BSD Now

FreeBSD Performance Observability, Advance!BSD thoughts 1/2, Lumina Desktop Maintainership Change, How to Handle Secrets on the Command Line, Like NetBSD DragonFlyBSD Now Has "COVID", and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD Performance Observability Advance!BSD – thoughts on a not-for-profit project to support *BSD (1/2) News Roundup Maintainership Change :: Lumina Desktop Environment Study the past if you would define the Future How to Handle Secrets on the Command Line Following NetBSD, DragonFlyBSD Now Has "COVID" Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Jim - freebsd kde michal - zfs question tim - lumina and snapshots *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Unix System Architecture Evolution, Deep Dive into FreeBSD’s Strengths, how developers chose names, OPNsense 21.1.7 released, Support for chdir(2) in posix_spawn(3), vagrant-freebsd-boxbuilder, OpenBSD’s IATA airport code file, and more This episode of BSDNow is brought to you by Tarsnap Headlines The Evolution of the Unix System Architecture • Full IEEE article: https://ieeexplore.ieee.org/document/8704965 Deep Diving Into the Strengths of FreeBSD Interesting read on how Developers choose Names News Roundup OPNsense 21.1.7 released Support for chdir(2) in posix_spawn(3) vagrant-freebsd-boxbuilder OpenBSD has a file with 3-letter IATA airport codes Beastie Bits Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions lyubo - ipfw question michael - a netbsd story sven - a dogs garage Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Open Source and Blogging Bubbles, Building Customized FreeBSD Images, Updating Minecraft in FreeBSD, Upgrading FreeBSD jails using mkjail, Dragonfly 6.0 Performance benchmark, OpenBSD Consumer Gateway Launch, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines The Open-Source Software bubble that is and the blogging bubble that was Building Customized FreeBSD Images News Roundup Updating to Minecraft 1.17 in FreeBSD Upgrading a FreeBSD 12.2 jail to FreeBSD 13 using mkjail DragonFlyBSD 6.0 Is Performing Very Well Against Ubuntu Linux, FreeBSD 13.0 An OpenBSD Consumer Gateway Launch Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions CY - bearssl Marc - that tarsnap ad nycbug Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

DTrace network probes, next 50 years of shell programming, NetBSD on the Vortex86DX CPU, system CPU time in top, your filesystem as a dungeon, diving into toolchains, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines DTrace Network Probes Unix Shell Programming: The Next 50 Years News Roundup NetBSD on the Vortex86DX CPU System CPU time – ‘sys’ time in top rpg-cli —your filesystem as a dungeon! Diving into toolchains Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions • [Alfred - Advice](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/409/feedback/Alfred%20-%20Advice) • [CY - Portable Patch Util](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/409/feedback/CY%20-%20Portable%20Patch%20Util) • [Denis - State of ZFS Ecosystem](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/409/feedback/Denis%20-%20State%20of%20ZFS%20Ecosystem) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Report from virtual FreeBSD DevSummit 2021, another promising release by FreeBSD Based helloSystem, GearBSD, OpenBGPD release, Let’s Encrypt on OpenBSD, FreeBSD 13 on the Panasonic Let’s Note, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines 2021 FreeBSD Developer Summit helloSystem – FreeBSD Based OS Brings another Promising Release 0.5.0 News Roundup GearBSD: a project to help automating your OpenBSD OpenBGPD 7.0 released Simple use of Let's Encrypt on OpenBSD is pleasantly straightforward (as of 6.8) FreeBSD 13 on the Panasonic Let’s Note CF-RZ6 Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions • [Paul - ZFS Questions](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/408/feedback/Paul%20-%20ZFS%20Questions) • [Rafael - relic](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/408/feedback/Rafael%20-%20relic) • [matthew - sendfile and ktls](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/408/feedback/matthew%20-%20sendfile%20and%20ktls) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Confining the omnipotent root, Jails with ZFS and PF on DigitalOcean, NomadBSD 130R is out, KDE Plasma Wayland on FreeBSD, Firefox under FreeBSD with Privacy, Using NetBSD’s pkgsrc everywhere, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Jails: Confining the omnipotent root A dramatic reading of portions of the paper: Papers We Love: FreeBSD Jails and Solaris Zones *** ### Using Jails with ZFS and PF on DigitalOcean *** ## News Roundup ### NomadBSD 130R is out *** ### KDE Plasma Wayland - a week in FreeBSD *** ### Install Firefox under FreeBSD and Set it Up with Privacy *** Using NetBSD’s pkgsrc everywhere I can *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Malcolm - restoring a single file Nathan - wireless support bluefire - zfs special vdev Push to next show with Allan Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Gemini Capsule in a FreeBSD Jail, FreeBSD Quarterly status report 2021Q1, NetBSD VM on bhyve (on TrueNAS), Interview with Michael Lucas, WireGuard Returns as Experimental Package in pfSense, CGI with Awk on OpenBSD httpd, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Gemini Capsule in a FreeBSD Jail With the recent release of FreeBSD 13, I wanted to test it out on a spare RaspberryPi 3 that was part of my old Kubernetes cluster. In particular, FreeBSD Jails have always interested me, although I’ve never used them in practice. Over the years I’ve managed operating system virtualization through Solaris Zones and Docker containers, and Jails seem like and good middle ground between the two - easier to manage than zones and closer to the OS than Docker. I also want to run my own Gemini capsule locally to use some of the features that my other hosted capsules don’t have (like SCGI/CGI) and setting up a capsule in a Jail is a good way to learn both at the same time. FreeBSD Quarterly status report 2021Q1 News Roundup NetBSD VM on bhyve (on TrueNAS) My new NAS at home is running TrueNAS Core. So far, it has been excellent, however I struggled a bit setting up a NetBSD VM on it. Part of the problem is that a lot of the docs and how-tos I found are stale, and the information in it no longer applies. TrueNAS Core allows running VMs using bhyve, which is FreeBSD’s hypervisor. NetBSD is not an officially supported OS, at least according to the guest OS chooser in the TrueNAS web UI :) But since the release of NetBSD 9 a while ago, things have become far simpler than they used to be – with one caveat (see below). Interview with Michael Lucas *BSD, Unix, IT and other books author Michael Lucas is a famous IT book author. Perhaps best know for FreeBSD, OpenBSD, and Unix book series. He worked as a system administrator for many years and has now become a full-time book writer. Lately, I did a quick Q and A with Michael about his journey as a professional book author and his daily workflow for writing books. + pfSense – WireGuard Returns as Experimental Package CGI with Awk on OpenBSD httpd Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questionsing Adam - system state during upgrade paul - BSD grep sub - feedback Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

NetBSD 9.2 released, DragonFly 6.0 is out, Home Network Monitoring using Prometheus, Preventing FreeBSD to kill PostgreSQL, Customizing Emacs for Git Commit Messages, Deleting old FreeBSD boot environments, Always be quitting, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines NetBSD 9.2 Released DragonFly 6.0 is out! Release Notes *** ### EuroBSDCon 2021 will be online *** ## News Roundup ### Home Network Monitoring using Prometheus > This blog post describes my setup for monitoring various devices on my home network suh as servers, laptops/desktops, networking gear etc. The setup and configuration is squarely geared towards small/medium sized network monitoring. A similar setup might work for large networks, but you will need to plan your compute/storage/bandwidth capacities accordingly. I’m running all the monitoring software on FreeBSD, but you can run it on your choice of OS. Just make sure to install the packages using your OS’s package manager. *** ### Preventing FreeBSD to kill PostgreSQL (aka OOM Killer prevention) > There are a lot of interesting articles on how to prevent the Out of Memory Killer (OOM killer in short) on Linux to ruin your day, or better your night. One particularly well done explanation about how the OOM Killer works, and how to help PostgreSQL to survive, is, in my humble opinion, the one from Percona Blog. *** ### Customizing Emacs for Git Commit Messages >I do a lot of commits to the FreeBSD project and elsewhere. It would be nice if I could setup emacs in a custom way for each commit message that I'm editing. > Fortunately, GNU Emacs provides a nice way to do just that. While I likely could do some of these things with git commit hooks, I find this to be a little nicer. *** ### Deleting old FreeBSD boot environments > I like boot environments (BE) on FreeBSD. They were especially handy when building the AWS host for FreshPorts, since I had no serial console. I would create a BE saving the current status, then make some changes. I’d mark the current BE as boot once, so I could boot back in the known good BE. Worst case, I could mount the storage onto a rescue EC2 instance and adjust the bootfs value of the zpool. *** Always be quitting A good philosophy to live by at work is to “always be quitting”. No, don’t be constantly thinking of leaving your job. But act as if you might leave on short notice. Counterintuitively, this will make you a better engineer and open up growth opportunities. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Christopher - zfs question Chris - two questions Vas - zpools and moving to FreeBSD 13 Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Allan, Benedict and Tom are MIA, so JT fills in with two friends. This episode of BSDNow is brought to you by Tarsnap CoHosts this week: • Ash Gokhale: https://twitter.com/xpi • Jeff Propes : CoHost of The Opinion Dominion This weeks format follows the format of one of JT's other shows: The Opinion Dominion. Centralized vs Decentralized Management Ash’s draid article at Klara openbsd’s 50th release + Release Notes Beastie Bits • Interesting dtrace papers I found this week. The first is unfortunately paywalled by an industry journal but hopefully it’ll be publicly available soon. ◦ [Using Dtrace for Machine Learning Solutions in Malware Detection](https://ieeexplore.ieee.org/document/9225633) ◦ [Process Monitoring on Sequences of System Call Count Vectors](https://arxiv.org/pdf/1707.03821.pdf) ◦ Sounds Similar to: Optimyze Cloud](https://twitter.com/OptimyzeCloud/status/1386424419418099712) CADETS that GNN is working on] • Practical IOT Hacking book out by no starch press Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Open Source Voices episode with Colin Percival RIP Dan kaminski • https://www.nytimes.com/2021/04/27/technology/daniel-kaminsky-dead.html • https://www.darkreading.com/vulnerabilities---threats/in-appreciation-dan-kaminsky/d/d-id/1340830 • https://www.securityweek.com/security-researcher-dan-kaminsky-passes-away Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Why You Should Use BSD Licensing for Your Next Open Source Project or Product, Update on FreeBSD Foundation Investment in Linuxulator, OPNsense 21.1.5 released, FreeBSD meetings on the Desktop, Running FreeBSD jails with containerd 1.5, Markdown, DocBook, and the quest for semantic documentation on NetBSD.org, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Why You Should Use BSD Licensing for Your Next Open Source Project or Product The term “open source” has its origins in the context of software development, designating a specific approach to developing computer programs. Nowadays, however, it stands for a broad set of values – open source means open exchange, transparency, collaborative participation and development for the benefit of the entire community. Update on FreeBSD Foundation Investment in Linuxulator Dr. Emmett Brown’s similar-sounding Flux Capacitor from the movie Back to the Future bridged the dimension of time, uniting past, present, and future for the McFlys. Similarly, the FreeBSDⓇ Linuxulator project also bridges dimensions – in our case, these are LinuxⓇ and FreeBSD. News Roundup OPNsense 21.1.5 released This is mainly a security and reliablility update. There are several FreeBSD security advisories and updates for third party tools such as curl. OPNsense to rebase on FreeBSD 13 *** ### FreeBSD meetings on the Desktop FreeBSD on the desktop is a whole stack - X11, Qt, KDE Frameworks, KDE Plasma and KDE Gear, and Wayland, and Poppler and GTK - o my! *** ### Running FreeBSD jails with containerd 1.5 containerd 1.5.0 was released today and now works on a new operating system: FreeBSD! This new release includes a series of patches (1, 2, 3, 4, 5, 6, 7, 8, 9, 10) which allow containerd to build, enable the native and zfs snapshotters, and use a compatible runtime like runj. *** ### Markdown, DocBook, and the quest for semantic documentation on NetBSD.org Recently, I’ve been doing a lot of maintenance of the NetBSD website. It contains a boatload of documentation, much of which was originally written in the 2000s. It has some special requirements: it has to work in text-based web browsers like lynx, or maybe even without any working browser installed at all, or just ftp(1) for downloading plain text over HTTP. Naturally, the most important parts are static, suitable for serving from the standard NetBSD http server, which runs from inetd by default. *** Beastie Bits Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Alrekur - An Interesting FreeBSD Find They presented at the FreeBSD Vendor summit last year too: https://www.youtube.com/watch?v=8LUdZseNrpE Sven - feedback Robert - firewalling Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

