Category: Someday you will need this

NYCBUG: Precision Time Protocol


NYCBUG is having a chronologically appropriate speaker: Steven Kreuzer, talking about the Precision Time Protocol.  It’s 6:45 PM (EDT) tonight, at the Stone Creek Bar & Lounge in New York City.

Building only one compiler


DragonFly builds two compilers by default.  If you weren’t interesting in building both, there were switches to build only the default, like NO_GCC47.  This changed with every compiler update.

With the switch to GCC 5, the new switch is “NO_ALTCOMPILER”.  That will last through compiler changes.  I’m mentioning this now because sooner or later, you’ll want to gain back some time on a buildworld.

Periodic reports on DragonFly


I have had trouble with my daily/weekly periodic reports never making it to my GMail account.  Sascha Wildner pointed out to me that periodic.conf has its own answer already:

daily_output=”/var/log/daily.log”
daily_status_security_output=”/var/log/security.log”
weekly_output=”/var/log/weekly.log”
monthly_output=”/var/log/monthly.log”

… and newsyslog is already set to take care of them.  There’s more in the periodic.conf man page.

 

New wireless documentation


John Marino’s written an extensive page about wireless and DragonFly, on dragonflybsd.org.

In Other BSDs for 2015/03/28


It’s been a quiet week in BSD-land, at least in terms of me finding links.

Keymap details


If you’re looking to change your DragonFly system’s keymapping to support a non-US character set, use this users@ post from Adolf Augustin as a cheat sheet to make all the right changes.

New locking and synchronization docs


Matthew Dillon has rewritten the Locking and Synchronization documentation for DragonFly.  Keep this in mind the next time you say “Which lock should I use for this new software/ported software?”  There’s also locking(9).

A PHP upgrade note


The other day, I updated some packages using pkg.  The default version of PHP went from 5.4 to 5.6.  I ended up doing what /usr/dports/UPGRADING says and making a list of all PHP packages on my system, before removing PHP and its dependencies.  I then reinstalled the packages that used PHP, bringing the needed packages back in at the right version.  pkg 1.4 didn’t handle the transition cleanly, unfortunately.  I also had to specify mod_php56 because pkg was trying to get the 5.4 version despite it not being default.

None of these are insurmountable problems, but it never hurts to be forewarned.  pkg 1.5 is on the horizon and may have an easier time with sorting these types of dependency/version changes.  This may apply to FreeBSD in addition to DragonFly.

HDMI sound trick


If you have a HDMI-connected monitor, but no sound, this trick about increasing available memory may help.

Really turning off Sendmail


This bites many people sooner or later: you think you’ve turned sendmail off, but it still gets opened up on your system.  The answer: sendmail_enable=”NONE”.

(It should support sendmail_enable=”NOPE”.)

DragonFly and Git


DragonFly is the only BSD, I think, to switch fully to Git for version control, and Matthew Dillon wrote up how DragonFly uses Git.

Slider, Hammer, and how to


John Marino has written up an extensive how-to for slider, the history tool for Hammer filesystems, including screenshots.

Don’t forget moused


For whatever reason, I’ve seen several people in the last week or so have mouse problems on install, and they were often solved by running moused.  So, there’s your little reminder.

sshlockout in DragonFly


Matthew Dillon’s added a sshlockout utility, to temporarily block SSH traffic from repeated brute force SSH login attempts.  It’s been mentioned before, but it’s in the system now.  It’s been refashioned to work with pf.

Posted by     Categories: DragonFly, Someday you will need this     0 Comments

Slider, for Hammer


John Marino has created something very useful: a graphical tool for Hammer file history.  It’s called ‘Slider’, and it uses curses to work in a terminal.  It shows historic versions of files and can restore those old versions as needed.  This was already possible in Hammer, of course, but it required a sequence of commands that were not straight-forward.  I’ve been slow enough posting it that version 2.0 is already out, offering a way to see files that no longer exist, but are still in history.  (i.e. deleted some time ago)  ‘Time Machine’ sounds like the best name, but that seems to be taken.

A tip for Hammer disks and history


One way to keep file history on an very active Hammer disk from eating up all the space: more snapshots.  This may seem counterproductive, but disk pruning eliminates historical data between snapshots, so you can keep older data at the cost of some temporal accuracy.

Swapcache and improving performance


From a question about mixing in a SSD and a very slow disk: swapcache can make things better, though I suggest other crazy arrangements.

dports without X11


If you really, really want to make sure you aren’t pulling in any parts of X when installing dports, and you’re building from source, there’s a few options you can set to keep X11 off your system.  You can even go farther.

