, and create your branch
 
 Find latest branch.
 
-	$ hg branches | grep 300b9
-	GECKO300b9_2014052918_RELBRANCH 199964:b7037f050049
+	$ hg tags | grep 47_
+	(snip)
+	FIREFOX_47_0b9_RELEASE		341367:2ee4473c729a
+	(snip)
 
 Checkout the branch.
 
-	$ hg checkout GECKO300b9_2014052918_RELBRANCH
+	$ hg checkout FIREFOX_47_0b9_RELEASE
 
 Create named branch for working.
 
-	$ hg branch ryoon_firefox-30.0b9
-	$ hg commit -m "Create ryoon_firefox-30.0 branch for applying freebsd-gecko patches"
+	$ hg branch ryoon_firefox-47.0b9
+	$ hg commit -m "Create ryoon_firefox-47.0 branch for merging pkgsrc patches"
 
 Add .*\.orig$ to .hgignore, and commit this change
 
 	$ hg commit -m "Ignore .orig files" .hgignore
 
-Apply patches from freebsd-gecko
-
-	$ cat ~/repos/freebsd-gecko/trunk/www/firefox/files/patch-*|patch -p0
-
-Fix rejected patches manually
-
-	$ hg status | grep rej$
-	$ vi path/to/a/certain/file.c
-
-Commit the patches
-
-	$ hg add (necessary files)
-	$ hg commit -m "Apply freebsd-gecko patches for firefox-30.0"
-
-
 # Merge your patches
 
-	$ hg merge pkgsrc_firefox-29.0.1
+	$ hg merge pkgsrc_firefox-46.0.1
 	$ hg resolve -l
 	$ vi file/marked/as/U
 	$ hg resolve --mark file/marked/as/U
 	(loop)
-	$ hg commit -m "Merge pkgsrc_firefox-29.0.1 branch to 30.0"
+	$ hg commit -m "Merge pkgsrc_firefox-46.0.1 branch to 47.0"
 
 
 # Create patch file for patch -p0
 
-	$ hg diff -r (revision of first commit in ryoon_freebsd-30.0) | \
-	sed -e 's!^--- a/!--- !' -e 's!^+++ b/!+++ !' > ~/firefox-30.0.diff
-	$ vi ~/firefox-30.0.diff
+	$ hg diff -r (revision of first commit in ryoon_firefox-47.0b9) | \
+	sed -e 's!^--- a/!--- !' -e 's!^+++ b/!+++ !' > ~/firefox-47.0.diff
+	$ vi ~/firefox-47.0.diff
 	(Remove patch to .hgignore)
 	(Remove patch to .hgtags)
 
@@ -117,7 +105,7 @@
 	$ make mdi
 	$ make extract
 	$ pushd ${WRKOBJDIR}/www/firefox/work/mozilla-beta
-	$ patch -p0 < ~/firefox-30.0.diff
+	$ patch -p0 < ~/firefox-47.0.diff
 	$ popd
 	$ mkpatches
 	$ patchdiff

Add a project entry for TEST_DEPENDS in pkgsrc.
--- /dev/null	2016-06-02 05:24:06.000000000 +0000
+++ wikisrc/projects/project/pkgsrc-test-depends.mdwn	2016-06-02 05:26:45.000000000 +0000
@@ -0,0 +1,49 @@
+[[!template id=project
+
+title="Separate test depends for pkgsrc"
+
+contact="""
+[tech-pkg](mailto:tech-pkg@NetBSD.org)
+"""
+
+category="pkgsrc"
+difficulty="medium"
+duration="3-6 weeks"
+
+description="""
+
+Right now the pkgsrc packaging for many things does not support
+running those things' native test suites.
+One of the reasons for this is that those test suites often depend on
+additional packages for test infrastructure or test automation.
+Sometimes those additional depends cause cycles; sometimes they're
+"only" heavyweight; but fairly often adding them as unconditional
+BUILD_DEPENDS (or worse, full DEPENDS) has undesirable consequences.
+
+It ought to be possible to have a separate set of TEST_DEPENDS that's
+brought in only when one is actually intending to run a test suite.
+This is not entirely trivial (or it would have been done long ago)
+because it doesn't fit well into the sequence of phases pkgsrc builds
+happen in.
+Should there be a separate (and late) phase for TEST_DEPENDS, or a
+(per-package?) switch in mk.conf to enable test material, or some
+other scheme?
+What about packages that need to be installed first before their tests
+will run?
+(Yes, ideally these wouldn't exist...)
+
+The first part of this project is: decide how it should work and sell
+the community on it, er, I mean, reach consensus with the community on
+the best approach.
+This (including sorting through all the requirements and miscellaneous
+desiderata, which are by no means listed completely above) is at least
+half the work.
+
+The second part of this project is to implement what you've designed,
+and add support to three or four packages with nontrivial test suites.
+
+(Note: this project description was partly based on loose talk on the
+subject appearing in PR 50645.)
+
+"""
+]]

--- /dev/null	2016-06-01 01:57:17.000000000 +0000
+++ wikisrc/users/cyber/calendarproposal.mdwn	2016-06-01 01:58:36.000000000 +0000
@@ -0,0 +1,24 @@
+# New Calendar Solution
+
+# History
+
+(add more details here about the failings here)
+
+The current calendar(1) shipped has limited functionality in a modern, connected world.
+
+# Goals and Requirements
+
+A replacement solution:
+
+* Should ideally be BSD licensed
+* Not have dependencies not already in base
+* Be able to import existing calendar(1) data (possibly through an external script)
+* Support both local and network based calendars
+  * iCal
+  * CalDav
+  * Exchange
+  * Google
+  * etc
+* Support a variety of visualization
+  * tty/curses
+  * X11, or work in tandem with another tool for X11

Index: wikisrc/users/cyber.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/cyber.mdwn,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- wikisrc/users/cyber.mdwn	1 Jun 2016 01:49:06 -0000	1.3
+++ wikisrc/users/cyber.mdwn	1 Jun 2016 01:53:01 -0000	1.4
@@ -15,3 +15,7 @@
 ## Projects
 
 * Stuff
+
+## Ideas for people to steal and do
+
+* [[New Calendar Solution|calendarproposal]]

Index: wikisrc/users/cyber.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/cyber.mdwn,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- wikisrc/users/cyber.mdwn	4 Nov 2015 21:11:49 -0000	1.2
+++ wikisrc/users/cyber.mdwn	1 Jun 2016 01:49:06 -0000	1.3
@@ -2,9 +2,10 @@
 
 ## Currently
 
+* Member Board of Directors
 * Cobalt Portmaster
 * next68k Portmaster
-* Member Board of Directors
+
 
 ## Past
 
@@ -13,4 +14,4 @@
 
 ## Projects
 
-* stuff
+* Stuff

update for 7.0.1
Index: wikisrc/ports/acorn26.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/acorn26.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/acorn26.mdwn	8 Oct 2015 06:42:53 -0000	1.8
+++ wikisrc/ports/acorn26.mdwn	28 May 2016 09:34:10 -0000	1.9
@@ -1,6 +1,6 @@
 [[!template id=port
 port="acorn26"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.1"
 changes_cur="6.0"
Index: wikisrc/ports/acorn32.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/acorn32.mdwn,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- wikisrc/ports/acorn32.mdwn	8 Oct 2015 06:42:53 -0000	1.10
+++ wikisrc/ports/acorn32.mdwn	28 May 2016 09:34:10 -0000	1.11
@@ -1,6 +1,6 @@
 [[!template id=port
 port="acorn32"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.1"
 changes_cur="6.0"
Index: wikisrc/ports/algor.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/algor.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/algor.mdwn	8 Oct 2015 06:42:53 -0000	1.8
+++ wikisrc/ports/algor.mdwn	28 May 2016 09:34:10 -0000	1.9
@@ -1,6 +1,6 @@
 [[!template id=port
 port="algor"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.0"
 changes_cur="6.0"
Index: wikisrc/ports/alpha.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/alpha.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/alpha.mdwn	6 Mar 2016 20:38:47 -0000	1.8
+++ wikisrc/ports/alpha.mdwn	28 May 2016 09:34:10 -0000	1.9
@@ -1,6 +1,6 @@
 [[!template id=port
 port="alpha"
-cur_rel="7.0"
+cur_rel="7.0.1"
 pkg_rel="7.0"
 future_rel="7.0"
 changes_cur="6.0"
Index: wikisrc/ports/amd64.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/amd64.mdwn,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- wikisrc/ports/amd64.mdwn	6 Dec 2015 04:50:21 -0000	1.16
+++ wikisrc/ports/amd64.mdwn	28 May 2016 09:34:10 -0000	1.17
@@ -1,8 +1,8 @@
 [[!template id=port
 port="amd64"
-cur_rel="7.0"
+cur_rel="7.0.1"
 future_rel="7.0"
-pkg_rel="6.0"
+pkg_rel="7.0"
 changes_cur="6.0"
 changes_future="7.0"
 thumbnail="http://www.netbsd.org/images/ports/amd64/AMD_Opteron.gif"
Index: wikisrc/ports/amiga.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/amiga.mdwn,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- wikisrc/ports/amiga.mdwn	8 Oct 2015 06:42:53 -0000	1.11
+++ wikisrc/ports/amiga.mdwn	28 May 2016 09:34:10 -0000	1.12
@@ -1,6 +1,6 @@
 [[!template id=port
 port="amiga"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.0"
 changes_cur="6.0"
Index: wikisrc/ports/amigappc.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/amigappc.mdwn,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- wikisrc/ports/amigappc.mdwn	8 Oct 2015 06:42:53 -0000	1.7
+++ wikisrc/ports/amigappc.mdwn	28 May 2016 09:34:10 -0000	1.8
@@ -1,7 +1,7 @@
 [[!template id=port
 port="amigappc"
 port_alt="powerpc"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 pkg_rel="6.0"
 future_rel="7.0"
 changes_cur="6.0"
Index: wikisrc/ports/arc.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/arc.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/arc.mdwn	8 Oct 2015 06:42:53 -0000	1.8
+++ wikisrc/ports/arc.mdwn	28 May 2016 09:34:10 -0000	1.9
@@ -1,6 +1,6 @@
 [[!template id=port
 port="arc"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.0"
 changes_cur="6.0"
Index: wikisrc/ports/atari.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/atari.mdwn,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- wikisrc/ports/atari.mdwn	8 Oct 2015 06:42:53 -0000	1.6
+++ wikisrc/ports/atari.mdwn	28 May 2016 09:34:10 -0000	1.7
@@ -1,6 +1,6 @@
 [[!template id=port
 port="atari"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.0"
 changes_cur="6.0"
Index: wikisrc/ports/bebox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/bebox.mdwn,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- wikisrc/ports/bebox.mdwn	8 Oct 2015 06:42:53 -0000	1.7
+++ wikisrc/ports/bebox.mdwn	28 May 2016 09:34:10 -0000	1.8
@@ -1,6 +1,6 @@
 [[!template id=port
 port="bebox"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.0"
 changes_cur="6.0"
Index: wikisrc/ports/cats.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/cats.mdwn,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- wikisrc/ports/cats.mdwn	8 Oct 2015 06:42:53 -0000	1.7
+++ wikisrc/ports/cats.mdwn	28 May 2016 09:34:10 -0000	1.8
@@ -1,6 +1,6 @@
 [[!template id=port
 port="cats"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.1"
 changes_cur="6.0"
Index: wikisrc/ports/cesfic.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/cesfic.mdwn,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- wikisrc/ports/cesfic.mdwn	8 Oct 2015 06:42:53 -0000	1.6
+++ wikisrc/ports/cesfic.mdwn	28 May 2016 09:34:10 -0000	1.7
@@ -1,7 +1,7 @@
 [[!template id=port
 port="cesfic"
 port_alt="m68k"
-cur_rel="7.0"  
+cur_rel="7.0.1"
 future_rel="7.0"
 pkg_rel="6.0"
 changes_cur="6.0"
Index: wikisrc/ports/cobalt.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/cobalt.mdwn,v

(Diff truncated)
add htdocs/releases/index.xml to the list of crap to update
shuffle order around a bit
Members: 
	releng/release-prep.mdwn:1.25->1.26 

Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.25
retrieving revision 1.26
diff -u -r1.25 -r1.26
--- wikisrc/releng/release-prep.mdwn	23 May 2016 19:15:37 -0000	1.25
+++ wikisrc/releng/release-prep.mdwn	28 May 2016 09:11:47 -0000	1.26
@@ -137,17 +137,18 @@
     - Update htdocs/support/security/index.xml
     - Update htdocs/support/security/release.xml
     - Update htdocs/releases/formal-&lt;blah&gt;/index.xml
-    - Update htdocs/mirrors/torrents/
     - Update htdocs/releases/formal.xml
+    - Update htdocs/releases/index.xml
+    - Update htdocs/mirrors/torrents/
     - Update htdocs/about/history.xml
-    - Top-level regen of everything
     - Update htdocs/changes/index.xml
     - Update htdocs/index.html
-    - Port pages in wikisrc -- sed? :\ (don't bother with xen)
-    - Update [[wikisrc/releng.mdwn|releng]]
     - Update htdocs/developers/features/
     - Update htdocs/docs/guide/en/chap-fetch.xml
     - Update htdocs/ports/history.xml
+    - Top-level regen of everything
+    - Port pages in wikisrc -- sed? :\ (don't bother with xen)
+    - Update [[wikisrc/releng.mdwn|releng]]
 
 15. Update <code>/pub/NetBSD/README</code> to mention the new release
 

mention that the current overhead should be quantified; thanks soda@
Index: wikisrc/projects/project/make-kqueue.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/projects/project/make-kqueue.mdwn,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- wikisrc/projects/project/make-kqueue.mdwn	27 May 2016 06:28:45 -0000	1.1
+++ wikisrc/projects/project/make-kqueue.mdwn	27 May 2016 06:42:28 -0000	1.2
@@ -17,6 +17,8 @@
 suffix rules.
 This causes measurable amounts of overhead, especially when there are
 a lot of files like in e.g. libc.
+First step is to quantify this overhead so you can tell what you're
+accomplishing.
 
