Remember the joke I and probably a zillion others made about OpenOpenSSL? It’s happening, except it’s called LibreSSL. (thanks, Tomáš Bodžár)
I’ve got “coverage” of most every BSD this week.
- OpenBSD has brought in OpenSSL – and is modifying it severely. Instead of linking to the many commits as they tear it into little bits, I’ll just link to this Lobste.rs post. Will it be OpenOpenSSL? It looks like it’s for internal consumption only. Undeadly has a similar summation. Apparently there’s a running blog of the changes, or at least the snarky comments.
- Have you never been to BSDCan? Dan Langille asks the question. As he points out, BSD conventions are awesome, where you get to meet some smart people and put names to faces.
- “I have been given the option of Linux or BSD at work…” A discussion of BSD as a Java development platform.
- FreeBSD has added the if_nf10bmac(4) driver, for the “NetFPGA-10G Embedded CPU Ethernet Core”, which appears to be a programmable network card? I’m not sure how it all works together.
- Goodbye EISA on FreeBSD. (Gone long ago on DragonFly.)
- NetBSD src and pkgsrc changes are being twittered. (NetBSD link does not work just now when I tried it.)
- PC-BSD Digest 26 mentions the addition of a new desktop environment called Lumina, built just for PC-BSD.
The March issue of BSD Magazine is out, and this month has an article written by Siju George about how his company is using DragonFly and Hammer for backups.
Some out-of-the-ordinary things this week.
- BSDTV, a new YouTube channel. It has several videos from the recent NYCBSDCon.
- pfSense 2.1.1 is out. No, wait, it’s 2.1.2!
- Installing packages from a custom FreeBSD repository. Applies to DragonFly, too.
- DiscoverBSD’s news summary for 2014/04/07.
- A partially tongue-in-cheek suggestion for an OpenOpenSSL.
- FreeBSDNews.net is now owned by? maintained by? iXSystems, which seems to be singlehandedly building as much FreeBSD ecosystem as possible – that’s good!
- Bitrig is dropping i386 support.
- FreeBSD Journal #2 is out.
- The OpenBSD Foundation reached their goal for the year.
- The FreeBSD Foundation is kicking off their campaign.
- PC-BSD Digest 25 is out.
- Mount your NetBSD ISO directly from the file server.
- FreeBSD supports UDP-Lite, which appears to be the network protocol equivalent of turning over a bucket of ball bearings and saying “Grab what you can.”
- OpenBSD starts to bring back 4.4BSD more.
- Peter N. M. Hansteen wants to know what you do with OpenBSD in a conference-presentationish sort of way. Specifically, EuroBSDCon.
- Jordan Hubbard talks about compiler choices for FreeBSD, and points out that the processor choices these days are Intel or ARM, and that’s it.
I should have seen that pun coming a long time ago. BSDNow 032 is up with an interview of Dru Lavigne and the usual assortment of other recent BSD items.
- BSDCan 2014 will have the BSD Professional Certification exam available (as beta)
- “The Design And Implementation of the FreeBSD Operating System” second edition, is up for pre-order. (comments are rude/funny.)
- The DiscoverBSD summary for 2014/03/31.
- The PC-BSD Digest 24.
- reop, an follow-up from OpenBSD’s signify
- The FreeBSDNews link roundup.
- Michael W. Lucas follows up on a prank with a description of how to get a BSD convention going.
- Peter N. M. Hansteen wants feedback on his BSDCan tutorials.
- Joystick support always sounds like a good idea.
- The Playstation 2 is back as a NetBSD platform.
- Turn partitions into disk images on FreeBSD.
- You can possibly create x86 USB images with NetBSD. (you couldn’t before?)
- NetBSD imported starsign, for signing data. Since it’s an external program, I tried searching for its origin… Google failed spectacularly, with astrology links galore.
- NetBSD also added dust, which appears to be a sensible utility. (Update: both this and starsign apparently written by Alistair Crooks.)
- I didn’t know serial ports could go this fast.
- pkgsrc-2014Q1 is out.
- Pkgsrc is looking at signing packages, too.
- Some conversation about building machines with a bunch of network ports. From openbsd-misc, but probably applies across the board.
- Video of the April 1 NYCBUG presentation on random number generation is available.
NYCBUG is presenting Yevgeniy Dodis at NYU (Warren Weaver Hall, room 101, 251 Mercer Street, NYC) at 7:15 PM tonight, speaking about building your own random number generator in both correct and incorrect ways.
I’m hiring a sysadmin at my workplace:
A quiet week this week.
- BSD author Michael W. Lucas has a project announcement mailing list.
- OpenBSD after version 5.5 will no longer support FTP for installation of sets.
- OpenBSD 5.5. preorders are available.
- NetBSD has imported mDNSResponder-258-14.
- OpenSSH 6.6 is out. I haven’t kept track of which BSDs have updated.
- DiscoverBSD’s 2014/03/24 summary.
- Another RetroBSD device.
- PC-BSD Weekly Digest 23.
BSDTalk 239 is 55 minutes of talk with Baptiste Daroussin at vBSDCon 2013 about ‘pkgng’ on FreeBSD. The BSDTalk post doesn’t mention it, but it is the same pkg tool that DragonFly uses, so Baptiste’s plans are relevant to DragonFly too. (I haven’t had a chance to listen to the podcast yet so I don’t know how much he talks about DragonFly, specifically.)
BSDNow episode 030 is out with an interview of Warren Block about FreeBSD documentation, along with a conversation on a number of other topics, including setting up a BSD machine as your access point (highly recommended, along with home router setup) and setting up a BSD (FreeNAS) as a Synology replacement. They also totally scooped me on Michael W. Lucas giving an OpenBSD talk – which might be because I forgot to sign up for his announcement mailing list.
