From: Klemens Nanni Subject: Re: syspatch -c : call ftp(1) with timeout To: Antoine Jacoutot , Matthieu Herrb Cc: tech@openbsd.org Date: Sat, 21 Feb 2026 17:30:14 +0000 21.02.2026 15:00, Antoine Jacoutot пишет: > On Sat, Feb 21, 2026 at 08:48:58AM +0100, Matthieu Herrb wrote: >> Hi, >> >> I'm using syspatch -c in the monitoring system for a number of OpenBSD >> machines at work. >> From time to time the host listed in /etc/installurl becomes >> unavailable for hours. (I've seen that both with a dedicated mirror or >> with the cdn) causing monitoring errors because the agent (check_mk) >> is stuck. >> >> Adding a timeout option to the ftp(1) command run by syspatch -c is >> enough for me to not have the OpenBSD machines appear unresponsiv in >> the monitoring system. >> >> Would something like this make sense ? > > I think it does. > But why not add it to some of the other ftp(1) calls? ... and sysupgrade(8) and bsd.port.mk(5) FETCH_CMD as well, I guess. Wouldn't it make more sense to provide a more sensible default in ftp(1) so it doesn't wait forever? -w0 could do that if you really wanted, no? > >> Index: syspatch.sh >> =================================================================== >> RCS file: /local/cvs/src/usr.sbin/syspatch/syspatch.sh,v >> diff -u -p -u -r1.169 syspatch.sh >> --- syspatch.sh 27 Oct 2025 16:30:24 -0000 1.169 >> +++ syspatch.sh 21 Feb 2026 07:39:01 -0000 >> @@ -173,7 +173,7 @@ ls_missing() >> local _c _f _cmd _l="$(ls_installed)" _p _sha=${_TMP}/SHA256 >> >> # don't output anything on stdout to prevent corrupting the patch list >> - unpriv -f "${_sha}.sig" ftp -N syspatch -MVo "${_sha}.sig" \ >> + unpriv -f "${_sha}.sig" ftp -w 30 -N syspatch -MVo "${_sha}.sig" \ >> "${_MIRROR}/SHA256.sig" >/dev/null >> unpriv -f "${_sha}" signify -Veq -x ${_sha}.sig -m ${_sha} -p \ >> /etc/signify/openbsd-${_OSrev}-syspatch.pub >/dev/null >> >> -- >> Matthieu Herrb >> >