BSD Now

Confining the omnipotent root, Jails with ZFS and PF on DigitalOcean, NomadBSD 130R is out, KDE Plasma Wayland on FreeBSD, Firefox under FreeBSD with Privacy, Using NetBSD’s pkgsrc everywhere, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Jails: Confining the omnipotent root (http://phk.freebsd.dk/pubs/sane2000-jail.pdf) A dramatic reading of portions of the paper: Papers We Love: FreeBSD Jails and Solaris Zones (https://paperswelove.org/2016/video/bryan-cantrill-jails-and-solaris-zones/) *** ### Using Jails with ZFS and PF on DigitalOcean (https://medium.com/chris-opperwall/using-jails-with-zfs-and-pf-on-digitalocean-b25b1da82e20) *** ## News Roundup ### NomadBSD 130R is out (https://www.itsfoss.net/nomadbsd-130r-is-now-available-to-download-based-on-freebsd-13-0/) *** ### KDE Plasma Wayland - a week in FreeBSD (https://euroquis.nl//kde/2021/05/09/wayland.html) *** ### Install Firefox under FreeBSD and Set it Up with Privacy (https://danschmid.de/en/blog/install-firefox-under-freebsd-and-set-it-up-with-privacy) *** Using NetBSD’s pkgsrc everywhere I can (https://rubenerd.com/using-netbsds-pkgsrc-everywhere-i-can/) *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Malcolm - restoring a single file (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/407/feedback/Malcolm%20-%20restoring%20a%20single%20file) Nathan - wireless support (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/407/feedback/Nathan%20-%20wireless%20support) bluefire - zfs special vdev (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/407/feedback/bluefire%20-%20zfs%20special%20vdev) Push to next show with Allan Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Gemini Capsule in a FreeBSD Jail, FreeBSD Quarterly status report 2021Q1, NetBSD VM on bhyve (on TrueNAS), Interview with Michael Lucas, WireGuard Returns as Experimental Package in pfSense, CGI with Awk on OpenBSD httpd, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Gemini Capsule in a FreeBSD Jail (https://www.ecliptik.com/Gemini-Capsule-in-a-FreeBSD-Jail/) With the recent release of FreeBSD 13, I wanted to test it out on a spare RaspberryPi 3 that was part of my old Kubernetes cluster. In particular, FreeBSD Jails have always interested me, although I’ve never used them in practice. Over the years I’ve managed operating system virtualization through Solaris Zones and Docker containers, and Jails seem like and good middle ground between the two - easier to manage than zones and closer to the OS than Docker. I also want to run my own Gemini capsule locally to use some of the features that my other hosted capsules don’t have (like SCGI/CGI) and setting up a capsule in a Jail is a good way to learn both at the same time. FreeBSD Quarterly status report 2021Q1 (https://lists.freebsd.org/pipermail/freebsd-announce/2021-May/002033.html) News Roundup NetBSD VM on bhyve (on TrueNAS) (https://bentsukun.ch/posts/bhyve-netbsd/) My new NAS at home is running TrueNAS Core. So far, it has been excellent, however I struggled a bit setting up a NetBSD VM on it. Part of the problem is that a lot of the docs and how-tos I found are stale, and the information in it no longer applies. TrueNAS Core allows running VMs using bhyve, which is FreeBSD’s hypervisor. NetBSD is not an officially supported OS, at least according to the guest OS chooser in the TrueNAS web UI :) But since the release of NetBSD 9 a while ago, things have become far simpler than they used to be – with one caveat (see below). Interview with Michael Lucas *BSD, Unix, IT and other books author (https://www.cyberciti.biz/interview/michael-lucas-bsd-unix-it-and-other-books-author/) Michael Lucas is a famous IT book author. Perhaps best know for FreeBSD, OpenBSD, and Unix book series. He worked as a system administrator for many years and has now become a full-time book writer. Lately, I did a quick Q and A with Michael about his journey as a professional book author and his daily workflow for writing books. + pfSense – WireGuard Returns as Experimental Package (https://www.netgate.com/blog/pfsense-wireguard-returns-as-an-experimental-package.html) CGI with Awk on OpenBSD httpd (https://box.matto.nl/cgi-with-awk-on-openbsd-httpd.html) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questionsing Adam - system state during upgrade (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/406/feedback/Adam%20-%20system%20state%20during%20upgrade) paul - BSD grep (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/406/feedback/paul%20-%20BSD%20grep) sub - feedback (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/406/feedback/sub%20-%20feedback) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

NetBSD 9.2 released, DragonFly 6.0 is out, Home Network Monitoring using Prometheus, Preventing FreeBSD to kill PostgreSQL, Customizing Emacs for Git Commit Messages, Deleting old FreeBSD boot environments, Always be quitting, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines NetBSD 9.2 Released (http://blog.netbsd.org/tnf/entry/netbsd_9_2_released) DragonFly 6.0 is out! (https://www.dragonflydigest.com/2021/05/10/25731.html) Release Notes (https://www.dragonflybsd.org/release60/) *** ### EuroBSDCon 2021 will be online (https://2021.eurobsdcon.org/) *** ## News Roundup ### Home Network Monitoring using Prometheus (https://linux-bsd.github.io/post/monitoring/) > This blog post describes my setup for monitoring various devices on my home network suh as servers, laptops/desktops, networking gear etc. The setup and configuration is squarely geared towards small/medium sized network monitoring. A similar setup might work for large networks, but you will need to plan your compute/storage/bandwidth capacities accordingly. I’m running all the monitoring software on FreeBSD, but you can run it on your choice of OS. Just make sure to install the packages using your OS’s package manager. *** ### Preventing FreeBSD to kill PostgreSQL (aka OOM Killer prevention) (https://fluca1978.github.io/2021/04/02/OOMKillerFreeBSD.html) > There are a lot of interesting articles on how to prevent the Out of Memory Killer (OOM killer in short) on Linux to ruin your day, or better your night. One particularly well done explanation about how the OOM Killer works, and how to help PostgreSQL to survive, is, in my humble opinion, the one from Percona Blog. *** ### Customizing Emacs for Git Commit Messages (http://bsdimp.blogspot.com/2021/04/customizing-emacs-for-git-commit.html) >I do a lot of commits to the FreeBSD project and elsewhere. It would be nice if I could setup emacs in a custom way for each commit message that I'm editing. > Fortunately, GNU Emacs provides a nice way to do just that. While I likely could do some of these things with git commit hooks, I find this to be a little nicer. *** ### Deleting old FreeBSD boot environments (https://dan.langille.org/2021/04/15/deleting-old-freebsd-boot-environments/) > I like boot environments (BE) on FreeBSD. They were especially handy when building the AWS host for FreshPorts, since I had no serial console. I would create a BE saving the current status, then make some changes. I’d mark the current BE as boot once, so I could boot back in the known good BE. Worst case, I could mount the storage onto a rescue EC2 instance and adjust the bootfs value of the zpool. *** Always be quitting (https://jmmv.dev/2021/04/always-be-quitting.html) A good philosophy to live by at work is to “always be quitting”. No, don’t be constantly thinking of leaving your job. But act as if you might leave on short notice. Counterintuitively, this will make you a better engineer and open up growth opportunities. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Christopher - zfs question (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/405/feedback/Christopher%20-%20zfs%20question) Chris - two questions (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/405/feedback/Chris%20-%20two%20questions) Vas - zpools and moving to FreeBSD 13 (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/405/feedback/Vas%20-%20zpools%20and%20moving%20to%20FreeBSD%2013) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Allan, Benedict and Tom are MIA, so JT fills in with two friends. This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) CoHosts this week: • Ash Gokhale: https://twitter.com/xpi • Jeff Propes : CoHost of The Opinion Dominion (https://www.theopiniondominion.org) This weeks format follows the format of one of JT's other shows: The Opinion Dominion (https://www.theopiniondominion.org). Centralized vs Decentralized Management Ash’s draid article at Klara (https://klarasystems.com/articles/openzfs-draid-finally/) openbsd’s 50th release (https://twitter.com/openbsd/status/1388289402934333444) + Release Notes (https://www.openbsd.org/69.html) Beastie Bits • Interesting dtrace papers I found this week. The first is unfortunately paywalled by an industry journal but hopefully it’ll be publicly available soon. ◦ [Using Dtrace for Machine Learning Solutions in Malware Detection](https://ieeexplore.ieee.org/document/9225633) ◦ [Process Monitoring on Sequences of System Call Count Vectors](https://arxiv.org/pdf/1707.03821.pdf) ◦ Sounds Similar to: Optimyze Cloud](https://twitter.com/OptimyzeCloud/status/1386424419418099712) CADETS that GNN is working on (https://apps.dtic.mil/sti/citations/AD1080643)] • Practical IOT Hacking book out by no starch press (https://nostarch.com/practical-iot-hacking) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Open Source Voices episode with Colin Percival (https://www.opensourcevoices.org/12) RIP Dan kaminski • https://www.nytimes.com/2021/04/27/technology/daniel-kaminsky-dead.html • https://www.darkreading.com/vulnerabilities---threats/in-appreciation-dan-kaminsky/d/d-id/1340830 • https://www.securityweek.com/security-researcher-dan-kaminsky-passes-away Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Why You Should Use BSD Licensing for Your Next Open Source Project or Product, Update on FreeBSD Foundation Investment in Linuxulator, OPNsense 21.1.5 released, FreeBSD meetings on the Desktop, Running FreeBSD jails with containerd 1.5, Markdown, DocBook, and the quest for semantic documentation on NetBSD.org, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Why You Should Use BSD Licensing for Your Next Open Source Project or Product (https://klarasystems.com/articles/why-you-should-use-bsd-licensing-for-your-next-open-source-project-or-product/) The term “open source” has its origins in the context of software development, designating a specific approach to developing computer programs. Nowadays, however, it stands for a broad set of values – open source means open exchange, transparency, collaborative participation and development for the benefit of the entire community. Update on FreeBSD Foundation Investment in Linuxulator (https://freebsdfoundation.org/blog/update-on-freebsd-foundation-investment-in-linuxulator/) Dr. Emmett Brown’s similar-sounding Flux Capacitor from the movie Back to the Future bridged the dimension of time, uniting past, present, and future for the McFlys. Similarly, the FreeBSDⓇ Linuxulator project also bridges dimensions – in our case, these are LinuxⓇ and FreeBSD. News Roundup OPNsense 21.1.5 released (https://opnsense.org/opnsense-21-1-5-released/) This is mainly a security and reliablility update. There are several FreeBSD security advisories and updates for third party tools such as curl. + OPNsense to rebase on FreeBSD 13 (https://forum.opnsense.org/index.php?topic=22761.msg108313#msg108313) FreeBSD meetings on the Desktop (https://euroquis.nl//freebsd/2021/04/20/fbsd-bbb.html) FreeBSD on the desktop is a whole stack - X11, Qt, KDE Frameworks, KDE Plasma and KDE Gear, and Wayland, and Poppler and GTK - o my! Running FreeBSD jails with containerd 1.5 (https://samuel.karp.dev/blog/2021/05/running-freebsd-jails-with-containerd-1-5/) containerd 1.5.0 was released today and now works on a new operating system: FreeBSD! This new release includes a series of patches (1, 2, 3, 4, 5, 6, 7, 8, 9, 10) which allow containerd to build, enable the native and zfs snapshotters, and use a compatible runtime like runj. Markdown, DocBook, and the quest for semantic documentation on NetBSD.org (https://washbear.neocities.org/markdown.html) Recently, I’ve been doing a lot of maintenance of the NetBSD website. It contains a boatload of documentation, much of which was originally written in the 2000s. It has some special requirements: it has to work in text-based web browsers like lynx, or maybe even without any working browser installed at all, or just ftp(1) for downloading plain text over HTTP. Naturally, the most important parts are static, suitable for serving from the standard NetBSD http server, which runs from inetd by default. Beastie Bits Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Alrekur - An Interesting FreeBSD Find (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/403/feedback/Alrekur%20-%20An%20Interesting%20FreeBSD%20Find) They presented at the FreeBSD Vendor summit last year too: https://www.youtube.com/watch?v=8LUdZseNrpE Sven - feedback (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/403/feedback/Sven%20-%20feedback) Robert - firewalling (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/403/feedback/Robert%20-%20firewalling) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

It's time to say goodbye to the GPL, a new OCI Runtime for FreeBSD Jails, A bit of Xenix history, On Updating QEMU's bsd-user fork, FreeBSD 13 on a 12 year old laptop, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines It's time to say goodbye to the GPL (https://martin.kleppmann.com/2021/04/14/goodbye-gpl.html) The trigger for this post is the reinstating of Richard Stallman, a very problematic character, to the board of the Free Software Foundation (FSF). I am appalled by this move, and join others in the call for his removal. This occasion has caused me to reevaluate the position of the FSF in computing. It is the steward of the GNU project (a part of Linux distributions, loosely speaking), and of a family of software licenses centred around the GNU General Public License (GPL). These efforts are unfortunately tainted by Stallman’s behaviour. However, this is not what I actually want to talk about today. runj: a new OCI Runtime for FreeBSD Jails (https://samuel.karp.dev/blog/2021/03/runj-a-new-oci-runtime-for-freebsd-jails/) Today, I open-sourced runj, a new experimental, proof-of-concept OCI-compatible runtime for FreeBSD jails. For the past 6.5 years I’ve been working on Linux containers, but never really had much experience with FreeBSD jails. runj (pronounced “run jay”) is a vehicle for me to learn more about FreeBSD in general and jails in particular. With my position on the Technical Oversight Board of the Open Containers Initiative, I’m also interested in understanding how the OCI runtime specification can be adapted to other operating systems like FreeBSD. News Roundup A Bit of Xenix History (http://seefigure1.com/2014/04/15/xenixtime.html) From 1986 to 1989, I worked in the Xenix1 group at Microsoft. It was my first job out of school, and I was the most junior person on the team. I was hopelessly naive, inexperienced, generally clueless, and borderline incompetent, but my coworkers were kind, supportive and enormously forgiving – just a lovely bunch of folks. On Updating QEMU's bsd-user fork (https://bsdimp.blogspot.com/2021/05/on-updating-qemus-bsd-user-fork.html) FreeBSD 13 on a 12 year old laptop (http://box.matto.nl/freebsd-13-on-a-12-year-old-laptop.html) My old (2009) HP laptop now runs FreeBSD 13.0-RELEASE. Beastie Bits Registration is now open for the June 2021 #FreeBSD Developers Summit (https://twitter.com/i/web/status/1387797859479732227) 6.0RC1 images available (https://www.dragonflydigest.com/2021/04/22/25663.html) Lexical File Names in Plan 9 or Getting Dot-Dot Right (https://plan9.io/sys/doc/lexnames.pdf) The history of UTF-8 as told by Rob Pike (http://doc.cat-v.org/bell_labs/utf-8_history) Initial Support for the riscv64 Architecture (http://undeadly.org/cgi?action=article;sid=20210423090342) *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Hamza - Congrats on 400 (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/402/feedback/Hamza%20-%20Congrats%20on%20400) Renato - DTS and ContainerD (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/402/feedback/Renato%20-%20DTS%20and%20ContainerD) Rob - Music (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/402/feedback/Rob%20-%20Music) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Dog's Garage Runs OpenBSD, EuroBSDcon 2021 Call for Papers, FreeBSD’s iostat, The state of toolchains in NetBSD, Bandwidth limiting on OpenBSD 6.8, FreeBSD's ports migration to git and its impact on HardenedBSD, TrueNAS 12.0-U3 has been released, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines My Dog's Garage Runs OpenBSD (https://undeadly.org/cgi?action=article;sid=20210415055717) I was inspired by the April 2017 article in undeadly.org about getting OpenBSD running on a Raspberry Pi 3B+. My goal was to use a Raspberry Pi running OpenBSD to monitor the temperature in my garage from my home. My dog has his own little "apartment" inside the garage, so I want to keep an eye on the temperature. (I don't rely on this device. He sleeps inside the house whenever he wants.) EuroBSDcon 2021 Call for Papers (https://2021.eurobsdcon.org/about/cfp/) FreeBSD iostat (https://klarasystems.com/articles/freebsd-iostat-a-quick-glance/) The state of toolchains in NetBSD (https://www.cambus.net/the-state-of-toolchains-in-netbsd/) While FreeBSD and OpenBSD both switched to using LLVM/Clang as their base system compiler, NetBSD picked a different path and remained with GCC and binutils regardless of the license change to GPLv3. However, it doesn't mean that the NetBSD project endorses this license, and the NetBSD Foundation's has issued a statement about its position on the subject. NetBSD’s statement (http://cvsweb.netbsd.org/bsdweb.cgi/src/external/gpl3/README?rev=1.1) *** News Roundup Bandwidth limiting on OpenBSD 6.8 (https://dataswamp.org/~solene/2021-02-07-limit.html) I will explain how to limit bandwidth on OpenBSD using its firewall PF (Packet Filter) queuing capability. It is a very powerful feature but it may be hard to understand at first. What is very important to understand is that it's technically not possible to limit the bandwidth of the whole system, because once data is getting on your network interface, it's already there and got by your router, what is possible is to limit the upload rate to cap the download rate. FreeBSD's ports migration to git and its impact on HardenedBSD (https://hardenedbsd.org/article/shawn-webb/2021-04-06/freebsds-ports-migration-git-and-its-impact-hardenedbsd) FreeBSD completed their ports migration from subversion to git. Prior to the official switch, we used the read-only mirror FreeBSD had at GitHub[1]. The new repo is at [2]. A cursory glance at the new repo will show that the commit hashes changed. This presents an issue with HardenedBSD's ports tree in our merge-based workflow. TrueNAS 12.0-U3 has been released (https://www.truenas.com/docs/releasenotes/core/12.0u3/) iXsystems is excited to announce TrueNAS 12.0-U3 was released today and marks an important milestone in the transition from FreeNAS to TrueNAS. TrueNAS 12.0 is now considered by iXsystems to be a higher quality release than FreeNAS 11.3-U5, our previous benchmark. The new TrueNAS documentation site has also reached a point where it has more content and capabilities than FreeNAS. TrueNAS 12.0 is ready for mission-critical enterprise deployments. Beastie Bits Joyent provides pkgsrc for MacOS X (https://pkgsrc.joyent.com/install-on-osx/) Archives of old Irix documentation (https://techpubs.jurassic.nl) FreeBSD Developer/Vendor Summit 2021 (https://wiki.freebsd.org/DevSummit/202106) *** Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Andre - splitting zfs array (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/401/feedback/Andre - splitting zfs array) Bruce - Command Change (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/401/feedback/Bruce - Command Change) Dan - Annoyances with ZFS (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/401/feedback/Dan - Annoyances with ZFS) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

FreeBSD 13 is here, multi-factor authentication on OpenBSD, KDE on FreeBSD 2021o2, NetBSD GSoC report, a working D compiler on OpenBSD, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines FreeBSD 13.0 R Annoucement (https://www.freebsd.org/releases/13.0R/announce/) • OpenZFS 2.0 (almost 2.1) is included in 13.0 • Removed support for previously-deprecated algorithms in geli(8). • The armv8crypto(4) driver now supports AES-GCM which is used by IPsec and kernel TLS. Enable multi-factor authentication on OpenBSD (https://dataswamp.org/~solene/2021-02-06-openbsd-2fa.html) In this article I will explain how to add a bit more security to your OpenBSD system by adding a requirement for user logging into the system, locally or by ssh. I will explain how to setup 2 factor authentication (2FA) using TOTP on OpenBSD News Roundup KDE on FreeBSD 2021o2 (https://euroquis.nl/kde/2021/03/26/freebsd2021o2.html) Gosh, second octant already! Well, let’s take a look at the big things that happened in KDE-on-FreeBSD in these six-and-a-half weeks. GSoC Reports: Make system(3), popen(3) and popenve(3) use posix_spawn(3) internally (Final report) (http://blog.netbsd.org/tnf/entry/gsoc_reports_make_system_31) My code can be found at github.com/teknokatze/src in the gsoc2020 branch, at the time of writing some of it is still missing. The test facilities and logs can be found in github.com/teknokatze/gsoc2020. A diff can be found at github which will later be split into several patches before it is sent to QA for merging. The initial and defined goal of this project was to make system(3) and popen(3) use posixspawn(3) internally, which had been completed in June. For the second part I was given the task to replace fork+exec calls in our standard shell (sh) in one scenario. Similar to the previous goal we determined through implementation if the initial motivation, to get performance improvements, is correct otherwise we collect metrics for why posixspawn() in this case should be avoided. This second part meant in practice that I had to add and change code in the kernel, add a new public libc function, and understand shell internals. A working D compiler on OpenBSD (https://undeadly.org/cgi?action=article;sid=20210322080633) Dr. Brian Robert Callahan (bcallah@) blogged about his work in getting D compiler(s) working under OpenBSD. + Full Post (https://briancallahan.net/blog/20210320.html) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Vasilis - upgrade question (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/400/feedback/Vasilis%20-%20upgrade%20question) Dennis - zfs questions (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/400/feedback/Dennis%20-%20zfs%20questions) Daniel Dettlaff - KTLS question (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/400/feedback/dmilith%20-%20KTLS) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Comparing sandboxing techniques, Statement on FreeBSD development processes, customizing FreeBSD ports and packages, the quest for a comfortable NetBSD desktop, Nginx as a TCP/UDP relay, HardenedBSD March 2021 Status Report, Detailed Behaviors of Unix Signal, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Comparing sandboxing techniques (https://www.omarpolo.com/post/gmid-sandbox.html) I had the opportunity to implement a sandbox and I'd like to write about the differences between the various sandboxing techniques available on three different operating systems: FreeBSD, Linux and OpenBSD. Statement on FreeBSD development processes (https://lists.freebsd.org/pipermail/freebsd-hackers/2021-March/057127.html) In light of the recent commentary on FreeBSD's development practices, members of the Core team would like to issue the following statement. Customizing FreeBSD Ports and Packages (https://klarasystems.com/articles/customizing-freebsd-ports-and-packages/) A basic intro to building your own packages News Roundup FVWM(3) and the quest for a comfortable NetBSD desktop (https://www.unitedbsd.com/d/442-fvwm3-and-the-quest-for-a-comfortable-netbsd-desktop) FVWM substantially