Bsd Now

This week on BSDNow, we have an interview with Richard Yao, who will be telling us about the experience and challenges of porting ZFS to Linux. That plus the latest news and feedback is coming your way, on your place This episode was brought to you by Headlines Registration for MeetBSD 2016 is now Open (https://www.meetbsd.com/) “Beastie’s coming home!” This year, MeetBSD will be held at UC Berkeley’s Clark Kerr Campus November 11th and 12th, preceded by a two day FreeBSD Vendor/Dev Summit (Nov 9th and 10th) MeetBSD can be traced back to its humble roots as a local workshop for BSD developers and users, hosted annually in Poland since 2004. Since then, MeetBSD’s popularity has spread, and it’s now widely recognized as its own conference with participants from all over the world. The US version runs every two years in California since 2008, and now trades off with the east coast vBSDCon which runs on the odd years. “MeetBSD 2016 uses a mixed unConference format featuring both scheduled talks and community-dr

This week on BSDNow, Allan is back from his UK trip and we’ll get to hear his thoughts on the developer summit. That plus all the This episode was brought to you by Headlines FreeBSD 11.0-RC1 Available (https://lists.freebsd.org/pipermail/freebsd-stable/2016-August/085277.html) FreeBSD is marching onwards to 11.0, and with it the first RC1 was released. In addition to the usual amd64 architectures, you may want to give it a whirl on your various ARM boards as well, as it includes images for the following systems: 11.0-RC1 amd64 GENERIC 11.0-RC1 i386 GENERIC 11.0-RC1 powerpc GENERIC 11.0-RC1 powerpc64 GENERIC64 11.0-RC1 sparc64 GENERIC 11.0-RC1 armv6 BANANAPI 11.0-RC1 armv6 BEAGLEBONE 11.0-RC1 armv6 CUBIEBOARD 11.0-RC1 armv6 CUBIEBOARD2 11.0-RC1 armv6 CUBOX-HUMMINGBOARD 11.0-RC1 armv6 GUMSTIX 11.0-RC1 armv6 RPI-B 11.0-RC1 armv6 RPI2 11.0-RC1 armv6 PANDABOARD 11.0-RC1 armv6 WANDBOARD 11.0-RC1 aarch64 GENERIC For those wondering the list of changes between this and BETA4, we have that as well: A NULL pointer d

This week on BSDNow, Allen is away in the UK (For BSDCam), but we still have a full episode for you! Don’t miss our interview with This episode was brought to you by Headlines My two year journey to becoming an OS Developer (http://zinascii.com/2016/going-to-joyent.html) A blog post by Ryan Zezeski about how he ended doing OS Development instead of working on application We have featured his posts before, including The illumos SYSCALL Handler (http://zinascii.com/2016/the-illumos-syscall-handler.html) It started in the summer of 2014: I had just left Basho after 3.5 years of working on Riak, when I decided I wanted to become an OS developer. I purchased Solaris Internals, cloned illumos-gate, fired up cscope, and got to work. I hardly knew any C, x86 might as well have been Brainfuck, and, frankly, I knew shit about operating systems. But I was determined. I’ve always learned best by beating my head against something until it makes sense. I’m not a fast learner; I’m persistent. What others have in ability I

This week on BSDNow, we are taking a look at a few different tutorials, including running your very own RPi web-server. (Come-on, you This episode was brought to you by Headlines broken features aren't used (http://www.tedunangst.com/flak/post/broken-features-arent-used) This post from TedU talks about the difficulty of removing features from an operating system “One of the difficulties in removing a feature is identifying all the potential users. A feature here could be a program bundled with an operating system, or a command line option, or maybe just a function in a library. If we remove a feature, users that depend on it will be sad. Unfortunately, absence of evidence is not evidence of absence. I’ve never heard of anybody running ls -p but it’s not impossible that somebody does.” “The reasons why we want to remove an existing feature can vary. Sometimes it’s old code that interferes with maintenance. Sometimes a nearly complete rewrite can improve performance. In other cases, the feature in question is