 Fixing this convincingly requires a multi-step approach: first, give
 make an abstraction layer for directories it's working with.

Add a project entry for directory caching and kqueue inside make.
--- /dev/null	2016-05-27 06:27:35.000000000 +0000
+++ wikisrc/projects/project/make-kqueue.mdwn	2016-05-27 06:29:00.000000000 +0000
@@ -0,0 +1,48 @@
+[[!template id=project
+
+title="Speed up BSD make with kqueue/inotify"
+
+contact="""
+[tech-toolchain](mailto:tech-toolchain@NetBSD.org)
+"""
+
+category="userland"
+difficulty="hard"
+duration="3-4 months"
+
+description="""
+
+Currently BSD make emits tons and tons of stat(2) calls in the course
+of figuring out what to do, most notably (but not only) when matching
+suffix rules.
+This causes measurable amounts of overhead, especially when there are
+a lot of files like in e.g. libc.
+
+Fixing this convincingly requires a multi-step approach: first, give
+make an abstraction layer for directories it's working with.
+This alone is a nontrivial undertaking because make is such a mess
+inside.
+This step should also involve sorting out various issues where files
+in other directories (other than the current directory) sometimes
+don't get checked for changes properly.
+
+Then, implement a cache under that abstraction layer so make can
+remember what it's learned instead of making the same stat calls over
+and over again.
+Also, teach make to scan a directory with readdir() instead of
+populating the cache by making thousands of scattershot stat() calls,
+and implement a simple heuristic to decide when to use the readdir
+method.
+
+Unfortunately, in general after running a program the cache has to be
+flushed because we don't know what the program did.
+The final step in this project is to make use of kqueue or inotify or
+similar when running programs to synchronize make's directory cache so
+it doesn't have to be flushed.
+
+As an additional step one might also have make warn when a recipe
+touches files it has been declared to touch... but note that while
+this is desirable it is also somewhat problematic.
+
+"""
+]]

Add: Open Source Conference 2016 Nagoya,add OSC2016gunma report
Index: wikisrc/events.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/events.mdwn,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- wikisrc/events.mdwn	20 May 2016 11:30:14 -0000	1.29
+++ wikisrc/events.mdwn	25 May 2016 01:01:13 -0000	1.30
@@ -8,6 +8,16 @@
 Future Events
 -------------
 
+### `May 2016` - Open Source Conference 2016 Nagoya
+
+*May. 28, 2016, [Fukiage Hall](http://www.nipc.or.jp/fukiage/index.html), Nagoya, Japan*
+
+At the [Open Source Conference 2016
+Nagoya](http://www.ospn.jp/osc2016-nagoya/), there will be a NetBSD
+booth staffed by members of the [Japan NetBSD Users'
+Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations. 
+
+
 ### `Jul 2016` - pkgsrcCon 2016, Kraków, Poland
 
 *July 2 - 3, 2016, Kraków Poland*
@@ -36,9 +46,10 @@
 *May. 14, 2016, [LABI1 Takasaki](http://www.yamadalabi.com/takasaki/access/index.html), Gunma, Japan*
 
 At the [Open Source Conference 2016
-Gunma](http://www.ospn.jp/osc2016-gunma/), there will be a NetBSD
+Gunma](http://www.ospn.jp/osc2016-gunma/), there was a NetBSD
 booth staffed by members of the [Japan NetBSD Users'
 Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations. 
+[Report on netbsd-advocacy](http://mail-index.netbsd.org/netbsd-advocacy/2016/05/16/msg000706.html).
 
 ### `Mar 2016` - AsiaBSDCon 2016
 

remove stuff about listing changes in distrib/notes, remove advice to
use b[456] when manually rebuilding a port, fix (maybe?) formatting
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.24
retrieving revision 1.25
diff -u -r1.24 -r1.25
--- wikisrc/releng/release-prep.mdwn	22 May 2016 11:13:03 -0000	1.24
+++ wikisrc/releng/release-prep.mdwn	23 May 2016 19:15:37 -0000	1.25
@@ -39,21 +39,14 @@
    - Update version numbers
    - Add mention of the latest CHANGES-&lt;version&gt; file in the "Release
      Contents" section
-   - List changes present in this release
    - Adjust known issues section as necessary
    - Adjust compatibility issues section as necessary
    - Check the {core,portmasters,releng,developers} lists (while grumbling 
      about how you really ought to just remove this ridiculous self-indulgent
      section from the notes entirely).
 
-   Note: the "changes" part of this should be taken from an mdoc file that
-   is generated from <code>htdocs/releases/formal-&lt;BLAH&gt;/changes&lt;VERSION&gt;.xml</code>.
-   Look for ".Ss Changes Between the NetBSD" in distrib/notes/common/main
-   and paste away!  You may have to make a few markup changes to the contents
-   of the mdoc file, because the XML -> mdoc converter sucks.  Always check to
-   make sure things are formatted as intended.
-
-   Basically, in htdocs/releases/formal-&lt;blah&gt;, copy the previous
+   We now only include a summary of chnages in htdocs.  Basically, in
+   htdocs/releases/formal-&lt;blah&gt;, copy the previous
    release's XML files, adjust Makefile as necessary, and start the dull
    process of adding content.  Beware that this is a soul-sucking task,
    and you MUST RESIST THE TEMPTATION TO MENTION EVERY LITTLE CHANGE.  Try
@@ -92,16 +85,15 @@
 7. Spend the next few hours worrying about some unforeseen or sporadic problem
    causing one or more ports to fail.  Cross your fingers and hope that you're
    spared the hassle.  If you're not so lucky, dig around and manually rebuild
-   a port on one of b[678], copying the build.sh line from logs, mainly to
-   preserve the -B flag's argument.  Copy the results back to build.netbsd.org
-   and proceed.
+   a port, copying the build.sh line from logs, mainly to preserve the -B
+   flag's argument.
 
 8. Create ISOs (macppc and mac68k).  See below for instructions.
    Create hashes for ISOs (<code>cksum -a sha512 NetBSD* > SHA512</code>)
 
 9. rsync to nbftp.  It goes to a staging dir in /pub/NetBSD/misc/releng first.
 
-        rsync -avu --progress --port 874 --password-file /home/builds/.rsync &lt;path-to-top-level-release-dir&gt; builds@ftp.netbsd.org::builds/
+        rsync -avu --progress --port 874 --password-file /home/builds/.rsync <path-to-top-level-release-dir> builds@ftp.netbsd.org::builds/
 
    This will upload the files to <code>ftp.NetBSD.org:/pub/NetBSD/misc/releng/</code>.
    After that, get admins to create <code>/pub/NetBSD/NetBSD-&lt;release&gt;</code> and

remove stuff about killing the builds and restarting to get a new
build_order to take effect. the build cluster is fast enough these
days that no one is worried about getting a release built immediately
Index: wikisrc/releng/release-prep.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/releng/release-prep.mdwn,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- wikisrc/releng/release-prep.mdwn	27 Jan 2016 22:39:26 -0000	1.23
+++ wikisrc/releng/release-prep.mdwn	22 May 2016 11:13:03 -0000	1.24
@@ -86,10 +86,8 @@
 
 6. Add tag to <code>~builds/etc/build_order</code> like: <code>netbsd-5-0-RELEASE:N:N</code>
    This means the tag will only be built once, and it won't be uploaded
-   after it finishes building.  Put it at the top.  You'll have to kill
-   <code>run_builds.sh</code> and restart the builds to get this to
-   take effect, or you could insert it *after* the top line and it will be
-   the next build (which doesn't require killing <code>run_builds.sh</code>.
+   after it finishes building.  Put it below the top-most entry (the entry
+   at the very top is the one currently being built).
 
 7. Spend the next few hours worrying about some unforeseen or sporadic problem
    causing one or more ports to fail.  Cross your fingers and hope that you're

Added a comment: Instructions update for Linux and better state why rsd0d is needed
--- /dev/null	2016-05-21 10:05:35.000000000 +0000
+++ wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick/comment_6_79e347cbde4370ac7860adf192409d45._comment	2016-05-21 10:05:35.000000000 +0000
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="leot"
+ subject="Instructions update for Linux and better state why rsd0d is needed"
+ date="2016-05-21T10:05:16Z"
+ content="""
+Hello buhara13 and cemkayali!
+I've just updated the page according to your suggestion.
+
+Please let me know if I've missed something!
+
+Thank you very much!
+L.
+"""]]

s/6\.0/7.0/ -e s/i386/amd64/
(of course the instructions are the same for previous NetBSD releases and for
i386!)
Members: 
	tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn:1.10->1.11 

Index: wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -r1.10 -r1.11
--- wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn	21 May 2016 09:52:39 -0000	1.10
+++ wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn	21 May 2016 09:59:43 -0000	1.11
@@ -18,9 +18,9 @@
 mirrors](http://www.netbsd.org/mirrors/) under the images/ directory, their
 filenames match the *install.img.gz pattern.
 
-For example if we want to download NetBSD 6.0 for i386:
+For example if we want to download NetBSD 7.0 for amd64:
 
-    # ftp ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-6.0/images/NetBSD-6.0-i386-install.img.gz
+    # ftp ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-7.0/images/NetBSD-7.0-amd64-install.img.gz
 
 ## Copying the installation image to the memory stick
 To prepare the memory stick under a Unix system you can just use
@@ -31,8 +31,8 @@
 For example if the memory stick is recognized as `sd0` (**Warning: this will
 overwrite all the contents on your memory stick**):
 
-    # gunzip NetBSD-6.0-i386-install.img.gz
-    # dd if=NetBSD-6.0-i386-install.img of=/dev/rsd0d bs=1m
+    # gunzip NetBSD-7.0-amd64-install.img.gz
+    # dd if=NetBSD-7.0-amd64-install.img of=/dev/rsd0d bs=1m
 
 In the previous command we have used `rsd0d` in order to refer to the *whole*
 `sd0` disk.
@@ -41,8 +41,8 @@
 memory stick is recognized as `sdb` (**Warning: this will overwrite all the
 contents on your memory stick**):
 
-    # gunzip NetBSD-6.0-i386-install.img.gz
-    # dd if=NetBSD-6.0-i386-install.img of=/dev/sdb bs=1M
+    # gunzip NetBSD-7.0-amd64-install.img.gz
+    # dd if=NetBSD-7.0-amd64-install.img of=/dev/sdb bs=1M
 
 ## Installation process
 After NetBSD is booted from the memory stick the installation process is

Clarify that we need to use `sd0d' in NetBSD to refer to the entire disk.
Also add an example regarding how to write the `.img' from Linux.
Thanks to buhara13 and cemkayali for the suggestions!
Members: 
	tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn:1.9->1.10 

Index: wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn	7 Dec 2015 10:58:54 -0000	1.9
+++ wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick.mdwn	21 May 2016 09:52:39 -0000	1.10
@@ -28,12 +28,22 @@
 Whenever using dd(1), remember to set the blocksize by specifying the 
 <code>bs</code> parameter in order to speed up the write to the installation
 media a bit (e.g. 1m).
-For example if the memory stick is recognized as sd0 (**Warning: this will
+For example if the memory stick is recognized as `sd0` (**Warning: this will
 overwrite all the contents on your memory stick**):
 
     # gunzip NetBSD-6.0-i386-install.img.gz
     # dd if=NetBSD-6.0-i386-install.img of=/dev/rsd0d bs=1m
 
+In the previous command we have used `rsd0d` in order to refer to the *whole*
+`sd0` disk.
+
+On Linux the command is similar although it need some minor adjustments, if the
+memory stick is recognized as `sdb` (**Warning: this will overwrite all the
+contents on your memory stick**):
+
+    # gunzip NetBSD-6.0-i386-install.img.gz
+    # dd if=NetBSD-6.0-i386-install.img of=/dev/sdb bs=1M
+
 ## Installation process
 After NetBSD is booted from the memory stick the installation process is
 usual (you can find an example in

Added a comment: Please tell me how to adjust console Font, it too small.
--- /dev/null	2016-05-21 02:00:24.000000000 +0000
+++ wikisrc/ports/evbarm/raspberry_pi/comment_17_86103e0ef6127048abd4a4f1aac31003._comment	2016-05-21 02:04:22.000000000 +0000
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="991776254@ea9e6ab857ed376801070cbcff01c4baab1ec7c7"
+ nickname="991776254"
+ subject="Please tell me how to adjust console Font, it too small. "
+ date="2016-05-21T02:04:09Z"
+ content="""
+1. NetBSD rpi 7.99.29 NetBSD 7.99.29 (RPI.201605191830Z) evbarm
+
+2. I used 800*480 display. I have not hdmi display.
+3. I edit cmdline.txt, remove 'console=fb',display is black
+4. Please help me. Thanks.
+
+"""]]