In Other BSDs for 2014/12/13


Get ready for some reading.

Installworld, no matter what


It’s possible, if you are several releases (years) behind, to end up with a DragonFly system that can’t compile and install the current release, due to incremental changes over time.  It’s rare, but it could happen now between, say, version 3.4 and 4.0.  The usual solution would be to incrementally upgrade in order, which is a lot of building and updating.  The alternative is the new installworld-force option from Matthew Dillon that forces a new set of binaries into place.  Use as a last resort.

The Varialus page


This page, Varialus et Anisoptera, set up by… I’m not sure of the real name but it’s ‘varialus’ on IRC – has a detailed description of the DragonFly install process and installation of MATE, plus extra notes.  I always find these sorts of cheatsheets entertaining.

LDAP and DragonFly


Predrag Punosevac posted his writeup of using LDAP and DragonFly, which I’m noting here for the next person that needs LDAP authentication.

For DragonFly/nginx users


If you are running DragonFly, and also using nginx, the so_reuseport option will give you a significant speed boost.  I’ve mentioned it before, but not this directly.

Posted by     Categories: DragonFly, Someday you will need this     2 Comments

Special procedure to update pkg 1.3.6


It seems pkg 1.3.6 was slightly scrambled.  If you happen to have built and installed it, John Marino has special instructions on how to update to 1.3.7.  If you are on DragonFly 3.8, you can follow those instructions now, and if you are on 3.9, that repo should be ready for an update in the next few days.

New kernel and new target


You should perform a full world and kernel install if on master.

Several people (including me) have been getting bit by a problem: when performing an installworld with a changed kernel, the vn kernel module is loaded, but it was built by the previous kernel and may cause problems when it doesn’t match up.

To fix that, vn is now built in, instead of being a separate module.  The rescue initrd (which is what is being mounted when it has this problem) is now installed via a ‘make rescue‘ command that can wait until a successful installworld and reboot.

iwn trick: ifconfig wlan0 -ht


If you have a DragonFly system with an iwn wireless chipset, and you are having trouble connecting and running in the 5Ghz part of the spectrum only, here’s a tip: the -ht switch may fix it.

Improvements for qemu


While Matthew Dillon was testing the new up-to-256-processor support for DragonFly, he added a few sysctls, one of which helps qemu performance when emulating a lot of processors.  I note it here in case it’s helpful to someone else.

How to keep Hammer empty


A note for everyone: use Hammer default on a very busy filesystem, and you will eat a lot of disk space since all file changes are recorded.  (I’ve done this to myself a few times.)  Francois Tigeot has a list of tips on how to keep that from happening.

Hammer and buffers


Are you running a Hammer filesystem on a low-memory system?  You may get some warnings.  It’s possible to tweak some settings to accommodate it, or just deal.

Books discounted at O’Reilly


O’Reilly is running a 50% off special on a variety of books on electronics, with coupon code WKECTRC.  I’m posting it now because it only lasts for this week.

Update: another offer just popped up in my email – 50% off various “web performance and operations” books with the code CFVLTY4.

Posted by     Categories: Books, Someday you will need this     0 Comments

Building with the system OpenSSL


If you’re building ports, it will treat OpenSSL as a dependency and bring in whatever version is available.  If perhaps you want to use the version of OpenSSL installed as part of your base system, Robin Hahling has the answer for how.  (This probably works on FreeBSD too.)

locking(9) man page added


Thanks to Markus Pfeiffer, there is now a locking(9) man page for use the next time you say, “Which is the right lock to use?”   Something I see almost monthly.

In Other BSDs for 2014/05/10


Short week, cause I’m on the road…

Posted by     Categories: BSD, Someday you will need this     2 Comments

LibreSSL gets started


Remember the joke I and probably a zillion others made about OpenOpenSSL?  It’s happening, except it’s called LibreSSL. (thanks, Tomáš Bodžár)

Posted by     Categories: BSD, Someday you will need this     3 Comments

GUI images for DragonFly 3.6 sort of


If you noticed the lack of a GUI DVD image for the 3.6 release of DragonFly, I posted a followup note on the users@ list that talks about the steps to get X installed.  It’s not much work, with pkg set up.