It's time to say goodbye to the GPL, a new OCI Runtime for FreeBSD Jails, A bit of Xenix history, On Updating QEMU's bsd-user fork, FreeBSD 13 on a 12 year old laptop, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines It's time to say goodbye to the GPL The trigger for this post is the reinstating of Richard Stallman, a very problematic character, to the board of the Free Software Foundation (FSF). I am appalled by this move, and join others in the call for his removal. This occasion has caused me to reevaluate the position of the FSF in computing. It is the steward of the GNU project (a part of Linux distributions, loosely speaking), and of a family of software licenses centred around the GNU General Public License (GPL). These efforts are unfortunately tainted by Stallman’s behaviour. However, this is not what I actually want to talk about today. runj: a new OCI Runtime for FreeBSD Jails Today, I open-sourced runj, a new experimental, proof-of-concept OCI-compatible runtime for FreeBSD jails. For the past 6.5 years I’ve been working on Linux containers, but never really had much experience with FreeBSD jails. runj (pronounced “run jay”) is a vehicle for me to learn more about FreeBSD in general and jails in particular. With my position on the Technical Oversight Board of the Open Containers Initiative, I’m also interested in understanding how the OCI runtime specification can be adapted to other operating systems like FreeBSD. News Roundup A Bit of Xenix History From 1986 to 1989, I worked in the Xenix1 group at Microsoft. It was my first job out of school, and I was the most junior person on the team. I was hopelessly naive, inexperienced, generally clueless, and borderline incompetent, but my coworkers were kind, supportive and enormously forgiving – just a lovely bunch of folks. On Updating QEMU's bsd-user fork FreeBSD 13 on a 12 year old laptop My old (2009) HP laptop now runs FreeBSD 13.0-RELEASE. Beastie Bits Registration is now open for the June 2021 #FreeBSD Developers Summit 6.0RC1 images available Lexical File Names in Plan 9 or Getting Dot-Dot Right The history of UTF-8 as told by Rob Pike Initial Support for the riscv64 Architecture *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Hamza - Congrats on 400 Renato - DTS and ContainerD Rob - Music Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Dog's Garage Runs OpenBSD, EuroBSDcon 2021 Call for Papers, FreeBSD’s iostat, The state of toolchains in NetBSD, Bandwidth limiting on OpenBSD 6.8, FreeBSD's ports migration to git and its impact on HardenedBSD, TrueNAS 12.0-U3 has been released, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines My Dog's Garage Runs OpenBSD I was inspired by the April 2017 article in undeadly.org about getting OpenBSD running on a Raspberry Pi 3B+. My goal was to use a Raspberry Pi running OpenBSD to monitor the temperature in my garage from my home. My dog has his own little "apartment" inside the garage, so I want to keep an eye on the temperature. (I don't rely on this device. He sleeps inside the house whenever he wants.) EuroBSDcon 2021 Call for Papers FreeBSD iostat The state of toolchains in NetBSD While FreeBSD and OpenBSD both switched to using LLVM/Clang as their base system compiler, NetBSD picked a different path and remained with GCC and binutils regardless of the license change to GPLv3. However, it doesn't mean that the NetBSD project endorses this license, and the NetBSD Foundation's has issued a statement about its position on the subject. NetBSD’s statement *** News Roundup Bandwidth limiting on OpenBSD 6.8 I will explain how to limit bandwidth on OpenBSD using its firewall PF (Packet Filter) queuing capability. It is a very powerful feature but it may be hard to understand at first. What is very important to understand is that it's technically not possible to limit the bandwidth of the whole system, because once data is getting on your network interface, it's already there and got by your router, what is possible is to limit the upload rate to cap the download rate. FreeBSD's ports migration to git and its impact on HardenedBSD FreeBSD completed their ports migration from subversion to git. Prior to the official switch, we used the read-only mirror FreeBSD had at GitHub[1]. The new repo is at [2]. A cursory glance at the new repo will show that the commit hashes changed. This presents an issue with HardenedBSD's ports tree in our merge-based workflow. TrueNAS 12.0-U3 has been released iXsystems is excited to announce TrueNAS 12.0-U3 was released today and marks an important milestone in the transition from FreeNAS to TrueNAS. TrueNAS 12.0 is now considered by iXsystems to be a higher quality release than FreeNAS 11.3-U5, our previous benchmark. The new TrueNAS documentation site has also reached a point where it has more content and capabilities than FreeNAS. TrueNAS 12.0 is ready for mission-critical enterprise deployments. Beastie Bits Joyent provides pkgsrc for MacOS X Archives of old Irix documentation FreeBSD Developer/Vendor Summit 2021 *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Andre - splitting zfs array Bruce - Command Change Dan - Annoyances with ZFS Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

FreeBSD 13 is here, multi-factor authentication on OpenBSD, KDE on FreeBSD 2021o2, NetBSD GSoC report, a working D compiler on OpenBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD 13.0 R Annoucement • OpenZFS 2.0 (almost 2.1) is included in 13.0 • Removed support for previously-deprecated algorithms in geli(8). • The armv8crypto(4) driver now supports AES-GCM which is used by IPsec and kernel TLS. Enable multi-factor authentication on OpenBSD In this article I will explain how to add a bit more security to your OpenBSD system by adding a requirement for user logging into the system, locally or by ssh. I will explain how to setup 2 factor authentication (2FA) using TOTP on OpenBSD News Roundup KDE on FreeBSD 2021o2 Gosh, second octant already! Well, let’s take a look at the big things that happened in KDE-on-FreeBSD in these six-and-a-half weeks. GSoC Reports: Make system(3), popen(3) and popenve(3) use posix_spawn(3) internally (Final report) My code can be found at github.com/teknokatze/src in the gsoc2020 branch, at the time of writing some of it is still missing. The test facilities and logs can be found in github.com/teknokatze/gsoc2020. A diff can be found at github which will later be split into several patches before it is sent to QA for merging. The initial and defined goal of this project was to make system(3) and popen(3) use posix_spawn(3) internally, which had been completed in June. For the second part I was given the task to replace fork+exec calls in our standard shell (sh) in one scenario. Similar to the previous goal we determined through implementation if the initial motivation, to get performance improvements, is correct otherwise we collect metrics for why posix_spawn() in this case should be avoided. This second part meant in practice that I had to add and change code in the kernel, add a new public libc function, and understand shell internals. A working D compiler on OpenBSD Dr. Brian Robert Callahan (bcallah@) blogged about his work in getting D compiler(s) working under OpenBSD. Full Post *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Vasilis - upgrade question Dennis - zfs questions Daniel Dettlaff - KTLS question Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Comparing sandboxing techniques, Statement on FreeBSD development processes, customizing FreeBSD ports and packages, the quest for a comfortable NetBSD desktop, Nginx as a TCP/UDP relay, HardenedBSD March 2021 Status Report, Detailed Behaviors of Unix Signal, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Comparing sandboxing techniques I had the opportunity to implement a sandbox and I'd like to write about the differences between the various sandboxing techniques available on three different operating systems: FreeBSD, Linux and OpenBSD. Statement on FreeBSD development processes In light of the recent commentary on FreeBSD's development practices, members of the Core team would like to issue the following statement. Customizing FreeBSD Ports and Packages A basic intro to building your own packages News Roundup FVWM(3) and the quest for a comfortable NetBSD desktop FVWM substantially allows one to build a fully-fledged lightweight desktop environment from scratch, with an almost unparalleled degree of freedom. Although using FVWM does not require any knowledge of programming languages, it is possible to extend it with M4, C, and Perl preprocessing. Nginx as a TCP/UDP relay In this tutorial I will explain how to use Nginx as a TCP or UDP relay as an alternative to Haproxy or Relayd. This mean nginx will be able to accept requests on a port (TCP/UDP) and relay it to another backend without knowing about the content. It also permits to negociates a TLS session with the client and relay to a non-TLS backend. In this example I will explain how to configure Nginx to accept TLS requests to transmit it to my Gemini server Vger, Gemini protocol has TLS as a requirement. HardenedBSD March 2021 Status Report This month, I worked on finding and fixing the regression that caused kernel panics on our package builders. I think I found the issue: I made it so that the HARDENEDBSD amd64 kernel just included GENERIC so that we follow FreeBSD's toggling of features. Doing so added QUEUE_MACRO_DEBUG_TRASH to our kernel config. That option is the likely culprit. If the next package build (with the option removed) completes, I will commit the change that removes QUEUE_MACRO_DEBUG_TRASH from the HARDENEDBSD amd64 kernel. Detailed Behaviors of Unix Signal When Unix is mentioned in this document it means macOS or Linux as they are the mainly used Unix at this moment. When shell is mentioned it means Bash or Zsh. Most demos are written in C for macOS with Apple libc and Linux with glibc. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions andrew - flatpak chris - mac and truenas robert - some questions Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

FreeBSD 13.0 Full Desktop Experience, FreeBSD on ARM64 in the Cloud, Plan 9 from Bell Labs in Cyberspace, Inferno is open source as well, NetBSD hits donation milestone, grep returns (standard input) on FreeBSD, Random Programming Challenge, OpenBSD Adds Support for Coordinated Mars Time (MTC) and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD 13.0 – Full Desktop Experience With the release of FreeBSD 13.0 on the horizon, I wanted to see how it shapes up on my Lenovo T450 laptop. Previous major releases on this laptop, using it as a workstation, felt very rough around the edges but with 13, it feels like the developers got it right. FreeBSD on ARM64 in the Cloud Until the end of June, Amazon AWS is offering free ARM64 Graviton instances, learn how to try out FreeBSD to ARMv8 in the cloud Plan 9 from Bell Labs in Cyberspace! The releases below represent the historical releases of Plan 9. The two versions of 4th Edition represent the initial release and the final version available from Bell Labs as it was updated and patched. All historical releases of Plan 9 have been re-released under the terms of the MIT license. Inferno is open source as well *** ## News Roundup ### Hitting donation milestone, financial report for 2020 We nearly hit our 2020 donation milestone set after the release of 9.0 of $50,000. *** grep returns (standard input) on FreeBSD I was dealing with a bizarre error with grep(1) on FreeBSD, and it soon infected my macOS and NetBSD machines too. It was driving me crazy! Random Programming Challenge This better not be an April Fools Joke… I want to see this actually implemented. I’ll donate $100 to the first BSD that actually implements this for real. Who’s with me? OpenBSD Adds Support for Coordinated Mars Time (MTC) To make sure that OpenBSD can be used elsewhere than just earth, this diff introduces Coordinated Mars Time (MTC), the Mars equivalent of earth’s Universal Time (UTC). OpenZFS had a good one too Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Brandon - router Lawrence - Is BSD for me miguel - printing Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Customizing the FreeBSD Kernel, OpenBSD/loongson on the Lemote Fuloong, how ZFS on Linux brings up pools and filesystems at boot under systemd, LLDB: FreeBSD Legacy Process Plugin Removed, FreshBSD 2021, gmid, Danschmid’s Poudriere Guide in english, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Customizing the FreeBSD Kernel Learn more about customizing the build of the FreeBSD kernel and its loadable modules OpenBSD/loongson on the Lemote Fuloong In my article about running OpenBSD/loongson on the Lemote Yeeloong back in 2016, I mentioned looking for a Fuloong. All hope seemed lost until the Summer of 2017, when a fellow OpenBSD developer was contacted by a generous user (Thanks again, Lars!) offering to donate two Lemote Fuloong machines, and I was lucky enough to get one of those units. News Roundup How ZFS on Linux brings up pools and filesystems at boot under systemd On Solaris and Illumos, how ZFS pools and filesystems were brought up at boot was always a partial mystery to me (and it seemed to involve the kernel knowing a lot about /etc/zfs/zpool.cache). On Linux, additional software RAID arrays are brought up mostly through udev rules, which has its own complications. For a long time I had the general impression that ZFS on Linux also worked through udev rules to recognize vdev components, much like software RAID. However, this turns out to not be the case and the modern ZFS on Linux boot process is quite straightforward on systemd systems. LLDB: FreeBSD Legacy Process Plugin Removed During the past month we’ve successfully removed the legacy FreeBSD plugin and continued improving the new one. We have prepared an implementation of hardware breakpoint and watchpoint support for FreeBSD/AArch64, and iterated over all tests that currently fail on that platform. Therefore, we have concluded the second milestone. FreshBSD 2021 6 weeks ago I created a branch for a significant rework of FreshBSD. Nearly 300 commits later, and just a week shy of our 15th anniversary, the result is what you’re looking at now. I hope you like it. gmid is a gemini server for unixes. Danschmid’s Poudriere Guide now in english The ports system is one of FreeBSD's greatest advantages for users who want flexibility and control over their software. It enables administrators to easily create and manage source-based installations using a system that is robust and predictable. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] *** Special Guest: Tom Jones.

