BSD Now

By JT Pennington

Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as... more

4.9

8989 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about BSD Now:

How many episodes does BSD Now have?

The podcast currently has 634 episodes available.

BSD Now episodes:

November 04, 2015114: BSD-Schooling
This week, Allan is out of town at another Developer Summit, but we have a great episode coming
This episode was brought to you by
alt="iXsystems - Enterprise Servers and Storage for Open Source" />
title="DigitalOcean">
src="/images/3.png" alt="Tarsnap - Online Backups for the Truly Paranoid" />
iX Systems Mission Complete
Submit your story of how you accomplished a mission with FreeBSD, FreeNAS, or iXsystems hardware, and you could win monthly prizes, and have your story featured in the FreeBSD Journal!
***
Headlines
WhatsApp founder, on how it got so HUGE
Wired has interviewed WhatsApp co-founder Brian Acton, about the infrastructure behind WhatsApp
WhatsApp manages 900 million users with a team of 50, while Twitter needs around 4,000 employees to manage 300 million users.
“FreeBSD has a nicely tuned network stack and extremely good reliability. We find managing FreeBSD installations to be quite straightforward.”
“Linux is a beast of complexity. FreeBSD has the advantage of being a single distribution with an extraordinarily good ports collection.”
“To us, it has been an advantage as we have had very few problems that have occurred at the OS level. With Linux, you tend to have to wrangle more and you want to avoid that if you can.”
“FreeBSD happened because both Jan and I have experience with FreeBSD from Yahoo!.”
Additional Coverage
***
User feedback in the SystemD vs BSD init
We have a very detailed blog post this week from Randy Westlund, about his experiences on Linux and BSD, contrasting the init systems.
What he finds is that while, it does make some things easier, such as writing a service file once, and having it run everywhere, the tradeoff comes in the complexity and lack of transparency.
Another area of concern was the reproducibility of boots, how in his examples on servers, there can often be times when services start in different orders, to save a few moments of boot-time.
His take on the simplicity of BSD’s startup scripts is that they are very easy to hack on and monitor, while not introducing the feature creep we have seen in sysd.
It will be interesting to see NextBSD / LaunchD and how it compares in the future!
***
Learn to embrace open source, or get buried
At the recent “All Things Open” conference, opensource.com interviewed Jim Salter
He describes how he first got started using FreeBSD to host his personal website
He then goes on to talk about starting FreeBSDWiki.net and what its goals were
The interview then talks about using Open Source at solve customers’ problems at his consulting firm
Finally, the talks about his presentation at AllThingsOpen: Move Over, Rsync
about switching to ZFS replication
***
HP’s CTO Urges businesses to avoid permissive licenses
Martin Fink went on a rant about the negative effects of license proliferation
While I agree that having too many new licenses is confusing and adds difficulty, I didn’t agree with his closing point
“He then ended the session with an extended appeal to move the open-source software industry away from permissive licenses like Apache 2.0 and toward copyleft licenses like the GPL”
“The Apache 2.0 license is currently the most widely used "permissive" license. But the thing that developers overlook when adopting it, he said, is that by using Apache they are also making a choice about how much work they will have to put into building any sort of community around the project. If you look at Apache-licensed projects, he noted, "you'll find that they are very top-heavy with 'governance' structures." Technical committees, working groups, and various boards, he said, are needed to make such projects function. But if you look at copyleft projects, he added, you find that those structures simply are not needed.”
There are plenty of smaller permissively licensed projects that do not have this sort of structure, infact, most of this structure comes from being an Apache run project, rather than from using the Apache or any other permissive license
Luckily, he goes on to state that the “OpenSwitch code is released under the Apache 2.0 license, he said, because the other partner companies viewed that as a requirement.”
“HP wanted to get networking companies and hardware suppliers on board. In order to get all of the legal departments at all of the partners to sign on to the project, he said, HP was forced to go with a permissive license”
Hopefully the trend towards permissive licenses continues
Additionally, in a separate LWN post:
RMS Says: “I am not saying that competitors to a GNU package are unjust or bad -- that isn't necessarily so. The pertinent point is that they are competitors. The goal of the GNU Project is for GNU to win the competition. Each GNU package is a part of the GNU system, and should contribute to the success of the GNU Project. Thus, each GNU package should encourage people to run other GNU packages rather than their competitors -- even competitors which are free software.”
Never thought I’d see RMS espousing vendor lock-in
***
Interview - Brian Callahan - [email protected] / @twitter
The BSDs in Education
***
News Roundup
Digital Libraries in Africa making use of DragonflyBSD and HAMMER