Backing up Hammer to non-Hammer volumes


Hammer’s ability to stream to remote disks is great, but what if you have storage that uses some other file system?  Antonio Huete Jimenez put together a shell script that will dump out the contents of a Hammer PFS, for upload to whatever.  Read the README for the details.

pfi and authorized_keys support


pfi, the automated installer that nobody knows about, now supports installing an authorized_keys file as part of an install.  Credit goes to Alex Hornung for adding the functionality.

Did I mention new USB?


There’s been periodic commits updating the USB4BSD support in DragonFly; I haven’t been linking to them because they are generally incremental. However, it’s good to (re?)mention just how you can build DragonFly with that new USB support.

Time zone changes


Recent updates to tzcode apparently fixed a long-standing time zone bug in DragonFly.  POSIX says the America/New_York timezone is picked as default if nothing else has been selected.  That didn’t happen in DragonFly – until recently.  If your timezone seemed to suddenly jump to U.S. Eastern time, that’s because you never picked before.

32-bit DragonFly 3.7 and dports


There are no binary packages built for dports, on DragonFly 3.7, for 32-bit machines, at this time.  Pierre Abbat found this out.  You can build from source, of course, or just use 3.6 packages.  Don’t forget -DBATCH to avoid getting asked for build options when building from source.

Trackpad support summary


I didn’t post this before, and should have: Matthew Dillon posted a summary of all the trackpad improvements he added, and how to make use of the various features.

Hal, dbus, and VMWare tip. Also pkg locking


Warren Postma found that hal and dbus caused a crash in VMWare for DragonFly.  The answer is to use moused, not dbus.

Also, if you want to keep a custom or just older package from dports on your system, as karu.pruun did, ‘pkg lock’ is the answer.

Lazy Reading for 2014/01/12


There’s a lot this week, so let’s get started:

Git Reference.  Not that there isn’t a lot of other documentation out there, but much of what you find is people asking specific questions rather than explanations of procedure.  (via)

Movie Code.  At least most of these are using legit code, even if it’s often the wrong application.  It’s been worse.  (See ‘state of the art video’ item)  (via)

Unix: 14 things to do or stop doing in 2014.  These tips are actually useful and contain no buzzwords.

TrewGrip, another item in my quest for interesting keyboards I don’t use.

4043 bytes to recreate a mid-80s IBM PC.  There are less bytes of data in the program than there were transistors in the CPU that it emulates.  It can run MS Flight Simulator.  It was for the International Obfuscated C Code Contest, which should surprise you not at all.  (via)

The World’s Most Pimped-Out ZX81.  I don’t think it can run Doom, though.

The Unix Shell’s Humble If.  For once, an article that doesn’t just pretend bash is the only shell that exists.  (via)

Unix Shell RPG Tutorial.  It’s exactly what that combination of words means.  (via)

Scientists tell their favorite jokes.

Best programmer jokes, found here where there’s more.

I find these animations slightly hypnotizing.  (via)

Technology used to suck even when it was cutting-edge, and we’ll still feel that way in the future.  (via)

How did we end up with a centralized Internet?

Software in 2014.  The summary is: server side is great, client is not.  (via)

Able to be turn on, and that is it.  Sci-fi movies ignore where technology comes from.

True Nuke Puke Story.  My mine coworkers once did something similar to a copier repairman; got him so worried about going underground that he had a panic attack when he had to step on the hoist.  We had to get a new repairman.

Your unrelated link of the week: BIG ENDING FACES!  (via)

RTL8191SE support


‘M M’ had trouble with his “Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC” on DragonFly some time ago.  He was able to get it working, and he documented the somewhat convoluted procedure here.

Tracking the bleeding edge of DragonFly


If you want to track the bleeding edge of DragonFly, which is currently version 3.7, I happened to describe it in a reply to Filippo Moretti, on users@.  Long-time users will know this/do this already, but it’s worth repeating just because new users may not realize how easy it is.

Posted by     Categories: DragonFly, Someday you will need this     0 Comments

My DragonFly 3.6 upgrade adventure


Here’s how my upgrade from DragonFly 3.4 to 3.6 for this server went.

The system install went normally.  I rebooted before performing ‘make upgrade’, as noted in UPGRADING and elsewhere.

I already have dports installed, so a binary upgrade should be possible.  I had heard of people with older version of pkg, having trouble getting it to notice upgrades.  I rebuilt pkg, and ran ‘pkg upgrade’.  A number of the updates coredumped.  Here’s one example:

[156/160] Upgrading gtk2 from 2.24.19 to 2.24.19_2...Segmentation fault 
(core dumped)

After the upgrade, I had two problems: PHP wasn’t working for the website, and some programs would segfault.