FreeBSD Network Troubleshooting, The State of FreeBSD, dhcpleased, bhyve for Calamares Development, EFS automount and ebsnvme-id, Old Usenix pictures, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD Network Troubleshooting FreeBSD has a full set of debugging features, and the network stack is able to report a ton of information. So much that it can be hard to figure out what is relevant and what is not. The State of FreeBSD License to thrill: Ahead of v13.0, the FreeBSD team talks about Linux and the completed toolchain project that changes everything News Roundup dhcpleased(8) - DHCP client daemon With the following commit, Florian Obser (florian@) imported dhcpleased(8), DHCP daemon to acquire IPv4 address leases from servers, plus dhcpleasectl(8), a utility to control the daemon: bhyve for Calamares Development bhyve (pronounced “bee hive”) is a hypervisor for BSD systems (and Illumos / openSolaris). It is geared towards server workloads, but does support desktop-oriented operation as well. I spent some time wayyyy back in November wrestling with it in order to replace VirtualBox for Calamares testing on FreeBSD. The “golden hint” as far as I’m concerned came from Karen Bruner and now I have a functioning Calamares test-ground that is more useful than before. “Calamares is a free and open-source independent and distro-agnostic system installer for Linux distributions.“ Some new FreeBSD/EC2 features: EFS automount and ebsnvme-id As my regular readers will be aware, I've been working on and gradually improving FreeBSD/EC2 for many years. Recently I've added two new features, which are available in the weekly HEAD and 12-STABLE snapshots and will appear in releases starting from 12.2-RELEASE. Old Usenix pictures Beastie Bits [https://2021.eurobsdcon.org/](CFP is open until May 26th, 2021) EuroBSDcon is the European technical conference for users and developers of BSD-based systems. The conference is scheduled to take place September 16-19 2021 in Vienna, Austria or as an all-online event if COVID-19 developments dictate. The tutorials will be held on Thursday and Friday to registered participants and the talks are presented to conference attendees on Saturday and Sunday. The Call for Talk and Presentation proposals period will close on May 26th, 2021. Prospective speakers will be notified of acceptance or otherwise by June 1st, 2021. [https://campgnd.com/](CFP is open until 2021-04-15) campgndd will be held May 28th, 29th and 30th 2021, from wherever you happen to be. We're looking for submissions on anything you're enthusiastic and excited about. If you enjoy it, the odds are we will too! You don't need to be an expert to propose anything. Some example of things we are looking for are: Talks Walkthroughs Music From the Desk of Michael Lucas… New Release: Only Footnotes I’ve lost count of the number of people who have told me that they purchase my books only for the footnotes. That’s okay. I don’t care why people buy my books, only that they do buy them. Nevertheless, I am a businessman living under capitalism and feel compelled to respond to my market. Allow me to present my latest release: Only Footnotes, a handsome hardcover-only compilation of decades of footnotes. From the back cover: ----- Only Footnotes. Because that’s why you read his books. Academics hate footnotes. Michael W Lucas loves them. What he does with them wouldn’t pass academic muster, but that doesn’t mean the reader should skip them. The footnotes are the best part! Why not read only the footnotes, and skip all that other junk? After literal minutes of effort, Only Footnotes collects every single footnote from all of Lucas’ books to date.* Recycle those cumbersome treatises stuffed with irrelevant facts! No more flipping through pages and pages of actual technical knowledge looking for the offhand movie reference or half-formed joke. This slender, elegant volume contains everything the man ever passed off as his dubious, malformed “wisdom.” Smart books have footnotes. Smarter books are only footnotes. *plus additional annotations from the author. Because sometimes even a footnote needs a footnote. ---- With interior illustrations by OpenBSD’s akoshibe, this distinguished tome would make fine inspirational reading for a system administrator, network engineer, or anyone sentenced to a life in information technology. Available at all fine bookstores, and many mediocre ones! Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] *** Special Guest: Tom Jones.

Tracing the History of ARM and FreeBSD, Make ‘less’ more friendly, NomadBSD 1.4 Release, Create an Ubuntu Linux jail on FreeBSD 12.2, OPNsense 21.1.2 released, Midnight BSD and BastilleBSD, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Tracing the History of ARM and FreeBSD When we think of computers, we generally think of laptops and desktops. Each one of these systems is powered by an Intel or AMD chip based on the x86 architecture. It might feel like you spend all day interacting with these kinds of systems, but you would be wrong. Unix Tip: Make ‘less’ more friendly You probably know about less: it is a standard tool that allows scrolling up and down in documents that do not fit on a single screen. Less has a very handy feature, which can be turned on by invoking it with the -i flag. This causes less to ignore case when searching. For example, ‘udf’ will find ‘udf’, ‘UDF’, ‘UdF’, and any other combination of upper-case and lower-case. If you’re used to searching in a web browser, this is probably what you want. But less is even more clever than that. If your search pattern contains upper-case letters, the ignore-case feature will be disabled. So if you’re looking for ‘QXml’, you will not be bothered by matches for the lower-case ‘qxml’. (This is equivalent to ignorecase + smartcase in vim.) News Roundup NomadBSD 1.4 Release Version 1.4 of NomadBSD, a persistent live system for USB flash drives based on FreeBSD and featuring a graphical user interface built around Openbox, has been released: “We are pleased to present the release of NomadBSD 1.4. Create an Ubuntu Linux jail on FreeBSD 12.2 OPNsense 21.1.2 released Work has so far been focused on the firmware update process to ensure its safety around edge cases and recovery methods for the worst case. To that end 21.1.3 will likely receive the full revamp including API and GUI changes for a swift transition after thorough testing of the changes now available in the development package of this release. Midnight BSD and BastilleBSD We recently added a new port, mports/sysutils/bastille that allows you to manage containers. This is a port of a project that originally targetted FreeBSD, but also works on HardenedBSD. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Brad - monitoring with Grafana Dennis - a few questions Paul - FreeBSD 13 Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Onboard Scheduler for the Mars 2020 Rover, Practical Guide to Storage of Large Amounts of Microscopy Data, OpenBSD guest with bhyve - OmniOS, NextCloud on OpenBSD, MySQL Transactions - the physical side, TrueNAS 12.0-U2.1 is released, HardenedBSD 2021 State of the Hardened Union, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Prototyping an Onboard Scheduler for the Mars 2020 Rover The mars rover runs VxWorks, which is based on BSD, and uses the FreeBSD networking stack. While there has been a lot of type about the little helicopter that was inside the rover running Linux, the rover itself runs BSD. *** ### Practical Guide to Storage of Large Amounts of Microscopy Data > Biological imaging tools continue to increase in speed, scale, and resolution, often resulting in the collection of gigabytes or even terabytes of data in a single experiment. In comparison, the ability of research laboratories to store and manage this data is lagging greatly. This leads to limits on the collection of valuable data and slows data analysis and research progress. Here we review common ways researchers store data and outline the drawbacks and benefits of each method. We also offer a blueprint and budget estimation for a currently deployed data server used to store large datasets from zebrafish brain activity experiments using light-sheet microscopy. Data storage strategy should be carefully considered and different options compared when designing imaging experiments. *** ## News Roundup ### OpenBSD guest with bhyve - OmniOS > Today I will be creating a OpenBSD guest via bhyve on OmniOS. I will also be adding a Pass Through Ethernet Controller so I can have a multi-homed guest that will serve as a firewall/router. > This post will cover setting up bhyve on OmniOS, so it will also be a good introduction to bhyve. As well, I look into OpenBSD’s uEFI boot loader so if you have had trouble with this, then you are in the right place. *** ### NextCloud on OpenBSD > NextCloud and OpenBSD are complimentary to one another. NextCloud is an awesome, secure and private alternative for propietary platforms, whereas OpenBSD forms the most secure and solid foundation to serve it on. Setting it up in the best way isn’t hard, especially using this step by step tutorial. MySQL Transactions - the physical side So you talk to a database, doing transactions. What happens actually, behind the scenes? Let’s have a look. TrueNAS 12.0-U2.1 is released HardenedBSD 2021 State of the Hardened Union - NYCBUG - 2021-04-07 Beastie Bits FreeBSD Journal: Case Studies *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Al - BusyNAS Jeff - ZFS and NFS on FreeBSD Michael - remote unlock for encrypted systems Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

Lessons learned from a 27 years old UNIX book, Finally dRAID, Setting up a Signal Proxy using FreeBSD, Annotate your PDF files on OpenBSD, Things You Should Do Now, Just: More unixy than Make, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Lessons learned from a 27 years old UNIX book One of the Amazon reviewers of "Sun Performance and Tuning: Java and the Internet" gave it 3/5 stars. While still a nice introduction, the book by Adrian Cockcroft has become dated — claimed Roland in 2003, which believe it or not was 18 years ago... dRAID, Finally! Admins will often use wide RAID stripes to maximize usable storage given a number of spindles. RAID-Z deployments with large stripe widths, ten or larger, are subject to poor resilver performance for a number of reasons. Resilvering a full vdev means reading from every healthy disk and continuously writing to the new spare. This will saturate the replacement disk with writes while scattering seeks over the rest of the vdev. For 14 wide RAID-Z2 vdevs using 12TB spindles, rebuilds can take weeks. Resilver I/O activity is deprioritized when the system has not been idle for a minimum period. Full zpools get fragmented and require additional I/O’s to recalculate data during reslivering. A pool can degenerate into a never ending cycle of rebuilds or loss of the pool Aka: the Death Spiral. News Roundup Setting up a Signal Proxy using FreeBSD With the events that the private messaging app Signal has been blocked in Iran, Signal has come up with an “proxy” solution akin to Tor’s Bridges, and have given instructions on how to do it. For people who prefer FreeBSD over Linux like myself, we obviously can’t run Docker, which is what Signal’s instructions focus on. Fortunately, the Docker image is just a fancy wrapper around nginx, and the configs can be ported to any OS. Here, I’ll show you how to set up a Signal Proxy on FreeBSD. Annotate your PDF files on OpenBSD On my journey to leave macOS, I regularly look to mimic some of the features I use. Namely, annotating (or signing) PDF files is a really simple task using Preview. I couldn’t do it on OpenBSD using Zathura, Xpdf etc. But there is a software in the ports that can achieve this: Xournal. Xournal is “an application for notetaking, sketching, keeping a journal using a stylus“. And now that my touchscreen is calibrated, highlighting can even be done with the fingers :) Things You Should Do Now Describes things you should do now when building software, because the cost to do them increases over time and eventually becomes prohibitive or impossible. Just: A command runner. More unixy than Make because it does even less. I think it's in the do-one-thing-well spirit of Unix, because it's just a command runner, no build system at all. Just has a bunch of nice features: Can be invoked from any subdirectory Arguments can be passed from the command line Static error checking that catches syntax errors and typos Excellent error messages with source context The ability to list recipes from the command line Recipes can be written in any language Works on Linux, macOS, and Windows And much more! Just doesn't replace Make, or any other build system, but it does replace reverse-searching your command history, telling colleagues the weird flags they need to pass to do the thing, and forgetting how to run old projects. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Marc - Confused about Snapshots Dan’s gist: https://gist.github.com/dlangille/3140e60a816226ed75365ba8af185085 Pete - A Question Rick - ZFS Idea Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] *** Special Guest: Dan Langille.

FreeBSD 13 BETA Benchmarks, FreeBSD Jails Deep Dive by Klara Systems, FreeBSD Foundation looking for a Senior Arm Kernel Engineer & OSS Project Coordinator, macOS-Inspired BSD Desktop OS by helloSystem, A Trip into FreeBSD and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD 13 BETA Benchmarks - Performance Is Much Better FreeBSD Jails – Deep Dive into the Beginning of FreeBSD Containers In recent years, containers and virtualization have become a buzzword in the Linux community, especially with the rise of Docker and Kubernetes. What many people probably don’t realize is that these ideas have been around for a very long time. Today, we will be looking at Jails and how they became part of FreeBSD. News Roundup FreeBSD Jobs The FreeBSD Foundation is looking for a Senior Arm Kernel Engineer The FreeBSD Foundation is also looking for an Open Source Project Coordinator. *** ### helloSystem Releases New ISOs For This macOS-Inspired BSD Desktop OS > The helloSystem motto is being a "desktop system for creators with focus on simplicity, elegance, and usability. Based on FreeBSD. Less, but better!" The desktop utilities are written with PyQt5. *** ### A Trip into FreeBSD > I normally deal with Linux machines. Linux is what I know and it's what I've been using since I was in college. A friend of mine has been coaxing me into trying out FreeBSD, and I decided to try it out and see what it's like. Here's some details about my experience and what I've learned. *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Beastie Bits Testing Linux Steam Proton on GhostBSD with BSD linuxulator - NO Audio New Build of DragonFlyBSD 5.8 Install OpenBSD 6.8 on PINE64 ROCK64 Media Board FOSDEM BSD Track Videos are up *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] *** Special Guest: Dan Langille.