I have a list of commits I’ve saved between the various BSDs of licenses getting corrected to the 2-clause BSD license; that would definitely be a good cross-BSD project to sync.
- DiscoverBSD has a free KVM VPS for the taking – if you write about the BSD-specific thing you are doing with it.
- Also, DiscoverBSD’s news summary for the 17th.
- OpenBSD packages are generally up to date. The place I found this linked has comments noting the need to run multiple versions of Ruby to test – even multiple subversions, like different revisions of 1.9.x. I think that points at a different problem…
- There’s mg, which is a ‘micro GNU/Emacs’, found in OpenBSD. There’s also apparently a portable version. (via)
- OpenBSD’s upd(4) needs testing.
- OpenBSD has switched to Unbound, and it is apparently easy to enable DNSSEC.
- I didn’t expect rcp to be removed from OpenBSD, or a Thulsa Doom reference.
- Two small package managers for OpenBSD: sqlport and pkg_mgr.
- The hp300, mvme68k and mvme88k ports are gone from OpenBSD.
- If you’re using pkgsrc, php-fpm may be a better module than mod_php.
- FreeBSD has a faster SHA2.
- pkgsrcCon 2014’s Call for Papers is up.
- PC-BSD Digest 22.
- Hubert Feyrer has linked some NetBSD-specific slides from AsiaBSDCon 2014.
- Michael W. Lucas’s NYCBSDCon 2014 talk is up on Youtube.
BSDNow episode 029 is up containing a full slate of material. There’s an interview of Gleb Kurtsou, along with a PEFS tutorial and several other items that are new to me.
Another week with lots of links.
- DiscoverBSD’s summary for 2014/03/10.
- PC-BSD Digest 21 – 10.0.1 release.
- FreeBSDNews needs a new maintainer. (am I the old man of BSD blogs? Yeesh.)
- FreeBSDNews also has two FreeNAS videos.
- OpenBSD is starting on USB 3 support. I assume this is separate from USB4BSD?
- OpenBSD has moved to OpenSMTPD by default.
- Hubert Feyrer has a summary of recent ARM developments in NetBSD.
- The 2014Q1 freeze for pkgsrc starts effectively today, lasting two weeks.
- Eric Radman pointed out that non-linear editing is possible on the BSDs using Blender, and here’s a tutorial.
- FreeBSD had an ABI change, so rebuild carefully on master.
- Man pages added by Microsoft to FreeBSD. It makes sense, but it still makes me pause.
- Apache is out of OpenBSD base.
- The window manager cwm has been made portable, meaning it’s not just for OpenBSD now.
- IPX and AppleTalk have been removed from FreeBSD.
Uh oh, I don’t get the pun this time. Anyway, the newest BSDNow episode is an interview with Eric Turgeon of GhostBSD,
and a disk concatenation tutorial for NetBSD and a tutorial that isn’t uploaded yet. (Wait, now I get it.)
Links everywhere this week!
- ZFS 101. This might be the same material presented at NYCBSDCon; I’m not sure.
- Installing FreeBSD 10 to ZFS with a script.
- The DiscoverBSD summary for 2014/03/03.
- PC-BSD Weekly Digest 20.
- Theo De Raadt questions for a Slashdot interview.
- OpenSMTPD 5.4.2 is released.
- Introduction to FreeNAS development.
- GhostBSD activity. (via)
- FreeNAS is now 64-bit only. (via)
- OpenBSD package building on larger machines.
- pkgsrcCon 2014 is happening June 21-22 in London, UK.
- The schedule for BSDCan 2014 is out.
- Merkletrees. Don’t know what it’s for; just like the name.
- NetBSD has a versioning system called ‘bikeshed’. It appears to mostly be plans at this point.
- OpenBSD has added qlw(4), a driver for QLogic ISP SCSI HBAs.
- Apparently some quirks from decades ago still survive.
- Random is more random on BSD than on Linux. (see last paragraph) (via)
- If you keep an emergency towel, you may get this joke.
The DragonFly Mail Agent is being suggested as a possible sendmail replacement for FreeBSD.
I am late posting this: the most recent episode of BSDNow has, along with the regular array of items, an interview of Chris Buechler, of the commercial support company behind pfSense.
Read the first item, if nothing else.
- You may have seen that Facebook bought WhatsApp for $19B; take a look at the graph here to see that WhatsApp has more than double the user count of Facebook, and then look at these two posts on NYCBUG talk noting that WhatsApp uses FreeBSD to serve all those people.
- DiscoverBSD’s 2014/02/17 summary.
- DiscoverBSD has an interview of Kent Riboe, maintainer of BSDEater.org, which appears to be a BSD RSS feed aggregator. I find the last sentence problematic: “…people shouldn’t need to read first half on one site and then click it to read the following part somewhere else.” I’d like people to read my words on my site, at some point, especially given that 75% of the text on bsdeater.org appear to be me.
- GNOME 3 on OpenBSD, on Undeadly. There’s more effort than I realized being put into this.
- How to build FreeBSD/EC2 images. (via)
- Synopsys bought Coverity. Coverity provided free source code analysis for FreeBSD; no idea if that will continue. (via swildner on #dragonflybsd)
- PC-BSD needs testers for a new upgrade method.
- Goodbye nve(4), hello nfe(4).
- FreeBSD has Synchronous Audio Interface (SAI) support. (Freescale-specific)
- NetBSD has imported SQLite 184.108.40.206.
- Some discussion of OpenBSD rootkits, or the lack thereof.
- Power failure resistance.
- LIBC_BUILTINS is no longer used in pkgsrc.