The random segfault was fixable by forcing a binary upgrade of all packages.  Since there were some programs on the system that were still new enough that the version number was the same as on the remote repository, pkg didn’t upgrade them.  Those packages were linked against old versions of system libraries that predated the locale changes in DragonFly 3.6, so they’d crash.  Forcing the update for all packages fixed the issue.

The other problem, PHP on the web server, is not new to me.  The binary package for PHP does not include the module for Apache.  The solution is to build from source with that option selected.  I understand that pkg is destined to support (some?) port options in the future.  There’s also an immediate workaround for locking it.

However, the port would not build because of a security issue.  The binary package installed without any warning.  This, I am told, will change to pkg giving you the option to install if you are aware of the security problem, and whether it really affects you.  (which is just what I want, yay!)

Anyway, other than the system changes biting me because I didn’t realize some packages weren’t updated, it went very quickly.  That is the reason for binary updates through pkg, or at least a major one.

Lazy Reading for 2013/12/22


Still quiet out there, but I found some good reading.

PHP functions originally named for string length and sorting.  Yeesh.  (via)

A great old-timey game programming hack.  There’s an initial speed hack in this story, and then there’s another clever trick to fix memory corruption.  (via)

My hardest bug.  This was a pretty fiendish problem.  (via)

Gitdown: don’t commit when drunk.  I’ve done that.  Actually will use an Arduino-based breathalyzer.  (via)

Another Perl One-Liners review.

Zeno of Elea, a game.  It’s based on a classic… (via)

Vim plugins you should know about.  From that One-Liners author.

Speaking of Perl, here’s a Larry Wall interview.  An old-school hacker – he wrote patch, too.

Moonpig: a billing system that doesn’t suck.  An in-depth review of system design.  More Perl, too.

Three Books You Should Read…  Mostly BSD content.

How to use Tor wrong, in multiple ways.  It’s not for petty crimes, and it’s not any use when you’re using it from a monitored network.  (via)

Your unrelated comics link of the week: Cookie Puss.

Who’s for an OpenPF?


Things are very quiet this week; I’ve had nothing to post for some days – DragonFly or even for other BSDs.  The end of the year has most people distracted, I think.  This makes it a good time to bring up something that’s been bothering me: the state of software firewalls in BSD.  The pf utility is a BSD advantage; I’ve heard people say “I used iptables on Linux and pf is a much better alternative.”  I know that’s anecdotal, but there it is.  Here’s the question, and the reason I’m writing this: which pf?

DragonFly has a version of pf equivalent to what was shipped in OpenBSD 4.4.  FreeBSD has a version equivalent, I think, to OpenBSD 3.8 4.5’s pf, and it has been further modified.  NetBSD has a similar, older pf, but there’s people working on a NetBSD-specific version called npf, which isn’t yet ready.  And of course, OpenBSD has its version of pf.  If you feel good about these different alternatives, you call it divergence.  If you don’t feel good about it, you call it fragmentation.

Compare this to OpenSSH – it works the same on each platform.  There’s no confusion on how to configure it, or interoperability problems.  It would be wonderful to have the equivalent for pf, where other BSD platforms would import a portable version.  This software firewall is a strength, and it’s much easier to tout it when there’s only one.

I doubt there’s a way to bring it all back to one source tree.  There’s a lot vested in the different forks out there.  You know what would take a lot less effort: a compatibility test suite.  Agreeing on a common syntax and set of functions would make life easier for every end user.  It would incidentally make vendors a lot happier, too.  Even if a user or vendor wasn’t hoping to move between BSD flavors, a test suite would still guarantee a certain known level of functionality for any BSD release.

How likely is this?  I don’t know.  But I want to bring up the notion before it gets missed.  Now is a good time, with each pf version still being relatively close to one another.

Update/note: Henning Brauer is willing to help.

Posted by     Categories: BSD, Someday you will need this     10 Comments

Holiday shopping guide 2013


For those of you doing last-minute holiday shopping – like me: see previous years of gift links.  There’s also a number of comics lists, book lists, and game guides.  And of course, donations.

Posted by     Categories: Off-Topic, Someday you will need this     0 Comments

A pkg fix for 3.4 upgraders


If you have a DragonFly 3.4 system that has already been switched over to dports, and you upgrade it to DragonFly 3.6, you might see an odd problem.  Rebuild pkg, and it will work.

I’ve only seen a few reports, so I don’t know if this is even likely to happen to most upgraders.

In Other BSDs for 2013/12/07


Happy birthday to me!