Follow-up about FreeBSD jail advantages, Install Prometheus, Node Exporter and Grafana, Calibrate your touch-screen on OpenBSD, OPNsense 21.1 Marvelous Meerkat Released, NomadBSD 1.4-RC1, Lets all shed a Tear for 386, find mostly doesn't need xargs today on modern Unixes, OpenBSD KDE Status Report, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Follow-up about FreeBSD jail advantages I’ll admit I ran a lot of justifications together into a single paragraph because I wanted to get to configuring the jails themselves. They’re also, by and large, not specific to FreeBSD’s flavour of containerisation, though I still think it’s easily the most elegant implementation. Sometimes the simplest solution really is the best one. History of FreeBSD part 4: TCP/IP How TCP/IP evolved and BSDs special contribution to the history of the Internet *** FreeBSD: Install Prometheus, Node Exporter and Grafana FreeBSD comes out of the box with three great tools for monitoring. If you need more info about how these tools work, please read the official documentation. I’ll explain the installation only and creating a simple dashboard. News Roundup Calibrate your touch-screen on OpenBSD I didn’t expected it but my refurbished T460s came with a touch-screen. It is recognized by default on OpenBSD and not well calibrated as-is. But that’s really simple to solve. Lets all shed a Tear for 386 FreeBSD is designating i386 as a Tier 2 architecture starting with FreeBSD 13.0. The Project will continue to provide release images, binary updates, and pre-built packages for the 13.x branch. However, i386-specific issues (including SAs) may not be addressed in 13.x. The i386 platform will remain Tier 1 on FreeBSD 11.x and 12.x. OPNsense 21.1 Marvelous Meerkat Released For more than 6 years, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. NomadBSD 1.4-RC1 We are pleased to present the first release candidate of NomadBSD 1.4. find mostly doesn't need xargs today on modern Unixes I've been using Unix for long enough that 'find | xargs' is a reflex. When I started and for a long time afterward, xargs was your only choice for efficiently executing a command over a bunch of find results. OpenBSD KDE Status Report OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine. What a monster! With my CPU power at home, I can build it 1-2 times a day which makes testing a little bit annoying and time intensive. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Karl - Firefox webcam audio solution Michal - openzfs Dave - bufferbloat Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Did Linux kill Commercial Unix, three node GlusterFS setup on FreeBSD, OpenBSD on the Lenovo ThinkPad X1 Nano (1st Gen), NetBSD on EdgeRouter Lite, TLS Mastery first draft done NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Did Linux Kill Commercial Unix? Sales of commercial Unix have fallen off a cliff. There has to be something behind this dramatic decline. Has Linux killed its ancestor by becoming a perfectly viable replacement, like an operating system version of Invasion of the Body Snatchers? Wireguard: Simple and Secure VPN in FreeBSD A great article by Tom Jones about setting up Wireguard on FreeBSD *** Setup a Three Node Replicated GlusterFS Cluster on FreeBSD GlusterFS (GFS) is the open source equivalent to Microsoft's Distributed Filesystem (DFS). It's a service that replicates the contents of a filesystem in real time from one server to another. Clients connect to any server and changes made to a file will replicate automatically. It's similar to something like rsync or syncthing, but much more automatic and transparent. A FreeBSD port has been available since v3.4, and (as of this post) is currently at version 8.0 with 9.0 being released soon. News Roundup OpenBSD on the Lenovo ThinkPad X1 Nano (1st Gen) Lenovo has finally made a smaller version of its X1 Carbon, something I’ve been looking forward to for years. NetBSD on the EdgeRouter Lite NetBSD-current now has pre-built octeon bootable images (which will appear in NetBSD 10.0) for the evbmips port, so I decided to finally give it a try. I've been happily running OpenBSD/octeon on my EdgeRouter Lite for a few years now, and have previously published some notes including more detail about the CPU. “TLS Mastery” first draft done! Beastie Bits A Thread on a FreeBSD Desktop for PineBook Pro FOSSASIA Conference - March 2021(Virtual) WireGuard for pfSense Software NetBSD logo to going Moon *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. ### Producer's Note > Hey everybody, it’s JT here. After our AMA episode where I mentioned I was looking for older BSD Retail Copies, I was contacted by Andrew who hooked me up with a bunch of OpenBSD disks from the 4.x era. So shout out to him, and since that worked so well, I figured I'd give it another shot and ask that if anyone has any old Unixes that will run on an 8088, 8086, or 286 and you're willing to send me copies of the disks. I've recently dug out an old 286 system and I’d love to get a Unix OS on it. I know of Minix, Xenix and Microport, but I haven’t been able to find many versions of them. I've found Microport 1.3.3, and SCO Xenix... but that's about it. Let me know if you happen to have any other versions, or know where I can get them. Feedback/Questions Christian - ZFS replication and verification Iain - progress Paul - APU2 device *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

A week with Plan 9, Exploring Swap on FreeBSD, how to create a FreeBSD pkg mirror using bastille and poudriere, How to set up FreeBSD 12 VNET jail with ZFS, Creating Comfy FreeBSD Jails Using Standard Tools, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines A Week With Plan 9 I spent the first week of 2021 learning an OS called Plan 9 from Bell Labs. This is a fringe Operating System, long abandoned by it’s original authors. It's also responsible for a great deal of inspiration elsewhere. If you’ve used the Go language, /proc, UTF-8 or Docker, you’ve used Plan 9-designed features. This issue dives into Operating System internals and some moderately hard computer science topics. If that sort of thing isn’t your bag you might want to skip ahead. Normal service will resume shortly. Exploring Swap on FreeBSD On modern Unix-like systems such as FreeBSD, “swapping” refers to the activity of paging out the contents of memory to a disk and then paging it back in on demand. The page-out activity occurs in response to a lack of free memory in the system: the kernel tries to identify pages of memory that probably will not be accessed in the near future, and copies their contents to a disk for safekeeping until they are needed again. When an application attempts to access memory that has been swapped out, it blocks while the kernel fetches that saved memory from the swap disk, and then resumes execution as if nothing had happened. News Roundup How to create a FreeBSD pkg mirror using bastille and poudriere This a short how-to for creating a FreeBSD pkg mirror using BastilleBSD and Poudriere. How to set up FreeBSD 12 VNET jail with ZFS How do I install, set up and configure a FreeBSD 12 jail with VNET on ZFS? How can I create FreeBSD 12 VNET jail with /etc/jail.conf to run OpenVPN, Apache, Wireguard and other Internet-facing services securely on my BSD box? FreeBSD jail is nothing but operating system-level virtualization that allows partitioning a FreeBSD based Unix server. Such systems have their root user and access rights. Jails can use network subsystem virtualization infrastructure or share an existing network. FreeBSD jails are a powerful way to increase security. Usually, you create jail per services such as an Nginx/Apache webserver with PHP/Perl/Python app, WireGuard/OpeNVPN server, MariaDB/PgSQL server, and more. This page shows how to configure a FreeBSD Jail with vnet and ZFZ on FreeBSD 12.x. Creating Comfy FreeBSD Jails Using Standard Tools Docker has stormed into software development in recent years. While the concepts behind it are powerful and useful, similar tools have been used in systems for decades. FreeBSD’s jails in one of those tools which build upon even older chroot(2) To put it shortly, with these tools, you can make a safe environment separated from the rest of the system. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Chris - USB BSD variant Jacob - host wifi through a jail Jordan - new tool vs updating existing tool *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

FreeBSD Q4 2020 Status report, a must-have security tool from OpenBSD, Bastille Port Redirection and Persistence, FreeBSD Wall Display Computer, etymology of command-line tools, GhostBSD 21.01.15 Release Notes, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD quarterly status report for Q4 2020 Block spammers/abusive IPs with Pf-badhost in OpenBSD. A 'must have' security tool! Pf-badhost is a very practical, robust, stable and lightweight security script for network servers. It's compatible with BSD based operating systems such as {Open,Free,Net,Dragonfly}BSD and MacOS. It prevents potentially-bad IP addresses that could possibly attack your servers (and waste your bandwidth and fill your logfiles), by blocking all those IPs contacting your server, and therefore it makes your server network/resources lighter and the logs of important services running on your server become simpler, more readable and efficient. News Roundup Bastille Port Redirection and Persistence Bastille supports redirecting (rdr) ports from the host system into target containers. This port redirection is commonly used when running Internet services such as web servers, dns servers, email and many others. Any service you want to make public outside of your cluster will likely require port redirection (with some exceptions, see below). FreeBSD Wall Display Computer I've recently added a wall mounted 30" monitor for Grafana in my home. I can highly recommend doing the same, especially in a world where more work from home is becoming the norm. The etymology of command-line tools GhostBSD 21.01.15 Release Notes I am happy to announce the availability of the new ISO 21.01.15. This new ISO comes with a clean-up of packages that include removing LibreOffice and Telegram from the default selection. We did this to bring the zfs RW live file systems to run without problem on 4GB of ram machine. We also removed the UFS full disk option from the installer. Users can still use custom partitions to setup UFS partition, but we discourage it. We also fixed the Next button's restriction in the custom partition related to some bug that people reported. We also fix the missing default locale setup and added the default setup for Linux Steam, not to forget this ISO includes kernel, userland and numerous application updates. Beastie Bits Interview with Brian Kernighan *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

GNN's tips for surviving Cabin Fever and Coding from Home, Self-host a password manager on OpenBSD, Preliminary OpenBSD Support added to OBS, Dan's CURL tip of the Day, List of some Shell goodies for OpenBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines GNN's tips for surviving Cabin Fever and Coding from Home Forgive me if this seems off topic, but I was wondering if you had any advice for the majority of us who are now KFH (koding from home). I don't know how KV works day to day, but it seems pretty clear that the status quo has changed at most workplaces in the last several months, and it's hard to know if there are things we could be doing to stay productive while we're all at home, ordering delivery, and microwaving our mail. Does KV have any good guidance? Self-host a password manager on OpenBSD I’ve been using Rubywarden to store and access my passwords from OpenBSD workstations and iOS toys. But recent redondant failures from the iOS App and rubywarden not being maintained anymore led to the need for a new solution. I was investing on pass+pgp+git but it was quite complex. News Roundup Preliminary OpenBSD Support added to OBS Dan's CURL tip of the Day List of some Shell goodies for OpenBSD I'm sharing here some practices I'm following and some small tips/tools which facilitate my usage of OpenBSD in my day to day. Some are really specific to my usage, others could be re-used. Beastie Bits • [Traditional text mode games from BSD](https://github.com/msharov/bsd-games) • [FreeBSD Easter Eggs](https://twitter.com/freebsdfrau/status/972893680473317377) • [A prehistory and history of Unix Slide Deck](https://docs.google.com/presentation/d/1BxnFiP_Hv3HJbbYRfSxpTym7GzqxJPQlTE6Ur5h1Al8/edit#slide=id.g951f86c343_0_95) • [How to use Android USB Tethering to get Internet on FreeBSD](https://www.youtube.com/watch?v=cAEmtrEZlV8) • [VPN'Othon #2 for CharmBUG](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/387/charmbug_event.md) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions • [Kev - Ramdisk](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/387/feedback/kev%20-%20ramdisk.md) • [John - new to freebsd](https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/387/feedback/John%20-%20new%20to%20freebsd) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Routing and Firewalling VLANS with FreeBSD, FreeBSD 12 VNET jail with ZFS howto, pkgsrc-2020Q4 released, FreeBSD on Raspberry Pi 4 With 4GB of RAM, HardenedBSD December 2020 Status Report, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Routing and Firewalling VLANS with FreeBSD In this article we are going to look at and integrate two network isolation technologies, VLANs and VNET. VLANs are common place, and if you have done some network management or design then you are likely to have interacted with them. The second are FreeBSDs VNET virtual network stacks, a powerful network stack isolation technology that gives FreeBSD jails super powers. Ethernet VLAN (standardised by IEEE 802.1Q) are an extension to Ethernet and provide an essential method for scaling network deployments. They are used in all environments to enable reuse of common infrastructure by isolating portions of networks from each other. VLANs allow the reuse of common cables, switches and routers to carry completely different networks. It is common to have data that must be separated from different networks carried on common cables until their VLAN tags are finally stripped at a gateway switch or router. How to set up FreeBSD 12 VNET jail with ZFS How do I install, set up and configure a FreeBSD 12 jail with VNET on ZFS? How can I create FreeBSD 12 VNET jail with /etc/jail.conf to run OpenVPN, Apache, Wireguard and other Internet-facing services securely on my BSD box? FreeBSD jail is nothing but operating system-level virtualization that allows partitioning a FreeBSD based Unix server. Such systems have their root user and access rights. Jails can use network subsystem virtualization infrastructure or share an existing network. FreeBSD jails are a powerful way to increase security. Usually, you create jail per services such as an Nginx/Apache webserver with PHP/Perl/Python app, WireGuard/OpeNVPN server, MariaDB/PgSQL server, and more. This page shows how to configure a FreeBSD Jail with vnet and ZFS on FreeBSD 12.x. News Roundup pkgsrc-2020Q4 released The pkgsrc developers are proud to announce the 69th quarterly release of pkgsrc, the cross-platform packaging system. pkgsrc is available with more than 24,000 packages, running on 23 separate platforms; more information on pkgsrc itself is available at https://www.pkgsrc.org/ FreeBSD ON A Raspberry PI 4 With 4GB of RAM This is the story of how I managed to get FreeBSD running on a Raspberry Pi 4 with 4GB of RAM, though I think the setup story is pretty similar for those with 2GB and 8GB.1 HardenedBSD December 2020 Status Report Happy New Year! On this the last day of 2020, I submit December's status report. Beastie Bits Christmas Cards The Unix Way - with pic and troff Fast RPI3 upgrade from source (cross compile) *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Robert - zfs question Neb - AMA episode.md Joe - puppet Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Description: History of FreeBSD: Early Days of FreeBSD, mesh VPN using OpenBSD and WireGuard, FreeBSD Foundation Sponsors LLDB Improvements, Host your Cryptpad web office suite with OpenBSD, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines History of FreeBSD - Part 3: Early Days of FreeBSD In this third part of our series on the history of FreeBSD, we start tracing the early days of FreeBSD and the events that would eventually shape the project and the future of open source software. A mesh VPN using OpenBSD and WireGuard WireGuard is a new coming to OpenBSD 6.8 and it looks like a simple and efficient way to connect computers. I own a few VPS (hello Vultr, hello OpenBSD.amsterdam) that tend to be connected through filtered public services and/or SSH tunnels. And that’s neither efficient nor easy to manage. Here comes the wg(4) era where all those peers will communicate with a bit more privacy and ease of management. News Roundup Foundation Sponsors FreeBSD LLDB Improvements With FreeBSD Foundation grant, Moritz Systems improved LLDB support for FreeBSD The LLDB project builds on libraries provided by LLVM and Clang to provide a great modern debugger. It uses the Clang ASTs and the expression parser, LLVM JIT, LLVM disassembler, etc so that it provides an experience that “just works”. It is also blazing fast and more permissively licensed than GDB, the GNU Debugger. LLDB is the default debugger in Xcode on macOS and supports debugging C, Objective-C, and C++ on the desktop and iOS devices and the simulator. Host your Cryptpad web office suite with OpenBSD In this article I will explain how to deploy your own Cryptpad instance with OpenBSD. Cryptpad is a web office suite featuring easy real time collaboration on documents. Cryptpad is written in JavaScript and the daemon acts as a web server. Beastie Bits OPNsense 20.7.7 Released Introducing OpenZFS 2.0 Webinar - Jan 20th @ noon Eastern / 17:00 UTC. BSD In Die Hard Managing jails with Ansible: a showcase for building a container infrastructure on FreeBSD BSD Hardware New WINE chapter in FreeBSD handbook *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. *** Feedback/Questions scott- zfs question Bruce - copy paste on esxi Julian - an apology for Allan Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