Added a comment: Naming
--- /dev/null	2016-05-21 00:00:08.000000000 +0000
+++ wikisrc/tutorials/how_to_install_netbsd_from_an_usb_memory_stick/comment_5_4bfddb37f66614a214626dbde77d9db9._comment	2016-05-21 00:00:17.000000000 +0000
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="cemkayali@97aa756c58c2a4305cb83da2519b980189a884cf"
+ nickname="cemkayali"
+ subject="Naming"
+ date="2016-05-21T00:00:03Z"
+ content="""
+
+Unlike as in Linux, in NetBSD please note /dev/rsd0d represents full disk - not /dev/sdb 
+
+Regards,
+"""]]

Move `Open Source Conference 2016 Gunma' to the past.
Add `pkgsrcCon 2016' and `EuroBSDCon 2016'.
Index: wikisrc/events.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/events.mdwn,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- wikisrc/events.mdwn	15 Mar 2016 05:31:15 -0000	1.28
+++ wikisrc/events.mdwn	20 May 2016 11:30:14 -0000	1.29
@@ -8,6 +8,28 @@
 Future Events
 -------------
 
+### `Jul 2016` - pkgsrcCon 2016, Kraków, Poland
+
+*July 2 - 3, 2016, Kraków Poland*
+
+[pkgsrcCon](http://www.pkgsrc.org/pkgsrcCon/2016/) is the annual technical
+conference for people working on pkgsrc, a framework for building
+over 17,000 open source software packages. pkgsrc is the native
+package manager on NetBSD, SmartOS and Minix, and is portable across
+many different operating systems including Linux and Mac OS X.
+
+### `Sep 2016` - EuroBSDCon 2016 Belgrade, Serbia
+
+*September 22 - 25, 2016, Belgrade Serbia*
+
+[EuroBSDCon](https://2016.eurobsdcon.org/) is the premier European
+conference on the open source BSD operating systems attracting
+about 250 highly skilled engineering professionals, software
+developers, computer science students and professors, and users
+from all over Europe and other parts of the world.
+
+Past Events
+-----------
 
 ### `May 2016` - Open Source Conference 2016 Gunma
 
@@ -18,9 +40,6 @@
 booth staffed by members of the [Japan NetBSD Users'
 Group](http://www.jp.NetBSD.org/) with NetBSD gadget demonstrations. 
 
-Past Events
------------
-
 ### `Mar 2016` - AsiaBSDCon 2016
 
 *Mar. 10-13, 2016, Tokyo, Japan*

Added a comment: updates link
--- /dev/null	2016-05-15 21:40:16.000000000 +0000
+++ wikisrc/projects/project/npf_web_ui/comment_4_9da5542725ebfd36c7aeeb7b521deafd._comment	2016-05-15 21:43:47.000000000 +0000
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="coypu@2e12ddd7831c9f19a90d1690f0cb8f52783e5b8f"
+ nickname="coypu"
+ subject="updates link"
+ date="2016-05-15T21:43:33Z"
+ content="""
+I don't have one yet (GSoC hasn't properly started just yet), but I will update when I make one, after some minimal progress
+"""]]

Added a comment: update
--- /dev/null	2016-05-15 16:00:25.000000000 +0000
+++ wikisrc/projects/project/npf_web_ui/comment_3_b0d71604df48fb9ea35dd059529aea5e._comment	2016-05-15 16:02:10.000000000 +0000
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="magicmush@1e4f29467fd0d199da452fb5f98304a1472890ad"
+ nickname="magicmush"
+ subject="update"
+ date="2016-05-15T16:01:52Z"
+ content="""
+Hi Coypu, 
+
+thanks for the update, is there any link where we can see the updates and/or the on going wok
+
+"""]]

Added a comment: updates
--- /dev/null	2016-05-13 17:04:47.000000000 +0000
+++ wikisrc/projects/project/npf_web_ui/comment_2_80f8cf0b3dfbaedd855a1a368dbb000c._comment	2016-05-13 17:05:32.000000000 +0000
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="coypu@2e12ddd7831c9f19a90d1690f0cb8f52783e5b8f"
+ nickname="coypu"
+ subject="updates"
+ date="2016-05-13T17:05:18Z"
+ content="""
+Hi Eren,
+I'm working on this project as part of Google Summer of Code 2016.
+"""]]

Added a comment: update
--- /dev/null	2016-05-10 17:47:25.000000000 +0000
+++ wikisrc/projects/project/npf_web_ui/comment_1_ad9e35994007216b5a33ff763e83860c._comment	2016-05-10 17:47:28.000000000 +0000
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="magicmush@1e4f29467fd0d199da452fb5f98304a1472890ad"
+ nickname="magicmush"
+ subject="update"
+ date="2016-05-10T17:47:13Z"
+ content="""
+Hi, is there any update on this?
+
+will it be feasible to do this in lua or java/osgi/karaf?
+ 
+what kind of technologies will it be recommended for this? 
+which front end server is recommended lighthttp/nginx/apache.....? will you guys be able to show some direction in terms architecture.
+ 
+Regards
+Eren
+"""]]

Yeah, seems so (spaces are converted to `_' both in the directories and in
filenames).
Index: wikisrc/sandbox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/sandbox.mdwn,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- wikisrc/sandbox.mdwn	9 May 2016 07:20:41 -0000	1.17
+++ wikisrc/sandbox.mdwn	9 May 2016 07:26:42 -0000	1.18
@@ -43,4 +43,3 @@
 Remember Cyrix: <img src="http://www.netbsd.org/images/ports/i386/header.gif" />
 
 fnord again
-[[A directory with spaces/And a file with spaces]]

Test what happens if a directory and a file have spaces... (are them just
converted to `_'?)
Index: wikisrc/sandbox.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/sandbox.mdwn,v
retrieving revision 1.16
retrieving revision 1.17
diff -u -r1.16 -r1.17
--- wikisrc/sandbox.mdwn	10 Dec 2015 18:42:49 -0000	1.16
+++ wikisrc/sandbox.mdwn	9 May 2016 07:20:41 -0000	1.17
@@ -43,3 +43,4 @@
 Remember Cyrix: <img src="http://www.netbsd.org/images/ports/i386/header.gif" />
 
 fnord again
+[[A directory with spaces/And a file with spaces]]

Added a comment: build option....
--- /dev/null	2016-05-05 14:16:00.000000000 +0000
+++ wikisrc/tutorials/how_to_enable_and_run_dtrace/comment_1_31ab21a2670f5b84e9b71928eed7a1a0._comment	2016-05-05 14:16:06.000000000 +0000
@@ -0,0 +1,23 @@
+[[!comment format=mdwn
+ username="miwarin@0313732bc8d467929d936e58b4035a129c8f703c"
+ nickname="miwarin"
+ subject="build option...."
+ date="2016-05-05T14:15:53Z"
+ content="""
+(NetBSD 7.0 i386)
+
+please fix.
+
+add to build.sh option:
+
+    -V SLOPPY_FLIST=yes 
+
+modload command miss. Properly do this:
+
+    modload solaris
+    modload dtrace
+    modload sdt
+    modload fbt
+    modload profile
+
+"""]]

Added a comment: Raspberry PI 3 support
--- /dev/null	2016-04-27 09:10:02.000000000 +0000
+++ wikisrc/ports/evbarm/raspberry_pi/comment_16_76d86737b956deadfb9ca4ede96641c4._comment	2016-04-27 09:11:09.000000000 +0000
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="vkhutkO@025be5b36b030bb304e605fa0c3d03f8695aaf9d"
+ nickname="vkhutkO"
+ subject="Raspberry PI 3 support"
+ date="2016-04-27T09:10:52Z"
+ content="""
+I want to lift-up this theme. This RPi uses slightly different Broadcom chip and I expected, that either evbarm6hf or evbarm7hf kernels will function. But for a moment I'm sitting in front of colorful square on the screen for 10 minutes. I'm newbie in NetBSD, but I have a feeling, that it was stopped for some reason.
+"""]]

Nexthop cache separation merged
Index: wikisrc/users/ozaki-r.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/ozaki-r.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/users/ozaki-r.mdwn	7 Mar 2016 02:11:40 -0000	1.9
+++ wikisrc/users/ozaki-r.mdwn	19 Apr 2016 07:48:32 -0000	1.10
@@ -41,7 +41,7 @@
 * vioif(4)
   * [done] MSI-X support
   * Multi-queue support
-* Nexthop cache separation
+* [done] Nexthop cache separation
   * http://www.netbsd.org/~matt/smpnet.html#nexthop
 * softint-based RX (and TX?)
   * Polling mode

Added a comment: Raspberry 3 Support
--- /dev/null	2016-04-16 14:10:01.000000000 +0000
+++ wikisrc/ports/evbarm/raspberry_pi/comment_15_b0d4969dc7af58eb541ff8af225bc805._comment	2016-04-16 14:15:26.000000000 +0000
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="daniel.oelschlegel@aa334c96083f1def21cbf33cf3498e165b8b1d35"
+ nickname="daniel.oelschlegel"
+ subject="Raspberry 3 Support"
+ date="2016-04-16T14:15:12Z"
+ content="""
+What is the state of supporting of the newest hardware generation?
+"""]]

remove isc logo
Index: wikisrc/templates/page.tmpl
===================================================================
RCS file: /cvsroot/wikisrc/templates/page.tmpl,v
retrieving revision 1.31
retrieving revision 1.32
diff -u -r1.31 -r1.32
--- wikisrc/templates/page.tmpl	1 Jan 2016 03:50:28 -0000	1.31
+++ wikisrc/templates/page.tmpl	15 Apr 2016 17:39:25 -0000	1.32
@@ -269,9 +269,7 @@
 <div class="rowOfBoxes">
   <div id="footer2">
     <div id="footerLogo">
-      <a href="http://www.isc.org/"><img src="//wiki.netbsd.org/images/hosted-isc.png"
-         alt="wiki.NetBSD.org is hosted at ISC"
-         border="0" width="84" height="41"/></a>
+		<!-- isc logo used to go here -->
     </div>
     <div id="footerContent">
       <span class="footfeed">

Fix missing `don't' to make this sentence make sense.
Thanks, wiz!
Members: 
	tutorials/how_to_use_wpa_supplicant.mdwn:1.6->1.7 

Index: wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:47:54 -0000	1.6
+++ wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 21:56:08 -0000	1.7
@@ -108,8 +108,8 @@
             wep_tx_keyidx=0
     }
 
-Note that you have to use wpa_supplicant to configure WEP -- you can also
- simply use
+Note that you don't have to use wpa_supplicant to configure WEP -- you
+ can also simply use
  [ifconfig(8)](http://netbsd.gw.com/cgi-bin/man-cgi?ifconfig+8+NetBSD-current):
 
     ifconfig ath0 ssid MYWEAKLYENCRYPTEDWLAN nwkey 12345

Don't double colons up.
Index: wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:33:04 -0000	1.5
+++ wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:47:54 -0000	1.6
@@ -108,7 +108,7 @@
             wep_tx_keyidx=0
     }
 
-Note that you have to use wpa_supplicant to configure WEP: you can also
+Note that you have to use wpa_supplicant to configure WEP -- you can also
  simply use
  [ifconfig(8)](http://netbsd.gw.com/cgi-bin/man-cgi?ifconfig+8+NetBSD-current):
 

Note /usr/share/examples/wpa_supplicant/wpa_supplicant.conf.
Index: wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:14:26 -0000	1.4
+++ wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:33:04 -0000	1.5
@@ -15,6 +15,8 @@
 
 To configure WPA/WPA2, you must create the file
  [`/etc/wpa_supplicant.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current).
+You can find examples for `/etc/wpa_supplicant.conf` in
+ `/usr/share/examples/wpa_supplicant/wpa_supplicant.conf`.
 The simplest case is a network, say `my favourite network`, with a
  fixed passphrase, say `hunter2`.
 For this case, fill your `/etc/wpa_supplicant.conf` file with:

Fix code blocks: 4 spaces, not 3.
Index: wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:10:26 -0000	1.3
+++ wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:14:26 -0000	1.4
@@ -19,37 +19,37 @@
  fixed passphrase, say `hunter2`.
 For this case, fill your `/etc/wpa_supplicant.conf` file with:
 
-   ctrl_interface=/var/run/wpa_supplicant
-   ctrl_interface_group=wheel
-   network={
-           ssid="my favourite network"
-           psk="hunter2"
-   }
+    ctrl_interface=/var/run/wpa_supplicant
+    ctrl_interface_group=wheel
+    network={
+            ssid="my favourite network"
+            psk="hunter2"
+    }
 
 Then enable wpa_supplicant on your network interface device, say
  `iwn0`, by editing [`/etc/rc.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current)
  to add
 
-   wpa_supplicant=YES
-   wpa_supplicant_flags="${wpa_supplicant_flags} -i iwn0"
+    wpa_supplicant=YES
+    wpa_supplicant_flags="${wpa_supplicant_flags} -i iwn0"
 
 If your LAN is configured with DHCP, you will likely also want
  `dhcpcd=YES` in `/etc/rc.conf` to run [dhcpcd](http://netbsd.gw.com/cgi-bin/man-cgi?dhcpcd+8+NetBSD-current).
 Then start wpa_supplicant with the shell command:
 
-   # /etc/rc.d/wpa_supplicant start
+    # /etc/rc.d/wpa_supplicant start
 
 or reboot for the change to take effect.
 