Remember: manually clean up offline Hammer volumes


If you have a Hammer volume that is offline, meaning that you don’t have the pseudo-file-systems null-mounted anywhere, it won’t get cleaned up in overnight processing.  You just have to manually specify it.

Minimal installation notes


This post from Konrad Neuwirth asking how to do a minimal installation of DragonFly led to this list of all the ‘knobs’ you can set to make your installation smaller, from John Marino.  (And your buildworld faster, if that’s appealing to you.)  I also pointed at rconfig and PFI, which are criminally underdocumented.

DragonFly in KVM


If you’re planning to run DragonFly in KVM, remember this post from Matthew Dillon, giving the settings he uses.  This will save you a bit of time.

Lazy Reading for 2013/11/17


It’s been snowing this week in the northeast US, which makes me happy.

  • Unix: sending signals to processes.  Signals have always struck me as a somewhat byzantine messaging system that everyone uses for the equivalent of Ctrl-C.
  • Unix: Debugging your scripts.  This will be useful if it’s not already familiar to you.
  • Compatibility is Hard.  Contrary to popular belief, Microsoft Word documents are not backward or forward compatible, from release to release.
  • From that previous link: Why Microsoft Word Must Die.  The worst problems to troubleshoot are when someone says “Word/Excel is acting funny”.  There’s so many intermediate layers of software in those programs that it’s difficult to find the actual data and the actions being performed on it, much less troubleshoot any process.
  • SparkFun.com moved from MySQL/MariaDB to Postgres.  I agree with the sentiments in the article, but I want to know the technical reasons that made Postgres the choice for scaling.  (via)
  • Apple ][ DOS source code.  I don’t have anything I can actually do with the source, but there’s a 1977 price list pictured in the the article that shows some interesting numbers: A 4Kb RAM system costs about $1300, and the prices just go up from there.

Your unrelated comics link of the week: the first four pages of Necropolis.  This comic looks to be fun.

Posted by     Categories: Someday you will need this, UNIXish     2 Comments

Book review: Sudo Mastery


If you’ve seen my previous two reviews of Michael W. Lucas’s ‘Mastery’ books – DNSSEC Mastery and SSH Mastery – then you can guess what this will be: his newest book, focusing on a single software topic.  This time it’s sudo.

sudomastery-cover

The one downside of reading this book: I now am aware I’m using sudo wrong.  Perhaps not wrong, but not anywhere near its potential.  Sudo – and I’m not the only person who has experienced this – is used as a “Let’s install sudo so we don’t have to tell anyone the root password”.  Sudo works for that sort of thing, but there’s a lot more possibilities.

Sudo is designed to be deployable across multiple systems, as part of a security policy.  It’s an easy way to create purpose-shaped roles with different users, especially with users that have specialized skills and tasks, like database maintenance.

Obviously I think better of sudo after reading the book; there’s a lot of program capabilities of which I was unaware, but it’s the book that sells them.  Michael W. Lucas’s humor is on display again, to break up some very technical material.  Here’s some bits, pulled out.

Remember that “syntactically valid” is not the same as “does what you want.”

Pressing Q tells visudo to break sudo until you log in as root and fix it. Do not press this button. You won’t like it.

Here I create the TAPEMONKEYS alias for the people who manage backups.

And if Carl tries to configure Oracle on the PostgreSQL server, senior sysadmin Thea needs to have sharp words with him. Probably involving a tire iron.

The book is in-depth enough to cover more complex topics like using sudo and Active Directory, and sudo as an intrusion detection tool, of all things.

The usual reasons to buy a Mastery book are all still there: it specifically mentions working on BSD systems instead of pretending Linux is the only system out there.  It’s available through a DRM-free seller (Smashwords) in addition to Amazon.  It’s a self-published effort, not shovelware.  It’s available now as an ebook, and in physical form soon.  Lucas talks about it on BSDNow 010, too.

I have one last nontechnical note.  Since these Mastery books are working into a series, I’d like to see a whole printed run of visually matching books.  Something with the equivalent of the O’Reilly animals or the Pelican or even Little Blue Books common look and feel.

You know the look even if you don't know the publisher

The takeaway: You should be reading this book if you plan to use sudo in any sort of multiuser environment.  It’s available as an e-book direct from the author, via Amazon, via Smashwords, and possibly Barnes & Noble at some point in the near future.  Physical books are available, and you can buy both forms together, apparently.

And of course this sudo joke.