Allen K. Briggs Memorial Scholarship, Toward an automated tracking of OpenBSD ports contributions, Trying OpenZFS 2 on FreeBSD 12.2-RELEASE, OpenBSD on TECLAST F7 Plus, Multi-volume support in HAMMER2, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Allen K. Briggs Memorial Scholarship Allen Briggs was one of the earliest members of the NetBSD community, pursuing his interest in macBSD, and moving to become a NetBSD developer when the two projects merged. Allen was known for his quiet and relaxed manner, and always brought a keen wisdom with him; allied with his acute technical expertise, he was one of the most valued members of the NetBSD community. The Allen K. Briggs Memorial Scholarship is an endowment to provide scholarships in perpetuity for summer programs at the North Carolina School of Science & Math, which Allen considered to be a place that fundamentally shaped him as a person. We would love to invite Allen's friends and colleagues from the BSD community to donate to this cause so that we can provide more scholarships to students with financial need each year. We are approximately halfway to our goal of $50K with aspirations to exceed that target and fund additional scholarships. Toward an automated tracking of OpenBSD ports contributions A first step for the CI service would be to create a database of diffs sent to ports. This would allow people to track what has been sent and not yet committed and what the state of the contribution is (build/don’t build, apply/don’t apply). News Roundup Trying OpenZFS 2 on FreeBSD 12.2-RELEASE OpenZFS 2 is a huge achievement, and makes me bullish about the long term prospects for the world’s most trustworthy and nicest to use storage system. You can even use try it today on FreeBSD 12.2-RELEASE, though I recommend tracking -CURRENT for these sorts of features. OpenBSD on TECLAST F7 Plus I got myself a TECLAST F7 Plus laptop. It comes preinstalled with Windows 10 but I planned to use it as my daily driver. So I installed OpenBSD 6.8 on it. Multi-volume support in HAMMER2 commit > This commit adds initial multi-volumes support for HAMMER2. Maximum supported volumes is 64. The feature and implementation is similar to multi-volumes support in HAMMER1. *** Beastie Bits FreeBSD Last SVN Commit FreeBSD First git Commit Introducing OpenZFS 2.0 Webinar - Jan 20th @ noon Eastern / 17:00 UTC. *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. *** Feedback/Questions jay - feedback for ian Iebluefire - concerns about freebsd mike - zfs cluster aware *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

FreeBSD Remote Process Plugin Final Milestone achieved, Tailscale for OpenBSD, macOS to FreeBSD migration, monitoring of our OpenBSD machines, OPNsense 20.7.6 released, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD Remote Process Plugin: Final Milestone Achieved Moritz Systems have been contracted by the FreeBSD Foundation to modernize the LLDB debugger’s support for FreeBSD. We are working on a new plugin utilizing the more modern client-server layout that is already used by Darwin, Linux, NetBSD and (unofficially) OpenBSD. The new plugin is going to gradually replace the legacy one. Tailscale on OpenBSD I spent some time setting this up today evening and thought I’d post the steps here. Nothing fancy, just putting together various pieces actually. I assume you know what Tailscale is; if not check out their website. Basically it is a mesh network built on top of Wireguard. Using it you can have all your devices both within your LAN(s) and outside be on one overlay network as if they are all on the same LAN and can talk to each other. It’s my new favourite thing! News Roundup macOS to FreeBSD migration a.k.a why I left macOS This is not a technical documentation for how I migrated from macOS to FreeBSD. This is a high-level for why I migrated from macOS to FreeBSD. Not so long ago, I was using macOS as my daily driver. The main reason why I got a macbook was the underlying BSD Unix and the nice graphics it provides. Also, I have an iPhone. But they were also the same reasons for why I left macOS. Our monitoring of our OpenBSD machines, such as it is (as of November 2020 We have a number of OpenBSD firewalls in service (along with some other OpenBSD servers for things like VPN endpoints), and I was recently asked how we monitor PF and overall network traffic on them. I had to disappoint the person who asked with my answer, because right now we mostly don't (although this is starting to change). OPNsense 20.7.6 released This update brings the usual mix of reliability fixes, plugin and third party software updates: FreeBSD, HardenedBSD, PHP, OpenSSH, StrongSwan, Suricata and Syslog-ng amongst others. Please note that Let's Encrypt users need to reissue their certificates manually after upgrading to this version to fix the embedded certificate chain issue with the current signing CA switch going on. NYC Bug Jan 2021 with Michael W. Lucas Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions cy - .so files ben - mixer volume probono - live cds Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

We asked for it, you answered our call. This episode features you interviewing us with questions that you sent in. JT, Allan, and Benedict answer everything that you ever wanted to know in this week’s special episode of BSDNow. NOTES This episode of BSDNow is brought to you by Tarsnap Interview - Allan Jude - [[email protected]]([email protected]) / @allanjude Interview - Benedict Reuschling - [email protected] / @bsdbcr Interview - JT Pennington - [email protected] / @q5sys AMA questions Benedict: You work at a university right? Were you already into tech before you started working there? What do you do there? Yes, I do work at the University of Applied Sciences, Darmstadt, Germany. I’m a lab engineer there (without a lab, but with a big data cluster). I teach in the winter semester an undergraduate, elective course called “Unix for Developers”. Yes, I was already in tech by that time. Did some previous work at companies before (selling hardware at the call-in hotline and later in the store) and during my CS studies. Allan: What’s the next big FreeBSD Project you plan on doing? JT: How did you get involved in BSD? Weren't you a Linux guy? All: Is there any way you can create an entire episode of BSDnow on hardware that runs OpenBSD and FreeBSD? We see you audacity, etc on a mac. Benedict: Not sure about OpenBSD (don’t use it), but FreeBSD should be doable for my part. If we switch from Skype to a different video chat tool, the rest is already there. Production side may be more difficult, but not impossible. All: if you could finish up one project right now... what would it be? Benedict: Updated ZFS chapter in the FreeBSD handbook. All: How did all of you guys meet? All: My question is, do you guys use FreeBSD as your main desktop OS? If not, what do you use? Benedict: No, but Mac OS is close enough. Doing a lot of SSHing into FreeBSD from there. All: Can you all give us the best shot of outside of their windows? JT’s answer: https://photos.smugmug.com/photos/i-2LSbspL/0/69437dbb/5K/i-2LSbspL-5K.jpg Allan: https://photos.app.goo.gl/UnKXnKMt6cn8FDhNA Benedict: No, it’s dark outside anyway. ;-) All: How old were you when you got your first computer and what was that computer? Allan: 12 or 13, a 486DX2/66hz with an insane 32mb of RAM, 400 and 500 MB SCSI HDDs, 14400 baud model, and a 1.7x CD rom drive Benedict: Around 13 or so. 386DX2, 4 MB RAM, IDE disk drive (no idea how big, but it wasn’t much), 3.5” floppy, DOS, and a lot of games. JT: Technically the first was a Atari 1200XL with a 6502 CPU running at 1.79 MHz 64KB RAM. It had it's own OS and you could load programs off of either cartridges, floppy disks, or cassette tapes. First PC Clone was a Packard Bell with a 386 and 1mb ram which later was upgraded to 4mb and a Dual speed CD-ROM. My dad got me a Compaq 286 laptop... this one (show)... a year or so later because he got tired of fighting me for the computer. All: Can we have a peek at your bookcase and what books are there? Allan: No picture handy, but my shelf is pretty small, mostly a collection of autographed FreeBSD books. I have D&I with all 3 autographs (took some travel to acquire), and a copy of my first book (FreeBSD Mastery: ZFS) autographed by Jeff Bonwick and Matt Ahrens, the creators of ZFS, plus a bunch of other big names in ZFS like George Wilson. JT’s answer: So... my library is packed away... but here’s about half of it... the rest is still in storage. https://photos.smugmug.com/photos/i-SBG2KDv/0/0b9856b8/4K/i-SBG2KDv-4K.jpg Software Collection: https://photos.smugmug.com/photos/i-HfTVPN9/0/ad610dd4/O/i-HfTVPN9.jpg Benedict: A mix of FreeBSD books (by MWL), the graveyard book, 4 hour work week, the once and future king (took me a long time to finish that one), Total Immersion swimming (still learning to swim) and some books in german language, fiction and tech. Groff lives in there while the pandemic lasts. All: What desktop/Window Manager/shell do each of you primarily use? Benedict: Mainly Mac OS, when on FreeBSD it’s i3. Zsh with zsh-autosuggestions currently. JT: Lumina/zsh Allan: Lumina and tcsh, want to learn zsh but never gotten time to change All: What spoken languages do you speak? Benedict: German and English (obviously), learning a bit of Spanish via Duolingo at the moment JT: English, Bad English, and some French. All: Do you have Non-Computer hobbies if so what are those? Benedict: Tai Chi Chuan (Yang Style) JT: I'd say photography, but that's a job for me. I have a lot of varied interests, Krav Maga, working on my VW Corrado, working on the old Victorian house I bought, and camping/backpacking. Ive done the northern half of the AT (Appalachian Trail, I want to finish it up and then do the PCT and CDT. (Pacific Crest Trail and Continental Divide Trail). All: When COVID passes, when are either of you are coming to BSD pizza night in Portland, OR, USA so I can buy you a beer/wine/whisky or pizza/coffee/tea (or six) Rapid Fire: All: What was the first c

The Origin of the Shell, Return to Plan 9, ArisbluBSD: Why a new BSD?, OPNsense 20.7.5 released, Midnight BSD 2.0 Release Status, HardenedBSD November 2020 Status Report, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines The Origin of the Shell CTSS was developed during 1963 and 64. I was at MIT on the computer center staff at that time. After having written dozens of commands for CTSS, I reached the stage where I felt that commands should be usable as building blocks for writing more commands, just like subroutine libraries. Hence, I wrote "RUNCOM", a sort of shell driving the execution of command scripts, with argument substitution. The tool became instantly most popular, as it became possible to go home in the evening while leaving behind long runcoms executing overnight. It was quite neat for boring and repetitive tasks such as renaming, moving, updating, compiling, etc. whole directories of files for system and application maintenance and monitoring. Return to Plan 9 Plan 9 from Bell Labs has held the same charm after my last visit that took a few days. This time I'll keep this operating system in an emulator where I can explore into it when I am distracted. News Roundup Why a new BSD? This article is to explain some decisions and plans made by the ArisbluBSD team, why we are making our own thing, and what the plan is for the OS. We mainly want to talk about five things: desktop, package management, software availability, custom software, and the future of the OS. We mostly want to explain what the goal of the OS is, and how we plan to expand in the near future. Without further ado, let's explain ArisbluBSD's plan. OPNsense 20.7.5 released We return briefly for a small patch set and plan to pin the 20.1 upgrade path to this particular version to avoid unnecessary stepping stones. We wish you all a healthy Friday. And of course: patch responsibly! Midnight BSD 2.0 Release Status We identified some issues with the 2.0 ISOs slated for release with the ZFS bootloader not working. Until this issue is resolved, we are unable to build release ISOs. We've left the old ones up as they work fine for anyone using UFS. HardenedBSD November 2020 Status Report We're getting close to the end of November. My wife and I have plans this weekend, so I thought I'd take the time to write November's status report today. Beastie Bits • [rga: ripgrep, but also search in PDFs, E-Books, Office documents, zip, tar.gz, etc.](https://phiresky.github.io/blog/2019/rga--ripgrep-for-zip-targz-docx-odt-epub-jpg/) • [exa - A modern replacement for ls](https://the.exa.website/) • [The myriad meanings of pwd in Unix systems](https://qmacro.org/2020/11/08/the-meaning-of-pwd-in-unix-systems/) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Karl - Camera Help Alejandro - domain registrar Johnny - thoughts on 372 *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

