Make upgrade, then make rescue

If you haven’t done it before, you can use ‘make rescue’ to build a tiny base system on DragonFly, for use when /usr goes missing, for when your disk is encrypted, and other rather catastrophic problems.  It should be in sync with the rest of the system, which is why ‘make rescue’ can be part of a buildworld process.  I’m mentioning this because currently, ‘make upgrade’ should be done first.

Lazy Reading for 2018/07/22

History for a theme, I guess?  It’s a random week.

Your Cyriak video of the month: Indigestion.

SSH keys and making your life easier

A tip for anyone using public keys in SSH: you can start up your xorg session using ssh-agent and then have all subsequent connections be authorized by the agent, saving you some hassle of password typing, etc.  Put this in your ~/.xinitrc :

eval `/usr/bin/ssh-agent -c`
(insert line to start up your window manager here)
/bin/kill $SSH_AGENT_PID

(Yoinked from Matthew Dillon on IRC)  Realistically, you should also lock your terminal or otherwise prevent physical access to any workstation where you do this, since it means immediate SSH access to other systems using your identity, for anyone touching that keyboard.

If you’re using Windows, there’s always Pageant.

mkinitrd out, initrd in

There was an optional ‘make initrd’ step in the DragonFly build process, where you can create a small binary to use for mounting encrypted root drives.

Aaron LI has removed mkinitrd in favor of ‘make initrd’, which builds a separate binary to use in exactly those situations.  See the commit message for more detail.  It incidentally creates a ‘/rescue’ directory and works as a rescue ramdisk, similar to other BSDs, if you should ever need it.  (See updated MOTD for details)

In Other BSDs for 2017/06/02

One of these links will be very useful to someone.

CVE-2018-8897 fix in, more Spectre fixes for DragonFly

A recent and new CPU bug, CVE-2018-8897, is fixed in DragonFly.  THis applies to both Intel and AMD processors.  I’m happy to see that the CERT page lists equal notification timing for a whole lot of operating systems, rather than the few that heard about Spectre/Meltdown early.

Following that topic, Matthew Dillon has “fleshed out” Spectre mitigations, and his commit message details the current state.  The sysctl ‘machdep.spectre_mitigation’ will tell you what’s set at any given point.

Update: update.

In Other BSDs for 2018/04/21

Opinion time: The Reddit / Hacker News forums have reached the anything/everything point where there’s no longer a focus.  Lobste.rs is worth visiting, though, for BSD content and in general.

Lazy Reading for 2018/04/08

Accidental theme this week: Social media is a dead end.

Your unrelated food link for the week: King Arthur test kitchen disasters.  Summarized annually on April Fools Day, every year.