In the international development context, we have an interesting post from Michael Wilson of the PeerCorps Trust Fund.
They are using DragonFlyBSD and FreeBSD to support the Tanzanian Digital Library Initiative in very resource-limited settings.
They cite among the most important reasons for using BSD as the availability and quality of the documentation, as well as the robustness of the filesystems, both ZFS and HAMMER.
Their website is now online over at (http://www.tandli.com/) , check it out to see exactly how BSD is being used in the field
***
netflix hits > 65gbps from a single freebsd box
A single socket server, with a high end Xeon E5 processor and a dual ported Chelsio T580 (2x 40 Gbps ports) set a netflix record pushing over 65 Gbps of traffic from a single machine
The videos were being pushed from SSDs and some new high end NVMe devices
The previous record at Netflix was 52 Gbps from a single machine, but only with very experimental settings. The current work is under much more typical settings
By the end of that night, traffic surged to over 70 Gbps
Only about 10-15% of that traffic was encrypted with the in-kernel TLS engine that Netflix has been working on with John-Mark Gurney
It was reported that the machine was only using about 65% cpu, and had plenty of head room
If I remember the discussion correctly, there were about 60,000 streams running off the machine
***
Lumina Desktop 0.8.7 has been released
A very large update has landed for PC-BSD’s Lumina desktop
A brand new “Start” menu has been added, which enables quick launch of favorite apps, pinning to desktop / favorites and more.
Desktop icons have been overhauled, with better font support, and a new Grid system for placement of icons.
Support for other BSD’s such as DragonFly has been improved, along with TONS of internal changes to functionality and backends.
Almost too many things to list here, but the link above will have full details, along with screenshots.
***
A LiveUSB for NetBSD has been released by Jibbed
After a three year absence, the Jibbed project has come back with a Live USB image for NetBSD!
The image contains NetBSD 7.0, and is fully R/W, allowing you to run the entire system from a single USB drive.
Images are available for 8Gb and 4Gb sticks (64bit and 32bit respectively), along with VirtualBox images as well
For those wanting X, it includes both X and TWM, although ‘pkgin’ is available, so you can quickly add other desktops to the image
***
Beastie Bits
After recent discussions of revisiting WX support in Mozilla Firefox, David Coppa has flipped the switch to enable it for OpenBSD users running -current.
Using the vt(4) driver to change console resolution
The FreeBSD Foundation gives a great final overview of the Grace Hopper Conference
A dialog about Compilers in the (BSD) base system
One upping their 48-core work from July, The Semihalf team shows off their the 96-core SMP support for FreeBSD on Cavium ThunderX (ARMv8 architecture
NYC Bug's November meeting will be featuring a talk by Stephen R. Bourne
New not-just-BSD postcast, hosted by two OpenBSD devs Brandon Mercer and Joshua Stein
Feedback/Questions
Stefan
Zach
Jake
Corey
Robroy
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to
[email protected]
...more
1h 30min
October 29, 2015 What’s Next for BSD? | BSD Now 113
Coming up on this week’s episode, we have an interview Jordan Hubbard about the new NextBSD project & the future of BSD. Also Allan's re-cap of the OpenZFS conference & of course your latest news!
...more
2h 20min
October 28, 2015113: What’s Next for BSD?
Coming up on this week’s episode, we have an interview
This episode was brought to you by
src="/images/1.png" alt="iXsystems - Enterprise
Servers and Storage for Open Source" />
href="http://www.digitalocean.com/" title="DigitalOcean">
src="/images/2.png" alt="DigitalOcean - Simple Cloud
Hosting, Built for Developers" />
href="http://www.tarsnap.com/bsdnow" title="Tarsnap">
src="/images/3.png" alt="Tarsnap - Online Backups
for the Truly Paranoid" />
iX Systems Mission Complete
Submit your story of how you accomplished a mission with FreeBSD, FreeNAS, or iXsystems hardware, and you could win monthly prizes, and have your story featured in the FreeBSD Journal!
***
Headlines
OpenBSD 5.8 is released on the 20th birthday of the OpenBSD project
5.8 has landed, and just in time for the 20th birthday of OpenBSD, Oct 18th
A long list of changes can be found on the release announcement, but here’s a small scattering of them
Drivers for new hardware, such as:
rtwn = Realtek RTL8188CE wifi
hpb = HyperTransport bridge in IBM CPC945
Improved sensor support for upd driver (USB power devices)
Jumbo frame support on re driver, using RTL8168C/D/E/F/G and RTL8411
Updated to installer, improve autoinstall, and questions about SSH setup
Sudo in base has been replace with “doas”, sudo moved to package tree
New file(1) command with sandboxing and priv separation
The tame(2) API WiP
Improvements to the httpd(8) daemon, such as support for lua pattern matching redirections
Bugfixes and the security updates to OpenSMTPD 5.4.4
LibreSSL security fixes, removed SSLv3 support from openssl(1) (Still working on nuking SSLv3 from all ports)
And much more, too much to mention here, read the notes for all the gory details!
OpenBSD Developer Interviews
To go along with the 20th birthday, we have a whole slew of new interviews brought to us by the beastie.pl team. English and Polish are both provided, so be sure not to miss these!
Dmitrij D. Czarkoff
Vadim Zhukov
Marc Espie
Bryan Steele
Ingo Schwarze