We read FreeBSD’s 3rd quarter status report, OpenZFS 2.0, adding check-hash checks in UFS filesystem, OpenSSL 3.0 /dev/crypto issues on FreeBSD, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines 3rd Quarter FreeBSD Report The call for submissions for the 4th Quarter is out OpenZFS 2.0 This Monday, ZFS on Linux lead developer Brian Behlendorf published the OpenZFS 2.0.0 release to GitHub. Along with quite a lot of new features, the announcement brings an end to the former distinction between "ZFS on Linux" and ZFS elsewhere (for example, on FreeBSD). This move has been a long time coming—the FreeBSD community laid out its side of the roadmap two years ago—but this is the release that makes it official. News Roundup Revision 367034 Various new check-hash checks have been added to the UFS filesystem over various major releases. Superblock check hashes were added for the 12 release and cylinder-group and inode check hashes will appear in the 13 release. OpenSSL 3.0 /dev/crypto issues on FreeBSD So, just learned that the OpenSSL devs decided to break /dev/crypto on FreeBSD. OS108-9.1 XFCE amd64 released OS108 is a fast, open and Secure Desktop Operating System built on top of NetBSD. > Installing OS108 to your hard drive is done by using the sysinst utility, the process is basically the same as installing NetBSD itself. Please refer to the NetBSD guide for installation details, http://www.netbsd.org/docs/guide/en/part-install.html Installation Video *** Beastie Bits OpenBGPD 6.8p1 portable: released Nov 5th, 2020 IRC Awk Bot Docker on FreeBSD using bhyve and sshfs The UNIX Command Language (1976) *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions santi - openrc trond - python2 and mailman Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Adventures in Freebernetes, tracing kernel functions, The better way of building FreeBSD networks, New beginnings: CDBUG virtual meetings, LibreSSL update in DragonFly, Signal-cli with scli on FreeBSD, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Adventures in Freebernetes: bhyve My Guest Part 2 of experiments in FreeBSD and Kubernetes: Creating your first guest Tracing Kernel Functions: FBT stack() and arg In my previous post I described how FBT intercepts function calls and vectors them into the DTrace framework. That laid the foundation for what I want to discuss in this post: the implementation of the stack() action and built-in arg variables. These features rely on the precise layout of the stack, the details of which I touched on previously. In this post I hope to illuminate those details a bit more with the help of some visuals, and then guide you through the implementation of these two DTrace features as they relate to the FBT provider. News Roundup Dummynet: The Better Way of Building FreeBSD Networks Dummynet is the FreeBSD traffic shaper, packet scheduler, and network emulator. Dummynet allows you to emulate a whole set of network environments in a straight-forward way. It has the ability to model delay, packet loss, and can act as a traffic shaper and policer. Dummynet is roughly equivalent to netem in Linux, but we have found that dummynet is easier to integrate and provides much more consistent results. New beginnings: CDBUG virtual meetings I had overwhelmingly positive responses from the broader *BSD community about restarting CDBUG meetings as virtual, at least for now. Hopefully this works well and even when we're back to in-person meetings we can still find a way to bring in virtual attendees. LibreSSL update in DragonFly DragonFly has a new version of libressl, noting cause it has a newer TLS1.3 implementation – something that may be necessary for you. Signal-cli with scli on FreeBSD So couple of days ago I migrated from macOS on Macbook Pro to FreeBSD on ThinkPad T480s. Beastie Bits Firefox is not paxctl safe for NetBSD FreeBSD 12.2-RELEASE on Microsoft Azure Marketplace Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions carlos - BSD Now around the world paulo - freebsd on a Bananapi paulo - followup Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

Interview with Michael W. Lucas: SNMP and TLS book, cashflow for creators, book sale and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Interview with Michael W. Lucas SNMP Book The Networknomicon Sponsor the TLS Book Cashflow for creators Book sale Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] *** Special Guest: Michael W Lucas.

History of FreeBD: BSDi and USL Lawsuits, Building a Website on Google Compute Engine, Firewall ban-sharing across machines, OpenVPN as default gateway on OpenBSD, Sorting out what the Single Unix Specification is, Switching from Apple to a Thinkpad for development, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines History of FreeBSD : Part 2 : BSDi and USL Lawsuits In this second part of our series on the history of FreeBSD, we continue to trace the pre-history of FreeBSD and the events that would eventually shape the project and the future of open source software. Building a Web Site on Google Compute Engine Here's how I deployed a web site to the Google Cloud Platform. I used FreeBSD for good performance, stability, and minimal complexity. I set up HTTPS with free Let's Encrypt TLS certificates for both RSA and ECC. Then I adjusted the Apache configuration for a good score from the authoritative Qualys server analysis. News Roundup Firewall ban-sharing across machines As described in My infrastructure as of 2019, my machines are located in three different sites and are loosely coupled. Nonetheless, I wanted to set things up so that if an IP address is acting maliciously toward one machine, all my machines block that IP at once so the meanie won't get to try one machine after another. OpenVPN as default gateway on OpenBSD If you plan to use an OpenVPN tunnel to reach your default gateway, which would make the tun interface in the egress group, and use tun0 in your pf.conf which is loaded before OpenVPN starts? Here are the few tips I use to solve the problems. Sorting out what the Single Unix Specification is and covers Sorting out what the Single Unix Specification is and covers October 8, 2020 I've linked to the Single Unix Specification any number of times, for various versions of it (when I first linked to it, it was at issue 6, in 2006; it's now up to a 2018 edition). But I've never been quite clear what it covered and didn't cover, and how it related to POSIX and similar things. After yesterday's entry got me looking at the SuS site again, I decided to try to sort this out once and for all. Bye-bye, Apple The days of Apple products are behind me. I had been developing on a Macbook for over twelve years, but now, I’ve switched to an ever trending setup: OpenBSD on a Thinkpad. The new platform is a winner. Everything is clean, quick, and configurable. When I ps uaxww, I’m not hogging ‘gigs’ of RAM just to have things up and running. There’s no black magic that derails me at every turn. In short, my sanity has been long restored. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Chris - small projects Jens - ZFS Question One pool to rule them all Shroyer - Dotnet on FreeBSD for Jellyfin *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

FreeBSD 12.2 is available, ZFS Webinar, Enhancing Syzkaller support for NetBSD, how the OpenBSD -stable packages are built, OPNsense 20.7.4 released, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD 12.2 Release The release notes for FreeBSD 12.2-RELEASE contain a summary of the changes made to the FreeBSD base system on the 12-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented. ZFS Webinar: November 18th Join us on November 18th for a live discussion with Allan Jude (VP of Engineering at Klara Inc) in this webinar centred on “best practices of ZFS” Building Your Storage Array – Everything from picking the best hardware to RAID-Z and using mirrors. Keeping up with Data Growth – Expanding and growing your pool, and of course, shrinking with device evacuation. Datasets and Properties – Controlling settings with properties and many other tricks! News Roundup Google Summer of Code 2020: [Final Report] Enhancing Syzkaller support for NetBSD Sys2syz would give an extra edge to Syzkaller for NetBSD. It has a potential of efficiently automating the conversion of syscall definitions to syzkaller’s grammar. This can aid in increasing the number of syscalls covered by Syzkaller significantly with the minimum possibility of manual errors. Let’s delve into its internals. How the OpenBSD -stable packages are built In this long blog post, I will write about the technical details of the OpenBSD stable packages building infrastructure. I have setup the infrastructure with the help of Theo De Raadt who provided me the hardware in summer 2019, since then, OpenBSD users can upgrade their packages using pkg_add -u for critical updates that has been backported by the contributors. Many thanks to them, without their work there would be no packages to build. Thanks to pea@ who is my backup for operating this infrastructure in case something happens to me. OPNsense 20.7.4 released This release finally wraps up the recent Netmap kernel changes and tests. The Realtek vendor driver was updated as well as third party software cURL, libxml2, OpenSSL, PHP, Suricata, Syslog-ng and Unbound just to name a couple of them. Beastie Bits Binutils and linker changes 28 Years of NetBSD contributions Bluetooth Audio on OpenBSD K8s Bhyve *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Sean - C Flags Thierry - RPI ZFS question Thierry's script *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

bhyve - The FreeBSD Hypervisor, udf information leak, being a vim user instead of classic vi, FreeBSD on ESXi ARM Fling: Fixing Virtual Hardware, new FreeBSD Remote Process Plugin in LLDB, OpenBSD Laptop, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines bhyve - The FreeBSD Hypervisor FreeBSD has had varying degrees of support as a hypervisor host throughout its history. For a time during the mid-2000s, VMWare Workstation 3.x could be made to run under FreeBSD’s Linux Emulation, and Qemu was ported in 2004, and later the kQemu accelerator in 2005. Then in 2009 a port for VirtualBox was introduced. All of these solutions suffered from being a solution designed for a different operating system and then ported to FreeBSD, requiring constant maintenance. ZFS and FreeBSD Support Klara offers flexible Support Subscriptions for your ZFS and FreeBSD infrastructure. Get a world class team of experts to back you up. Check it out on our website! udf info leak FreeBSD UDF driver info leak Analysis done on FreeBSD release 11.0 because that's what I had around. Fix committed to FreeBSD *** News Roundup I'm now a user of Vim, not classical Vi (partly because of windows) In the past I've written entries (such as this one) where I said that I was pretty much a Vi user, not really a Vim user, because I almost entirely stuck to Vi features. In a comment on my entry on not using and exploring Vim features, rjc reinforced this, saying that I seemed to be using vi instead of vim (and that there was nothing wrong with this). For a long time I thought this way myself, but these days this is not true any more. These days I really want Vim, not classical Vi. FreeBSD on ESXi ARM Fling: Fixing Virtual Hardware With the current state of FreeBSD on ARM in general, a number of hardware drivers are either set to not auto-load on boot, or are entirely missing altogether. This page is to document my findings with various bits of hardware, and if possible, list fixes. Introduction of a new FreeBSD Remote Process Plugin in LLDB Moritz Systems have been contracted by the FreeBSD Foundation to modernize the LLDB debugger’s support for FreeBSD. We are writing a new plugin utilizing the more modern client-server layout that is already used by Darwin, Linux, NetBSD and (unofficially) OpenBSD. The new plugin is going to gradually replace the legacy one. OpenBSD Laptop Hi, I know it’s been a while. I recently had to nuke and re-pave my personal laptop and I thought it would be a nice thing to share with the community how I set up OpenBSD on it so that I have a useful, modern, secure environment for getting work done. I’m not going to say I’m the expert on this or that this is the BEST way to set up OpenBSD, but I thought it would be worthwhile for folks doing Google searches to at least get my opinion on this. So, given that, let’s go… Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Ethan - Linux user wanting to try out OpenBSD iian - Learning IT johnny - bsd swag Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

OpenBSD 6.8 has been released, NetBSD 9.1 is out, OpenZFS devsummit report, BastilleBSD’s native container management for FreeBSD, cleaning up old tarsnap backups, Michael W. Lucas’ book sale, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines OpenBSD 6.8 Released Oct 18, 2020. (OpenBSD's 25th anniversary) NetBSD 9.1 Released The NetBSD Project is pleased to announce NetBSD 9.1, the first update of the NetBSD 9 release branch. It represents a selected subset of fixes deemed important for security or stability reasons, as well as new features and enhancements. OpenZFS Developer Summit 2020 As with most other conferences in the last six months, this year’s OpenZFS Developer’s Summit was a bit different than usual. Held via Zoom to accommodate for 2020’s new normal in terms of social engagements, the conference featured a mix of talks delivered live via webinars, and breakout sessions held as regular meetings. This helped recapture some of the “hallway track” that would be lost in an online conference. • After attending the conference, I wrote up some of my notes from each of the talks • Part 2 ZFS and FreeBSD Support Klara offers flexible Support Subscriptions for your ZFS and FreeBSD infrastructure, simply sign up for our monthly subscription! What's even better is that for the month of October we are giving away 3 months for free, for every yearly subscription, and one month free when you sign up for a 6-months subscription! Check it out on our website! News Roundup BastilleBSD - native container management for FreeBSD Some time ago, I had the requirement to use FreeBSD in a project, and soon the question came up if Docker and Kubernetes can be used. On FreeBSD, Docker is not very well supported, and even if you can get it running, Linux is used in a Docker container. My experience with Docker on FreeBSD is awful, and so I started looking for alternatives. A quick search on one of the most significant online search engines led me to Jails and then to BastilleBSD. Tarsnap – cleaning up old backups I use Tarsnap for my critical data. Case in point, I use it to backup my Bacula database dump. I use Bacula to backup my hosts. The database in question keeps track of what was backed up, from what host, the file size, checksum, where that backup is now, and many other items. Losing this data is annoying but not a disaster. It can be recreated from the backup volumes, but that is time consuming. As it is, the file is dumped daily, and rsynced to multiple locations. MWL - BookSale For those interested in such things, I recently posted my 60,000th tweet. This prodded me to try an experiment I’ve been pondering for a while. Over at my ebookstore, two of my books are now on a “Name Your Own Price” sale. You can get git commit murder and PAM Mastery for any price you wish, with a minimum of $1. Beastie Bits Brian Kernighan: UNIX, C, AWK, AMPL, and Go Programming | Lex Fridman Podcast #109 The UNIX Time-Sharing System - Dennis M. Ritchie and Ken Thompson - July 1974 Using a 1930 Teletype as a Linux Terminal *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions lars - infosec handbook scott - zfs import zhong - first episode Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