Posted by     Categories: Books, BSD, Someday you will need this     0 Comments

Lazy Reading for 2013/11/10


I spent this entire week saying things like “Wait, today’s Tuesday?” and “I thought this was Wednesday, not Thursday.”

  • Welcome to my GUI Gallery, a whole lot of different GUI screenshots.  This mention of the “Salto” Alto emulator brought me there, and there’s some material I’ve never seen before.  Also, there’s Bob.  Not “Bob” the prophet, but Bob, the computer mistake.  Speaking of problematic designs, see the Windows 8 page.
  • 5 Cool UNIX Hacks.  Sounds linkbaity, but it’s useful.  I didn’t realize that CTRL-a is the non-destructive version of CTRL-u.  (via)
  • This seems strange, but I never heard of PLATO, even though it seems to be the precursor to so much.  (via)
  • Goodbye Google“, in terms of switching to your own platform, seems to be a new trend.
  • arkOS, a similar idea.
  • Finding Files Your Way.  I can never remember all the arguments to ‘find’.
  • Google has a Shell Style Guide.  Which equates to a Bash Style Guide, but that’s OK.  Shell scripts are sometimes considered the most disposable form of programming, so it’s good to see a full guide.  (via)

Your unrelated animation of the week: late for meeting.  A followup to going to the store, which I think I posted here years ago.

In Other BSDs for 2013/11/02


There’s a surprisingly large list this week.

Lazy Reading for 2013/09/15


I think I’m finally catching up on the backlog.

Your unrelated link of the week: The Alan Lomax recordings.

Lazy Reading for 2013/09/01


Another week of links completed early.  And there’s a lot, so get clicking!

Your unrelated link of the week: The remix of this 1997 Kid’s Guide to the Internet – somewhat NSFW, and has all the best moments.  More from EVERYTHING IS TERRIBLE.

Lazy Reading for 2013/08/11


Again, lots of links.  Some of these are overflow from previous weeks where I just said “That’s enough; let’s work on the next Lazy Reading.”

Your unrelated link of the week: Mighty Taco radio ads.  Mighty Taco is a Mexican fast food place from Buffalo, New York, USA.  It’s about as authentically Mexican as fast food from a city on the edge of Canada can be, which is ‘not much’.  I’ve always loved the food, though, and the commercials are just the right mix of amateur joke and commercial advertising.

Bonus unrelated: If you enjoy imgur/fukung but it’s not youtubey enough, hit ‘Random’ on IWantMoar.com a few times.  You may want to turn down your volume.

Just kill everything


killall -T will now kill all processes associated with the current tty, except parents of the killall process itself.  It’s a shortcut to “kill all these runaway items I started by accident”.

Lazy Reading for 2013/07/21


Last week was relatively light, but somehow this week I read a zillion interesting things.  It’s been too dang hot to do much else, other than flop in a chair and point a fan at my head.

Your unrelated link of the week: Bones Don’t Lie.  An anthropologist who blogs about various discoveries of human remains.  I really enjoy blogs where someone is talking about a subject they care about – not to sell a product, not to be paid (directly), but just because they like the topic and they want to share it with others.  Of course I would think that, wouldn’t I?

Avoiding non-routeable IPs


It’s possible your Internet service provider uses a non-routeable IP range (like 10.*) and occasionally your border device picks that up via DHCP by accident instead of an Internet address.  If that happens to you, and you’re using DragonFly as your border gateway, it’s possible to prevent it with PF dhclient.

Posted by     Categories: DragonFly, pf, Someday you will need this     2 Comments

Another tip: cleaning up a really, really full Hammer drive


If you get your Hammer drive really full, a normal cleanup won’t make enough space.  When that happen, use ‘hammer reblock’ in increasing increments.  That works because it does cleanup in much smaller steps.

Posted by     Categories: DragonFly, Someday you will need this     0 Comments

An X tip on terminal switching


Switching terminals in X with ctrl-alt-Fx requires a not-on-by-default option.  This could catch anyone used to the old behavior, so I might be doing you a favor by mentioning it.

Posted by     Categories: Someday you will need this, UNIXish     2 Comments

PRISM, privacy, and what you make yourself


If you’ve been reading the Digest for a while, you’ve seen me talk about the value of hosting or running your own services.  It’s not too much of a surprise in my case; if you are working on an open-source operating system, you want to run it.  It’s good to get the experience, and you can run programs the way you want, instead of picking from whatever vendors happen to sell you.