Gilles Chehade
Jean-Sébastien Pédron has submitted a call for testing out the neIntel i915 driver
A very eagerly awaited feature, Haswell GPU support has begun the testing process
The main developer, Jean-Sébastien Pédron [email protected] looking for users to test the patch, both those that have older supported cards (Sandybridge, Ivybridge) that are currently working, and users with Haswell devices that have, until now, not been supported
Included is a link to the Wiki with instructions on how to enable debugging, and grab the updated branch of FreeBSD with the graphical improvements. Jean-Sébastien is calling for testers to send results both good and bad over to the freebsd-x11 mailing lists
For those who want an “out of box solution” the next PC-BSD 11.0-CURRENT November images will include these changes as well
How to install FreeBSD on a Raspberry Pi 2
We have a nice walkthrough this week on how to install FreeBSD, both
10 or 11-CURRENT on a RPi 2!
The walkthrough shows us how to use OSX to copy the image to SD card,
then booting.
In this case, we have him using a USB to serial cable to capture
output with screen
This is a pretty quick way for users sitting on a RPi2 to get up and
running with FreeBSD
Interview - Jordan Hubbard - [email protected]
NextBSD | NextBSD Github
Beastie Bits
OpenBSD's Source Tree turned 20 on October 18th
GhostBSD working on Graphical ZFS Configuration Utility
EuroBSDcon 2014 videos finally online
Postdoctoral research position at Memorial University is open
NetBSD Security Advisory: TCP LAST_ACK memory exhaustion, reported by NetFlix and Juniper
DesktopBSD making a comeback?
Feedback/Questions
Steve
Ben
Frank
Tyler
...more
2h 20min
October 21, 2015112: Tracing the source
This week Allan is away at a ZFS conference, so it seems
This episode was brought to you by
src="/images/1.png" alt="iXsystems - Enterprise
Servers and Storage for Open Source" />
href="http://www.digitalocean.com/" title="DigitalOcean">
src="/images/2.png" alt="DigitalOcean - Simple Cloud
Hosting, Built for Developers" />
href="http://www.tarsnap.com/bsdnow" title="Tarsnap">
src="/images/3.png" alt="Tarsnap - Online Backups
for the Truly Paranoid" />
Headlines
pfsense - 2.3 alpha snapshots available
pfsense 2.3 Features and Changes
The entire front end has been re-written
Upgrade of base OS to FreeBSD 10-STABLE
The PPTP server component has been removed,
PBIs have been replaced with pkg
PHP upgraded to 5.6
The web interface has been converted to Bootstrap
***
BSDMag October 2015 out
A Look at the New PC-BSD 10.2 - Kris Moore
Basis Of The Lumina Desktop Environment 18 - Ken Moore
A Secure Webserver on FreeBSD with Hiawatha - David Carlier
Defeating CryptoLocker Attacks with ZFS - Michael Dexter
Emerging Technology Has Increasingly Been a Force for Both Good and
Evil - Rob Somerville
Interviews with: Dru Lavigne, Luca Ferrari, Oleksandr Rybalko
***
OpnSense 15.7.14 Released
Another update to OpnSense has landed!
Some of the notable takeaways this time are that it isn’t a
security update
Major rework of the firewall rules sections including, rules,
schedules, virtual ip, nat and aliases pages
Latest BIND and Squid packages
Improved configuration management, including fixes to importing an old
config file. New location for configuration history / backups.
***
OpenBSD in Toyota Highlander
Images
While looking through the ‘Software Information’ screen of a Toyota Highlander, Chad Dougherty of the ACM found a bunch of OpenBSD copyright notices
At least one of which I recognize as OpenCrypto, because of the comment about “transforms”
It is likely that the vehicle is running QNX, which contains various bits of BSD
QNX: Third Party License Terms List version 2.17
Some highlights
Robert N. M. Watson (FreeBSD)
TrustedBSD Project (FreeBSD)
NetBSD Foundation
NASA Ames Research Center (NetBSD)
Damien Miller (OpenBSD)
Theo de Raadt (OpenBSD)
Sony Computer Science Laboratories Inc.
Bob Beck (OpenBSD)
Christos Zoulas (NetBSD)
Markus Friedl (OpenBSD)
Henning Brauer (OpenBSD)
Network Associates Technology, Inc. (FreeBSD)
100s of others
OpenSSH seems to be included
It also seems to contain tcpdump for some reason
Interview - Adam Leventhal -
[email protected] /
@ahl
ZFS and DTrace
Beastie-Bits
isboot, an iSCSI boot driver for FreeBSD 9 and 10
tame() is now called pledge()
Interview with NetBSD developer Leoardo
Taccari
Fuguita releases LiveCD based on OpenBSD 5.8
Dtrace toolkit gets an update and imported into NetBSD
An older article about how to do failover / load-balancing in pfsense
Feedback/Questions
Michael writes in
Possniffer writes in
Erno writes in
***
...more
59min
October 14, 2015111: Xenocratic Oath
Coming up on this weeks episode, we have BSD news, tidbits and articles out the wazoo to share. Also, be sure to stick around for our interview with Brandon Mercer as he tells us about OpenBSD being used in the healthcare industry.
This episode was brought to you by
Headlines
NetBSD 7.0 Release Announcement
DRM/KMS support brings accelerated graphics to x86 systems using modern Intel and Radeon devices (Linux 3.15)
Multiprocessor ARM support.
Support for many new ARM boards, including the Raspberry Pi 2 and BeagleBone Black
Major NPF improvements:
BPF with just-in-time (JIT) compilation by default
support for dynamic rules
support for static (stateless) NAT
support for IPv6-to-IPv6 Network Prefix Translation (NPTv6) as per RFC 6296
support for CDB based tables (uses perfect hashing and guarantees lock-free O(1) lookups)