 You can query the current status of WPA/WPA2 with the shell command:
 
-   # wpa_cli status
+    # wpa_cli status
 
 If you want to configure more 802.11 networks, add more `network`
  stanzas to `/etc/wpa_supplicant.conf`, and notify wpa_supplicant of
  them:
 
-   # /etc/rc.d/wpa_supplicant reload
+    # /etc/rc.d/wpa_supplicant reload
 
 #  Do not wait for lease; useful if no network is within reach, so boot will not hang
 
@@ -63,7 +63,7 @@
  to make it immediately go into the background, by setting
  `dhcpcd_flags` in `/etc/rc.conf`:
 
-   dhcpcd_flags="${dhcpcd_flags} -b"
+    dhcpcd_flags="${dhcpcd_flags} -b"
 
 #  Other Network Configurations
 
@@ -77,19 +77,19 @@
 If the network is hidden, so that the access point does not broadcast
  its presence, you must specify the `scan_ssid=1` option:
 
-   network={
-           ssid="my network"
-           scan_ssid=1
-           psk="sekret"
-   }
+    network={
+            ssid="my network"
+            scan_ssid=1
+            psk="sekret"
+    }
 
 ##  Open Networks
 
-   network={
-           ssid="MYUNPROTECTEDWLAN"
-           key_mgmt=NONE
-           priority=100
-   }
+    network={
+            ssid="MYUNPROTECTEDWLAN"
+            key_mgmt=NONE
+            priority=100
+    }
 
 ##  WEP encryption
 
@@ -99,31 +99,31 @@
 However, sometimes there is a need to use WEP in legacy networks.
 Here is a configuration if you want to do it with wpa_supplicant:
 
-   network={
-           ssid="MYWEAKLYENCRYPTEDWLAN"
-           key_mgmt=NONE
-           wep_key0="12345"  # or 13 characters, or a hexkey starting with 0x
-           wep_tx_keyidx=0
-   }
+    network={
+            ssid="MYWEAKLYENCRYPTEDWLAN"
+            key_mgmt=NONE
+            wep_key0="12345"  # or 13 characters, or a hexkey starting with 0x
+            wep_tx_keyidx=0
+    }
 
 Note that you have to use wpa_supplicant to configure WEP: you can also
  simply use
  [ifconfig(8)](http://netbsd.gw.com/cgi-bin/man-cgi?ifconfig+8+NetBSD-current):
 
-   ifconfig ath0 ssid MYWEAKLYENCRYPTEDWLAN nwkey 12345
+    ifconfig ath0 ssid MYWEAKLYENCRYPTEDWLAN nwkey 12345
 
 ##  Password-Authenticated MSCHAPv2
 
 This seems to be a common configuration for password-authenticated networks:
 
-   network={
-           ssid="WLANSSID"
-           key_mgmt=IEEE8021X
-           eap=PEAP
-           phase2="auth=MSCHAPV2"
-           identity="login"
-           password="password"
-   }
+    network={
+            ssid="WLANSSID"
+            key_mgmt=IEEE8021X
+            eap=PEAP
+            phase2="auth=MSCHAPV2"
+            identity="login"
+            password="password"
+    }
 
 #  See also
 

Rewrite WPA/WPA2 tutorial.
Remove outdated dreck and needless editorial commentary.
Members: 
	tutorials/how_to_use_wpa_supplicant.mdwn:1.2->1.3 

Index: wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	5 Feb 2012 07:14:36 -0000	1.2
+++ wikisrc/tutorials/how_to_use_wpa_supplicant.mdwn	14 Apr 2016 20:10:26 -0000	1.3
@@ -2,177 +2,130 @@
 
 [[!toc]]
 
-#  What is WPA ? 
+#  What is WPA/WPA2?
 
-Wi-Fi Protected Access (WPA) is a wireless encryption standard and the successor of Wired Equivalent Privacy (WEP). WPA has been supported since NetBSD 4.0. NetBSD uses [wpa_supplicant(8)](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant+8+NetBSD-current), a cross-platform framework for WPA. 
+[Wi-Fi Protected Access (WPA)](https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access)
+ and Wi-Fi Protected Accesss II (WPA2) are 802.11 wireless
+ authentication and encryption standards, the successors to the simpler
+ [Wired Equivalent Privacy (WEP)](https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy).
+Most "closed" or "locked" 802.11 wireless networks use WPA/WPA2
+ authentication.
+On NetBSD, the [wpa_supplicant(8)](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant+8+NetBSD-current)
+ daemon handles WPA/WPA2.
+
+To configure WPA/WPA2, you must create the file
+ [`/etc/wpa_supplicant.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current).
+The simplest case is a network, say `my favourite network`, with a
+ fixed passphrase, say `hunter2`.
+For this case, fill your `/etc/wpa_supplicant.conf` file with:
+
+   ctrl_interface=/var/run/wpa_supplicant
+   ctrl_interface_group=wheel
+   network={
+           ssid="my favourite network"
+           psk="hunter2"
+   }
+
+Then enable wpa_supplicant on your network interface device, say
+ `iwn0`, by editing [`/etc/rc.conf`](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current)
+ to add
+
+   wpa_supplicant=YES
+   wpa_supplicant_flags="${wpa_supplicant_flags} -i iwn0"
+
+If your LAN is configured with DHCP, you will likely also want
+ `dhcpcd=YES` in `/etc/rc.conf` to run [dhcpcd](http://netbsd.gw.com/cgi-bin/man-cgi?dhcpcd+8+NetBSD-current).
+Then start wpa_supplicant with the shell command:
+
+   # /etc/rc.d/wpa_supplicant start
+
+or reboot for the change to take effect.
+
+You can query the current status of WPA/WPA2 with the shell command:
+
+   # wpa_cli status
+
+If you want to configure more 802.11 networks, add more `network`
+ stanzas to `/etc/wpa_supplicant.conf`, and notify wpa_supplicant of
+ them:
+
+   # /etc/rc.d/wpa_supplicant reload
+
+#  Do not wait for lease; useful if no network is within reach, so boot will not hang
+
+For a typical laptop, you will usually want to use DHCP to get an IP
+ address on any network you're on, but you won't always be on the
+ network.
+In that case, when you're booting up, you don't want to have to wait
+ until you can associate with the network and get a DHCP lease.
+You can pass the `-b` flag to
+ [dhcpcd](http://netbsd.gw.com/cgi-bin/man-cgi?dhcpcd+8+NetBSD-current)
+ to make it immediately go into the background, by setting
+ `dhcpcd_flags` in `/etc/rc.conf`:
+
+   dhcpcd_flags="${dhcpcd_flags} -b"
+
+#  Other Network Configurations
+
+wpa_supplicant can also connect to other wireless network
+ configurations.
+These networks can be given different priorities using the `priority`
+ field, with a higher number indicating a higher priority.
+
+##  Hidden Networks
+
+If the network is hidden, so that the access point does not broadcast
+ its presence, you must specify the `scan_ssid=1` option:
+
+   network={
+           ssid="my network"
+           scan_ssid=1
+           psk="sekret"
+   }
+
+##  Open Networks
+
+   network={
+           ssid="MYUNPROTECTEDWLAN"
+           key_mgmt=NONE
+           priority=100
+   }
+
+##  WEP encryption
+
+WEP is the weakest of current 802.11 encryption solutions.
+It is known to be completely broken: breaking WEP can be done in mere
+ seconds.
+However, sometimes there is a need to use WEP in legacy networks.
+Here is a configuration if you want to do it with wpa_supplicant:
+
+   network={
+           ssid="MYWEAKLYENCRYPTEDWLAN"
+           key_mgmt=NONE
+           wep_key0="12345"  # or 13 characters, or a hexkey starting with 0x
+           wep_tx_keyidx=0
+   }
+
+Note that you have to use wpa_supplicant to configure WEP: you can also
+ simply use
+ [ifconfig(8)](http://netbsd.gw.com/cgi-bin/man-cgi?ifconfig+8+NetBSD-current):
+
+   ifconfig ath0 ssid MYWEAKLYENCRYPTEDWLAN nwkey 12345
+
+##  Password-Authenticated MSCHAPv2
+
+This seems to be a common configuration for password-authenticated networks:
+
+   network={
+           ssid="WLANSSID"
+           key_mgmt=IEEE8021X
+           eap=PEAP
+           phase2="auth=MSCHAPV2"
+           identity="login"
+           password="password"
+   }
 
-
-For setting up WPA, create the file `/etc/wpa_supplicant.conf` and paste following code, replacing your own SSID and Key: 
-    
-    network={
-            ssid="MYWLAN"
-            scan_ssid=1
-            key_mgmt=WPA-PSK
-            psk="MySecretPassphrase"
-    }
-    
-
-It's important to set your exact SSID and of course your exact key. Both are case sensitive. For additional parameters in the configuration file, please refer to the manual page [wpa_supplicant.conf(5)](http://netbsd.gw.com/cgi-bin/man-cgi?wpa_supplicant.conf+5+NetBSD-current). 
-
-
-For setting WPA up with [dhclient(8)](http://netbsd.gw.com/cgi-bin/man-cgi?dhclient+8+NetBSD-current), make the configuration in [rc.conf(5)](http://netbsd.gw.com/cgi-bin/man-cgi?rc.conf+5+NetBSD-current) as follows: 
-    
-    dhclient=YES
-    # Do not wait for lease; useful if no network is within reach, so boot will not hang
-    dhclient_flags="-nw"
-    wpa_supplicant=YES
-    wpa_supplicant_flags="-B -i ath0 -c /etc/wpa_supplicant.conf"
-    
-
-Also, note that _wpa_supplicant_ lives in `/usr/sbin`. Depending on your file system layout, you may need to add `/usr` to the `critical_filesystems_local` override in `/etc/rc.conf`. Example: 
-    
-    critical_filesystems_local="/var /usr"
-    
-
-That's it. Now you can start _wpa_supplicant_ with `/etc/rc.d/wpa_supplicant start`, then restart your network with `/etc/rc.d/network restart`. 
-
-#  Using _dhcpcd_ instead of _dhclient_
-
-In NetBSD 5.0, you can also put a new line in `/etc/ifconfig.ath0` that mentions dhcp: 
-    
-    up
-    dhcp
-    
-
-This will bring the interface up and start [dhcpcd(8)](http://netbsd.gw.com/cgi-bin/man-cgi?dhcpcd+8+NetBSD-current), the new DHCP client daemon. If you do this, you can remove _dhclient_ from your configuration and change the `dhclient_flags` to `dhcpcd_flags`: 
-    
-
-# Do not wait for lease; useful if no network is within reach, so boot will not hang
-    dhcpcd_flags="-q -b"
-    wpa_supplicant=YES
-    wpa_supplicant_flags="-B -i ath0 -c /etc/wpa_supplicant.conf"
-    
-
-#  Adding a new network 
-
-With the above setup, all you have to do is add the configuration to your `wpa_supplicant.conf` and then tell wpa_supplicant to reload its config: 
-    
-    wpa_cli reconfigure
-    
-
-That's it. With 
-    
-    wpa_cli status
-    
-
-you can track the status, and see if it authenticates. If you wait a moment, _dhcpcd_ will pick up the change and automatically obtain a new lease. 

(Diff truncated)
Index: wikisrc/hackathon2016.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/hackathon2016.mdwn,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- wikisrc/hackathon2016.mdwn	11 Apr 2016 20:13:55 -0000	1.3
+++ wikisrc/hackathon2016.mdwn	11 Apr 2016 20:21:45 -0000	1.4
@@ -16,3 +16,4 @@
 pkgsrc:
 
 - import MATE, Gnome3, Cinnamon, ...
+- add upower backend for NetBSD

Index: wikisrc/hackathon2016.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/hackathon2016.mdwn,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- wikisrc/hackathon2016.mdwn	11 Apr 2016 20:12:13 -0000	1.2
+++ wikisrc/hackathon2016.mdwn	11 Apr 2016 20:13:55 -0000	1.3
@@ -11,3 +11,8 @@
 
 - DRM/KMS PRs
 - make ctwm default (youri)
+
+
+pkgsrc:
+
+- import MATE, Gnome3, Cinnamon, ...