I was remiss in not posting this before it happened, but Issac (.ike) Levy of NYCBUG went to Tokyo to talk about the translation efforts for pfSense, on the 17th. He posted a summary of his talk and slides.
Normally I would be posting this in an “In Other BSDs” Saturday item, but the summary page includes links on Open Network Hardware, which .ike and I talked about at NYCBSDCon. I wanted to create a separate post for it, but he’s got all the links piled in with his talk summary already.
The hardware I want to see as a real product is the Intel ONP Switch Reference Design. (PDF) Having a device that looks like a switch but is actually a normal computer with a lot of network ports – that can run BSD – opens up a huge range of network possibilities.
Lots of links, yet again.
- Michael W. Lucas intends to have more BSD books out this year – at least 2. He goes into great detail on his plans. He hints at other authors with material on the way.
- BSD-linked Twitter accounts. I like finding accounts of individual developers, so you can see what projects people are working on. (plz suggest)
- The PC-BSD Weekly Digest 16 and number 17.
- The latest freebsdnews.net summary.
- Another BSD-based product I didn’t know about.
- FreeBSD has a new version of netmap.
- NetBSD and FreeBSD have brought in version 2.0 of ATF, the Automated Test Framework.
- FreeBSD has imported OpenBSD’s RNDIS framework.
- More cross-BSD fixes.
- Found through this OpenBSD sendmail upgrade: Sendmail, Inc., is now owned by a company called Proofpoint? A ‘security-as-a-service’ provider. I don’t know how to feel about this.
- OpenBSD has Intel Centrino Wireless-N 2230, 2200/105/135 support.
- OpenBSD supports qle(4), the QLogic ISP24xx fibre channel HBA.
- First Impressions of FreeBSD 10 on Distrowatch. (via)
- The minimum acceptable OpenSSL for pkgsrc has been bumped up.
- Undeadly has several n2k14 hackathon reports.
- Ahem. (via Freenode #nycbug)
For BSDTalk 238, Will Backman has recordings from NYCBSDCon 2014. I think I’m in there, even though I haven’t listened to it yet.
Here I think out loud about NYCBSDCon, presented from my cleaned-up notes taken on my phone during the event. Get ready, cause there’s a lot of words here.
The event was very popular, to the point of overflowing the venue, Suspenders. The venue was excellent, though. The entire bar/restaurant was turned over to the convention for the day, and it made it easy to eat and drink – especially with the drink tickets that came with admission. The food was fantastic.
New York City is a huge city with lots to see, so I imagine anyone visiting from out of town could bring along family and have the family be entertained while the conference is going on. I managed to sneak in a trip to The Compleat Strategist and Desert Island Comics on the day before the convention, for example.
There were enough “famous” BSD people here that having, say, the roof fall in would have been a serious community setback. One good explosion would have taken out the people behind this digest, BSDTalk, PC-BSD, BSDNow, etc.
The NYCBUG people are very open about how the whole process works, to the point of posting how the finances worked out. “Excess” money is getting split up between the various BSDs, too, to the tune of some hundreds of dollars. This was increased by Michael W. Lucas auctioning a signed copy of his Absolute OpenBSD 2nd edition book, which ended up being bought for $500. I expect the financial results will be posted on the NYCBUG website at some point soon.
I nabbed a printed copy of the brand-new FreeBSD Journal, which just launched. George Neville-Neil said that this is the only printed version that will ever exist, because printing is awful – I completely agree. I need to cover this more in a separate post.
I experimented with not bringing my laptop and typing everything through my phone. It reduced my typing speed, but I was able to take notes and pre-write large chunks of this post as things happened. I have been thinking more and more in terms of setting things up with a tablet or phone as my ‘client’ and keeping.all useful data on my server, rather than work on a laptop with BSD installed. I’d like to be working in a BSD environment, but that’s hard to accomplish natively in a handheld format. Running things remotely from a BSD system might provide the equivalent, though. Not sure how well that would work – probably good content for another post.
The first presentation was ZFS/PC-BSD/FreeNAS, from Dru Lavigne. The PC-BSD Life Preserver application is a really nice way to view filesystem snapshots. ZFS is really feature-rich, though it has high resources requirements compared to Hammer. (of course I would say that.) Dru Lavigne’s ZFS presentation slides are already up.
Ray Percival came all the way from Dallas to present “Interconnections with BSD”. Ray pointed out at dinner the night before that he is effectively able to autodeploy a firewall or other network device by remotely installing a BSD. From Ray’s presentation : “Network engineers are discovering automation and calling it software defined networking.” That is talking about the configuration side only though, not control plane, as an audience member pointed out. I still like the idea. Ray made this point about support: you can buy expensive support from commercial vendors and talk to hit or miss support. With open source, you can usually talk directly to the person who makes the software itself. That doesn’t happen with vendors.
Something I took away from that and from the conference in general: BSD helps you avoid vendor lock-in. I was worried about having UNIX-familiar workers as backup at work, but: it doesn’t get better with proprietary tools.
Andrew Wong’s presentation about ZFS+FreeBSD+PostGres is from a software engineer point of view, not a sysadmin view. He described himself as “the enemy”.
Scott Long gave some details about how much traffic NetFlix pushes out (about a third of the Internet) and how much of it is on FreeBSD (almost all of it, yeesh). The NetFlix plan is to deploy multiple relatively low-end FreeBSD systems out to ISPs to act as local content caches. No virtualization, a light set of management tools through AWS, and when a box goes bad, they just take it out; no RAID or ZFS or other fancy steps. They have 5 people managing 1000 machines.