Multiprocessor support in the USB subsystem.
GPT support in sysinst via the extended partitioning menu.
Lua kernel scripting
GCC 4.8.4, which brings support for C++11
Experimental support for SSD TRIM in wd(4) and FFS
tetris(6): Add colours and a 'down' key, defaulting to 'n'. It moves the block down a line, if it fits.
***
CloudFlare develops interesting new netmap feature
Normally, when Netmap is enabled on an interface, the kernel is bypassed and all of the packets go to the Netmap consumers
CloudFlare has developed a feature that allows all but one of the RX queues to remain connected to the kernel, and only a single queue be passed to Netmap
The change is a simple modification to the nm_open API, allowing the application to open only a specific queue of the NIC, rather than the entire thing
The RSS or other hashing must be modified to not direct traffic to this queue
Then specific flows are directed to the netmap application for matching traffic
For example under Linux:
ethtool -X eth3 weight 1 1 1 1 0 1 1 1 1 1
ethtool -K eth3 lro off gro off
ethtool -N eth3 flow-type udp4 dst-port 53 action 4
Directs all name server traffic to NIC queue number 4
Currently there is no tool like ethtool to accomplish this same under FreeBSD
I wonder if the flows could be identified more specifically using something like ipfw-netmap
***
Building your own OpenBSD based Mail server!
part 2
part 3
The UK Register gives us a great writeup on getting your own mail server setup specifically on OpenBSD 5.7
In this article they used a MiniPC the Acer Revo One RL85, which is a decently priced little box for a mail server
While a bit lengthy in 3 parts, it does provide a good walkthrough of getting OpenBSD setup, PostFix and DoveCot configured and working. In the final installment it also provides details on spam filtering and antivirus scanning.
Getting started with the UEFI bootloader on OpenBSD
If you've been listening over the past few weeks, you've heard about OpenBSD.s new UEFI boot-loader. We now have a blog post with detailed instructions on how to get setup with this on your own system.
The initial setup is pretty straightforward, and should only take a few minutes at most. In involves the usual fdisk commands to create a FAT EFI partition, and placing the bootx64.efi file in the correct location.
As a bonus, we even get instructions on how to enable the frame-buffer driver on systems without native Intel video support (ThinkPad x250 in this example)
***
Recipe for building a 10Mpps FreeBSD based router
Olivier, (of FreeNAS and BSD Router Project fame) treats us this week to a neat blog post about building your own high-performance 10Mpps FreeBSD router
As he first mentions, the hardware required will need to be beefy, no $200 miniPC here. In his setup he uses a 8 core Intel Xeon E5-2650, along with a Quad port 10 Gigabit Chelsio TS540-CR.
He mentions that this doesn't work quite on stock FreeBSD yet, you will need to pull code in from the projects/routing which fixes an issue with scaling on cores, in this case he is shrinking the NIC queues down to 4 from 8.
If you don't feel like doing the compiles yourself, he also includes links to experimental BSDRouter project images which he used to do the benchmarks
Bonus! Nice graphic of the benchmarks from enabling IPFW or PF and what that does to the performance.
***
Interview - Brandon Mercer - [email protected] / @knowmercymod
OpenBSD in Healthcare
Sorry about the audio quality degradation. The last 7 or 8 minutes of the interview had to be cut, a problem with the software that captures the audio from skype and adds it to our compositor. My local monitor is analogue and did not experience the issue, so I was unaware of the issue during the recording
***
News Roundup
Nvidia releases new beta FreeBSD driver along with new kernel module
Includes a new kernel module, nvidia-modeset.ko
While this module does NOT have any user-settable features, it works with the existing nvidia.ko to provide kernel-mode setting (KMS) used by the integrated DRM within the kernel.
The beta adds support for 805A and 960A nvidia cards
Also fixes a memory leak and some regressions
***
MidnightBSD 0.7-RELEASE
We missed this while away at Euro and elsewhere, but MidnightBSD (A desktop-focused FreeBSD 6.1 Fork) has come out with a new 0.7 release
This release primarily focuses on stability, but also includes important security fixes as well.
It cherry-picks updates to a variety of FreeBSD base-system updates, and some important ZFS features, such as TRIM and LZ4 compression
Their custom .mports. system has also gotten a slew of updates, with almost 2000 packages now available, including a WiP of Gnome3. It also brings support for starting / stopping services automatically at pkg install or removal.
They note that this will most likely be the last i386 release, joining the club of other projects that are going 64bit only.
***
"Open Source as a Career Path"
The FreeBSD Project held a panel discussion of why Open Source makes a good career path at the ACM.s womENcourage conference in Uppsala, Sweden, the weekend before EuroBSDCon
The Panel was lead by Dru Lavigne, and consisted of Deb Goodkin, Benedict Reuschling, Dan Langille, and myself
We attempted to provide a cross section of experiences, including women in the field, the academic side, the community side, and the business side
During the question period, Dan gave a great answer to the question of .Why do open source projects still use old technologies like mailing lists and IRC.