The PRISM disclosure, which I am going to assume everyone is familiar with at this point, is another facet.  Every time you use another company for your email, your entertainment, your software, and so on, their information on you can be accessed.    This isn’t a problem that can be fixed by going from one webmail provider to another.  You can shop around, but notice that the author in that link effectively throws his or her hands in the air and says, “there’s no way out” by the end of the article.  This is because corporations work as collecting agents for the government, even if they don’t plan to do so.

That sounds drastic, but there’s legal frameworks in every country for governments to require companies to give up data on any person, on request.  It happens.  I’ve seen it myself; I worked for Time Warner for several years, tracking down cable modem user information and handing it over as compelled by law.  I know the lawyers at TW Corporate didn’t like doing it, but they didn’t have a choice.  (I have some horrifying stories about what people would do to themselves and each other.)

Companies are increasingly working to create services to sell, not products to buy.  A service never stops being consumed, so it forms an ongoing revenue stream.  I’m not saying this is bad; I firmly believe that a financial incentive to be paid improves services.  However, as only a consumer, you can end up not owning what you use.  Other people have pointed this out, and I don’t want to sound like a frothing crazy person… but it is relevant, though not necessarily as catastrophic as some people pronounce.

What I’m working towards here is a reminder that you should run your own software, and running it on DragonFly is the best way.  (Or some other operating system, I guess.  If you have to.)  Instead of trying to figure out what the least-bad commercial option can be, run it yourself.  Good for privacy, good for learning.  I know that’s not an option for everyone; fighting with Sendmail (for instance) is not an activity that many people pick voluntarily.  But, if you’ve been thinking of setting up a replacement for Google Reader, or hosting your own mail, or own blog, etc… there’s never a better time than now.

(Follow all those links for some good information; consider it an early Lazy Reading post)

 

Old amd64 removed and extra upgrade step added


The ‘amd64′ specific parts of kernel architecture have been removed, since x86_64 covers all that.  As a side effect of other changes, John Marino warns that upgrading DragonFly from a version older than 3.4, to a version newer than 3.4, will require an intermediate step of going to 3.4 first.  e.g. If your machine is a DragonFly 3.0 system, you will need to upgrade to 3.4 before moving to, say, 3.6 once it is out.  This won’t matter for some months, since the next release is months off.

Lazy Reading for 2013/06/09


Not as wordy this week, but still wordy.  And linky!

  • Max Headroom and the Strange World of Pseudo-CGI. A discussion of how old fake CGI can look better than modern, real CGI. This is an opinion I’ve had for quite a while, and my children pretty much ignore it every time I bring it up.  (via)
  • The Colby Walkmac, which predates the Mac Luggable.  Linked to because it includes good pictures of what the (external) hardware was like.  I find all the old ports interesting, since it’s all USB and the occasional eSATA these days… not that I’m complaining!  I’ve never had a good experience with a 9-pin serial port.  (via)
  • A brief education on escaping characters.
  • I get worried when remotely rebooting a server in a different town or even state.  In Praise of Celestial Mechanics covers much more stressful circumstances: interplanetary reboots.  Does Voyager 1 or 2 have an ‘uptime’ function?
  • The equivalent of what you are doing right now, 20 years ago.  I personally never got to see this; my experience was MUDs.  Speaking of which…
  • The Birth of MMOs: World of Warcraft’s debt to MUD.  MUD == MMO, Roguelike == Diablo/Torchlight, Doom == almost everything else.  There’s a number of game archetypes that haven’t changed in some time.  (via)
  • Playing with powerlines.  I used to work at a company that used these lines for data transfer.  It was neat technology, but it sure wasn’t easy to set up.  Imagine wiring a city but only being able to use Ethernet hubs.  Not switches, hubs.  That, combined with undersized ARP caches/MAC tables, made it really difficult.
  • OpenVPN on FreeBSD, which will come in handy for at least several readers, I’m sure, as the directions should apply to any BSD.
  • Is there anything DNS can’t be used for?  Cause now it’s domain-based mail policy publishing.  (via ferz on EFNet #dragonflybsd)
  • Have you tried DragonFly?” posts on various forums seem to pop up with some regularity.
  • Uses of tmux, explained.  A slide show talking about how tmux works.  (via)

Unrelated link of the week: I’ve had several deadlines and a mail server with issues this week at work, so this is all I got.

Adding to dports


Since dports uses FreeBSD ports as a base, adding something to FreeBSD ports means it will show in dports, too.  However, it doesn’t have to go that way.  It’s possible to have dports packages that exist only in dports.  If you have changes to a port that make it compile on DragonFly, that can be added too.  For all of that, go to the dports issues page on GitHub.