Scott made the point that they are aggressively talking to hardware vendors about support, and getting good responses back. If you’re involved in some commercial venture with FreeBSD, talk to George Neville-Neil about the BSD hardware consortium; they’re working on a coordinated conversation with vendors to make sure BSD (probably FreeBSD only, but that’s a start) gets treated as a first-class citizen.
Jeff Rizzo described the many ways that NetBSD can be build, on most any supported platform and even not on NetBSD. It sounds like the up-front work of getting build.sh to work in every circumstance has saved a lot of labor, later.
Michael Lucas had a very entertaining talk about DragonFly where he managed to name-drop DragonFly. One of the points he made: when you write out a detailed justification for using open source products at your workplace, share it with the world, please.
I bought the lower-priced-than-they-needed-to-be shirts and stickers they had available, and managed to not win one of the cool PCEngines PFSense systems, with a fancy etched case.
There was also a number of demos going on during the afternoon break, though the only one I took any notes on was the one that I need to replicate at work: a PF /CARP failover setup. They look like this on the inside.
Like I said for the last NYCBSDCon in 2010, it’s totally worth going. I now have a long, long list of things I want to do and ideas to try, all from meeting people face to face and talking about what we can do. It’s energizing, far more than meeting over IRC. A third of the people there had no prior BSD experience. George Rosamond mentioned that he was thinking they could do this perhaps every 6 months.
The NYCBSDCon event is being livestreamed right now. I encourage watching them if you can’t make it there in person. If you don’t have time to watch the live streams, they should be available as recordings later. I will of course link to the recordings as soon as I know where they are.
As you read this, I’m at NYCBSDCon – or at least should be.
- FOSDEM 2014 videos are up. The second item listed is about the new version of ports, which includes dports. (via)
- Crochet-FreeBSD, a system for building bootable FreeBSD images for a variety of platforms including x86, ARM, and VM. (via Markus Pfieffer on IRC, indirectly)
- Effective Spam and Malware Countermeasures. Seen previously at BSDCan. ‘Greytrapping’, mentioned in the article, is new to me.
- Email delivery headaches. Mailing many people is somehow almost always a low-level irritation.
- DiscoverBSD’s 2014/02/03 roundup.
- Another n2k14 hackathon report. DragonFly uses that DHCP client he’s talking about.
- PC-BSD on eWeek.
- bsd-cloudinit – FreeBSD on OpenStack. (via)
- OpenBSD gained some VAX hardware. The only VAX hardware I ever saw was 6 feet tall; I can’t imagine these are easy to ship.
- OpenBSD updated to ldns 1.6.17.
- Seen via a pkgsrc list: Berlios.de is closing down its hosting, so this may affect you if you usually grab your pkgsrc packages from there.
- The proper way to break the FreeBSD ABI.
- Robert Watson’s privilege ideas.
- How to switch between mfi(4) and mrsas(4) on FreeBSD. mrsas(4) sounds like MRSA to me, which is a bit more worrisome
- FreeBSD supports MegaRAID Fury cards.
- The plan for ATF removal in NetBSD.
- DragonFly takes the FreeBSD patch(1) updates, and that’s fine, because FreeBSD made those changes to an import of DragonFly’s patch(1). Hooray for cross-pollination!
Michael W. Lucas is selling his work at a temporary discount during NYCBSDCon, which means you have today and tomorrow to get 3 books (Sudo Mastery, DNSSEC Mastery, and SSH Mastery) for $20 total, $7 less than normal. Head to his site to get the coupon code. He’s speaking at NYCBSDCon tomorrow, too – you should go.
Episode 023 of BSDNow is up, with an interview of Ted Unangst about the new signing mechanism in OpenBSD, a NTP server tutorial, and of course more.
I managed to miss this because of reasons: BSDNow is running a contest. Come up with a tutorial that can be used ‘on-air’, and you can win a custom-made pillow showing the boot screen of the BSD of your choice. It’s bizarre but cool.
Edit: the body text of the contest notes that the contest ends January 31st. Hmm… might be too late for a winning entry.
For once, I got this mostly done before late Friday night!
- OpenBSD on the Beaglebone Black.
- DiscoverBSD’s January 28th roundup.
- Automated FreeBSD Panic Reporting. More people need to do this.
- A report from the n2k14 OpenBSD hackathon.
- New to me: CHERIBSD. Capsicum, implemented in hardware, is a rough summary.
- Python is going to 3.x by default in pkgsrc.
- OpenSSH 6.5 is out.
- PC-BSD 10 is out. (release announcement)
- FreeBSD Foundation Fundraising Final.
- Sendmail is moved to 8.14.8, and bmake to 20140101 in FreeBSD.
- NetBSD has announced several 5.x and 6.x patch level changes.
- Crazed Ferrets in a Berkeley Shower, 2014 Edition.
There’s a (rescheduled) BSD installfest happening in an impromptu fashion at Suspenders Bar in New York City, tonight at 6:45. You can also buy tickets for NYCBSDCon there, for less than the online price since it’s direct. There’s another chance to buy them for less on Wednesday at Ear Inn, nearby. (See first link for details.)
Back to relatively normal volume, this week.
- FreeBSD 10 is out.
- OpenBSD got electrical funding, and is now holding a funding drive.
- new openssh key format and bcrypt pbkdf. A new key format for OpenSSH, and how to switch to it – only available in OpenBSD as of this writing.
- I did not know this: There’s a pfSense store, with shirts, preloaded USB sticks, and various appliances – I have one of the Netgate FW-7541 models, notable in that I’ve never had to do anything with it after initial setup; it just runs and runs. There’s a pfSense hangout/webcast for paid support customers this Friday the 24th, too.
- Open Source FreeBSD 10 Takes on Virtualization. From a saved Google search.
- Undeadly has an explanation of the new signed packages setup for OpenBSD.