The day before, the FreeBSD Foundation also had a booth at the career fair. We were the only open source project that attended. Other exhibitors included: Cisco, Facebook, Intel, Google, and Oracle.
The following day, Dan also gave a workshop on how to contribute to an open source project
***
Beastie-Bits
NetBSD 2015PkgSrc Freeze
Support for 802.11N for RealTek USB in FreeBSD
Wayland ported to DragonFlyBSD
OpenSMTPd developer debriefs on audit report
FreeBSD fixes issue with pf under Xen with TSO. Errata coming soon
Xinuos funds the HardenedBSD project
Feedback/Questions
Evan
Darin writes in
Jochen writes in
***
...more
1h 3min
October 07, 2015110: - Firmware Fights
This week on BSDNow, we get to hear all of Allans post EuroBSDCon wrap-up and a great interview with Benno Rice from Isilon. We got to discuss some of the pain of doing major forklift upgrades, and why your business should track -CURRENT.
This episode was brought to you by
Headlines
EuroBSDCon Videos
EuroBSDCon has started posting videos of the talks online already.
The videos posted online are archives of the live stream, so some of the videos contain multiple talks
Due to a technical complication, some videos only have 1 channel of audio
EuroBSDCon Talk Schedule
Red Room Videos
Yellow Room Videos
Blue Room Videos
Photos of the conference courtersy of Ollivier Robert
***
A series of OpenSMTPd patches fix multiple vulnerabilities
Qualys recently published an audit of the OpenSNMPd source code
The fixes for these vulnerabilities were released as 5.7.2
After its release, two additional vulnerabilities were found. One, in the portable version, newer code that was added after the audit started
All users are strongly encouraged to upgrade to 5.7.3
OpenBSD users should apply the latest errata or upgrade to the newest snapshot
***
FreeBSD updates in -CURRENT
Looks like Xen header support has been bumped in FreeBSD from 4.2 -> 4.6
It also enables support for ARM
Update to Clang / LLVM to 3.7.0
http://llvm.org/releases/3.7.0/docs/ReleaseNotes.html
ZFS gets FRU (field replaceable unit) tracking
OpenCL makes it way into the ports tree
bhyve has grown UEFI support, plus a CSM module
bhyve can now boot Windows
Currently there is still only a serial console, so the post includes an unattended install .xml file and instructions on how to repack the ISO. Once Windows is installed, you can RDP into the machine
bhyve can also now run IllumOS
***
OpenBSD Initial Support for Broadwell Graphics
OpenBSD joins DragonFly now with initial support for broadwell GPUs landing in their development branch
This brings Open up to Linux 3.14.52 DRM, and Mark Kettenis mentions that it isn.t perfect yet, and may cause some issues with older hardware, although no major regressions yet
***
OpenBSD Slides for TAME and libTLS APIs
The first set of slides are from a talk Theo de Raadt gave in Croatia, they describe the history and impetus for tame
Theo specifically avoids comparisons to other sandboxing techniques like capsicum and seccomp, because he is not impartial
tame() itself is only about 1200 lines of code
Sandboxing the file(1) command with systrace: 300 lines of code, with tame: 4 lines
Theo makes the point that .optional security. is irrelevant. If a mitigation feature has a knob to turn it off, some program will break and advise users to turn the feature off. Eventually, no one uses the feature, and it dies
This has lead to OpenBSD.s policy: .Once working, these features cannot be disabled. Application bugs must be fixed.
The second talk is by Bob Beck, about LibreSSL
when LibreSSL was forked from OpenSSL 1.0.1g, it contained 388,000 lines of C code
30 days in LibreSSL, they had deleted 90,000 lines of C
OpenSSL 1.0.2d has 432,000 lines of C (728k total), and OpenSSL Current has 411,000 lines of C (over 1 million total)
LibreSSL today, contains 297,000 lines of C (511k total)
None of the high risk CVEs against OpenSSL (there have been 5) have affected LibreSSL. It turns out removing old code and unneeded features is good for security.
The talk focuses on libtls, an alternative to the OpenSSL API, designed to be easier to use and less error prone
In the libtls api, if -1 is returned, it is always an error. In OpenSSL, it might not be an error, needs additional code to check errno
In OpenBSD: ftp, nc, ntpd, httpd, spamd, syslog have been converted to the new API
The OpenBSD Foundation is looking for donations in order to sponsor 2-3 developers to spend 6 months dedicated to LibreSSL
***
Interview - Benno Rice - [email protected] / @jeamland
Isilon and building products on top of FreeBSD
News Roundup
ReLaunchd
This past week we got a heads up about another init/launchd replacement, this time .Relaunchd.
The goals of this project appear to be keeping launchd functionality, while being portable enough to run on FreeBSD / Linux, etc.
It also has aspirations of being .container-aware. with support for jailed services, ala-docker, as well as cluster awareness.
Written in ruby :(, it also maintains that it wishes to NOT take over PID1 or replace the initial system boot scripts, but extend / leverage them in new ways.
***
Static Intrusion Detection in NetBSD
Alistar Crooks has committed a new .sid. utility to NetBSD, which allows intrusion detection by comparing the file-system contents to a database of known good values
The utility can compare the entire root file system of a modest NetBSD machine in about 15 seconds