Creating new pkgsrc packages, a lesson


Johnathan Perkin has a nice tutorial up about creating pkgsrc packages.  It’s done on SmartOS, but I imagine it’ll generally apply to anything pkgsrc supports.

Posted by     Categories: pkgsrc, Someday you will need this     0 Comments

Book review: DNSSEC Mastery


Michael W. Lucas recently wrote and self-published a new book, DNSSEC Mastery.  He asked me to review it, and I’ve been reading it in bits and starts over the past few very busy weeks.

First, the background: If you’re not familiar with the acronym, it’s a method of securing DNS information so that you can trust that domain name information is actually from the machine that’s supposed to provide it.  DNS information is basic to Internet operation, but it traditionally has been provided without any mechanisms to deal with misinformation or malicious use.  This seems to happen with protocols that have been around for many years, as any mail administrator can tell you…

In any case, ‘DNS poisoning’ (or as Wikipedia calls it, ‘DNS Spoofing‘) attacks such a basic part of how the Internet works that it will completely bypass any security methods that assume name information is correct.  DNSSEC is a way to deal with that.  It introduces public-key encryption into the process of sharing and updating DNS information.  The idea has been around for a while, but it’s only been completely implemented recently.

DNSSEC Mastery goes over this history, and through the setup required to get (recent) BIND working with DNSSEC.  Lucas seems to be starting a series of ‘Mastery’ books, where he covers all the territory around a specific topic.  This one, like his previous title, is exactly what it says.  As long as you have some existing clue around zone files and DNS, the book will take you from no DNSSEC at all to fully implemented in less than 100 pages.  (well, at least in the PDF version, but that gives you an idea of the size.)

Use it to learn, or use it as a quick reference – either way will work.  If you have any DNS server(s) to manage, you’re the target audience.  I expect DNS without these security extensions will go the way of telnet vs. ssh.

A book covering things like new encrypted hash zone record types is going to be a bit dry, but there’s an appropriate sprinkling of humor through the book.  I’ve reviewed other Lucas books before, and I’ve got another on my plate right now, but this is the same: there’s plenty of funny to make the lessons go down easier.

DNSSEC Mastery: Securing the Domain Name System with BIND is available on AmazonBarnes & NobleSmashwords, and his self-publishing site.  Also see Peter N. M. Hansteen’s review of the book.

 

Posted by     Categories: Books, Someday you will need this     1 Comment

How about Ansible?


Ansible seems to be a configuration management system that’s lighter than puppet or salt.  I had a student talking about it in my class tonight.  BSD users Hubert Feyrer and Michael W. Lucas have both posted about it recently.  Anyone want to repeat their experiences?

Posted by     Categories: BSD, DPorts, pkgsrc, Someday you will need this     3 Comments

Transmission server directions


If you were perhaps thinking of setting up transmission-daemon, a BitTorrent server, this post on pkgsrc-users@netbsd.org will help you out.

Posted by     Categories: pkgsrc, Someday you will need this     0 Comments

HAMMER file system resizing


If you’ve ever wondered about how you can resize/move a HAMMER filesystem, follow this thread for a variety of answers.

Are you using hotplugd?


Are you using hotplugd?  If you are, this post from ‘william opensource4you’ about a small patch he made may be useful to you.

Posted by     Categories: DragonFly, Someday you will need this     0 Comments

bxr.su for everyone else


For those of us still on IPv4 networks, the BSD-specific OpenGrok site bxr.su should now be available in general, not just on IPv6.

Posted by     Categories: BSD, Someday you will need this     0 Comments

DragonFly 3.3/3.5 users and dports


If you’re running DragonFly-current, which right now means version 3.3 and very soon 3.5, you are probably running pkgsrc.  If you want to transition to dports, this pair of posts from John Marino will tell you how.

DPorts and DragonFly 3.5 cheatsheet


John Marino published a ‘cheatsheet‘ (also, typo fix)for DragonFly 3.5 users who want to try dports, using DragonFly 3.4 packages.

Running a spam blacklist


Peter Hansteen has an extensive writeup of how he has managed the bsdly.net spam blacklists.  Normally I’d stick this article in the Lazy Reading links, but the article is good enough to call out separately.   It’s excellent not just for the mechanical aspects of how the blacklists were maintained, but for his strict description on how the process is simple, verifiable, and transparent.  That last item, transparency, is how many anti-spam groups fall down.