- DiscoverBSD’s 2014/01/14 roundup.
- FreeBSD now has OpenSSL 1.0.1f.
- NetBSD now has a wscons/Intel GMA driver.
- PC-BSD 10 is almost out, and here’s their weekly digest talking about it. Also, apparently PC-BSd and GhostBSD share some installer code? I’m not clear on this.
- CBSD – FreeBSD jail management. (via)
- Slides and audio from Brian Callahan’s recent OpenBSD presentation at NYCBUG are up.
- OpenBSD has a qla(4) driver, for Qlogic fiber channel HBAs, and ubcmtp(4), a Macbook touchpad driver.
I missed this for the “In Other BSDs” section yesterday, so I’m adding it today. It’s time dependent. BSDCan 2014 is happening May 14-17 at the University of Ottawa, with those first two days being tutorials. If you want to get a paper in, you have to do it today.
I’ve got a buildup of convention dates to mention, so I’ll do it now: John Marino, one of the folks behind dports, is talking about Ada and BSD at FOSDEM, in Brussels, February 1-2. George Neville-Neil is talking about BSD to NYLUG in of course New York City, on I think February 13th. Ike Levy will be talking to the Tokyo FreeBSD Benkyokai Group, on February 17th, about pfSense. And of course, NYCBSDCon is happening February 8th, and I think I’ll be there.
I didn’t even need to find source links this week.
- Do you have a VAX laying around? Cool! Now, can you give/lend it to OpenBSD?
- Along those lines, anyone have a Cray they don’t need? I don’t care if it works. It has to be full-size, though. (via)
- I found out that the RetroBSD site now lists hardware that runs RetroBSD. Here’s a video of something doing just that. There’s more of it on little teeny boards. Someone build this into a watch.
- The DiscoverBSD roundup for 2014/01/14. DiscoverBSD also has a new writer, Nur Agus.
- Complexity of FreeBSD VFS using ZFS as an example. Part 1. There’s a nice VFS explanation in there, too. (via)
- Some OpenBSD videos from ruBSD.
- Here’s a good explanation of OpenBSD’s new signify tool.
- FreeBSD 10.0 is tagged.
- PC-BSD 10 is also almost ready.
- Unscrewed, a story linked in last week’s BSDNow presentation, in case you missed it.
- Using Ansible to fix the recently-discovered NTP amplification attack – on BSD.
- I assume he’s flying.
Running late putting this together… Back to bullets!
- The weekly PC-BSD digest for January 3rd.
- DiscoverBSD’s weekly roundup.
- PC-BSD’s weekly digest.
- Jailing FreeBSD 4 on FreeBSD 10. FreeBSD 4 has been a very long-lived release, so to speak.
- OpenBSD has a new auto-install feature that needs to be tested.
- Julio Merino has plans for his test suite on FreeBSD, and will be giving a tutorial on it at AsiaBSDCon 2014.
- OpenBSD has a new ‘signify’ program for cryptographically signing and verifying files.
- Ingo Schwarze has been implementing various optimizations for mandoc in OpenBSD. gprof helps.
- FreeBSD has updated netmap.
- python-3.2 is probably going to be removed from pkgsrc; it’s redundant to all the other versions.
- FreeBSD’s gcc version is being made more compatible to clang by incorporating some Apple changes.
BSDNow episode 19 is up, titled “The Installfest“. They install DragonFly along with other BSDs, and I haven’t even looked at it yet.
For those of you near the NYC area, there’s a NYCBUG meeting tonight at 7 Eastern, with Brian Callahan giving a security-focused crash course in OpenBSD. Tickets for NYCBSDCon 2014, happening on February 8th, are going to be available there for the first time, starting at 6 PM. (and cheaper if you buy in person, too.)
Things are picking up again after the break.
- Faces of FreeBSD: Isabell Long. Note that she came in via Google Code-In. That’s the value of those programs.
- OpenBSD: Randomness, sooner.
- OpenBSD’s change to PIE for i386 means special upgrade procedures – if you’re on i386. Also, here’s PIE. atexit(3) changes also changes the upgrade method this one time for… all platforms? I’m not sure.
- The DiscoverBSD roundup for 12/31/2013.
- The FreeBSD Test Suite. It’s similar to what NetBSD has, but see the source link for comments on what’s different. DragonFly has a test setup too, though I’ve never tried it – is there one for OpenBSD?
- Pkgsrc-2013Q4 is branched.
- FreeBSD has improved NFS performance.
- NetBSD has updated libpcap, tcpdump, wpa, bind, and dhcpcd.
- OpenBSD has updated xterm, glproto, and some other xenocara parts.
Again, quiet from the holiday break.
- strlcpy/strlcat users, a rundown. The buffer overflow problem is suprisingly widespread. (via)
- The PC-BSD Digest for 12/20 and for 12/27.
- The DiscoverBSD weekly summary.
- Faces of FreeBSD: Kevin Martin.
- FreeNAS 9.2.0 is out. (via)
- OpenSMTPD, a project I’ve always meant to look at more, has been updated.
- BSD Magazine for December 2013 is out. The RSS feed for them/their newsletter is no longer working, cause I had to find out here.
- ruBSD talks about OpenBSD are online.
- There’s new support in NetBSD for that old Amiga.
- You may need to update your OpenBSD packages.
- NetBSD’s smbfs is now an import from FreeBSD.
- NetBSD has updated ACPICA and OpenPAM.
BSDNow has a new episode for Christmas; this contains an interview with Scott Long of (among other things) Netflix.
Odds and ends for the quieter holidays.
- Hubert Feyrer spotted this video interview of Amitai ‘schmonz’ Schlair about NetBSD.
- OpenBSD has tmpfs.