allows one to build a fully-fledged lightweight desktop environment from scratch, with an almost unparalleled degree of freedom. Although using FVWM does not require any knowledge of programming languages, it is possible to extend it with M4, C, and Perl preprocessing. Nginx as a TCP/UDP relay (https://dataswamp.org/~solene/2021-02-24-nginx-stream.html) In this tutorial I will explain how to use Nginx as a TCP or UDP relay as an alternative to Haproxy or Relayd. This mean nginx will be able to accept requests on a port (TCP/UDP) and relay it to another backend without knowing about the content. It also permits to negociates a TLS session with the client and relay to a non-TLS backend. In this example I will explain how to configure Nginx to accept TLS requests to transmit it to my Gemini server Vger, Gemini protocol has TLS as a requirement. HardenedBSD March 2021 Status Report (https://hardenedbsd.org/article/shawn-webb/2021-03-31/hardenedbsd-march-2021-status-report) This month, I worked on finding and fixing the regression that caused kernel panics on our package builders. I think I found the issue: I made it so that the HARDENEDBSD amd64 kernel just included GENERIC so that we follow FreeBSD's toggling of features. Doing so added QUEUEMACRODEBUGTRASH to our kernel config. That option is the likely culprit. If the next package build (with the option removed) completes, I will commit the change that removes QUEUEMACRODEBUGTRASH from the HARDENEDBSD amd64 kernel. Detailed Behaviors of Unix Signal (https://www.dyx.name/posts/essays/signal.html) When Unix is mentioned in this document it means macOS or Linux as they are the mainly used Unix at this moment. When shell is mentioned it means Bash or Zsh. Most demos are written in C for macOS with Apple libc and Linux with glibc. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions andrew - flatpak (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/399/feedback/andrew%20-%20flatpak) chris - mac and truenas (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/399/feedback/chris%20-%20mac%20and%20truenas) robert - some questions (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/399/feedback/robert%20-%20some%20questions) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv)

FreeBSD 13.0 Full Desktop Experience, FreeBSD on ARM64 in the Cloud, Plan 9 from Bell Labs in Cyberspace, Inferno is open source as well, NetBSD hits donation milestone, grep returns (standard input) on FreeBSD, Random Programming Challenge, OpenBSD Adds Support for Coordinated Mars Time (MTC) and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines FreeBSD 13.0 – Full Desktop Experience (https://www.tubsta.com/2021/03/freebsd-13-0-full-desktop-experience/) With the release of FreeBSD 13.0 on the horizon, I wanted to see how it shapes up on my Lenovo T450 laptop. Previous major releases on this laptop, using it as a workstation, felt very rough around the edges but with 13, it feels like the developers got it right. FreeBSD on ARM64 in the Cloud (https://klarasystems.com/articles/the-next-level-freebsd-on-arm64-in-the-cloud/) Until the end of June, Amazon AWS is offering free ARM64 Graviton instances, learn how to try out FreeBSD to ARMv8 in the cloud Plan 9 from Bell Labs in Cyberspace! (https://www.bell-labs.com/institute/blog/plan-9-bell-labs-cyberspace/) The releases below represent the historical releases of Plan 9. (http://p9f.org/dl/index.html) The two versions of 4th Edition represent the initial release and the final version available from Bell Labs as it was updated and patched. All historical releases of Plan 9 have been re-released under the terms of the MIT license. + Inferno is open source as well (https://bitbucket.org/inferno-os/inferno64-os/src/master/) News Roundup Hitting donation milestone, financial report for 2020 (http://blog.netbsd.org/tnf/entry/hitting_donation_milestone_financial_report) We nearly hit our 2020 donation milestone set after the release of 9.0 of $50,000. grep returns (standard input) on FreeBSD (https://rubenerd.com/grep-returns-standard-input/) I was dealing with a bizarre error with grep(1) on FreeBSD, and it soon infected my macOS and NetBSD machines too. It was driving me crazy! Random Programming Challenge (https://projecteuler.net/problem=84) This better not be an April Fools Joke… I want to see this actually implemented. I’ll donate $100 to the first BSD that actually implements this for real. Who’s with me? OpenBSD Adds Support for Coordinated Mars Time (MTC) (https://marc.info/?l=openbsd-cvs&m=161730046519995) To make sure that OpenBSD can be used elsewhere than just earth, this diff introduces Coordinated Mars Time (MTC), the Mars equivalent of earth’s Universal Time (UTC). OpenZFS had a good one too (https://github.com/openzfs/zfs/pull/11823) Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Brandon - router (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/398/feedback/Brandon%20-%20router) Lawrence - Is BSD for me (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/398/feedback/Lawrence%20-%20Is%20FreeBSD%20for%20me) miguel - printing (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/398/feedback/miguel%20-%20printing) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Customizing the FreeBSD Kernel, OpenBSD/loongson on the Lemote Fuloong, how ZFS on Linux brings up pools and filesystems at boot under systemd, LLDB: FreeBSD Legacy Process Plugin Removed, FreshBSD 2021, gmid, Danschmid’s Poudriere Guide in english, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Customizing the FreeBSD Kernel (https://klarasystems.com/articles/customizing-the-freebsd-kernel/) Learn more about customizing the build of the FreeBSD kernel and its loadable modules OpenBSD/loongson on the Lemote Fuloong (https://www.cambus.net/openbsd-loongson-on-the-lemote-fuloong/) In my article about running OpenBSD/loongson on the Lemote Yeeloong back in 2016, I mentioned looking for a Fuloong. All hope seemed lost until the Summer of 2017, when a fellow OpenBSD developer was contacted by a generous user (Thanks again, Lars!) offering to donate two Lemote Fuloong machines, and I was lucky enough to get one of those units. News Roundup How ZFS on Linux brings up pools and filesystems at boot under systemd (https://utcc.utoronto.ca/~cks/space/blog/linux/ZFSBringUpOnBoot) On Solaris and Illumos, how ZFS pools and filesystems were brought up at boot was always a partial mystery to me (and it seemed to involve the kernel knowing a lot about /etc/zfs/zpool.cache). On Linux, additional software RAID arrays are brought up mostly through udev rules, which has its own complications. For a long time I had the general impression that ZFS on Linux also worked through udev rules to recognize vdev components, much like software RAID. However, this turns out to not be the case and the modern ZFS on Linux boot process is quite straightforward on systemd systems. LLDB: FreeBSD Legacy Process Plugin Removed (https://www.moritz.systems/blog/freebsd-legacy-process-plugin-removed/) During the past month we’ve successfully removed the legacy FreeBSD plugin and continued improving the new one. We have prepared an implementation of hardware breakpoint and watchpoint support for FreeBSD/AArch64, and iterated over all tests that currently fail on that platform. Therefore, we have concluded the second milestone. FreshBSD 2021 (https://freshbsd.org/news/2021/02/28) 6 weeks ago I created a branch for a significant rework of FreshBSD. Nearly 300 commits later, and just a week shy of our 15th anniversary, the result is what you’re looking at now. I hope you like it. gmid (https://github.com/omar-polo/gmid/) is a gemini (https://gemini.circumlunar.space/) server for unixes. Danschmid’s Poudriere Guide now in english (https://danschmid.de/en/blog/poudriere-guide) The ports system is one of FreeBSD's greatest advantages for users who want flexibility and control over their software. It enables administrators to easily create and manage source-based installations using a system that is robust and predictable. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) *** Special Guest: Tom Jones.