The following parameters of each file can be checked: atime, block count, ctime, file type, flags, group, inode, link target, mtime, number of links, permissions, size, user, crc32c checksum, sha256 checksum, sha512 checksum
A JSON report is issued at the end, for any detected variances
***
LibreSSL 2.3.0 in PC-BSD
If you.re running PC-BSD 10.2-EDGE or October's -CURRENT image, LibreSSL 2.3.0 is now a thing
Thanks to the hard work of Bernard Spil and others, we have merged in the latest LibreSSL which actually removes SSL support in favor of TLS
Quite a number of bugs have been fixed, as well as patches brought over from OpenBSD to fix numerous ports.
Allan has started a patchset that sets the OpenSSL in base to "private"
This hides the library so that applications and ports cannot find it, so only tools in the base system, like fetch, will be able to use it. This makes OpenSSL no longer part of the base system ABI, meaning the version can be upgraded without breaking the stable ABI promise. This feature may be important in the future as OpenSSL versions now have EoL dates, that may be sooner than the EoL on the FreeBSD stable branches.
***
PC-BSD and boot-environments without GRUB
In this month.s -CURRENT image of PC-BSD, we began the process of moving back from the GRUB boot-loader, in favor of FreeBSD.s
A couple of patches have been included, which enables boot-environment support via the 4th menus (Thanks Allan) and support for booting ZFS on root via UEFI
"beadm" has also been updated to seamlessly support both boot-loaders
No full-disk encryption support yet (hopefully soon), but GRUB is still available on installer for those who need it
***
Import of IWM wireless to DragonFly
Matthew Dillon has recently imported the newer if_iwm driver from FreeBSD -> DragonFly
Across the internet, users with newer Intel chipsets rejoiced!
Coupled with the latest Broadwell DRM improvements, DragonFly sounds very ready for the latest laptop chipsets
Also, looks like progress is being made on i386 removal
***
Feedback/Questions
Dan writes in about PCBSD
Matt writes in about ZFS
Anonymous writes in about problems booting
***
...more
1h 37min
September 30, 2015 109: Impish BSD
This week, we have a great interview with Warner Losh of the FreeBSD project! We will be discussing everything from automatic kernel module loading, IO scheduling and of course NanoBSD.
This episode was brought to you by
Interview - Warner Losh - [[email protected]]([email protected]) / @bsdimp
SSD performance and driver auto-loader
...more
56min
September 23, 2015 108: ServeUp BSD
This week on the show, Allan is heading to Sweden, but we have a great interview with Andrew Pantyukhin to bring you. We will be discussing everything from contributions to FreeBSD, which technologies worked best in the datacenter, config management and more.
This episode was brought to you by
Headlines
Allan is away this week, traveling to Sweden for the ACM womENcourage conference followed by EuroBSDCon, but we have an excellent interview for you, so sit back and enjoy the show. Allan will be back on October 5th, so we look forward to bringing you a live show, with all the details about EuroBSD and more!
Interview - Andrew Pantyukhin - [email protected] / @infofarmer
Building products with FreeBSD
...more
1h 19min
September 16, 2015107: In their midst
This week, we are going to be talking with Aaron Poffenberger, who has much to share about his first-hand experience in infiltrating Linux conferences with BSD-goodness.
This episode was brought to you by
Headlines
Alexander Motin implements CTL High Availability
CTL HA allows two .head. nodes to be connected to the same set of disks, safely
An HA storage appliance usually consists of 2 totally separate servers, connected to a shared set of disks in separate JBOD sleds
The problem with this setup is that if both machines try to use the disks at the same time, bad things will happen
With CTL HA, the two nodes can communicate, in this case over a special TCP protocol, to coordinate and make sure they do not step on each others toes, allowing safe operation
The CTL HA implementation in FreeBSD can operate in the following four modes:
Active/Unavailable -- without interlink between nodes
Active/Standby -- with the second node handling only basic LUN discovery and
reservation, synchronizing with the first node through the interlink
Active/Active -- with both nodes processing commands and accessing the
backing storage, synchronizing with the first node through the interlink
Active/Proxy -- with second node working as proxy, transferring all
commands to the first node for execution through the interlink
The custom TCP protocol has no authentication, so it should never be enabled on public interfaces
Doc Update
***
Panel Self-Refresh support lands in DragonFlyBSD
In what seems almost weekly improvements being made to the Xorg stack for DragonFly, we now have Panel Self-Refresh landing, thanks to Imre Vadász
Understanding Panel Self-Refresh and More about Panel Self-Refresh
In a nutshell, the above articles talks about how in the case of static images on the screen, power-savings can be obtained by refreshing static images from display memory (frame-buffer), disabling the video processing of the CPU/GPU and associated pipeline during the process.
And just for good measure, Imre also committed some further Intel driver cleanup, reducing the diff with Linux 3.17
***
Introducing Sluice, a new ZFS snapshot management tool
A new ZFS snapshot management tool written in Python and modeled after Apple.s Time Machine
Simple command line interface