Index: wikisrc/hackathon2016.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/hackathon2016.mdwn,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- wikisrc/hackathon2016.mdwn	11 Apr 2016 20:11:43 -0000	1.1
+++ wikisrc/hackathon2016.mdwn	11 Apr 2016 20:12:13 -0000	1.2
@@ -4,7 +4,6 @@
 src:
 
 - Susped / Resume (Riadtradh, ..)
-- 
 
 
 

--- /dev/null	2016-04-11 20:11:34.000000000 +0000
+++ wikisrc/hackathon2016.mdwn	2016-04-11 20:11:55.000000000 +0000
@@ -0,0 +1,14 @@
+[[!meta title="NetBSD 2016 Hackathon"]]
+
+
+src:
+
+- Susped / Resume (Riadtradh, ..)
+- 
+
+
+
+xsrc:
+
+- DRM/KMS PRs
+- make ctwm default (youri)

Index: wikisrc/users/youri.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/youri.mdwn,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- wikisrc/users/youri.mdwn	11 Apr 2016 20:03:52 -0000	1.5
+++ wikisrc/users/youri.mdwn	11 Apr 2016 20:06:16 -0000	1.6
@@ -1,4 +1,4 @@
 My corner of the NetBSD wiki
 
 - [[xfce4]] desktop work
-- [[hackathons]]
+- [[hackathon2016]]

Index: wikisrc/users/youri.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/youri.mdwn,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- wikisrc/users/youri.mdwn	11 Apr 2016 20:03:09 -0000	1.4
+++ wikisrc/users/youri.mdwn	11 Apr 2016 20:03:52 -0000	1.5
@@ -1,4 +1,4 @@
 My corner of the NetBSD wiki
 
 - [[xfce4]] desktop work
-- [[ hackathons ]]
+- [[hackathons]]

Index: wikisrc/users/youri.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/users/youri.mdwn,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- wikisrc/users/youri.mdwn	29 Jul 2015 15:01:33 -0000	1.3
+++ wikisrc/users/youri.mdwn	11 Apr 2016 20:03:09 -0000	1.4
@@ -1,3 +1,4 @@
 My corner of the NetBSD wiki
 
 - [[xfce4]] desktop work
+- [[ hackathons ]]

Added a comment: Lenovo ThinkPad T440
--- /dev/null	2016-03-25 23:10:01.000000000 +0000
+++ wikisrc/laptops/comment_3_52ce0d9b2841f0fc6acd97d66a5bf4a9._comment	2016-03-25 23:13:42.000000000 +0000
@@ -0,0 +1,19 @@
+[[!comment format=mdwn
+ username="silasdb@0d2e694871d5a513ea916e0bd9c87d6ad7a6e29b"
+ nickname="silasdb"
+ subject="Lenovo ThinkPad T440"
+ date="2016-03-25T23:13:27Z"
+ content="""
+To install NetBSD from the USB images provided from the site, it is necessary to enable \"UEFI/Legacy Boot\" and to change the \"UEFI/Legacy Boot Priority\" to \"Legacy First\". Also, Enable the \"USB UEFI BIOS Support\" and disable \"USB 3.0 Mode\".
+
+After booting the USB image but before installing everything, you may want to switch back to MBR (instead of GPT).  To do this, drop to the shell prompt and delete GPT from the drives:
+
+    gpt destroy wd0
+    gpt destroy wd1
+
+What works: X11 (with new DRM/KMS work), audio, SSD and HDD, trackpoint, keyboard backlight (doesn't seem to depend on OS drivers). What doesn't work: onboard wireless (buy a cheap USB wireless adapter), suspend/hibernate/resume, special function keys (turn up/down volume, etc.).
+
+The new Synaptic Trackpad works with basic functions. Cursor movement and left click only.
+
+Tried with NetBSD 7.0.
+"""]]

removed
--- wikisrc/laptops/comment_3_26487056701a32e4b2e710ea7d9f024e._comment	2016-03-25 23:10:01.000000000 +0000
+++ /dev/null	2016-03-25 23:10:01.000000000 +0000
@@ -1,16 +0,0 @@
-[[!comment format=mdwn
- username="silasdb@0d2e694871d5a513ea916e0bd9c87d6ad7a6e29b"
- nickname="silasdb"
- subject="Lenovo ThinkPad T440"
- date="2016-03-25T23:05:51Z"
- content="""
-To install NetBSD from the USB images provided from the site, it is necessary to enable \"UEFI/Legacy Boot\" and to change the \"UEFI/Legacy Boot Priority\" to \"Legacy First\".  Also, Enable the \"USB UEFI BIOS Support\" and disable \"USB 3.0 Mode\".
-
-What works: X11 (with new DRM/KMS work), audio, SSD and HDD, trackpoint, keyboard backlight (doesn't seem to depend on OS drivers).
-What doesn't work: onboard wireless (buy a cheap USB wireless adapter), suspend/hibernate/resume, special function keys (turn up/down volume, etc.).
-
-The new Synaptic Trackpad works with basic functions.  Cursor movement and left click only.
-
-Tried with NetBSD 7.0.
-
-"""]]

Added a comment: Lenovo ThinkPad T440
--- /dev/null	2016-03-25 23:00:34.000000000 +0000
+++ wikisrc/laptops/comment_3_26487056701a32e4b2e710ea7d9f024e._comment	2016-03-25 23:06:06.000000000 +0000
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="silasdb@0d2e694871d5a513ea916e0bd9c87d6ad7a6e29b"
+ nickname="silasdb"
+ subject="Lenovo ThinkPad T440"
+ date="2016-03-25T23:05:51Z"
+ content="""
+To install NetBSD from the USB images provided from the site, it is necessary to enable \"UEFI/Legacy Boot\" and to change the \"UEFI/Legacy Boot Priority\" to \"Legacy First\".  Also, Enable the \"USB UEFI BIOS Support\" and disable \"USB 3.0 Mode\".
+
+What works: X11 (with new DRM/KMS work), audio, SSD and HDD, trackpoint, keyboard backlight (doesn't seem to depend on OS drivers).
+What doesn't work: onboard wireless (buy a cheap USB wireless adapter), suspend/hibernate/resume, special function keys (turn up/down volume, etc.).
+
+The new Synaptic Trackpad works with basic functions.  Cursor movement and left click only.
+
+Tried with NetBSD 7.0.
+
+"""]]

Check if port_var1 exists in order to add the possible INSTALL notes link for
ports that uses port_var-s.
Index: wikisrc/templates/port.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/templates/port.mdwn,v
retrieving revision 1.15
retrieving revision 1.16
diff -u -r1.15 -r1.16
--- wikisrc/templates/port.mdwn	22 Mar 2016 21:01:51 -0000	1.15
+++ wikisrc/templates/port.mdwn	22 Mar 2016 22:10:23 -0000	1.16
@@ -15,7 +15,7 @@
 <TMPL_IF port_var6>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var6> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>-<TMPL_VAR port_var6>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var6> FTP")</TMPL_IF>
 <TMPL_IF port_var7>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var7> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>-<TMPL_VAR port_var7>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var7> FTP")</TMPL_IF>
 <TMPL_ELSE>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>/ "NetBSD/<TMPL_VAR port> FTP")</TMPL_IF></TMPL_IF>
-<TMPL_IF cur_rel><TMPL_IF port_var_install_notes>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> INSTALL notes](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port_var_install_notes>/INSTALL.html "NetBSD/<TMPL_VAR port> INSTALL notes")
+<TMPL_IF cur_rel><TMPL_IF port_var1><TMPL_IF port_var_install_notes>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> INSTALL notes](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port_var_install_notes>/INSTALL.html "NetBSD/<TMPL_VAR port> INSTALL notes")</TMPL_IF>
 <TMPL_ELSE>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> INSTALL notes](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>/INSTALL.html "NetBSD/<TMPL_VAR port> INSTALL notes")</TMPL_IF></TMPL_IF>
 <TMPL_IF pkg_rel><TMPL_IF port_var1>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var1> <TMPL_VAR pkg_rel> pre-built binary packages from pkgsrc](http://ftp.NetBSD.org/pub/pkgsrc/packages/NetBSD/<TMPL_VAR port_var1>/<TMPL_VAR pkg_rel>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var1> pkgsrc binary packages")
 <TMPL_IF port_var2>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var2> <TMPL_VAR pkg_rel> pre-built binary packages from pkgsrc](http://ftp.NetBSD.org/pub/pkgsrc/packages/NetBSD/<TMPL_VAR port_var2>/<TMPL_VAR pkg_rel>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var2> pkgsrc binary packages")</TMPL_IF>

Revert previous, the problem isn't in non-generated pages but in the logic in
port.mdwn template.
Index: wikisrc/ports/evbmips.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbmips.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/ports/evbmips.mdwn	22 Mar 2016 22:05:27 -0000	1.9
+++ wikisrc/ports/evbmips.mdwn	22 Mar 2016 22:06:58 -0000	1.10
@@ -37,4 +37,3 @@
 
 ]]
 [[!tag tier1port]]
-
Index: wikisrc/ports/evbsh3.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbsh3.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/evbsh3.mdwn	22 Mar 2016 22:05:27 -0000	1.8
+++ wikisrc/ports/evbsh3.mdwn	22 Mar 2016 22:06:58 -0000	1.9
@@ -14,4 +14,3 @@
 """
 ]]
 [[!tag tier2port]]
-
Index: wikisrc/ports/sbmips.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/sbmips.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/ports/sbmips.mdwn	22 Mar 2016 22:05:27 -0000	1.9
+++ wikisrc/ports/sbmips.mdwn	22 Mar 2016 22:06:58 -0000	1.10
@@ -18,4 +18,3 @@
 """
 ]]
 [[!tag tier2port]]
-

Add a newline in order to regen the pages (dirty hack to make
templates/port.mdwn changes effective to get rid of broken INSTALL notes link).
Index: wikisrc/ports/evbmips.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbmips.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/evbmips.mdwn	13 Mar 2016 16:24:10 -0000	1.8
+++ wikisrc/ports/evbmips.mdwn	22 Mar 2016 22:05:27 -0000	1.9
@@ -37,3 +37,4 @@
 
 ]]
 [[!tag tier1port]]
+
Index: wikisrc/ports/evbsh3.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbsh3.mdwn,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- wikisrc/ports/evbsh3.mdwn	8 Oct 2015 06:42:53 -0000	1.7
+++ wikisrc/ports/evbsh3.mdwn	22 Mar 2016 22:05:27 -0000	1.8
@@ -14,3 +14,4 @@
 """
 ]]
 [[!tag tier2port]]
+
Index: wikisrc/ports/sbmips.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/sbmips.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/ports/sbmips.mdwn	8 Oct 2015 06:42:53 -0000	1.8
+++ wikisrc/ports/sbmips.mdwn	22 Mar 2016 22:05:27 -0000	1.9
@@ -18,3 +18,4 @@
 """
 ]]
 [[!tag tier2port]]
+

Fix port_var_install_notes value.
Index: wikisrc/ports/evbarm.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbarm.mdwn,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- wikisrc/ports/evbarm.mdwn	22 Mar 2016 21:04:39 -0000	1.30
+++ wikisrc/ports/evbarm.mdwn	22 Mar 2016 21:08:32 -0000	1.31
@@ -8,7 +8,7 @@
 port_var5="earmv6hf"
 port_var6="earmv7hf"
 port_var7="earmv7hfeb"
-port_var_install_notes="arm"
+port_var_install_notes="evbarm-arm"
 cur_rel="7.0"  
 future_rel="7.0"
 changes_cur="6.0"

Use port_var_install_notes in order to provide a link to the NetBSD/evbarm
INSTALL notes.
Addresses port-evbmips/50956, also discussed with sevan@.
Members: 
	ports/evbarm.mdwn:1.29->1.30 

Index: wikisrc/ports/evbarm.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/ports/evbarm.mdwn,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- wikisrc/ports/evbarm.mdwn	13 Mar 2016 16:28:34 -0000	1.29
+++ wikisrc/ports/evbarm.mdwn	22 Mar 2016 21:04:39 -0000	1.30
@@ -8,6 +8,7 @@
 port_var5="earmv6hf"
 port_var6="earmv7hf"
 port_var7="earmv7hfeb"
+port_var_install_notes="arm"
 cur_rel="7.0"  
 future_rel="7.0"
 changes_cur="6.0"

Add a port_var_install_notes and modify the template in order to make possible
to also add a link to the INSTALL notes for ports that have port_var-s.
Addresses port-evbmips/50956, also discussed with sevan@.
Members: 
	templates/port.mdwn:1.14->1.15 

Index: wikisrc/templates/port.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/templates/port.mdwn,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -r1.14 -r1.15
--- wikisrc/templates/port.mdwn	13 Mar 2016 16:36:47 -0000	1.14
+++ wikisrc/templates/port.mdwn	22 Mar 2016 21:01:51 -0000	1.15
@@ -14,8 +14,9 @@
 <TMPL_IF port_var5>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var5> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>-<TMPL_VAR port_var5>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var5> FTP")</TMPL_IF>
 <TMPL_IF port_var6>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var6> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>-<TMPL_VAR port_var6>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var6> FTP")</TMPL_IF>
 <TMPL_IF port_var7>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var7> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>-<TMPL_VAR port_var7>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var7> FTP")</TMPL_IF>
-<TMPL_ELSE>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>/ "NetBSD/<TMPL_VAR port> FTP")
-* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> INSTALL notes](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>/INSTALL.html "NetBSD/<TMPL_VAR port> INSTALL notes")</TMPL_IF></TMPL_IF>
+<TMPL_ELSE>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> via FTP](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>/ "NetBSD/<TMPL_VAR port> FTP")</TMPL_IF></TMPL_IF>
+<TMPL_IF cur_rel><TMPL_IF port_var_install_notes>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> INSTALL notes](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port_var_install_notes>/INSTALL.html "NetBSD/<TMPL_VAR port> INSTALL notes")
+<TMPL_ELSE>* [NetBSD/<TMPL_VAR port> <TMPL_VAR cur_rel> INSTALL notes](http://ftp.NetBSD.org/pub/NetBSD/NetBSD-<TMPL_VAR cur_rel>/<TMPL_VAR port>/INSTALL.html "NetBSD/<TMPL_VAR port> INSTALL notes")</TMPL_IF></TMPL_IF>
 <TMPL_IF pkg_rel><TMPL_IF port_var1>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var1> <TMPL_VAR pkg_rel> pre-built binary packages from pkgsrc](http://ftp.NetBSD.org/pub/pkgsrc/packages/NetBSD/<TMPL_VAR port_var1>/<TMPL_VAR pkg_rel>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var1> pkgsrc binary packages")
 <TMPL_IF port_var2>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var2> <TMPL_VAR pkg_rel> pre-built binary packages from pkgsrc](http://ftp.NetBSD.org/pub/pkgsrc/packages/NetBSD/<TMPL_VAR port_var2>/<TMPL_VAR pkg_rel>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var2> pkgsrc binary packages")</TMPL_IF>
 <TMPL_IF port_var3>* [NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var3> <TMPL_VAR pkg_rel> pre-built binary packages from pkgsrc](http://ftp.NetBSD.org/pub/pkgsrc/packages/NetBSD/<TMPL_VAR port_var3>/<TMPL_VAR pkg_rel>/ "NetBSD/<TMPL_VAR port>-<TMPL_VAR port_var3> pkgsrc binary packages")</TMPL_IF>
@@ -72,6 +73,7 @@
 - port (required)
 - port_alt (optional)
 - port_var[1-7] (optional)
+- port_var_install_notes (optional)
 - about (required)
 - cur_rel (optional)
 - future_rel (required)