FreeBSD Network Troubleshooting, The State of FreeBSD, dhcpleased, bhyve for Calamares Development, EFS automount and ebsnvme-id, Old Usenix pictures, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines FreeBSD Network Troubleshooting (https://klarasystems.com/articles/freebsd-network-troubleshooting-understanding-network-performance/) FreeBSD has a full set of debugging features, and the network stack is able to report a ton of information. So much that it can be hard to figure out what is relevant and what is not. The State of FreeBSD (https://www.theregister.com/2021/03/10/the_state_of_freebsd/) License to thrill: Ahead of v13.0, the FreeBSD team talks about Linux and the completed toolchain project that changes everything News Roundup dhcpleased(8) - DHCP client daemon (http://undeadly.org/cgi?action=article;sid=20210227232424) With the following commit, Florian Obser (florian@) imported dhcpleased(8), DHCP daemon to acquire IPv4 address leases from servers, plus dhcpleasectl(8), a utility to control the daemon: bhyve for Calamares Development (https://euroquis.nl//freebsd/2021/03/05/bhyve.html) bhyve (pronounced “bee hive”) is a hypervisor for BSD systems (and Illumos / openSolaris). It is geared towards server workloads, but does support desktop-oriented operation as well. I spent some time wayyyy back in November wrestling with it in order to replace VirtualBox for Calamares testing on FreeBSD. The “golden hint” as far as I’m concerned came from Karen Bruner and now I have a functioning Calamares test-ground that is more useful than before. “Calamares is a free and open-source independent and distro-agnostic system installer for Linux distributions.“ Some new FreeBSD/EC2 features: EFS automount and ebsnvme-id (https://www.daemonology.net/blog/2020-05-31-Some-new-FreeBSD-EC2-features.html) As my regular readers will be aware, I've been working on and gradually improving FreeBSD/EC2 for many years. Recently I've added two new features, which are available in the weekly HEAD and 12-STABLE snapshots and will appear in releases starting from 12.2-RELEASE. Old Usenix pictures (http://lists.nycbug.org/pipermail/talk/2021-February/018304.html) Beastie Bits https://2021.eurobsdcon.org/ (CFP is open until May 26th, 2021) EuroBSDcon is the European technical conference for users and developers of BSD-based systems. The conference is scheduled to take place September 16-19 2021 in Vienna, Austria or as an all-online event if COVID-19 developments dictate. The tutorials will be held on Thursday and Friday to registered participants and the talks are presented to conference attendees on Saturday and Sunday. The Call for Talk and Presentation proposals period will close on May 26th, 2021. Prospective speakers will be notified of acceptance or otherwise by June 1st, 2021. https://campgnd.com/ (CFP is open until 2021-04-15) campgndd will be held May 28th, 29th and 30th 2021, from wherever you happen to be. We're looking for submissions on anything you're enthusiastic and excited about. If you enjoy it, the odds are we will too! You don't need to be an expert to propose anything. Some example of things we are looking for are: Talks Walkthroughs Music From the Desk of Michael Lucas… ``` New Release: Only Footnotes I’ve lost count of the number of people who have told me that they purchase my books only for the footnotes. That’s okay. I don’t care why people buy my books, only that they do buy them. Nevertheless, I am a businessman living under capitalism and feel compelled to respond to my market. Allow me to present my latest release: Only Footnotes, a handsome hardcover-only compilation of decades of footnotes. From the back cover: Only Footnotes. Because that’s why you read his books. Academics hate footnotes. Michael W Lucas loves them. What he does with them wouldn’t pass academic muster, but that doesn’t mean the reader should skip them. The footnotes are the best part! Why not read only the footnotes, and skip all that other junk? After literal minutes of effort, Only Footnotes collects every single footnote from all of Lucas’ books to date.* Recycle those cumbersome treatises stuffed with irrelevant facts! No more flipping through pages and pages of actual technical knowledge looking for the offhand movie reference or half-formed joke. This slender, elegant volume contains everything the man ever passed off as his dubious, malformed “wisdom.” Smart books have footnotes. Smarter books are only footnotes. *plus additional annotations from the author. Because sometimes even a footnote needs a footnote. With interior illustrations by OpenBSD’s akoshibe, this distinguished tome would make fine inspirational reading for a system administrator, network engineer, or anyone sentenced to a life in information technology. Available at all fine bookstores, and many mediocre ones! ``` Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) *** Special Guest: Tom Jones.

Tracing the History of ARM and FreeBSD, Make ‘less’ more friendly, NomadBSD 1.4 Release, Create an Ubuntu Linux jail on FreeBSD 12.2, OPNsense 21.1.2 released, Midnight BSD and BastilleBSD, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Tracing the History of ARM and FreeBSD (https://klarasystems.com/articles/tracing-the-history-of-arm-and-freebsd/) When we think of computers, we generally think of laptops and desktops. Each one of these systems is powered by an Intel or AMD chip based on the x86 architecture. It might feel like you spend all day interacting with these kinds of systems, but you would be wrong. Unix Tip: Make ‘less’ more friendly (https://ascending.wordpress.com/2011/02/11/unix-tip-make-less-more-friendly/) You probably know about less: it is a standard tool that allows scrolling up and down in documents that do not fit on a single screen. Less has a very handy feature, which can be turned on by invoking it with the -i flag. This causes less to ignore case when searching. For example, ‘udf’ will find ‘udf’, ‘UDF’, ‘UdF’, and any other combination of upper-case and lower-case. If you’re used to searching in a web browser, this is probably what you want. But less is even more clever than that. If your search pattern contains upper-case letters, the ignore-case feature will be disabled. So if you’re looking for ‘QXml’, you will not be bothered by matches for the lower-case ‘qxml’. (This is equivalent to ignorecase + smartcase in vim.) News Roundup NomadBSD 1.4 Release (https://www.itsfoss.net/nomadbsd-1-4-release/) Version 1.4 of NomadBSD, a persistent live system for USB flash drives based on FreeBSD and featuring a graphical user interface built around Openbox, has been released: “We are pleased to present the release of NomadBSD 1.4. Create an Ubuntu Linux jail on FreeBSD 12.2 (https://hackacad.net/post/2021-01-23-create-a-ubuntu-linux-jail-on-freebsd/) OPNsense 21.1.2 released (https://opnsense.org/opnsense-21-1-2-released/) Work has so far been focused on the firmware update process to ensure its safety around edge cases and recovery methods for the worst case. To that end 21.1.3 will likely receive the full revamp including API and GUI changes for a swift transition after thorough testing of the changes now available in the development package of this release. Midnight BSD and BastilleBSD (https://www.justjournal.com/users/mbsd/entry/33869) We recently added a new port, mports/sysutils/bastille that allows you to manage containers. This is a port of a project that originally targetted FreeBSD, but also works on HardenedBSD. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Brad - monitoring with Grafana (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/395/feedback/Brad%20-%20monitoring%20with%20Grafana) Dennis - a few questions (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/395/feedback/Dennis%20-%20a%20few%20questions) Paul - FreeBSD 13 (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/395/feedback/Paul%20-%20FreeBSD%2013) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Onboard Scheduler for the Mars 2020 Rover, Practical Guide to Storage of Large Amounts of Microscopy Data, OpenBSD guest with bhyve - OmniOS, NextCloud on OpenBSD, MySQL Transactions - the physical side, TrueNAS 12.0-U2.1 is released, HardenedBSD 2021 State of the Hardened Union, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Prototyping an Onboard Scheduler for the Mars 2020 Rover (https://ai.jpl.nasa.gov/public/documents/papers/rabideau_iwpss2017_prototyping.pdf) The mars rover runs VxWorks, which is based on BSD, and uses the FreeBSD networking stack. While there has been a lot of type about the little helicopter that was inside the rover running Linux, the rover itself runs BSD. *** ### Practical Guide to Storage of Large Amounts of Microscopy Data (https://www.cambridge.org/core/journals/microscopy-today/article/practical-guide-to-storage-of-large-amounts-of-microscopy-data/D3CE39447BFF5BBF9B3ED8A0C35C6F36) > Biological imaging tools continue to increase in speed, scale, and resolution, often resulting in the collection of gigabytes or even terabytes of data in a single experiment. In comparison, the ability of research laboratories to store and manage this data is lagging greatly. This leads to limits on the collection of valuable data and slows data analysis and research progress. Here we review common ways researchers store data and outline the drawbacks and benefits of each method. We also offer a blueprint and budget estimation for a currently deployed data server used to store large datasets from zebrafish brain activity experiments using light-sheet microscopy. Data storage strategy should be carefully considered and different options compared when designing imaging experiments. *** ## News Roundup ### OpenBSD guest with bhyve - OmniOS (https://www.pbdigital.org/omniosce/bhyve/openbsd/2020/06/08/bhyve-zones-omnios.html) > Today I will be creating a OpenBSD guest via bhyve on OmniOS. I will also be adding a Pass Through Ethernet Controller so I can have a multi-homed guest that will serve as a firewall/router. > This post will cover setting up bhyve on OmniOS, so it will also be a good introduction to bhyve. As well, I look into OpenBSD’s uEFI boot loader so if you have had trouble with this, then you are in the right place. *** ### NextCloud on OpenBSD (https://h3artbl33d.nl/blog/nextcloud-on-openbsd) > NextCloud and OpenBSD are complimentary to one another. NextCloud is an awesome, secure and private alternative for propietary platforms, whereas OpenBSD forms the most secure and solid foundation to serve it on. Setting it up in the best way isn’t hard, especially using this step by step tutorial. MySQL Transactions - the physical side (https://blog.koehntopp.info/2020/07/27/mysql-transactions.html) So you talk to a database, doing transactions. What happens actually, behind the scenes? Let’s have a look. TrueNAS 12.0-U2.1 is released (https://www.truenas.com/docs/hub/intro/release-notes/12.0u2.1/) HardenedBSD 2021 State of the Hardened Union - NYCBUG - 2021-04-07 (https://www.nycbug.org/index?action=view&id=10682) Beastie Bits FreeBSD Journal: Case Studies (https://freebsdfoundation.org/our-work/journal/) *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Al - BusyNAS (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/394/feedback/Al%20-%20BusyNAS) Jeff - ZFS and NFS on FreeBSD (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/394/feedback/Jeff%20-%20ZFS%20and%20NFS%20on%20FreeBSD) Michael - remote unlock for encrypted systems (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/394/feedback/Michael%20-%20remote%20unlock%20for%20encrypted%20systems) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv)

Lessons learned from a 27 years old UNIX book, Finally dRAID, Setting up a Signal Proxy using FreeBSD, Annotate your PDF files on OpenBSD, Things You Should Do Now, Just: More unixy than Make, and more NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Lessons learned from a 27 years old UNIX book (https://www.linux.it/~ema/posts/porsche-book/) One of the Amazon reviewers of "Sun Performance and Tuning: Java and the Internet" gave it 3/5 stars. While still a nice introduction, the book by Adrian Cockcroft has become dated — claimed Roland in 2003, which believe it or not was 18 years ago... dRAID, Finally! (https://klarasystems.com/articles/openzfs-draid-finally/) Admins will often use wide RAID stripes to maximize usable storage given a number of spindles. RAID-Z deployments with large stripe widths, ten or larger, are subject to poor resilver performance for a number of reasons. Resilvering a full vdev means reading from every healthy disk and continuously writing to the new spare. This will saturate the replacement disk with writes while scattering seeks over the rest of the vdev. For 14 wide RAID-Z2 vdevs using 12TB spindles, rebuilds can take weeks. Resilver I/O activity is deprioritized when the system has not been idle for a minimum period. Full zpools get fragmented and require additional I/O’s to recalculate data during reslivering. A pool can degenerate into a never ending cycle of rebuilds or loss of the pool Aka: the Death Spiral. News Roundup Setting up a Signal Proxy using FreeBSD (https://www.neelc.org/posts/freebsd-signal-proxy/) With the events that the private messaging app Signal has been blocked in Iran, Signal has come up with an “proxy” solution akin to Tor’s Bridges, and have given instructions on how to do it. For people who prefer FreeBSD over Linux like myself, we obviously can’t run Docker, which is what Signal’s instructions focus on. Fortunately, the Docker image is just a fancy wrapper around nginx, and the configs can be ported to any OS. Here, I’ll show you how to set up a Signal Proxy on FreeBSD. Annotate your PDF files on OpenBSD (https://www.tumfatig.net/20210126/annotate-your-pdf-files-on-openbsd) On my journey to leave macOS, I regularly look to mimic some of the features I use. Namely, annotating (or signing) PDF files is a really simple task using Preview. I couldn’t do it on OpenBSD using Zathura, Xpdf etc. But there is a software in the ports that can achieve this: Xournal. Xournal is “an application for notetaking, sketching, keeping a journal using a stylus“. And now that my touchscreen is calibrated, highlighting can even be done with the fingers :) Things You Should Do Now (https://secure.phabricator.com/book/phabflavor/article/things_you_should_do_now/) Describes things you should do now when building software, because the cost to do them increases over time and eventually becomes prohibitive or impossible. Just: A command runner. More unixy than Make because it does even less. (https://github.com/casey/just/) I think it's in the do-one-thing-well spirit of Unix, because it's just a command runner, no build system at all. Just has a bunch of nice features: Can be invoked from any subdirectory Arguments can be passed from the command line Static error checking that catches syntax errors and typos Excellent error messages with source context The ability to list recipes from the command line Recipes can be written in any language Works on Linux, macOS, and Windows And much more! Just doesn't replace Make, or any other build system, but it does replace reverse-searching your command history, telling colleagues the weird flags they need to pass to do the thing, and forgetting how to run old projects. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Marc - Confused about Snapshots (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/393/feedback/Marc%20-%20Confused%20about%20Snapshots) Dan’s gist: https://gist.github.com/dlangille/3140e60a816226ed75365ba8af185085 Pete - A Question (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/393/feedback/Pete%20-%20A%20Question) Rick - ZFS Idea (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/393/feedback/Rick%20-%20ZFS%20Idea) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) *** Special Guest: Dan Langille.