No configuration files, settings are stored as ZFS user properties
Includes simple remote replication support
Can operate on remote systems with the zfs://user@host/path@snapname url schema
Future feature list includes .import. command to moved files from non-ZFS storage to ZFS and create a snapshot, and .export. to do the inverse
Thanks to Dan for tipping us about this new project
***
Why WhatsApp only needs 50 engineers for 900 million users
Wired has a good write-up on the behind-the-scenes work taking place at WhatsApp
While the article mentions FreeBSD, it spends the bulk of its discussion about Erlang and using its scalable concurrency and deployment of new code to running processes.
FB messenger uses Haskell to accomplish much the same thing, while Google and Mozilla are currently trying to bring the same level of flexibility to Go and Rust respectively.
video
Thanks to Ed for submitting this news item
***
Interview - Aaron Poffenberger - email@email / @akpoff
BSD in a strange place
KM: Go ahead and tell us about yourself and how did you first get involved with BSD?
AJ: You.ve presented recently at Texas Linux Fest, both on FreeBSD and FreeNAS. What specifically prompted you to do that?
KM: What would you say are the main selling points when presenting BSD to Linux users and admins?
AJ: On the flip side of this topic, in what areas to do you think we could improve BSD to present better to Linux users?
KM: What would you specifically recommend to other BSD users or fans who may also want to help present or teach about BSD? Any things specifically to avoid?
AJ: What is the typical depth of knowledge you encounter when presenting BSD to a mostly Linux crowd? Any surprises when doing so?
KM: Since you have done this before, are you mainly writing your own material or borrowing from other talks that have been done on BSD? Do you think there.s a place for some collaboration, maybe having a repository of materials that can be used for other BSD presenters at their local linux conference / LUG?
AJ: Since you are primarily an OpenBSD user have you thought about doing any talks related to it? Is OpenBSD something on the radar of the typical Linux conference-goer?
KM: Is there anything else you would like to mention before we wrap up?
***
News Roundup
GhostBSD 10.1 released
GhostBSD has given us a new release, this time it also includes XFCE as an alternative to the MATE desktop
The installer has been updated to allow using GRUB, BSD loader, or none at all
It also includes the new OctoPKG manager, which proves a Qt driven front-end to pkgng
Thanks to Shawn for submitting this
***
Moving to FreeBSD
In this blog post, Randy Westlund takes us through his journey of moving from Gentoo over to FreeBSD
Inspired in part due to Systemd, he first spent some time on Wikipedia reading about BSD before taking the plunge to grab FreeBSD and give it a whirl in a VM.
"My first impression was that installation was super easy. Installing Gentoo is done manually and can be a "fun" weekend adventure if you're not sure what you're doing. I can spin up a new FreeBSD VM in five minutes."
"There's a man page for everything! And they're well-written! Gentoo has the best documentation of any Linux distro I've used, but FreeBSD is on another level. With a copy of the FreeBSD Handbook and the system man pages, I can actually get things done without tabbing over to Google every five minutes."
He goes on to mention everything from Init system, Jails, Security, Community and License, a well-rounded article.
Also gives a nice shout-out to PC-BSD as an even easier way to get started on a FreeBSD journey, thanks!
Shout out to Matt for tipping us to this blog post
***
OpenBSD Enables GPT by default
Looks like OpenBSD has taken the plunge and enabled GPT by default now
Ken Westerback does us the honors, by removing the kernel option for GPT
Users on -CURRENT should give this a whirl, and of course report issues back upstream
Credit to Jona for writing in about this one
***
DISCUSSION: Are reproducible builds worth-while?
In this weeks article / rant, Ted takes on the notion of reproducible builds being the end-all be-all for security.
What about compiler backdoors?
This does not prevent shellshock, or other bugs in the code itself
Personally, I.m all in favor, another .Trust but verify. mechanism of the distributed binaries, plus it makes it handy to do source builds and not end up with various checksum changes where no code actually changed.
***
Feedback/Questions
David writes in
Possnfiffer writes in
Daniel writes in
***
...more
1h 27min
September 09, 2015106: Multipath TCP
This week, we have Nigel Williams here to bring us all sorts of info about Multipath TCP, what it is, how it works and the ongoing effort to bring it into FreeBSD. All that and of course the latest BSD news coming your way, right now!
This episode was brought to you by
Headlines
Backing out changes doesn.t always pinpoint the problem
Peter Wemm brings us a fascinating look at debugging an issue which occurred on the FreeBSD build cluster recently.
Bottom line? Backing out something isn.t necessarily the fix, rather it should be apart of the diagnostic process
In this particular case, a change to some mmap() functionality ended up exposing a bug in the kernel.s page fault handler which existed since (wait for it.) 1997!
As Peter mentions at the bottom of the Article, this bug had been showing up for years, but was sporadic and often written off as a networking hiccup.