- PC-BSD has made it through a pkg upgrade.
- pkgsrc is frozen until at least the end of the month, for pkgsrc-2013Q4.
- OpenBSD wants to shift electrical costs. (via)
- The DiscoverBSD weekly roundup.
- Managing custom ports. (can apply to dports too)
- Building tcsh on 4.3BSD-Quasijarus. This led me to…
- 4.5BSD. An ambitious project.
- A pfSense video review.
- Steryana Shopova is this past week’s Faces of FreeBSD.
- OpenBSD had a head start on not trusting RNGs.
- OpenBSD has a new vioscsi(4) driver.
- Michael W. Lucas’s books are available through OpenBSD.
- FreeBSD Kitten. (via NYCBUG)
As you can kinda sorta guess from the show title, BSDNow 16 is about encryption.
One of the things noted there that I hadn’t heard of is that FreeBSD ports is getting a ‘stable’ branch for the first time – I suppose I need to read even more mailing lists.
Things are very quiet this week; I’ve had nothing to post for some days – DragonFly or even for other BSDs. The end of the year has most people distracted, I think. This makes it a good time to bring up something that’s been bothering me: the state of software firewalls in BSD. The pf utility is a BSD advantage; I’ve heard people say “I used iptables on Linux and pf is a much better alternative.” I know that’s anecdotal, but there it is. Here’s the question, and the reason I’m writing this: which pf?
DragonFly has a version of pf equivalent to what was shipped in OpenBSD 4.4. FreeBSD has a version equivalent, I think, to OpenBSD
3.8 4.5’s pf, and it has been further modified. NetBSD has a similar, older pf, but there’s people working on a NetBSD-specific version called npf, which isn’t yet ready. And of course, OpenBSD has its version of pf. If you feel good about these different alternatives, you call it divergence. If you don’t feel good about it, you call it fragmentation.
Compare this to OpenSSH – it works the same on each platform. There’s no confusion on how to configure it, or interoperability problems. It would be wonderful to have the equivalent for pf, where other BSD platforms would import a portable version. This software firewall is a strength, and it’s much easier to tout it when there’s only one.
I doubt there’s a way to bring it all back to one source tree. There’s a lot vested in the different forks out there. You know what would take a lot less effort: a compatibility test suite. Agreeing on a common syntax and set of functions would make life easier for every end user. It would incidentally make vendors a lot happier, too. Even if a user or vendor wasn’t hoping to move between BSD flavors, a test suite would still guarantee a certain known level of functionality for any BSD release.
How likely is this? I don’t know. But I want to bring up the notion before it gets missed. Now is a good time, with each pf version still being relatively close to one another.
Update/note: Henning Brauer is willing to help.
Another week where I could get away without any commit links, just cause there’s so much BSD stuff out there.
- Randomness changes in FreeBSD. Saw commits before, but this is a good summary. (via)
- Cipher changes summary for OpenBSD.
- The DiscoverBSD summary.
- Faces of FreeBSD for this week: Brooks Davis.
- PC-BSD’s weekly summary.
- FuguIta, an OpenBSD liveCD.
- The FreeBSD Foundation’s Semi-Annual Newsletter. There’s details on the FreeBSD Journal.
- Also, that newsletter links this first of 4 BSD whitepapers.
- The FreeBSD Challenge on linuxcauldron.com – a 30-day challenge.
- BSDCan 2014 has issued a call for papers.
- So has NYCBSDCon 2014. Here’s the announcement of NYCBSDCon 2014 itself, and flyer.
- Note to self: investigate cheap bus trips to New York City.
- The IP-Plug, a NetBSD-powered wall wart. The article goes into terrific detail.
- Ruby in pkgsrc will be (apparently?) defaulting to version 2.0.
- robotpkg, a specialized fork of pkgsrc that I didn’t know about.
- PC-BSD is going through lots of changes to support pkg. (that’s one of many commits.)
- FreeBSD has added newcons.
BSDNow episode 15 keeps the pun titles going. Josh Paetzel is apparently replaced by Santa Claus in the interview? There’s also FreeNAS coverage, and lots else.
BSDNow episode 14 is up – and actually has been for a few days; I’ve been on the road. There’s an interview with George Wilson about OpenZFS and a bunch more stuff I haven’t had a chance to watch yet. (see previous note about being on the road.)
I had a sometimes-great, sometimes-difficult trip to New York City over the past few days, and while I was there, I met the ball of energy that is George Rosamond of NYCBUG (which is having a huge party right now.) He and I talked for a bit about various aspects of the BSD ecosystem, and one thing he noted was that people aren’t generally aware of all the licenses in use for the different software packages on the system, or even the individual licenses in the system files.
There is an ACCEPTABLE_LICENSES setting in pkgsrc, where software licensed under terms not in that list won’t install. That’s useful, but frustrating, because it keeps people from getting what they asked for – a software install. Something that would be useful – and it could be cross-BSD very easily – would be a license audit summary.
There’s meta-data on every package in FreeBSD’s ports and DragonFly’s dports and pkgsrc and OpenBSD’s port system. Why not say ‘pkg licenses’ in the same way you can say ‘pkg info’, and get a summary of the licenses you have installed in the system? (or pkg_licenses, etc. You get the idea) This wouldn’t prevent people from installing software, but it would give a very quick view of what you were using.
> pkg licenses
Software package License
foo-2.2.26 Apache license
It could be extended to the base system, but I’d like to see this in all the packaging systems as a common idea, in the same way that ‘info’ in a packaging command always shows what’s installed.
Happy birthday to me!
- Is Your Stack Protector Working? On Undeadly, so it’s OpenBSD.
- ChaCha20 and Poly1305 in OpenSSH. (via)
- The next PC-BSD 10.0 image is available.