FreeBSD 13 BETA Benchmarks, FreeBSD Jails Deep Dive by Klara Systems, FreeBSD Foundation looking for a Senior Arm Kernel Engineer & OSS Project Coordinator, macOS-Inspired BSD Desktop OS by helloSystem, A Trip into FreeBSD and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines FreeBSD 13 BETA Benchmarks - Performance Is Much Better (https://www.phoronix.com/scan.php?page=article&item=freebsd-13-beta1&num=6) FreeBSD Jails – Deep Dive into the Beginning of FreeBSD Containers (https://klarasystems.com/articles/freebsd-jails-the-beginning-of-freebsd-containers/) In recent years, containers and virtualization have become a buzzword in the Linux community, especially with the rise of Docker and Kubernetes. What many people probably don’t realize is that these ideas have been around for a very long time. Today, we will be looking at Jails and how they became part of FreeBSD. News Roundup FreeBSD Jobs The FreeBSD Foundation is looking for a Senior Arm Kernel Engineer (https://www.fossjobs.net/job/10369/senior-arm-kernel-engineer-at-the-freebsd-foundation/) The FreeBSD Foundation is also looking for an Open Source Project Coordinator. (https://www.fossjobs.net/job/10367/freebsd-open-source-project-coordinator-at-freebsd/) *** ### helloSystem Releases New ISOs For This macOS-Inspired BSD Desktop OS (https://www.phoronix.com/scan.php?page=news_item&px=helloSystem-New-12.1-Exp-ISOs) > The helloSystem motto is being a "desktop system for creators with focus on simplicity, elegance, and usability. Based on FreeBSD. Less, but better!" The desktop utilities are written with PyQt5. *** ### A Trip into FreeBSD (https://christine.website/blog/a-trip-into-freebsd-2021-02-13) > I normally deal with Linux machines. Linux is what I know and it's what I've been using since I was in college. A friend of mine has been coaxing me into trying out FreeBSD, and I decided to try it out and see what it's like. Here's some details about my experience and what I've learned. *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Beastie Bits Testing Linux Steam Proton on GhostBSD with BSD linuxulator - NO Audio (https://www.youtube.com/watch?v=H8ihW0m3bRQ) New Build of DragonFlyBSD 5.8 (http://lists.dragonflybsd.org/pipermail/users/2021-February/381550.html) Install OpenBSD 6.8 on PINE64 ROCK64 Media Board (https://github.com/krjdev/rock64_openbsd) FOSDEM BSD Track Videos are up (https://fosdem.org/2021/schedule/track/bsd/) *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) *** Special Guest: Dan Langille.

Follow-up about FreeBSD jail advantages, Install Prometheus, Node Exporter and Grafana, Calibrate your touch-screen on OpenBSD, OPNsense 21.1 Marvelous Meerkat Released, NomadBSD 1.4-RC1, Lets all shed a Tear for 386, find mostly doesn't need xargs today on modern Unixes, OpenBSD KDE Status Report, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Follow-up about FreeBSD jail advantages (https://rubenerd.com/follow-up-about-freebsd-jail-advantages/) I’ll admit I ran a lot of justifications together into a single paragraph because I wanted to get to configuring the jails themselves. They’re also, by and large, not specific to FreeBSD’s flavour of containerisation, though I still think it’s easily the most elegant implementation. Sometimes the simplest solution really is the best one. History of FreeBSD part 4: TCP/IP (https://klarasystems.com/articles/history-of-freebsd-part-4-bsd-and-tcp-ip/) How TCP/IP evolved and BSDs special contribution to the history of the Internet *** FreeBSD: Install Prometheus, Node Exporter and Grafana (https://blog.andreev.it/?p=5289) FreeBSD comes out of the box with three great tools for monitoring. If you need more info about how these tools work, please read the official documentation. I’ll explain the installation only and creating a simple dashboard. News Roundup Calibrate your touch-screen on OpenBSD (https://www.tumfatig.net/20210122/calibrate-your-touch-screen-on-openbsd/) I didn’t expected it but my refurbished T460s came with a touch-screen. It is recognized by default on OpenBSD and not well calibrated as-is. But that’s really simple to solve. Lets all shed a Tear for 386 (https://lists.freebsd.org/pipermail/freebsd-announce/2021-January/002006.html) FreeBSD is designating i386 as a Tier 2 architecture starting with FreeBSD 13.0. The Project will continue to provide release images, binary updates, and pre-built packages for the 13.x branch. However, i386-specific issues (including SAs) may not be addressed in 13.x. The i386 platform will remain Tier 1 on FreeBSD 11.x and 12.x. OPNsense 21.1 Marvelous Meerkat Released (https://opnsense.org/opnsense-21-1-marvelous-meerkat-released/) For more than 6 years, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. NomadBSD 1.4-RC1 (https://nomadbsd.org/index.html#1.4-RC1) We are pleased to present the first release candidate of NomadBSD 1.4. find mostly doesn't need xargs today on modern Unixes (https://utcc.utoronto.ca/~cks/space/blog/unix/FindWithoutXargsToday) I've been using Unix for long enough that 'find | xargs' is a reflex. When I started and for a long time afterward, xargs was your only choice for efficiently executing a command over a bunch of find results. OpenBSD KDE Status Report (https://undeadly.org/cgi?action=article;sid=20210124113220) OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine. What a monster! With my CPU power at home, I can build it 1-2 times a day which makes testing a little bit annoying and time intensive. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Karl - Firefox webcam audio solution (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/391/feedback/Karl%20-%20Firefox%20webcam%20audio%20solution.md) Michal - openzfs (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/391/feedback/Michal%20-%20openzfs.md) Dave - bufferbloat (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/391/feedback/Dave%20-%20bufferbloat.md) Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

Did Linux kill Commercial Unix, three node GlusterFS setup on FreeBSD, OpenBSD on the Lenovo ThinkPad X1 Nano (1st Gen), NetBSD on EdgeRouter Lite, TLS Mastery first draft done NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines Did Linux Kill Commercial Unix? (https://www.howtogeek.com/440147/did-linux-kill-commercial-unix/) Sales of commercial Unix have fallen off a cliff. There has to be something behind this dramatic decline. Has Linux killed its ancestor by becoming a perfectly viable replacement, like an operating system version of Invasion of the Body Snatchers? Wireguard: Simple and Secure VPN in FreeBSD (https://klarasystems.com/articles/simple-and-secure-vpn-in-freebsd/) A great article by Tom Jones about setting up Wireguard on FreeBSD *** Setup a Three Node Replicated GlusterFS Cluster on FreeBSD (http://www.unibia.com/unibianet/freebsd/setup-three-node-replicated-glusterfs-cluster-freebsd) GlusterFS (GFS) is the open source equivalent to Microsoft's Distributed Filesystem (DFS). It's a service that replicates the contents of a filesystem in real time from one server to another. Clients connect to any server and changes made to a file will replicate automatically. It's similar to something like rsync or syncthing, but much more automatic and transparent. A FreeBSD port has been available since v3.4, and (as of this post) is currently at version 8.0 with 9.0 being released soon. News Roundup OpenBSD on the Lenovo ThinkPad X1 Nano (1st Gen) (https://jcs.org/2021/01/27/x1nano) Lenovo has finally made a smaller version of its X1 Carbon, something I’ve been looking forward to for years. NetBSD on the EdgeRouter Lite (https://www.cambus.net/netbsd-on-the-edgerouter-lite/) NetBSD-current now has pre-built octeon bootable images (which will appear in NetBSD 10.0) for the evbmips port, so I decided to finally give it a try. I've been happily running OpenBSD/octeon on my EdgeRouter Lite for a few years now, and have previously published some notes including more detail about the CPU. “TLS Mastery” first draft done! (https://mwl.io/archives/9938) Beastie Bits A Thread on a FreeBSD Desktop for PineBook Pro (https://forums.freebsd.org/threads/freebsd-desktop-for-pinebook-pro.78269/) FOSSASIA Conference - March 