Coming up in this week's episode, we'll be talking with one of OpenBSD's newest developers - Brent Cook - about the portable version of LibreSSL and how it's developed. We've also got some information about the FreeBSD port of LibreSSL you might not know. The latest news and your emails, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
FreeBSD quarterly status report
FreeBSD has gotten quite a lot done this quarterChanges in the way release branches are supported - major releases will get at least five years over their lifespanA new automounter is in the works, hoping to replace amd (which has some issues)The CAM target layer and RPC stack have gotten some major optimization and speed boostsWork on ZFSGuru continues, with a large status report specifically for thatThe report also mentioned some new committers, both source and portsIt also covers GNATS being replaced with Bugzilla, the new core team, 9.3-RELEASE, GSoC updates, UEFI booting and lots of other things that we've already mentioned on the show"Foundation-sponsored work resulted in 226 commits to FreeBSD over the April to June period"***
A new OpenBSD HTTPD is born
Work has begun on a new HTTP daemon in the OpenBSD base systemA lot of people are asking "why?" since OpenBSD includes a chrooted nginx already - will it be removed? Will they co-exist?Initial responses seem to indicate that nginx is getting bloated, and is a bit overkill for just serving content (this isn't trying to be a full-featured replacement)It's partially based on the relayd codebase and also comes from the author of relayd, Reyk FloeterThis has the added benefit of the usual, easy-to-understand syntax and privilege separation There's a very brief man page online alreadyIt supports vhosts and can serve static files, but is still in very active development - there will probably be even more new features by the time this airsWill it be named OpenHTTPD? Or perhaps... LibreHTTPD? (I hope not)***
pkgng 1.3 announced
The newest version of FreeBSD's second generation package management system has been released, with lots of new featuresIt has a new "real" solver to automatically handle conflicts, and dynamically discover new ones (this means the annoying -o option is deprecated now, hooray!)Lots of the code has been sandboxed for extra securityYou'll probably notice some new changes to the UI too, making things more user friendlyA few days later 1.3.1 was released to fix a few small bugs, then 1.3.2 shortly thereafter and 1.3.3 yesterday***
FreeBSD after-install security tasks
A number of people have written in to ask us "how do I secure my BSD box after I install it?"With this blog post, hopefully most of their questions will finally be answered in detailIt goes through locking down SSH with keys, patching the base system for security, installing packages and keeping them updated, monitoring and closing any listening services and a few other small thingsNot only does it just list things to do, but the post also does a good job of explaining why you should do themMaybe we'll see some more posts in this series in the future***
Interview - Brent Cook -
[email protected] / @busterbcook
LibreSSL's portable version and development
News Roundup
FreeBSD Mastery - Storage Essentials
MWL's new book about the FreeBSD storage subsystems now has an early draft availableEarly buyers can get access to an in-progress draft of the book before the official release, but keep in mind that it may go through a lot of changesTopics of the book will include GEOM, UFS, ZFS, the disk utilities, partition schemes, disk encryption and maximizing I/O performanceYou'll get access to the completed (e)book when it's done if you buy the early draftThe suggested price is $8***
Why BSD and not Linux?
Yet another thread comes up asking why you should choose BSD over Linux or vice-versaLots of good responses from users of the various BSDsDirectly ripping a quote: "Features like Ports, Capsicum, CARP, ZFS and DTrace were stable on BSDs before their Linux versions, and some of those are far more usable on BSD. Features like pf are still BSD-only. FreeBSD has GELI and ipfw and is "GCC free". DragonflyBSD has HAMMER and kernel performance tuning. OpenBSD have upstream pf and their gamut of security features, as well as a general emphasis on simplicity."And "Over the years, the BSDs have clearly shown their worth in the nix ecosystem by pioneering new features and driving adoption of others. The most recent on OpenBSD were 2038 support and LibreSSL. FreeBSD still arguably rules the FOSS storage space with ZFS."Some other users share their switching experiences - worth a read***
More g2k14 hackathon reports
Following up from last week's huge list of hackathon reports, we have a few moreLandry Breuil spent some time with Ansible testing his infrastructure, worked on the firefox port and tried to push some of their patches upstreamAndrew Fresh enjoyed his first hackathon, pushing OpenBSD's perl patches upstream and got tricked into rewriting the adduser utility in perlTed Unangst did his usual "teduing" (removing of) old code - say goodbye to asa, fpr, mkstr, xstr, oldrdist, fsplit, uyap and bluetoothLuckily we didn't have to cover 20 new ones this time!***
BSDTalk episode 243
The newest episode of BSDTalk is out, featuring an interview with Ingo Schwarze of the OpenBSD teamThe main topic of discussion is mandoc, which some users might not be familiar withmandoc is a utility for formatting manpages that OpenBSD and NetBSD use (DragonFlyBSD and FreeBSD include it in their source tree, but it's not built by default)We'll catch up to you soon, Will!***
Feedback/Questions
Thomas writes inStephen writes inSha'ul writes inFlorian writes inBob Beck writes in - and note the "Caution" section that was added to libressl.org***
View all episodes