- Reid Linnemann is the latest in the Faces of FreeBSD series.
- NetBSD has updated file.
- FreeBSD’s iwn(4) driver has some updates (also in DragonFly).
- FreeBSD now has casperd, for controlling access to out-of-sandbox capabilities.
- FreeBSD’s oce(4) driver now supports 40Gb devices. (yay for manufacturer support)
- FreeBSD has Hyper-V drivers.
- OpenBSD’s ifconfig now shows the NWID, channel, and BSSID for IBSS networks.
- OpenBSD has updated to pixman 0.32.4.
- pkgsrc’s 2013Q4 freeze will start on the 16th.
- How old is who? (Don’t tell me 900 years.)
- There’s a broken builds list for pkgsrc-2013Q4 for anyone who wants to help.
- Hacker News had a link to the FreeBSD version of the BSD Family Tree, which is not unique, but the comments led to some interesting links, like this story of an 8-year NetBSD uptime.
- FreeBSDNews’s summary.
- All the AsiaBSDCon 2013 videos. (Last week’s link was just OpenBSD ones.)
- FreeBSD authentication against Samba 4 LDAP. I’m going to need this for the DragonFly machine I’m setting up in the same role at work… in my copious spare time.
A lighter week for commits probably because of the U.S. holiday, but still plenty of things to link.
- Gabor Pali is this week’s ‘Faces of FreeBSD‘.
- The DiscoverBSD weekly BSD summary.
- There will be a FreeBSD Journal, though I see no mention on the Foundation site yet.
- There’s a ruBSD conference on December 14th, in Moscow. Undeadly has a page about it, and there’s the translation, if you feel lucky.
- BSDCan needs volunteers.
- Because FreeBSD is using the pre-GPL3 version of GCC, Google’s patches for Android (since that environment is apparently avoiding GPL3 too) have been brought in.
- FreeBSD has updated to svn 1.8.5.
- OpenBSD has updated NSD to 4.0.
- NetBSD has updated mpc. mpfr, and gmp.
- NetBSD has moved from pppd to ppp.
- FreeBSD is dropping 32-bit binary support, for reasons. But maybe not?
- Is it time to dump Linux and move to BSD? Yes, of course.
BSDNow 13 is out, and it includes an interview with Jordan Hubbard of ports/Apple/iXSystems fame. They also continue the ‘Building an OpenBSD router’ project, and of course, there’s more.
I’m working my way up to more than just links to source for the cross-BSD news. There’s a lot to swim through!
- NYCBSDCon 2014 (on February 8, 2014 – note the recent change) is, in addition to the normal call for papers, having a ‘call for exposés’, meaning they want people to expose BSD projects. I found this out through the undeadly.org description noting that some MIPS machines will be on display. This is an excellent idea; BSD projects need a showcase.
- There’s also a NYC Tech Meta-party, with NYCBUG and many other groups participating.
- FOSDEM 2014 will have a BSD Room.
- FreeBSD developer and FreeBSD-based-business-owner Colin Percival gets a spotlight from the FreeBSD Foundation.
- DiscoverBSD’s BSD summary. We need more of this.
- FreeBSD News miscellaneous links. Hey, there’s more!
- hostileadmin has a slew of wrap-up reports from vBSDCon. Sounds like a good time was had by all.
- Here’s more vBSDCon wrapups, plus slides.
- And a developer (John-Mark Gurney) trip to vBSDCon sponsored by the FreeBSD Foundation.
- Also, AsiaBSDCon OpenBSD presentations in video form.
- The pfSense blog is called “The pfSense Digest”. Digest… hey, that sounds like a good, descriptive term! They also are looking to hire. I just used some of my paid pfSense support time on a work problem – well worth the money spent.
- OK, back to source commit links.
- FreeBSD has enabled some Texas Instruments hardware.
- FreeBSD has added some example test framework programs.
- FreeBSD has added the axge(4) driver for ASIX AX88178A and AX88179 USB Ethernet
- OpenBSD has 802.11A support in wpi(4).
- (updated to add) There’s a PC-BSD weekly digest, too. That’s good, because I had trouble spotting things in the massive flood of PBI approvals over the past week.
BSDNow 12, which I haven’t had a chance to watch yet, has the normal roundup of events and an interview with Amitai Schlair of NetBSD. There’s also a tutorial about ssh and tmux.
BSDTalk 235 has 26 minutes of conversation with Allan Jude about various topics, including this BSDNow thing I was just on,
Not as much pulled directly from the source lists this time, which is good.
- It’s no surprise that I would say this, but: it makes me happy to see other BSD projects doing regular summaries, like this one or that one for PC-BSD or this general BSD summary.
- A random PC-BSD review found via Google Search.
- PC-BSD 10 test images are available. I wonder if that’s related to the eleventy-billion commits lately out of the PC-BSD Github account?
- OpenBSD/CARP, Cisco, and schadenfreude.
- The FreeBSD Foundation’s annual fundraising is on; they have already made it well along, but there’s still lots of dollars to go.
- OpenBSD now has automatic disk mounting.
- g4u 2.6 has entered beta. It’s “Ghost for Unix”, which gives you an idea of what it does.
- EuroBSDCon 2013 DevSummit video recordings are up. I said there would be video all week, didn’t I?
- Using OpenBSD with Vagrant and Veewee. Those tool names sound somewhat rude.
- pbulk bulk builds for pkgsrc made easy. I was working on a script like this.
- Cross-pollination makes me happy.
- svn in FreeBSD is updated.
- FreeBSD supports the MediaTek/Ralink RT5370/RT5372 chipset.
- nvi still gets updates.