removed
--- wikisrc/examples/socket_programming/comment_2_a836730a2789ef150aa044450c85b44a._comment	2016-03-22 19:47:47.000000000 +0000
+++ /dev/null	2016-03-22 19:46:37.000000000 +0000
@@ -1,16 +0,0 @@
-[[!comment format=mdwn
- username="https://www.google.com/accounts/o8/id?id=AItOawmctq-5pm0gmzv3H9bPhvgE1c0cQumgly4"
- nickname="Saikrishna"
- subject="Please provide source code :)"
- date="2014-07-09T10:44:02Z"
- content="""
-Please provide the source code the for the below question.
-
-Message Details
-There are totally 7 messages - Syntax/Structure is as below. 1. LOGIN 2. NEEDAUTH - randomly generated 3. AUTH 4. LOGINOK - no value sent. O byte length 5. ERROR - can be 0 byte length or contain an error string 6. GETFILE 7. DATA - x bytes indicating size + x bytes of data Note: x can be 0. which means empty file! A Sample Messaging
-
-C - Client; S - Server
-C: LOGIN rajesh S: NEEDAUTH aa1123 C: AUTH <Hash(Password + aa1123)> S: LOGINOK C: GETFILE detail.txt S: ERROR \"No Such file\" C: GETFILE details.txt S: DATA 100 \"some data ... of 100 bytes\" Client closes the connection after receiving the DATA and stores the data received into a file.
-
-
-"""]]

removed
--- wikisrc/examples/socket_programming/comment_4_bb9a3ffb0fd31f3bc7d151ec9b8f9e02._comment	2016-03-22 19:46:51.000000000 +0000
+++ /dev/null	2016-03-22 19:46:37.000000000 +0000
@@ -1,255 +0,0 @@
-[[!comment format=mdwn
- username="shameem9002@f2ecf1bc7c685f538a5c0da5b06c5199757d0937"
- nickname="shameem9002"
- subject="socket network programming "
- date="2016-03-22T14:14:32Z"
- content="""
-==============================================================
-C Programming Assignment
-Course : Network Security for WASE2012
-Group Assignment :
-MIN students per group : 2
-MAX students per group : 5
-Grade will be a per-group grade.
-Assignment given Date : 27-Feb-2016 (CS1)
-Assignment Due on Date : 04-June-2016 (CS7)
-==============================================================
-Using NetBSD based sockets, implement a TCP client
-and TCP Server to demonstrate trivially secure
-file download from server.
-Environment/Tools required:
-Linux RHEL4/5/6 and gcc compiler and vi editor
-(recommended)
-Learning Objectives for student:
---------------------------------
-1. Ability to understand documents and convert them to working code.
-2. Understand Network Protocol messaging and parsing.
-3. Ability to program with NetBSD Sockets via C API.
-4. Manage multiple connections at a server side.
-5. Manage the state of a connection at both client and server side.
-5. Understand Binary vs Text and practical issues with Endianness.
-6. Ability to effectively use fread, fwrite APIs for file management
-- can also use read/write system calls.
-7. Understanding Standards and compatibility issues.
-Even though the same standard document is followed,
-implementations become different and not interoperable.
-- eg. A group's server may not work with another group's client
-and vice-versa.
-Deliverables:
-- Each group is expected to write both the client and the server.
-- The entire C source code for the server and client to be delivered.
-- source code should be compilable and executable.
-- if the given source does not compile properly
-in Linux RHEL4/5/6 credit will be highly reduced.
-- It is the students' responsibility to make sure that the
-source code compiles and runs properly in Linux RHEL4/5/6.
-- If a group's server/client are compatible with
-other group's client/servers, it will receive more credit.
-- Source code to be accompanied by a small text document
-to indicate features implemented and any other notes.
-- Deliverables to be emailed to the grader.
-- Printouts not required (Go Green!)
-Network Security - Programming Assignment
-1 of 5
-Details:
----------
-1. The messaging mechanism is based on Type-Length-Value (TLV)
-The Message Format is
-TYPE Field ---- Length Field --- Value field ---------------
----- 8 bytes --- 4 Bytes int ---- buffer of length bytes ----
-Note: If Length Field is ZERO, then the Value field is empty
-which is still a perfectly valid message.
-- eg. LOGINOK message - See details below.
-2. TYPE Field is of size 8 chars and always uppercase.
-Valid Types for Client messages are:
-LOGIN, AUTH, GETFILE
-Valid Types for Server messages are:
-NEEDAUTH, LOGINOK, DATA, ERROR
-As Type field is 8 bytes, it will employ 'SPACE' as padding.
-i.e. LOGIN will be sent as \"LOGIN \"
-3. The message exchange details are as below:
-Client connects to the server.
-LOGIN is the first message sent by the client.
-Server replies with NEEDAUTH message.
-Client sends back AUTH message as a reply to NEEDAUTH message
-Server replies with LOGINOK if authentication successful, else
-replies with ERROR and closes the connection.
-Client if login was ok, i.e. received LOGINOK message,
-can start sending GETFILE requests.
-Note: Only ONE outgoing request must be in the network pipe.
-Upon receiving a GETFILE message, if server finds a matching file
-it sends the file contents back in the DATA message.
-If no matching file, it sends an ERROR message.
-4. Note, at any time the client can close the connection and go away,
-- server needs to detect this and close the connection
-on its side as well.
-eg. if while server is sending a file, the client goes away,
-server needs to stop the transmission then and there
-gracefully and should not crash.
-As it is the server, other client connections
-should not get affected.
-- Same applies to the client, if server is stopped or crashed,
-client should not hang or crash and should handle the scenario
-gracefully.
-5. The Client upon receiving the DATA message stores the contents
-to a file and inform the same to the user.
-6. Server never advertises the file list on the server
-(unlike SCP/SFTP/FTP !)
-- so clients need to know the file names
-- a simple way is to query the user
-Note: A fancy UI is not required, rather a basic working UI
-with scanf() or fgets() should suffice.
-Network Security - Programming Assignment
-2 of 5
-Note about GETFILE and security:
-- If server is running from directory '/server/programs/docs/',
-this is called the Working Directory of the server.
-Server can only serve files under this working directory.
-ie. /server/programs/docs/file1.txt
-/server/programs/docs/file3.txt
-/server/programs/docs/songs/song1.mp3
-- But server cannot and must not serve files which are outside
-the working directory.
-eg. /home/user/file.txt
-/server/programs/hello1.txt
-The GETFILE message
-eg. If \"hello/details.txt\" is sent, server is supposed to
-look in its working directory for a matching file.
-So in this case \"hello/details.txt\" and \"details.txt\"
-may refer to completely different files.
-Note about Auth Mechanism:
-- Authentication here is based on a trivial Salted-MD5 mechanism.
-- This avoids replay attacks.
-- When server receives a LOGIN message, it checks if user is valid,
-and if so, generates a random SALT eg. x9z0a42TXop1009qutyk
-and sends it back in the NEEDAUTH message to the client.
-- The client gets this NEEDAUTH message and uses the received SALT
-and does a MD5(Password+SALT) and sends back in the AUTH message.
-- The server upon receiving the AUTH message, checks the
-MD5(Password+SALT) matches on its side.
-- The server uses the credentials file for getting the
-user and matching password.
-* The server stores the list of users and passwords
-in the credentials file.
-- Yes this is Bad! Not secure, but ok for this assignment.
-* Linux comes with a tool called 'md5sum' which can be used
-to generate the Hashes on both client side and server side.
-- There are many MD5 libraries available as well,
-but do not use external MD5 libraries for this assignment.
-Message Details
-----------------
-There are totally 7 messages - Syntax/Structure is as below.
-1. LOGIN <username>
-2. NEEDAUTH <Some salt data> - randomly generated
-3. AUTH <hash>
-4. LOGINOK
-- no value sent. 0 byte length
-5. ERROR
-- can be 0 byte length or contain an error string
-6. GETFILE <filepath>
-7. DATA - x bytes indicating size + x bytes of data
-Note: x can be 0. which means empty file!
-Network Security - Programming Assignment
-3 of 5
-Command Line arguments:
------------------------
-./SServer <serverBindIP> <serverBindPort>
-<serverWorkingDirectory> <credentialsFile>
-./SClient <serverIP> <serverPort> <downloadStoreDirectory>
-A Sample Messaging Session:
-C - Client; S - Server
-=============================================
-C: LOGIN ramesh
-S: NEEDAUTH aa1123
-C: AUTH <MD5(Password + aa1123)>
-S: LOGINOK
-C: GETFILE detail.txt
-S: ERROR \"No Such file\"
-C: GETFILE details.txt
-S: DATA 100 \"some data ... of 100 bytes\"
-C: GETFILE docs.txt
-S: DATA 129 \"some data ... of 129 bytes\"
-Client closes the connection after receiving the DATA
-and stores the data received into a file.
-Notes on sanity testing:
-* Both the server and client programs may run in the same machine
-during development, but for testing it would be ideal to
-run them in different machines, to see how a client/server
-reacts when network goes away.
-- Intentionally pull out the ethernet cable when the client
-is downloading a big file and see if program misbehaves!
-* Make sure the server side handling of BAD Clients is proper
-- Clients may send BAD/Invalid Messages/Out-of-Sequence Messages
-eg. A Client connecting and trying to send GETFILE Message
-without sending LOGIN
-Extras/Optional: - To be attempted only if the barebones
-version as above is intact and working properly.
------------------------------------------------------------------------
-Server side :
-1. Server can timeout an idle connection, where the idle timeout can be
-set as a command line argument.
-2. Server can intentionally allow only maximum 'y' number of downloads
-(successful GETFILE + DATA) in a session.
-After which it can return ERROR and close the connection.
-'y' can be made configurable.
-2. Server can close the connection if client sends 'x' number of bad
-GETFILE messages. 'x' can be made configurable.
-4. Implementing a simple Server side log with timestamp.