This week on BSDNow, we have a variety of news to discuss, covering quite the spectrum of BSD. (Including a new DragonFly release!). This episode was brought to you by Headlines my int is too big (http://www.tedunangst.com/flak/post/my-int-is-too-big) “The NCC Group report (http://marc.info/?l=oss-security&m=146853062403622&w=2) describes the bugs, but not the history of the code.” “Several of them, as reported by NCC, involved similar integer truncation issues. Actually, they involved very similar modern 64 bit code meeting classic 32 bit code” “The thrsleep system call is a part of the kernel code that supports threads. As the name implies, it gives userland a measure of control over scheduling and lets a thread sleep until something happens. As such, it takes a timeout in the form of a timespec. The kernel, however, internally implements time keeping using ticks (there are HZ, 100, ticks per second). The tsleep function (t is for timed) takes an int number of ticks and performs basic validation by checkin

This week on BSDNow, we have some big breaking news about another major switcher to FreeBSD, plus early information about the pending This episode was brought to you by Headlines Leo Laporte tries FreeBSD (http://www.leolaporte.com/blog/a-grand-experiment) Leo Laporte, formerly of TechTV, and now of TWiT.tv, is switching to FreeBSD “The latest debacle over the "forced" upgrade to Windows 10 and Apple's increasingly locked-in ecosystem has got me thinking. Do I really need to use a proprietary operating system to get work done? And while I'm at it, do I need to use commercial cloud services to store my data?” A sometimes Linux user since the mid 90s, Leo talks about his motivations: “But as time went by, even Ubuntu began to seem too commercial to me” “So now for the grand experiment. Is it possible, I wonder, to do everything I need to do on an even more venerable, more robust system: a true UNIX OS, FreeBSD? Here are my requirements” Browsing Email with PGP signing and encryption Coding - I'm a hobbyist pro

This week on BSDNow, we have all sorts of interesting news, including a Kernel Fuzzing audit done for OpenBSD, a much improved This episode was brought to you by Headlines Multiple Bugs in OpenBSD Kernel (http://marc.info/?l=oss-security&m=146853062403622&w=2) Its patch Wednesday! (OR last Thursday if you were watching the mailing lists) Jesse Hertz and Tim Newsham (part of the NCC Group calling themselves project Triforce) have been working with the OpenBSD team to fix some newly discovered bugs in the kernel using fuzzing. Specifically they were able to track down several potential methods to corrupt memory or panic the kernel: mmap_panic: Malicious calls to mmap() can trigger an allocation panic or trigger memory corruption. kevent_panic: Any user can panic the kernel with the kevent system call. thrsleeppanic: Any user can panic the kernel with the _thrsleep system Call. thrsigdivertpanic: Any user can panic the kernel with the _thrsigdivert system call. ufsgetdentspanic: Any user can panic the kernel wi

Today on the show, we are going to be talking to Jim Brown (of BSD Cert Fame) about his home-brew sprinkler system… Wait for it… This episode was brought to you by Headlines Distrowatch reviews OpenBSD and PCBSD's live upgrade method (http://distrowatch.com/weekly.php?issue=20160620#upgrade) Upgrading… The bane of any sysadmin! Distrowatch has recently done a write-up on the in-place upgrading of various distros / BSDs including PC-BSD and OpenBSD. Lets look first at the PC-BSD attempt, which was done going from 9.2 -> 10. “I soon found trying to upgrade either the base system or pkg would fail. The update manager did not provide details as to what had gone wrong and so I decided to attempt a manual upgrade by following the FreeBSD Handbook as I had when performing a live upgrade of FreeBSD back in May. At first the manual process seemed to work, downloading the necessary patches for FreeBSD 10 and getting me to resolve conflicts between my existing configuration files and the new versions. Part way through

Today on the show, we are going to be chatting with Michael Dexter about a variety of topics, but of course including bhyve! That plus This episode was brought to you by Headlines NetBSD Introduction (https://bsdmag.org/netbsd_intr/) We start off today’s episode with a great new NetBSD article! Siju Oommen George has written an article for BSDMag, which provides a great overview of NetBSD’s beginnings and what it is today. Of course you can’t start an article about NetBSD without mentioning where the name came from: “The four founders of the NetBSD project, Chris Demetriou, Theo de Raadt, Adam Glass, and Charles Hannum, felt that a more open development model would benefit the project: one centered on portable, clean and correct code. They aimed to produce a unified, multi-platform, production-quality, BSD-based operating system. The name “NetBSD” was suggested by de Raadt, based on the importance and growth of networks, such as the Internet at that time, the distributed and collaborative nature of its devel