***
BSD Router Project benchmarks new routing changes to FreeBSD
A project branch of FreeBSD -CURRENT has been created with a number of optimizations to the routing code
Alexander V. Chernikov (melifaro@).s routing branch
The net result is an almost doubling of peak performance in packets per second
Performance scales well with the number of NIC queues (2 queues is 88% faster than 1 queue, 3 is 270% faster). Unlike the previous code, when the number of queues hits 4, performance is down by only 10%, instead of being cut nearly in half
Other Benchmark Results, and the tools to do your own tests
***
When is SSL not SSL?
Our buddy Ted has a good write-up on a weird situation related to licensing of stunnel and LibreSSL
The problem exists due to stunnel being released with a different license, that is technically incompatible with the GPL, as well as linking against non-OpenSSL versions.
The author has also decided to create specific named exceptions when the *SSL lib is part of the base operating system, but does not personally consider LibreSSL as a valid linking target on its own
Ted points out that the LibreSSL team considers LibreSSL == OpenSSL, so this may be a moot concern
***
Update on systembsd
We.ve mentioned the GSoC project to create a SystemD shim in OpenBSD before. Now we have the slides from Ian Sutton talking about this project.
As a refresher, this project is to take DBUS and create daemons emulating various systemd components, such as hostnamed, localed, timedated, and friends.
Written from scratch in C, it was mainly created in the hopes of becoming a port, allowing Gnome and related tools to function on OpenBSD.
This is a good read, especially for current or aspiring porters who want to bring over newer versions of applications which now depend upon SystemD.
***
Interview - Nigel Williams - [[email protected]]([email protected])
Multipath TCP
News Roundup
OpenBSD UEFI boot loader
We.ve mentioned the ongoing work to bring UEFI booting to OpenBSD and it looks like this has now landed in the tree
The .fdisk. utility has also been updated with a new -b flag, when used with .-i. will create the special EFI system partition on amd64/i386 . (http://marc.info/?l=openbsd-cvs&m=144139348416071&w=2)
Some twitter benchmarks
***
FreeBSD Journal, July/August issue
The latest issue of the FreeBSD Journal has arrived
As always, the Journal opens with a letter from the FreeBSD Foundation
Feature Articles:
Groupon's Deal on FreeBSD -- How to drive adoption of FreeBSD at your organization, and lessons learned in retraining Linux sysadmins
FreeBSD: The Isilon Experience -- Mistakes not to make when basing a product on FreeBSD. TL;DR: track head
Reflections on FreeBSD.org: Packages -- A status update on where we are with binary packages, what issues have been overcome, and which still remain
Inside the Foundation -- An overview of some of the things you might not be aware that the FreeBSD Foundation is doing to support the project and attract the next generation of committers
Includes a book review of .The Practise of System and Network Administration.
As usual, various other reports are included: The Ports Report, SVN Update, A conference report, a report from the Essen hackathon, and the Event Calendar
***
Building ARMv6 packages on FreeBSD, the easy way
Previously we have discussed how to build ARMv6 packages on FreeBSD
We also interviewed Sean Bruno about his work in this area
Thankfully, over time this process has been simplified, and no longer requires a lot of manual configuration, or fussing with the .image activator.
Now, you can just build packages for your Raspberry Pi or similar device, just as simply as you would build for x86, it just takes longer to build.
***
New PC-BSD Release Schedule
The PC-BSD Team has announce an updated release schedule for beyond 10.2
This schedule follows more closely the FreeBSD schedules, with major releases only occurring when FreeBSD does the next point update, or major version bump.
PC-BSD.s source tree has been split into master(current) and stable as well
PRODUCTION / EDGE packages will be built from stable, with PRODUCTION updated monthly now. The -CURRENT monthly images will contain the master source builds.
***
Feedback/Questions
Joris writes in
Anonymous
Darin
***
...more
1h 8min

FAQs about BSD Now:

How many episodes does BSD Now have?

The podcast currently has 634 episodes available.

More shows like BSD Now

Security Now (Audio) by TWiT

Security Now (Audio)

1,971 Listeners

Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

283 Listeners

LINUX Unplugged by Jupiter Broadcasting

LINUX Unplugged

265 Listeners

Python Bytes by Michael Kennedy and Brian Okken

Python Bytes

215 Listeners

Late Night Linux by The Late Night Linux Family

Late Night Linux

154 Listeners

Home Assistant Podcast by HK Media

Home Assistant Podcast

65 Listeners

CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

CoRecursive: Coding Stories

189 Listeners

Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

Kubernetes Podcast from Google

181 Listeners

Late Night Linux Family All Episodes by The Late Night Linux Family

Late Night Linux Family All Episodes

44 Listeners

Linux Dev Time by The Late Night Linux Family

Linux Dev Time

21 Listeners

Self-Hosted by Jupiter Broadcasting

Self-Hosted

135 Listeners

2.5 Admins by The Late Night Linux Family

2.5 Admins

92 Listeners

Linux After Dark by The Late Night Linux Family

Linux After Dark

29 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

47 Listeners