We have an interview with Kyle Evans for you this week. We talk about his grep project, lua and flua in base, as well as bectl, being on the core team and a whole lot of other stuff. NOTES This episode of BSDNow is brought to you by Tarsnap Interview - Kyle Evans - [email protected] / @kaevans91 Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

Wayland on BSD, My BSD sucks less than yours, Even on SSDs, ongoing activity can slow down ZFS scrubs drastically, OpenBSD on the Desktop, simple shell status bar for OpenBSD and cwm, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Wayland on BSD After I posted about the new default window manager in NetBSD I got a few questions, including "when is NetBSD switching from X11 to Wayland?", Wayland being X11's "new" rival. In this blog post, hopefully I can explain why we aren't yet! My BSD sucks less than yours This paper will look at some of the differences between the FreeBSD and OpenBSD operating systems. It is not intended to be solely technical but will also show the different "visions" and design decisions that rule the way things are implemented. It is expected to be a subjective view from two BSD developers and does not pretend to represent these projects in any way. Video EuroBSDCon 2017 Part 1 EuroBSDCon 2017 Part 2 News Roundup Even on SSDs, ongoing activity can slow down ZFS scrubs drastically Back in the days of our OmniOS fileservers, which used HDs (spinning rust) across iSCSI, we wound up changing kernel tunables to speed up ZFS scrubs and saw a significant improvement. When we migrated to our current Linux fileservers with SSDs, I didn't bother including these tunables (or the Linux equivalent), because I expected that SSDs were fast enough that it didn't matter. Indeed, our SSD pools generally scrub like lightning. OpenBSD on the Desktop (Part I) Let's install OpenBSD on a Lenovo Thinkpad X270. I used this computer for my computer science studies. It has both Arch Linux and Windows 10 installed as dual boot. Now that I'm no longer required to run Windows, I can ditch the dual boot and install an operating system of my choice. A simple shell status bar for OpenBSD and cwm(1) These days, I try to use simple and stock software as much as possible on my OpenBSD laptop. I’ve been playing with cwm(1) for weeks and I was missing a status bar. After trying things like Tint2, Polybar etc, I discovered @gonzalo’s termbar. Thanks a lot! As I love scripting, I decided to build my own. Beastie Bits DragonFly v5.8.3 released to address to issues OpenSSH 8.4 released Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Dane - FreeBSD vs Linux in Microservices and Containters Mason - questions.md Michael - Tmux License.md Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

New Project: zedfs.com, TrueNAS CORE Ready for Deployment, IPC in FreeBSD 11: Performance Analysis, Unix Wildcards Gone Wild, Unix Wars, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines My New Project: zedfs.com Have you ever had an idea that keeps coming back to you over and over again? For a week? For a month? I know that feeling. My new project was born from this feeling. On this blog, I mix content a lot. I have written personal posts (not many of them, but still), FreeBSD development posts, development posts, security posts, and ZFS posts. This mixed content can be problematic sometimes. I share a lot of stuff here, and readers don’t know what to expect next. I am just excited by so many things, and I want to share that excitement with you! TrueNAS CORE is Ready for Deployment TrueNAS 12.0 RC1 was released yesterday and with it, TrueNAS CORE is ready for deployment. The merger of FreeNAS and TrueNAS into a unified software image can now begin its path into mainstream use. TrueNAS CORE is the new FreeNAS and is on schedule. The TrueNAS 12.0 BETA process started in June and has been the most successful BETA release ever with more than 3,000 users and only minor issues. Ars Technica provided a detailed technical walkthrough of the original BETA. There is a long list of features and performance improvements. During the BETA process, TrueNAS 12.0 demonstrated over 1.2 Million IOPS and over 23GB/s on a TrueNAS M60. News Roundup Interprocess Communication in FreeBSD 11: Performance Analysis Interprocess communication, IPC, is one of the most fundamental functions of a modern operating system, playing an essential role in the fabric of contemporary applications. This report conducts an investigation in FreeBSD of the real world performance considerations behind two of the most common IPC mechanisms; pipes and sockets. A simple benchmark provides a fair sense of effective bandwidth for each, and analysis using DTrace, hardware performance counters and the operating system’s source code is presented. We note that pipes outperform sockets by 63% on average across all configurations, and further that the size of userspace transmission buffers has a profound effect on performance — larger buffers are beneficial up to a point (∼ 32-64 KiB) after which performance collapses as a result of devastating cache exhaustion. A deep scrutiny of the probe effects at play is also presented, justifying the validity of conclusions drawn from these experiments. Back To The Future: Unix Wildcards Gone Wild First of all, this article has nothing to do with modern hacking techniques like ASLR bypass, ROP exploits, 0day remote kernel exploits or Chrome's Chain-14-Different-Bugs-To-Get-There... Nope, nothing of the above. This article will cover one interesting old-school Unix hacking technique, that will still work nowadays in 2013. Unix Wars Dozens of different operating systems have been developed over the years, but only Unix has grown in so many varieties. There are three main branches. Four factors have facilitated this growth... Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Chris - installing FreeBSD 13-current Dane - FreeBSD History Lesson Marc - linux compat Mason - apropos battery Paul - a topic idea Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

The world’s first OpenZFS based live image, FreeBSD Subversion to Git Migration video, FreeBSD Instant-workstation 2020, testing the shutdown mechanism, login_ldap added to OpenBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FuryBSD 2020-Q3 The world’s first OpenZFS based live image FuryBSD is a tool to test drive stock FreeBSD desktop images in read write mode to see if it will work for you before installing. In order to provide the most reliable experience possible while preserving the integrity of the system the LiveCD now leverages ZFS, compression, replication, a memory file system, and reroot (pivot root). FreeBSD Subversion to Git Migration: Pt 1 Why? FreeBSD moving to Git: Why? With luck, I'll be writing a few blogs on FreeBSD's move to git later this year. Today, we'll start with "why"? Video from Warner Losh News Roundup FreeBSD Instant-workstation 2020 A little over a year ago I published an instant-workstation script for FreeBSD. The idea is to have an installed FreeBSD system, then run a shell script that uses only base-system utilities and installs and configures a workstation setup for you. nut – testing the shutdown mechanism Following on from my recent nut setup, this is the second in a series of three posts. The next post will deal with adjusting startup and shutdown times to be sure everything proceeds as required. login_ldap added to OpenBSD -current With this commit, Martijn van Duren (martijn@) added login_ldap(8) to -current https://marc.info/?l=openbsd-cvs&m=159992319027593&w=2 *** Beastie Bits NetBSD current now has GCC 9.3.0 for x86/ARM MidnightBSD 1.2.8 MidnightBSD 2.0-Current Retro UNIX 8086 v1 operating system has been developed by Erdogan Tan as a special purposed derivation of original UNIX v1 *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Rick - rcorder Dan - machiatto bin Luis - old episodes Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

High Availability Router/Firewall Using OpenBSD, CARP, pfsync, and ifstated, Building the Development Version of Emacs on NetBSD, rc.d belongs in libexec, not etc, FreeBSD 11.3 EOL, OPNsense 20.7.1 Released, MidnightBSD 1.2.7 out, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines High Availability Router/Firewall Using OpenBSD, CARP, pfsync, and ifstated I have been running OpenBSD on a Soekris net5501 for my router/firewall since early 2012. Because I run a multitude of services on this system (more on that later), the meager 500Mhz AMD Geode + 512MB SDRAM was starting to get a little sluggish while trying to do anything via the terminal. Despite the perceived performance hit during interactive SSH sessions, it still supported a full 100Mbit connection with NAT, so I wasn’t overly eager to change anything. Luckily though, my ISP increased the bandwidth available on my plan tier to 150Mbit+. Unfortunately, the Soekris only contained 4xVIA Rhine Fast Ethernet. So now, I was using a slow system and wasting money by not being able to fully utilize my connection. Building the Development Version of Emacs on NetBSD I hadn’t really planned on installing a NetBSD VM (after doing all the other two BSDs), but then a NetBSD-related Emacs bug report arrived. News Roundup rc.d belongs in libexec, not etc Let’s open with the controversy: the scripts that live under /etc/rc.d/ in FreeBSD, NetBSD, and OpenBSD are in the wrong place. They all should live in /libexec/rc.d/ because they are code, not configuration. This misplacement is something that has bugged me for ages but I never had the energy to open this can of worms back when I was very involved in NetBSD. I suspect it would have been a draining discussion and a very difficult thing to change. FreeBSD 11.3 EOL As of September 30, 2020, FreeBSD 11.3 will reach end-of-life and will no longer be supported by the FreeBSD Security Team. Users of FreeBSD 11.3 are strongly encouraged to upgrade to a newer release as soon as possible. OPNsense 20.7.1 Released Overall, the jump to HardenedBSD 12.1 is looking promising from our end. From the reported issues we still have more logging quirks to investigate and especially Netmap support (used in IPS and Sensei) is lacking in some areas that were previously working. Patches are being worked on already so we shall get there soon enough. Stay tuned. MidnightBSD 1.2.7 out MidnightBSD 1.2.7 is available via the FTP/HTTP and mirrors as well as github. It includes several bug fixes and security updates over the last ISO release and is recommended for new installations. Users who don't want to updatee the whole OS, should consider at least updating libmport as there are many package management fixes Beastie Bits Tarsnap podcast NetBSD Tips and Tricks FreeBSD mini-git Primer GhostBSD Financial Reports *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Daniel - Documentation Tooling Fongaboo - Where did the ZFS tutorial Go? Johnny - Browser Cold Wars *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

Modernizing the OpenBSD Console, OS roles have changed, FreeBSD Cluster with Pacemaker and Corosync, Wine in a 32-bit sandbox on 64-bit NetBSD, Find package which provides a file in OpenBSD, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines Modernizing the OpenBSD Console At the beginning were text mode consoles. Traditionally, *BSD and Linux on i386 and amd64 used text mode consoles which by default provided 25 rows of 80 columns, the "80x25 mode". This mode uses a 8x16 font stored in the VGA BIOS (which can be slightly different across vendors). OpenBSD uses the wscons(4) console framework, inherited from NetBSD OS roles have changed Though I do wonder sometimes, with just a slight tweak to history, how things might have been different. In another dimension somewhere, I’m using the latest BeOS-powered PowerPC laptop, and a shiny new Palm smartphone. Both of these represented the pinnacle of UI design in the 1990s, and still in the 2020s have yet to be surpassed. People call me an Apple fanboy, but I’d drop all of it in a second for that gear. News Roundup FreeBSD Cluster with Pacemaker and Corosync I always missed ‘proper’ cluster software for FreeBSD systems. Recently I got to run several Pacemaker/Corosync based clusters on Linux systems. I thought how to make similar high availability solutions on FreeBSD and I was really shocked when I figured out that both Pacemaker and Corosync tools are available in the FreeBSD Ports and packages as net/pacemaker2 and net/corosync2 respectively. Wine in a 32-bit sandbox on 64-bit NetBSD "Mainline pkgsrc" can't do strange multi-arch Wine builds yet, so a 32-bit sandbox seems like a reasonable way to use 32-bit Wine on amd64 without resorting to running real Windows in NVMM. We'll see if this was a viable alternative to re-reviewing the multi-arch support in pkgsrc-wip... We're using sandboxctl, which is a neat tool for quickly shelling into a different NetBSD userspace. Maybe you also don't trust the Windows applications you're running too much - sandboxctl creates a chroot based on a fresh system image, and chroot on NetBSD is fairly bombproof. Find package which provides a file in OpenBSD There is one very handy package on OpenBSD named pkglocatedb which provides the command pkglocate. If you need to find a file or binary/program and you don’t know which package contains it, use pkglocate. Beastie Bits OpenBSD for 1.5 Years: Confessions of a Linux Heretic OpenBSD 6.8 Beta Tagged Hammer2 and growth Understanding a FreeBSD kernel vulnerability *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Rob - 7 years Kurt - Microserver Rob - Interviews Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