2021(Virtual) (https://eventyay.com/e/fa96ae2c) WireGuard for pfSense Software (https://www.netgate.com/blog/wireguard-for-pfsense-software.html) NetBSD logo to going Moon (https://mail-index.netbsd.org/netbsd-advocacy/2021/02/07/msg000849.html) *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. ### Producer's Note > Hey everybody, it’s JT here. After our AMA episode where I mentioned I was looking for older BSD Retail Copies, I was contacted by Andrew who hooked me up with a bunch of OpenBSD disks from the 4.x era. So shout out to him, and since that worked so well, I figured I'd give it another shot and ask that if anyone has any old Unixes that will run on an 8088, 8086, or 286 and you're willing to send me copies of the disks. I've recently dug out an old 286 system and I’d love to get a Unix OS on it. I know of Minix, Xenix and Microport, but I haven’t been able to find many versions of them. I've found Microport 1.3.3, and SCO Xenix... but that's about it. Let me know if you happen to have any other versions, or know where I can get them. Feedback/Questions Christian - ZFS replication and verification (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/390/feedback/Christian%20-%20ZFS%20replication%20and%20verification) Iain - progress (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/390/feedback/Iain%20-%20progress) Paul - APU2 device (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/390/feedback/Paul%20-%20APU2%20device) *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

A week with Plan 9, Exploring Swap on FreeBSD, how to create a FreeBSD pkg mirror using bastille and poudriere, How to set up FreeBSD 12 VNET jail with ZFS, Creating Comfy FreeBSD Jails Using Standard Tools, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines A Week With Plan 9 (https://thedorkweb.substack.com/p/a-week-with-plan-9) I spent the first week of 2021 learning an OS called Plan 9 from Bell Labs. This is a fringe Operating System, long abandoned by it’s original authors. It's also responsible for a great deal of inspiration elsewhere. If you’ve used the Go language, /proc, UTF-8 or Docker, you’ve used Plan 9-designed features. This issue dives into Operating System internals and some moderately hard computer science topics. If that sort of thing isn’t your bag you might want to skip ahead. Normal service will resume shortly. Exploring Swap on FreeBSD (https://klarasystems.com/articles/exploring-swap-on-freebsd/) On modern Unix-like systems such as FreeBSD, “swapping” refers to the activity of paging out the contents of memory to a disk and then paging it back in on demand. The page-out activity occurs in response to a lack of free memory in the system: the kernel tries to identify pages of memory that probably will not be accessed in the near future, and copies their contents to a disk for safekeeping until they are needed again. When an application attempts to access memory that has been swapped out, it blocks while the kernel fetches that saved memory from the swap disk, and then resumes execution as if nothing had happened. News Roundup How to create a FreeBSD pkg mirror using bastille and poudriere (https://hackacad.net/post/2021-01-13-build-a-freebsd-pkg-mirror-with-bastille-poudriere/) This a short how-to for creating a FreeBSD pkg mirror using BastilleBSD and Poudriere. How to set up FreeBSD 12 VNET jail with ZFS (https://www.cyberciti.biz/faq/configuring-freebsd-12-vnet-jail-using-bridgeepair-zfs/) How do I install, set up and configure a FreeBSD 12 jail with VNET on ZFS? How can I create FreeBSD 12 VNET jail with /etc/jail.conf to run OpenVPN, Apache, Wireguard and other Internet-facing services securely on my BSD box? FreeBSD jail is nothing but operating system-level virtualization that allows partitioning a FreeBSD based Unix server. Such systems have their root user and access rights. Jails can use network subsystem virtualization infrastructure or share an existing network. FreeBSD jails are a powerful way to increase security. Usually, you create jail per services such as an Nginx/Apache webserver with PHP/Perl/Python app, WireGuard/OpeNVPN server, MariaDB/PgSQL server, and more. This page shows how to configure a FreeBSD Jail with vnet and ZFZ on FreeBSD 12.x. Creating Comfy FreeBSD Jails Using Standard Tools (https://kettunen.io/post/standard-freebsd-jails/) Docker has stormed into software development in recent years. While the concepts behind it are powerful and useful, similar tools have been used in systems for decades. FreeBSD’s jails in one of those tools which build upon even older chroot(2) To put it shortly, with these tools, you can make a safe environment separated from the rest of the system. Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Feedback/Questions Chris - USB BSD variant (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/389/feedback/Chris%20-%20USB%20BSD%20variant) Jacob - host wifi through a jail (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/389/feedback/Jacob%20-%20host%20wifi%20through%20a%20jail) Jordan - new tool vs updating existing tool (https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/389/feedback/Jordan%20-%20new%20too%20vs%20updating%20existing%20tool) *** Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv) ***

FreeBSD Q4 2020 Status report, a must-have security tool from OpenBSD, Bastille Port Redirection and Persistence, FreeBSD Wall Display Computer, etymology of command-line tools, GhostBSD 21.01.15 Release Notes, and more. NOTES This episode of BSDNow is brought to you by Tarsnap (https://www.tarsnap.com/bsdnow) Headlines FreeBSD quarterly status report for Q4 2020 (https://www.freebsd.org/news/status/report-2020-10-2020-12/) Block spammers/abusive IPs with Pf-badhost in OpenBSD. A 'must have' security tool! (https://undeadly.org/cgi?action=article;sid=20210119113425) Pf-badhost is a very practical, robust, stable and lightweight security script for network servers. It's compatible with BSD based operating systems such as {Open,Free,Net,Dragonfly}BSD and MacOS. It prevents potentially-bad IP addresses that could possibly attack your servers (and waste your bandwidth and fill your logfiles), by blocking all those IPs contacting your server, and therefore it makes your server network/resources lighter and the logs of important services running on your server become simpler, more readable and efficient. News Roundup Bastille Port Redirection and Persistence (https://bastillebsd.org/blog/2021/01/13/bastille-port-redirection-and-persistence/) Bastille supports redirecting (rdr) ports from the host system into target containers. This port redirection is commonly used when running Internet services such as web servers, dns servers, email and many others. Any service you want to make public outside of your cluster will likely require port redirection (with some exceptions, see below). FreeBSD Wall Display Computer (https://blog.tyk.nu/blog/freebsd-wall-display-computer/) I've recently added a wall mounted 30" monitor for Grafana in my home. I can highly recommend doing the same, especially in a world where more work from home is becoming the norm. The etymology of command-line tools (https://i.redd.it/sni9gaxfj2d61.png) GhostBSD 21.01.15 Release Notes (https://ghostbsd.org/21.01.15_release_notes) I am happy to announce the availability of the new ISO 21.01.15. This new ISO comes with a clean-up of packages that include removing LibreOffice and Telegram from the default selection. We did this to bring the zfs RW live file systems to run without problem on 4GB of ram machine. We also removed the UFS full disk option from the installer. Users can still use custom partitions to setup UFS partition, but we discourage it. We also fixed the Next button's restriction in the custom partition related to some bug that people reported. We also fix the missing default locale setup and added the default setup for Linux Steam, not to forget this ISO includes kernel, userland and numerous application updates. Beastie Bits Interview with Brian Kernighan (https://corecursive.com/brian-kernighan-unix-bell-labs1/) *** ###Tarsnap This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups. Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv (mailto:feedback@bsdnow.tv)