This week on the show, Allan and I are going to be showing you a very interesting interview we did talking about using FreeBSD to drive This episode was brought to you by Headlines FreeBSD Core Team Election (https://www.freebsd.org/administration.html#t-core) Core.9 has been elected, and will officially take over from Core.8 on Wednesday, 6 July 2016 Many thanks to the outgoing members of the core team for their service over the last 2 years 214 out of 325 eligible voters (65.8%) cast their votes in an election counting 14 candidates. The top nine candidates are, in descending order of votes received: 180 84.1% Ed Maste (incumbent) 176 82.2% George V. Neville-Neil (incumbent) 171 79.9% Baptiste Daroussin (incumbent) 168 78.5% John Baldwin 166 77.6% Hiroki Sato (incumbent) 147 68.7% Allan Jude 132 61.7% Kris Moore 121 56.5% Benedict Reuschling 108 50.5% Benno Rice There was no tie for ninth. BSDNow and the entire community would

On this episode of BSDNow, we will be talking to Glen Barber and Peter Wemm of the FreeBSD RE and Cluster Admin teams! That plus our This episode was brought to you by Headlines 2016 FreeBSD Community Survey (https://www.surveymonkey.com/r/freebsd2016) We often get comments from our listeners, “I’m not a developer, how can I help out”? Well today is your chance to do something. The FreeBSD Foundation has its 2016 Community Survey online, where they are asking for feedback from you! I just did the survey, it’ll take you about 5 minutes, but gives you a chance to provide valuable feedback to the foundation about things that are important to you. Be sure to answer in as much detail as possible and the foundation will review and use this feedback for its operations going forward. *** ART, OpenBSDs new routing table, single thread performances (http://www.grenadille.net/post/2016/06/17/ART-single-thread-performances) OpenBSD has changed the way routes are looked up in the kernel as part of their path to an SMP

Kris is on vacation this week, so allan flies solo, provides a recap of BSDCan & cover's a boatload of news including Microsoft This episode was brought to you by Headlines BSDCan Recap and Live Stream Videos (http://www.bsdcan.org/2016/) OpenBSD BSDCan 2016 papers now available (http://www.openbsd.org/papers) Allan’s slides (http://allanjude.com/bsd/BSDCan2016_-_GELIBoot.pdf) and Paper (http://allanjude.com/bsd/AsiaBSDCon2016_geliboot_pdf1a.pdf) Michael W Lucas presents Allan with a gift (https://www.youtube.com/watch?v=LFgxAHkrSTg) “FreeBSD Mastery: Advanced ZedFS” (http://blather.michaelwlucas.com/archives/2698) Highlighted Tweets: Groff Arrives at BSDCan (https://twitter.com/Keltounet/status/740344735194320896) FreeBSD Foundation recognizes the contributions of Bryan Drewery, Rod Grimes, Warren Block, & Gleb Smirnoff (https://twitter.com/freebsdfndation/status/742456950676393984) A moment of silence and shots in memory in Benjamin Perrault @creepingfur (https://twitter.com/__briancallahan/status/7

It’s BSDCan time! Allan and I are both enjoying what is sure to be a super-busy week, but don’t think we’ve forgotten about This episode was brought to you by Interview - Benno Rice - benno@freebsd.org (mailto:benno@freebsd.org) / @jeamland (https://twitter.com/jeamland) Manager, OS & Networking at EMC Isilon Emily Dunham: Community Automation (https://www.youtube.com/watch?v=dIageYT0Vgg) iXsystems 1U Rackmount Server - 4 Bay Hot-Swap SAS/SATA Drive Bays 400W Redundant Power Supply - Single Socket Embedded CPU (48 cores) - 8 DIMM Slots with 16GB DIMMs for a total of 128GB RAM – Dual Gigabit LAN, Dual 10GbE SFP+ and 1 x 40Gb QSFP+ port, (1) PCI-E Expansion Slots + IPMI Dedicated LAN - Cavium ThunderX ARM CN8890 48 Core ThunderX CPU - 2.5GHz per core System has 128GB RAM, 4 x 2TB SATA HDD, Additional Intel i350 (2 x 1GbE) Beastie Bits file considered harmful (http://www.tedunangst.com/flak/post/file-considered-harmful) An open source talk on ZFS. “Intro to ZFS” as a set of open source slides for the comm