(Diff truncated)
Added a comment: socket network programming
--- /dev/null	2016-03-22 14:10:01.000000000 +0000
+++ wikisrc/examples/socket_programming/comment_4_bb9a3ffb0fd31f3bc7d151ec9b8f9e02._comment	2016-03-22 14:14:47.000000000 +0000
@@ -0,0 +1,255 @@
+[[!comment format=mdwn
+ username="shameem9002@f2ecf1bc7c685f538a5c0da5b06c5199757d0937"
+ nickname="shameem9002"
+ subject="socket network programming "
+ date="2016-03-22T14:14:32Z"
+ content="""
+==============================================================
+C Programming Assignment
+Course : Network Security for WASE2012
+Group Assignment :
+MIN students per group : 2
+MAX students per group : 5
+Grade will be a per-group grade.
+Assignment given Date : 27-Feb-2016 (CS1)
+Assignment Due on Date : 04-June-2016 (CS7)
+==============================================================
+Using NetBSD based sockets, implement a TCP client
+and TCP Server to demonstrate trivially secure
+file download from server.
+Environment/Tools required:
+Linux RHEL4/5/6 and gcc compiler and vi editor
+(recommended)
+Learning Objectives for student:
+--------------------------------
+1. Ability to understand documents and convert them to working code.
+2. Understand Network Protocol messaging and parsing.
+3. Ability to program with NetBSD Sockets via C API.
+4. Manage multiple connections at a server side.
+5. Manage the state of a connection at both client and server side.
+5. Understand Binary vs Text and practical issues with Endianness.
+6. Ability to effectively use fread, fwrite APIs for file management
+- can also use read/write system calls.
+7. Understanding Standards and compatibility issues.
+Even though the same standard document is followed,
+implementations become different and not interoperable.
+- eg. A group's server may not work with another group's client
+and vice-versa.
+Deliverables:
+- Each group is expected to write both the client and the server.
+- The entire C source code for the server and client to be delivered.
+- source code should be compilable and executable.
+- if the given source does not compile properly
+in Linux RHEL4/5/6 credit will be highly reduced.
+- It is the students' responsibility to make sure that the
+source code compiles and runs properly in Linux RHEL4/5/6.
+- If a group's server/client are compatible with
+other group's client/servers, it will receive more credit.
+- Source code to be accompanied by a small text document
+to indicate features implemented and any other notes.
+- Deliverables to be emailed to the grader.
+- Printouts not required (Go Green!)
+Network Security - Programming Assignment
+1 of 5
+Details:
+---------
+1. The messaging mechanism is based on Type-Length-Value (TLV)
+The Message Format is
+TYPE Field ---- Length Field --- Value field ---------------
+---- 8 bytes --- 4 Bytes int ---- buffer of length bytes ----
+Note: If Length Field is ZERO, then the Value field is empty
+which is still a perfectly valid message.
+- eg. LOGINOK message - See details below.
+2. TYPE Field is of size 8 chars and always uppercase.
+Valid Types for Client messages are:
+LOGIN, AUTH, GETFILE
+Valid Types for Server messages are:
+NEEDAUTH, LOGINOK, DATA, ERROR
+As Type field is 8 bytes, it will employ 'SPACE' as padding.
+i.e. LOGIN will be sent as \"LOGIN \"
+3. The message exchange details are as below:
+Client connects to the server.
+LOGIN is the first message sent by the client.
+Server replies with NEEDAUTH message.
+Client sends back AUTH message as a reply to NEEDAUTH message
+Server replies with LOGINOK if authentication successful, else
+replies with ERROR and closes the connection.
+Client if login was ok, i.e. received LOGINOK message,
+can start sending GETFILE requests.
+Note: Only ONE outgoing request must be in the network pipe.
+Upon receiving a GETFILE message, if server finds a matching file
+it sends the file contents back in the DATA message.
+If no matching file, it sends an ERROR message.
+4. Note, at any time the client can close the connection and go away,
+- server needs to detect this and close the connection
+on its side as well.
+eg. if while server is sending a file, the client goes away,
+server needs to stop the transmission then and there
+gracefully and should not crash.
+As it is the server, other client connections
+should not get affected.
+- Same applies to the client, if server is stopped or crashed,
+client should not hang or crash and should handle the scenario
+gracefully.
+5. The Client upon receiving the DATA message stores the contents
+to a file and inform the same to the user.
+6. Server never advertises the file list on the server
+(unlike SCP/SFTP/FTP !)
+- so clients need to know the file names
+- a simple way is to query the user
+Note: A fancy UI is not required, rather a basic working UI
+with scanf() or fgets() should suffice.
+Network Security - Programming Assignment
+2 of 5
+Note about GETFILE and security:
+- If server is running from directory '/server/programs/docs/',
+this is called the Working Directory of the server.
+Server can only serve files under this working directory.
+ie. /server/programs/docs/file1.txt
+/server/programs/docs/file3.txt
+/server/programs/docs/songs/song1.mp3
+- But server cannot and must not serve files which are outside
+the working directory.
+eg. /home/user/file.txt
+/server/programs/hello1.txt
+The GETFILE message
+eg. If \"hello/details.txt\" is sent, server is supposed to
+look in its working directory for a matching file.
+So in this case \"hello/details.txt\" and \"details.txt\"
+may refer to completely different files.
+Note about Auth Mechanism:
+- Authentication here is based on a trivial Salted-MD5 mechanism.
+- This avoids replay attacks.
+- When server receives a LOGIN message, it checks if user is valid,
+and if so, generates a random SALT eg. x9z0a42TXop1009qutyk
+and sends it back in the NEEDAUTH message to the client.
+- The client gets this NEEDAUTH message and uses the received SALT
+and does a MD5(Password+SALT) and sends back in the AUTH message.
+- The server upon receiving the AUTH message, checks the
+MD5(Password+SALT) matches on its side.
+- The server uses the credentials file for getting the
+user and matching password.
+* The server stores the list of users and passwords
+in the credentials file.
+- Yes this is Bad! Not secure, but ok for this assignment.
+* Linux comes with a tool called 'md5sum' which can be used
+to generate the Hashes on both client side and server side.
+- There are many MD5 libraries available as well,
+but do not use external MD5 libraries for this assignment.
+Message Details
+----------------
+There are totally 7 messages - Syntax/Structure is as below.
+1. LOGIN <username>
+2. NEEDAUTH <Some salt data> - randomly generated
+3. AUTH <hash>
+4. LOGINOK
+- no value sent. 0 byte length
+5. ERROR
+- can be 0 byte length or contain an error string
+6. GETFILE <filepath>
+7. DATA - x bytes indicating size + x bytes of data
+Note: x can be 0. which means empty file!
+Network Security - Programming Assignment
+3 of 5
+Command Line arguments:
+-----------------------
+./SServer <serverBindIP> <serverBindPort>
+<serverWorkingDirectory> <credentialsFile>
+./SClient <serverIP> <serverPort> <downloadStoreDirectory>
+A Sample Messaging Session:
+C - Client; S - Server
+=============================================
+C: LOGIN ramesh
+S: NEEDAUTH aa1123
+C: AUTH <MD5(Password + aa1123)>
+S: LOGINOK
+C: GETFILE detail.txt
+S: ERROR \"No Such file\"
+C: GETFILE details.txt
+S: DATA 100 \"some data ... of 100 bytes\"
+C: GETFILE docs.txt
+S: DATA 129 \"some data ... of 129 bytes\"
+Client closes the connection after receiving the DATA
+and stores the data received into a file.
+Notes on sanity testing:
+* Both the server and client programs may run in the same machine
+during development, but for testing it would be ideal to
+run them in different machines, to see how a client/server
+reacts when network goes away.
+- Intentionally pull out the ethernet cable when the client
+is downloading a big file and see if program misbehaves!
+* Make sure the server side handling of BAD Clients is proper
+- Clients may send BAD/Invalid Messages/Out-of-Sequence Messages
+eg. A Client connecting and trying to send GETFILE Message
+without sending LOGIN
+Extras/Optional: - To be attempted only if the barebones
+version as above is intact and working properly.
+-----------------------------------------------------------------------
+Server side :
+1. Server can timeout an idle connection, where the idle timeout can be
+set as a command line argument.
+2. Server can intentionally allow only maximum 'y' number of downloads
+(successful GETFILE + DATA) in a session.
+After which it can return ERROR and close the connection.
+'y' can be made configurable.
+2. Server can close the connection if client sends 'x' number of bad
+GETFILE messages. 'x' can be made configurable.
+4. Implementing a simple Server side log with timestamp.

(Diff truncated)
--- /dev/null	2016-03-20 07:52:09.000000000 +0000
+++ wikisrc/users/tm.mdwn	2016-03-20 07:53:37.000000000 +0000
@@ -0,0 +1 @@
+test

Add a link about RELRO
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 14:02:06 -0000	1.9
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 14:02:38 -0000	1.10
@@ -164,3 +164,7 @@
 
 This is an indicator that the program was indeed built with support for SSP.
 
+# References
+
+* <http://tk-blog.blogspot.co.at/2009/02/relro-not-so-well-known-memory.html>
+

Wording
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 13:40:11 -0000	1.8
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 14:02:06 -0000	1.9
@@ -1,7 +1,7 @@
 [[!meta title="Hardening pkgsrc"]]
 
-[pkgsrc](http://www.pkgsrc.org/) supports a number of mechanisms that are meant
-to improve the security of compiled binaries. They can be individually enabled
+A number of mechanisms are available in [pkgsrc](http://www.pkgsrc.org/) to
+improve the security of the resulting system. They can be enabled individually
 in `mk.conf`, and consist of:
 
 * `PKGSRC_MKPIE`: forces the creation of PIE (Position Independent

Mention the performance impact of SSP
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 13:27:17 -0000	1.7
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 13:40:11 -0000	1.8
@@ -105,6 +105,18 @@
 Again, this feature may cause some programs to crash, usually indicating an
 actual bug in the program. Patching the original program is then required.
 
+### Performance impact
+
+The compiler emits extra code when using this feature: a check for buffer
+overflows is performed when entering and exiting functions, requiring an extra
+variable on the stack. The level of protection can otherwise be adjusted to
+affect only those functions considered more sensitive by the compiler (with
+`-fstack-protector` instead of `-fstack-protector-all`).
+
+The impact is not expected to be noticeable on modern hardware. However,
+programs with a hard requirement to run at the fastest possible speed should
+avoid using this feature, or using libraries built with this feature.
+
 # Auditing the system
 
 The illusion of security is worse than having no security at all. This section

Mention the differences in performance for RELRO
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:51:51 -0000	1.6
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 13:27:17 -0000	1.7
@@ -71,6 +71,20 @@
 crash, usually indicating an actual bug in the program. The fix will typically
 involve patching the original program.
 
+## Problems with `PKGSRC_USE_RELRO`
+
+### Performance impact
+
+For better protection, full RELRO requires every symbol to be resolved when the
+program starts, rather than lazily at run-time. This will have more impact on
+programs using a lot of symbols, or linked to libraries exposing a lot of
+symbols. Therefore, daemons or programs otherwise running in background are
+affected only when started. Programs loading plug-ins at run-time are affected
+when loading the plug-ins.
+
+The impact is not expected to be noticeable on modern hardware, except in some
+cases for big programs.
+
 ## Problems with `PKGSRC_USE_SSP`
 
 ### Packages failing to build

Convert to ASCII from UTF-8
Index: wikisrc/tutorials/bus_space_tutorial.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/tutorials/bus_space_tutorial.mdwn,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- wikisrc/tutorials/bus_space_tutorial.mdwn	29 Jun 2013 12:41:13 -0000	1.12
+++ wikisrc/tutorials/bus_space_tutorial.mdwn	17 Mar 2016 11:38:49 -0000	1.13
@@ -6,13 +6,13 @@
 
 -   Introductory-level documentation is scarce
 -   Writing device drivers is often considered black magic
--   Reading the man pages won’t give you the big picture
+-   Reading the man pages won't give you the big picture
 -   BSD systems are always in need of new drivers
 -   Device drivers are fun
 
-### What won’t be covered here?
+### What won't be covered here?
 
-We don’t have much time, so several ~~advanced~~ topics were omitted:
+We don't have much time, so several ~~advanced~~ topics were omitted:
 
 -   Interrupt handling
 -   Direct Memory Access and the bus\_dma framework
@@ -46,16 +46,16 @@
 
 ### Why is writing the device drivers considered difficult?
 
--   It’s not as difficult as you may expect, in fact during this
-    tutorial we’ll prove that it’s quite easy
+-   It's not as difficult as you may expect, in fact during this
+    tutorial we'll prove that it's quite easy
 -   You need to think on a very low level
     -   Good understanding of computer architecture is a must
--   Often documentation is the main problem – writing the driver is not
-    possible if you don’t understand how the device works
+-   Often documentation is the main problem - writing the driver is not
+    possible if you don't understand how the device works
     -   No access to documentation (uncooperative hardware vendors,
         vendors out of business)
     -   Documentation is incomplete or plain wrong
-    -   Reverse engineering can solve these problems but it’s a very
+    -   Reverse engineering can solve these problems but it's a very
         time consuming process
 
 ## The NetBSD driver model
@@ -73,7 +73,7 @@
 
 ### The NetBSD source directory structure
 
--   We’ll only cover parts interesting for a device driver programmer
+-   We'll only cover parts interesting for a device driver programmer
 -   src/sys/
     - kernel source directory
 -   src/sys/dev/
@@ -134,15 +134,15 @@
 
 ### The bus\_space(9) framework
 
--   “The goal of the bus\_space functions is to allow a single driver
+-   "The goal of the bus\_space functions is to allow a single driver
     source file to manipulate a set of devices on different system
     architectures, and to allow a single driver object file to
     manipulate a set of devices on multiple bus types on a single
-    architecture.”
+    architecture."
 -   Provides a set of functions implementing common operations on the
     bus like mapping, reading, writing, copying, etc.
 -   The bus\_space(9) is implemented at the machine-dependent level
-    (typically it’s a part of architecture-specific code), but all
+    (typically it's a part of architecture-specific code), but all
     implementations present the same interface
 > At least they should, some functions are missing on less popular ports
 
@@ -175,7 +175,7 @@
     will build compiler, assembler, linker, etc. for cobalt port
 -   $ build.sh -m cobalt kernel=GENERIC
     will build the GENERIC kernel for cobalt
--   Call build.sh with a -u parameter to update (won’t rebuilding
+-   Call build.sh with a -u parameter to update (won't rebuilding
     everything)
 -   build.sh
     is calling nbconfig and nbmake tools, no magic involved
@@ -185,9 +185,9 @@
 -   A framework for full-system computer architecture emulation,
     excellent for educational purposes
 -   Capable of emulating several real machines supported by NetBSD
--   We’ll emulate a [Cobalt](http://en.wikipedia.org/wiki/Cobalt_Qube),
+-   We'll emulate a [Cobalt](http://en.wikipedia.org/wiki/Cobalt_Qube),
     MIPS-based micro server with PCI bus
--   I’ve modified GXemul and implemented an emulation of an additional
+-   I've modified GXemul and implemented an emulation of an additional
     PCI device
 -   It will be used to show (almost) a real-life example of the driver
     development process
@@ -198,7 +198,7 @@
 -   Fake Cards Inc. responded to market needs and created a new product,
     Advanced Addition Accelerator
 -   Pointy Haired Bosses will certainly buy it to accelerate their
-    business applications, so let’s create a driver for NetBSD!
+    business applications, so let's create a driver for NetBSD!
 