- FreeBSD supports the (takes deep breath) Freescale Vybrid Family VF600 heterogeneous
ARM Cortex-A5/M4 SoC. (exhales)
- FreeBSD has an IEEE Organizationally Unique Identifier. Not sure what it means.
- NetBSD has a new game, hals_end. If you saw 2001 the movie, you may guess the contents.
- OpenBSD has a new ugl driver for the Genesys Logic GL620USB-A
USB host-to-host link cable.
BSDNow episode 11 is up, with conversations about OpenSSH, FUSE, building an OpenBSD router, etc… and a whole hour of me talking about the upcoming DragonFly 3.6 release and this very Digest, too!
This appears to be all audiovisual media week, because author Michael W. Lucas gave a talk at the Michigan Users Group about OpenBSD (he’s qualified), and it’s up now in two parts. He describes it as:
“Among other things, I compare OpenBSD to Richard Stallman and physically assault an audience member.”
BSDTalk 234 is 30 minutes of conversation with Henning Brauer, taken at vBSDCon 2013. There’s a correlation between east coast BSD conferences and the number of BSDTalk episodes coming out.
I just finished a whole hour of gabbing on about DragonFly and BSD work in general for BSDNow. Because I am a ninny, I didn’t post something here earlier today so that people would know to watch the livestream. Sorry! However, it should be showing up in the next day or so on the BSDNow site. When it does, I’ll link it.
If you’ve seen my previous two reviews of Michael W. Lucas’s ‘Mastery’ books – DNSSEC Mastery and SSH Mastery – then you can guess what this will be: his newest book, focusing on a single software topic. This time it’s sudo.
The one downside of reading this book: I now am aware I’m using sudo wrong. Perhaps not wrong, but not anywhere near its potential. Sudo – and I’m not the only person who has experienced this – is used as a “Let’s install sudo so we don’t have to tell anyone the root password”. Sudo works for that sort of thing, but there’s a lot more possibilities.
Sudo is designed to be deployable across multiple systems, as part of a security policy. It’s an easy way to create purpose-shaped roles with different users, especially with users that have specialized skills and tasks, like database maintenance.
Obviously I think better of sudo after reading the book; there’s a lot of program capabilities of which I was unaware, but it’s the book that sells them. Michael W. Lucas’s humor is on display again, to break up some very technical material. Here’s some bits, pulled out.
Remember that “syntactically valid” is not the same as “does what you want.”
Pressing Q tells visudo to break sudo until you log in as root and fix it. Do not press this button. You won’t like it.
Here I create the TAPEMONKEYS alias for the people who manage backups.
And if Carl tries to configure Oracle on the PostgreSQL server, senior sysadmin Thea needs to have sharp words with him. Probably involving a tire iron.
The book is in-depth enough to cover more complex topics like using sudo and Active Directory, and sudo as an intrusion detection tool, of all things.
The usual reasons to buy a Mastery book are all still there: it specifically mentions working on BSD systems instead of pretending Linux is the only system out there. It’s available through a DRM-free seller (Smashwords) in addition to Amazon. It’s a self-published effort, not shovelware. It’s available now as an ebook, and in physical form soon. Lucas talks about it on BSDNow 010, too.
I have one last nontechnical note. Since these Mastery books are working into a series, I’d like to see a whole printed run of visually matching books. Something with the equivalent of the O’Reilly animals or the Pelican or even Little Blue Books common look and feel.
The takeaway: You should be reading this book if you plan to use sudo in any sort of multiuser environment. It’s available as an e-book direct from the author, via Amazon, via Smashwords, and possibly Barnes & Noble at some point in the near future. Physical books are available, and you can buy both forms together, apparently.
And of course this sudo joke.
Not sure why, but there wasn’t a lot of things this week to pick out.
- A short discussion of Perfect Forward Secrecy on pkgsrc-users.
- PC-BSD apparently (used to) play a movie on first boot.
- FreeBSD now has a ‘mini-memstick‘ install option. (a later messages says ~200M in size.)
- FreeBSD has updated aacraid.
- OpenBSD supports the RTS5229 card reader in rtsx(4).
- OpenBSD has updated OpenSSH, and NetBSD has updated. (DragonFly has a fix for the underlying problem.)
- OpenBSD has FUSE support.
The 10th BSDNow episode is out, with the ambitious title, “Year of the BSD Desktop”. As you can guess from the title, a PC-BSD desktop gets set up as part of the episode, and as you might not guess from the title, they interview Michael W. Lucas.
There’s a surprisingly large list this week.
- FreeBSD has updated netmap.
- FreeBSD supports VT-d DMAR hardware. Not totally sure what that is.
- FreeBSD supports the RealTek RTL8168G, RTL8168GU, RTL8411B, and RTL8168EP.
- FreeBSD updated byacc to version 20130925.
- FreeBSD has binary packages again.
- Managed Services using FreeBSD at NYI, a whitepaper.
- NetBSD has imported OpenBSD’s support for ASIX AX88178a and AX88179 USB network interfaces, in the axen(4) driver.
- NetBSD supports the Broadcom BCM56340 iProc based switch.
- OpenBSD supports unattended installation. See Also on Undeadly.
- OpenBSD has softraid booting documentation. Someone will find this useful, I’m sure.
- OpenBSD 5.4 is released.
- Inspecting Packets with OpenBSD and pf, the presentation from vBSDCon.
- Lua in pkgsrc has been modified.
- Ocaml in pkgsrc has been updated to 4.0.1.
- The BSD Router Project has hit 1.5. (via)
- PC-BSD 10 alpha images are available for testing.
- PC-BSD is doing weekly updates, an idea I support, unsurprisingly.
- No BSD systems in Google Code-In this year, darnit.