A 35 Year Old Bug in Patch, Sandbox for FreeBSD, Changing from one dataset to another within a jail, You don’t need tmux or screen for ZFS, HardenedBSD August 2020 Status Report and Call for Donations, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines A 35 Year Old Bug in Patch Larry Wall posted patch 1.3 to mod.sources on May 8, 1985. A number of versions followed over the years. It's been a faithful alley for a long, long time. I've never had a problem with patch until I embarked on the 2.11BSD restoration project. In going over the logs very carefully, I've discovered a bug that bites this effort twice. It's quite interesting to use 27 year old patches to find this bug while restoring a 29 year old OS... Sandbox for FreeBSD A sandbox is a software which artificially limits access to the specific resources on the target according to the assigned policy. The sandbox installs hooks to the kernel syscalls and other sub-systems in order to interrupt the events triggered by the application. From the application point of view, application working as usual, but when it wants to access, for instance, /dev/kmem the sandbox software decides against the assigned sandbox scheme whether to grant or deny access. In our case, the sandbox is a kernel module which uses MAC (Mandatory Access Control) Framework developed by the TrustedBSD team. All necessary hooks were introduced to the FreeBSD kernel. Source Code Documentation News Roundup Changing from one dataset to another within a jail ZFS has a the ability to share itself within a jail. That gives the jail some autonomy, and I like that. I’ve written briefly about that, specifically for iocage. More recently, I started using a zfs snapshot for caching clearing. The purpose of this post is to document the existing configuration of the production FreshPorts webserver and outline the plan on how to modify it for more zfs-snapshot-based cache clearing. You don’t need tmux or screen for ZFS Back in January I mentioned how to add redundancy to a ZFS pool by adding a mirrored drive. Someone with a private account on Twitter asked me why FreeBSD—and NetBSD!—doesn’t ship with a tmux or screen equivilent in base in order to daemonise the process and let them run in the background. ZFS already does this for its internal commands. HardenedBSD August 2020 Status Report and Call for Donations This last month has largely been a quiet one. I've restarted work on porting five-year-old work from the Code Pointer Integrity (CPI) project into HardenedBSD. Chiefly, I've started forward-porting the libc and rtld bits from the CPI project and now need to look at llvm compiler/linker enhancements. We need to be able to apply SafeStack to shared objects, not just application binaries. This forward-porting work I'm doing is to support that effort. The infrastructure has settled and is now churning normally and happily. We're still working out bandwidth issues. We hope to have a new fiber line ran by the end of September. As part of this status report, I'm issuing a formal call for donations. I'm aiming for $4,000.00 USD for a newer self-hosted Gitea server. I hope to purchase the new server before the end of 2020. Important parts of Unix's history happened before readline support was common Unix and things that run on Unix have been around for a long time now. In particular, GNU Readline was first released in 1989 (as was Bash), which is long enough ago for it (or lookalikes) to become pretty much pervasive, especially in Unix shells. Today it's easy to think of readline support as something that's always been there. But of course this isn't the case. Unix in its modern form dates from V7 in 1979 and 4.2 BSD in 1983, so a lot of Unix was developed before readline and was to some degree shaped by the lack of it. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Mason - mailserver casey - freebsd on decline denis - postgres *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

OpenZFS with ZSTD lands in FreeBSD 13, LibreSSL doc status update, FreeBSD on SPARC64 (is dead), Bringing zpool checkpoints to a FreeBSD bootloader, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines OpenZFS with ZSTD land in FreeBSD 13 ZStandard Compression for OpenZFS > The primary benefit is maintaining a completely shared code base with the community allowing FreeBSD to receive new features sooner and with less effort. > I would advise against doing 'zpool upgrade' or creating indispensable pools using new features until this change has had a month+ to soak. Rebasing FreeBSD’s OpenZFS on the new upstream was sponsored by iXsystems The competition of ZSTD support for OpenZFS was sponsored by the FreeBSD Foundation *** LibreSSL documentation status update More than six years ago, LibreSSL was forked from OpenSSL, and almost two years ago, i explained the status of LibreSSL documentation during EuroBSDCon 2018 in Bucuresti. So it seems providing an update might be in order. Note that this is not an update regarding LibreSSL status in general because i'm not the right person to talk about the big picture of working on the LibreSSL code, my work has been quite focussed on documentation. All the same, it is fair to say that even though the number of developers working on it is somewhat limited, the LibreSSL project is quite alive, typically having a release every few months. Progress continues being made with respect to porting and adding new functionality (for example regarding TLSv1.3, CMS, RSA-PSS, RSA-OAEP, GOST, SM3, SM4, XChaCha20 during the last two years), OpenSSL compatibility improvements (including providing additional OpenSSL-1.1 APIs), and lots of bug fixes and code cleanup. FreeBSD on SPARC64 (is dead) ’m coming pretty late to the party, because SPARC64 support in FreeBSD is apparently doomed: After the POWER platform made the switch to a LLVM/Clang-based toolchain, SPARC64 is one of the last ones that still uses the ancient GCC 4.2-based toolchain that the project wants to finally get rid off (it has already happened as I was writing this – looks like the firm plan was not so firm after all, since they killed it off early). And compared to the other platforms it has seen not too much love in recent times… SPARC64 being a great platform, I’d be quite sad to see it go. But before that happens let’s see what the current status is and what would need to be done if it were to survive, shall we? News Roundup Bringing zpool checkpoints to a FreeBSD bootloader Almost two years ago I wrote a blog post about checkpoints in ZFS. I didn’t hide that I was a big fan of them. That said, after those two years, I still feel that there are underappreciated features in the ZFS world, so I decided to do something about that. Currently, one of the best practices for upgrading your operating system is to use boot environments. They are a great feature for managing multiple kernels and userlands. They are based on juggling which ZFS datasets are mounted. Each dataset has its own version of the system. Unfortunately, boot environments have their limitations. If we, for example, upgrade our ZFS pool, we may not be able to use older versions of the system anymore. The big advantage of boot environments is that they have very good tools. Two main tools are beadm (which was created by vermaden) and bectl (which currently is in the FreeBSD base system). These tools allow us to create and manage boot environments. Beastie Bits The First Unix Port TLS Mastery updates, August 2020 What is the Oldest BSD Distribution still around today Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions ben - zfs send questions lars - zfs pool question neutron - bectl vs beadm Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected]

FreeBSD USB Audio, Kyua: An introduction for NetBSD users, Keeping backup ZFS on Linux kernel modules around, CLI Tools 235x Faster than Hadoop, FreeBSD Laptop Battery Life Status Command, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD USB Audio I recently got a Behringer UMC22 sound card for video conferencing and DJing. This page documents what I’ve learned about using this sound card, and USB audio in general, on FreeBSD. tl;dr: Everything works as long as the sound card follows the USB audio device class specification. Kyua: An introduction for NetBSD users Kyua's current goal is to reimplement only the ATF tools while maintaining backwards compatibility with the tests written with the ATF libraries (i.e. with the NetBSD test suite). Because Kyua is a replacement of some ATF components, the end goal is to integrate Kyua into the NetBSD base system (just as ATF is) and remove the deprecated ATF components. Removing the deprecated components will allow us to make the above-mentioned improvements to Kyua, as well as many others, without having to deal with the obsolete ATF code base. Discussing how and when this transition might happen is out of the scope of this document at the moment. News Roundup Keeping backup ZFS on Linux kernel modules around I'm a long term user of ZFS on Linux and over pretty much all of the time I've used it, I've built it from the latest development version. Generally this means I update my ZoL build at the same time as I update my Fedora kernel, since a ZoL update requires a kernel reboot anyway. This is a little bit daring, of course, although the ZoL development version has generally been quite solid (and this way I get the latest features and improvements long before I otherwise would). Command-line Tools can be 235x Faster than your Hadoop Cluster As I was browsing the web and catching up on some sites I visit periodically, I found a cool article from Tom Hayden about using Amazon Elastic Map Reduce (EMR) and mrjob in order to compute some statistics on win/loss ratios for chess games he downloaded from the millionbase archive, and generally have fun with EMR. Since the data volume was only about 1.75GB containing around 2 million chess games, I was skeptical of using Hadoop for the task, but I can understand his goal of learning and having fun with mrjob and EMR. Since the problem is basically just to look at the result lines of each file and aggregate the different results, it seems ideally suited to stream processing with shell commands. I tried this out, and for the same amount of data I was able to use my laptop to get the results in about 12 seconds (processing speed of about 270MB/sec), while the Hadoop processing took about 26 minutes (processing speed of about 1.14MB/sec). FreeBSD Laptop Find Out Battery Life Status Command I know how to find out battery life status using Linux operating system. How do I monitor battery status on a laptop running FreeBSD version 9.x/10.x/11.x/12.x? You can use any one of the following commands to get battery status under FreeBSD laptop including remaining battery life and more. Beastie Bits BSD Beer Awk for JSON Drawing Pictures The Unix Way - with pic and troff Refactoring the FreeBSD Kernel with Checked C Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Jason - German Locales pcwizz - Router Style Device predrag - OpenBSD Router Hardware *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

FreeBSD Qt WebEngine GPU Acceleration, the grind of FreeBSD’s wireless stack, thoughts on overlooking Illumos's syseventadm, when Unix learned to reboot, New EXT2/3/4 File-System driver in DragonflyBSD, and more. NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD Qt WebEngine GPU Acceleration FreeBSD has a handful of Qt WebEngine-based browsers. Falkon, and Otter-Browser, and qutebrowser and probably others, too. All of them can run into issues on FreeBSD with GPU-accelerated rendering not working. Let’s look at some of the workarounds. NetBSD on the Nanopi Neo2 The NanoPi NEO2 from FriendlyARM has been serving me well since 2018, being my test machine for OpenBSD/arm64 related things. As NetBSD/evbarm finally gained support for AArch64 in NetBSD 9.0, released back in February, I decided to give it a try on this device. The board only has 512MB of RAM, and this is where NetBSD really shines. Things have become a lot easier since jmcneill@ now provides bootable ARM images for a variety of devices, including the NanoPi NEO2. I'm back into the grind of FreeBSD's wireless stack and 802.11ac Yes, it's been a while since I posted here and yes, it's been a while since I was actively working on FreeBSD's wireless stack. Life's been .. well, life. I started the ath10k port in 2015. I wasn't expecting it to take 5 years, but here we are. My life has changed quite a lot since 2015 and a lot of the things I was doing in 2015 just stopped being fun for a while. But the stars have aligned and it's fun again, so here I am. News Roundup Some thoughts on us overlooking Illumos's syseventadm In a comment on my praise of ZFS on Linux's ZFS event daemon, Joshua M. Clulow noted that Illumos (and thus OmniOS) has an equivalent in syseventadm, which dates back to Solaris. I hadn't previously known about syseventadm, despite having run Solaris fileservers and OmniOS fileservers for the better part of a decade, and that gives me some tangled feelings. When Unix learned to reboot Recently, a friend asked me the history of halt, and when did we have to stop with the sync / sync / sync dance before running halt or reboot. The two are related, it turns out. DragonFlyBSD Lands New EXT2/3/4 File-System Driver While DragonFlyBSD has its own, original HAMMER2 file-system, for those needing to access data from EXT2/EXT3/EXT4 file-systems, there is a brand new "ext2fs" driver implementation for this BSD operating system. DragonFlyBSD has long offered an EXT2 file-system driver (that also handles EXT3 and EXT4) while hitting their Git tree this week is a new version. The new sys/vfs/ext2fs driver, which will ultimately replace their existing sys/gnu/vfs/ext2fs driver is based on a port from FreeBSD code. As such, this driver is BSD licensed rather than GPL. But besides the more liberal license to jive with the BSD world, this new driver has various feature/functionality improvements over the prior version. However, there are some known bugs so for the time being both file-system drivers will co-exist. Beastie Bits LibreOffice 7.0 call for testing More touchpad support Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Casey - openbsd wirewall Daryl - zfs Raymond - hpe microserver - Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***

FreeBSD Q2 Quarterly Status report of 2020, Traditional Unix Toolchains, BastilleBSD 0.7 released, Finding meltdown on DragonflyBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap Headlines FreeBSD Quarterly Report This report will be covering FreeBSD related projects between April and June, and covers a diverse set of topics ranging from kernel updates over userland and ports, as well to third-party work. Some highlights picked with the roll of a d100 include, but are not limited to, the ability to forcibly unmounting UFS when the underlying media becomes inaccessible, added preliminary support for Bluetooth Low Energy, a introduction to the FreeBSD Office Hours, and a repository of software collections called potluck to be installed with the pot utility, as well as many many more things. As a little treat, readers can also get a rare report from the quarterly team. Finally, on behalf of the quarterly team, I would like to extend my deepest appreciation and thank you to salvadore@, who decided to take down his shingle. His contributions not just the quarterly reports themselves, but also the surrounding tooling to many-fold ease the work, are immeasurable. Traditional Unix Toolchains Older Unix systems tend to be fairly uniform in how they handle the so-called 'toolchain' for creating binaries. This blog will give a quick overview of the toolchain pipeline for Unix systems that follow the V7 tradition (which evolved along with Unix, a topic for a separate blog maybe). Unix is a pipeline based system, either physically or logically. One program takes input, process the data and produces output. The input and output have some interface they obey, usually text-based. The Unix toolchain is no different. News Roundup Bastille Day 2020 : v0.7 released This release matures the project from 0.6.x -> 0.7.x. Continued testing and bug fixes are proving Bastille capable for a range of use-cases. New (experimental) features are examples of innovation from community contribution and feedback. Thank you. Beastie Bits Finding meltdown on DragonFly NetBSD Server Outage *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Vincent - Gnome 3 question Malcolm - ZFS question Hassan - Video question For those that watch on youtube, don’t forget to subscribe to our new YouTube Channel if you want updates when we post them on YT Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [email protected] ***