 ### Our hardware - technical details
 
@@ -265,7 +265,7 @@
 
 ### Adding a new driver to the NetBSD kernel
 
--   We’ll discuss the steps needed to add a new MI PCI device driver to
+-   We'll discuss the steps needed to add a new MI PCI device driver to
     the NetBSD kernel
     -   Add the vendor and device ID to the database of PCI IDs
     -   Create a set of the driver source files in
@@ -285,7 +285,7 @@
 -   vendor VENDORNAME 0xVENDORID Long Vendor Name
 -   product VENDORNAME PRODUCTNAME 0xPRODUCTID Long Product Name
 -   To regenerate pcidevs\*.h run awk -f devlist2h.awk pcidevs or
-    Makefile.pcidevs if you’re on NetBSD
+    Makefile.pcidevs if you're on NetBSD
 
 ### Modifying the PCI device database - example
 
@@ -317,7 +317,7 @@
     not configured
 
 -   Now the kernel knows the vendor and product ID
--   But there’s still no driver for this device
+-   But there's still no driver for this device
 
 ### Adding the new PCI driver
 
@@ -359,7 +359,7 @@
         in case of PCI bus, it will be used to check vendor and product
         ID)
     -   parent
-        - pointer to parent’s driver device structure
+        - pointer to parent's driver device structure
     -   match
         - pointer to autoconf(9) details structure
     -   aux
@@ -372,26 +372,26 @@
     -   parent
         - same as with match function
     -   self
-        - pointer to driver’s device structure
+        - pointer to driver's device structure
     -   aux
         - same as with match function
 -   See definitions of these functions in the
     [driver(9)](http://netbsd.gw.com/cgi-bin/man-cgi?driver+9+NetBSD-current)
     man page.
 
-### Adding the new PCI driver - main driver cont’d
+### Adding the new PCI driver - main driver cont'd
 
 -   CFATTACH\_DECL\_NEW(faa, sizeof(struct faa\_softc), faa\_match,
     faa\_attach, NULL, NULL);
     -   driver name
-    -   size of softc structure containing state of driver’s instance
+    -   size of softc structure containing state of driver's instance
     -   match/probe function
     -   attach function
     -   detach function
     -   activate function
--   The “\_NEW” name is unfortunate
+-   The "\_NEW" name is unfortunate
 -   Pass NULL for unimplemented functions
--   We won’t cover detach and activate now, as they are not needed for a
+-   We won't cover detach and activate now, as they are not needed for a
     simple driver
 
 ### Adding the new PCI driver - main driver example
@@ -401,7 +401,7 @@
 <!-- -->
 
     #include <sys/cdefs.h>
-    __KERNEL_RCSID(0, "$NetBSD: bus_space_tutorial.mdwn,v 1.12 2013/06/29 12:41:13 ryoon Exp $");
+    __KERNEL_RCSID(0, "$NetBSD: bus_space_tutorial.mdwn,v 1.13 2016/03/17 11:38:49 ryoon Exp $");
     #include <sys/param.h>
     #include <sys/device.h>
     #include <dev/pci/pcivar.h>
@@ -520,7 +520,7 @@
 ### Adding the new PCI driver - example
 
 -   The driver should compile now
--   The driver’s match function will check if the driver is able to work
+-   The driver's match function will check if the driver is able to work
     with a given device
 -   Since it is not implemented, the kernel will not attach the driver
 
@@ -549,37 +549,37 @@
 
 -   The driver has successfully matched and attached to the PCI device
     but still is not doing anything useful
--   Let’s fill the attach function and actually program the hardware
+-   Let's fill the attach function and actually program the hardware
 
 ### Variable types used with bus\_space
 

(Diff truncated)
Add a check for SSP
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:41:21 -0000	1.5
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:51:51 -0000	1.6
@@ -125,3 +125,16 @@
     Program Header:
     [...]
        RELRO off    0x0000000000000d78 vaddr 0x0000000000600d78 paddr 0x0000000000600d78 align 2**0
+
+## Checking for SSP
+
+Building objects, binaries and libraries with SSP will affect the presence of
+additional symbols in the resulting file:
+
+    $ nm /path/to/bin/ary
+    [...]
+                     U __stack_chk_fail
+    0000000000600ea0 B __stack_chk_guard
+
+This is an indicator that the program was indeed built with support for SSP.
+

On validating the hardening in place
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:19:17 -0000	1.4
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:41:21 -0000	1.5
@@ -91,3 +91,37 @@
 Again, this feature may cause some programs to crash, usually indicating an
 actual bug in the program. Patching the original program is then required.
 
+# Auditing the system
+
+The illusion of security is worse than having no security at all. This section
+lists a number of ways to ensure the security features requested are actually
+effective.
+
+_These instructions were obtained and tested on a system derived from NetBSD 7
+(amd64). YMMV._
+
+## Checking for PIE
+
+The ELF executable type in use changes for binaries built as PIE; without:
+
+    $ file /path/to/bin/ary
+    /path/to/bin/ary: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for NetBSD 7.0, not stripped
+
+as opposed to the following binary, built as PIE:
+
+    $ file /path/to/pie/bin/ary
+    /path/to/pie/bin/ary: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for NetBSD 7.0, not stripped
+
+The latter result is then what is expected.
+
+## Checking for RELRO
+
+The following command should list a section called `RELRO`:
+
+    $ objdump -p /path/to/bin/ary
+
+    /path/to/bin/ary:     file format elf64-x86-64
+
+    Program Header:
+    [...]
+       RELRO off    0x0000000000000d78 vaddr 0x0000000000600d78 paddr 0x0000000000600d78 align 2**0

Also document PKGSRC_USE_FORTIFY
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:14:51 -0000	1.3
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:19:17 -0000	1.4
@@ -53,6 +53,24 @@
 * actual bug in the program crashing, exposed thanks to ASLR/mprotect;
 * bug in the implementation of ASLR/mprotect in the Operating System.
 
+## Problems with `PKGSRC_USE_FORTIFY`
+
+### Packages failing to build
+
+This feature makes use of pre-processing directives to look for hardened,
+alternative implementations of essential library calls. Some programs may fail
+to build as a result; this usually happens for those trying too hard to be
+portable, or otherwise abusing definitions in the standard library.
+
+This will require a modification to the program, or disabling this feature for
+part or all of the build.
+
+### Run-time crashes
+
+Just like with `PKGSRC_MKPIE` above, this feature may cause some programs to
+crash, usually indicating an actual bug in the program. The fix will typically
+involve patching the original program.
+
 ## Problems with `PKGSRC_USE_SSP`
 
 ### Packages failing to build
@@ -70,7 +88,6 @@
 
 ### Run-time crashes
 
-Just like with `PKGSRC_MKPIE` above, this feature may cause some programs to
-crash, usually indicating an actual bug in the program. The fix will typically
-involve patching the original program.
+Again, this feature may cause some programs to crash, usually indicating an
+actual bug in the program. Patching the original program is then required.
 

Also document PKGSRC_USE_SSP
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:05:59 -0000	1.2
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:14:51 -0000	1.3
@@ -53,3 +53,24 @@
 * actual bug in the program crashing, exposed thanks to ASLR/mprotect;
 * bug in the implementation of ASLR/mprotect in the Operating System.
 
+## Problems with `PKGSRC_USE_SSP`
+
+### Packages failing to build
+
+The stack-smashing protection provided by this option does not work for some
+programs. The two most common situations in which this happens are:
+
+* the program makes use of the `alloca(3)` library call (memory allocator on the
+  stack)
+* the program allocates variables on the stack, with the size determined at
+  run-time.
+
+Both cases will require a modification to the program, or disabling this feature
+for part or all of the build.
+
+### Run-time crashes
+
+Just like with `PKGSRC_MKPIE` above, this feature may cause some programs to
+crash, usually indicating an actual bug in the program. The fix will typically
+involve patching the original program.
+

Document some known issues with PKGSRC_MKPIE
Index: wikisrc/pkgsrc/hardening.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/pkgsrc/hardening.mdwn,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 02:45:18 -0000	1.1
+++ wikisrc/pkgsrc/hardening.mdwn	17 Mar 2016 03:05:59 -0000	1.2
@@ -14,3 +14,42 @@
 * `PKGSRC_USE_SSP`: enables stack-smashing protection (again, on supported
   platforms)
 
+# Caveats
+
+## Problems with `PKGSRC_MKPIE`
+
+### No support for cwrappers
+
+As of the time of this article `PKGSRC_MKPIE` is not supported by
+`pkgtools/cwrappers` (`USE_CWRAPPERS` in `mk.conf`).
+
+### Packages failing to build
+
+A number of packages may fail to build with this option enabled. The failures
+are often related to the absence of the "-fPIC" compilation flag when building
+libraries or executables (or ideally "-fPIE" in the latter case). This flag is
+added to the `CFLAGS` already, but requires the package to actually support it.
+
+#### How to fix
+
+These instructions are meant as a reference only; they likely need to be adapted
+for many packages individually.
+
+For packages using `Makefiles`:
+
+    MAKE_FLAGS+=	CFLAGS=${CFLAGS:Q}
+    MAKE_FLAGS+=	LDFLAGS=${LDFLAGS:Q}
+
+For packages using `Imakefiles`:
+
+    MAKE_FLAGS+=	CCOPTIONS=${CFLAGS:Q}
+    MAKE_FLAGS+=	LOCAL_LDFLAGS=${LDFLAGS:Q}
+
+### Run-time crashes
+
+Some programs may fail to run, or crash at random times once built as PIE. Two
+scenarios are essentially possible:
+
+* actual bug in the program crashing, exposed thanks to ASLR/mprotect;
+* bug in the implementation of ASLR/mprotect in the Operating System.
+

Begin a page on hardening pkgsrc
--- /dev/null	2016-03-17 02:41:09.000000000 +0000
+++ wikisrc/pkgsrc/hardening.mdwn	2016-03-17 02:45:29.000000000 +0000
@@ -0,0 +1,16 @@
+[[!meta title="Hardening pkgsrc"]]
+
+[pkgsrc](http://www.pkgsrc.org/) supports a number of mechanisms that are meant
+to improve the security of compiled binaries. They can be individually enabled
+in `mk.conf`, and consist of:
+
+* `PKGSRC_MKPIE`: forces the creation of PIE (Position Independent
+  Executables) when supported on the current platform. This option is necessary
+  to fully leverage ASLR as a mitigation for security vulnerabilities.
+* `PKGSRC_USE_FORTIFY`: allows substitute wrappers to be used for commonly used
+  functions that do not bounds checking regularly - but could in some cases.
+* `PKGSRC_USE_RELRO`: this also makes the exploitation of some security
+  vulnerabilities more difficult in some cases.
+* `PKGSRC_USE_SSP`: enables stack-smashing protection (again, on supported
+  platforms)
+

Try to reflect the current situation
- devel/kyua-cli and devel/kyua-testers were merged into devel/kyua
- no need to install devel/atf specifically since devel/kyua depends on it
- devel/atf-libs was merged into devel/atf
There are some issues remaining with the current documentation:
- atf-run and atf-report are nowhere to be found in pkgsrc anymore
- same for atf2kyua
There are some issues remaining with the current documentation:
- atf-run and atf-report are nowhere to be found in pkgsrc anymore
- same for atf2kyua

Members: 
	kyua.mdwn:1.9->1.10 

Index: wikisrc/kyua.mdwn
===================================================================
RCS file: /cvsroot/wikisrc/kyua.mdwn,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- wikisrc/kyua.mdwn	16 Feb 2013 12:36:23 -0000	1.9
+++ wikisrc/kyua.mdwn	17 Mar 2016 02:32:16 -0000	1.10
@@ -176,24 +176,12 @@
 ATF, because the ATF libraries are *not* being rewritten).  All of these
 components exist in pkgsrc, and are:
 
-* pkgsrc/devel/atf-libs: The C, C++ and POSIX shell libraries provided by
-  ATF.  These are *NOT* meant to be replaced by Kyua.
-
 * pkgsrc/devel/atf: The ATF tools, namely atf-run and atf-report.  These
   are deprecated and this package should eventually disappear.
 
-* pkgsrc/devel/kyua-testers: The Kyua testers, which provide the
-  `kyua-atf-tester` and `kyua-plain-tester` helper binaries.  These
-  binaries implement the logic to execute test cases in an isolated manner
-  and to expose the test programs using a common and abstract command-line
-  interface.
-
-* pkgsrc/devel/kyua-cli: The Kyua command-line interface, which provides a
+* pkgsrc/devel/kyua: The Kyua command-line interface, which provides a
   superset of the functionality of atf-run and atf-report.
 
-* pkgsrc/devel/kyua-atf-compat: Drop-in replacements for atf-run and
-  atf-report that use kyua-cli in the backend.
-
 # Running the NetBSD test suite
 
 There are two ways to run the NetBSD test suite with Kyua.  The easy (or
@@ -243,16 +231,13 @@
 the existing NetBSD test suite is not prepared for Kyua.  Let's take a look
 at these steps.
 
-To get started, install the Kyua packages:
+To get started, install the Kyua package:
 
-    $ cd /usr/pkgsrc/devel/kyua-cli
-    $ make install && make clean
-    $ cd /usr/pkgsrc/devel/kyua-atf-compat
-    $ make install && make clean
+    $ cd /usr/pkgsrc/devel/kyua
+    $ make install clean
 
 Once this is done, configure Kyua in the same way ATF is configured "out of
-the box" in NetBSD.  Create the /usr/pkg/etc/kyua/kyua.conf file with these
-contents:
+the box" in NetBSD.  Create a /usr/pkg/etc/kyua/kyua.conf file containing:
 
     syntax('config', 1)
     unprivileged_user = '_tests'

Add a comment
Contact | Disclaimer | Copyright © 1994-2016 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
NetBSD® is a registered trademark of The NetBSD Foundation, Inc.