It’s only one-week away from BSDCan, both Allan and I are excited to meet some of you in person! However, the show keeps on This episode was brought to you by Headlines dotSecurity 2016 - Theo de Raadt - Privilege Separation and Pledge (http://www.dotsecurity.io/) Video (https://www.youtube.com/watch?v=a_EYdzGyNWs) Slides (https://www.openbsd.org/papers/dot2016.pdf) Interested in Privilege Separation and security in general? If so, then you are in for a treat, we have both the video and slides from Theo de Raadt at dotSecurity 2016. Specifically the the talk starts off looking at Pledge (no copyright issues with the pictures I hope??) and how their NTP daemon uses it. After going through some internals, Theo reveals that around 10% of programs “pledged” so far were found to be trying to do actions outside of their security scope. On the future-work side, they mention going back and looking at OpenSSH privilege separation next, as well as working with other OS’s that may want pledge support. *** bhyve now s

This week on BSDNow, we have an interview with Matthew Macy, who has some exciting news to share with us regarding the state of graphics This episode was brought to you by Headlines How the number of states affects pf’s performance of FreeBSD (http://blog.cochard.me/2016/05/playing-with-freebsd-packet-filter.html) Our friend Olivier of FreeNAS and BSDRP fame has an interesting blog post this week detailing his unique issue with finding a firewall that can handle upwards of 4 million state table entries. He begins in the article with benchmarking the defaults, since without that we don’t have a framework to compare the later results. All done on his Netgate RCC-VE 4860 (4 cores ATOM C2558, 8GB RAM) under FreeBSD 10.3. “We notice a little performance impact when we reach the default 10K state table limit: From 413Kpps with 128 states in-used, it lower to 372Kpps.” With the initial benchmarks done and graphed, he then starts the tuning process by adjusting the “net.pf.states_hashsize”sysctl, and then playing

This week on the show, we have all the latest news and stories! Plus an interview with BSD developer Alfred Perlstein, that you This episode was brought to you by Headlines The May issus of BSDMag is now out (https://bsdmag.org/download/reusing_openbsd/) GhostBSD Reusing OpenBSD's arc4random in multi-threaded user space programs Securing VPN's with GRE / Strongswan Installing XFCE 4.12 on NetBSD 7 Interview with Fernando Rodriguez, the co-founder of KeepCoding *** A rundown of the FPTW^XEXT.1 security reqiurement for General Purpose Operating Systems by the NSA (http://blog.acumensecurity.net/fpt_wx_ext-1-a-rundown/) NIST/NSA Validation Scheme Report (https://www.commoncriteriaportal.org/files/ppfiles/pp_os_v4.1-vr.pdf) The SFR or Security Functional Requirement requires that; "The OS shall prevent allocation of any memory region with both write and execute permissions except for [assignment: list of exceptions]." While nearly all operating systems currently support the use of the NX bit, or the equivalent

This week on the show, we have all the latest news and stories! Plus we’ll be hearing more about OpnSense from the man himself, Ike! This episode was brought to you by Headlines Regarding Embargoes (http://www.tedunangst.com/flak/post/regarding-embargoes) Our buddy TedU has a great thought piece today on the idea of “embargoes” for security advisories. This all stemmed from a recent incident with LibreSSL patches from embargoed OpenSSL vulns, that accidentally got committed too early. Ted makes a pretty good case on the difficulties of having embargos, and maybe the reason there shouldn’t be. Couple of quotes to give you a taste: “There are several difficulties maintaining embargoes. Keeping secrets is against human nature. I don’t want to be the one who leaks, but if I see something that looks like the secret is out, it’s a relief to be able to speak freely. There is a bias towards recognizing such signs where they may not really exist. (Exacerbated by broad embargoes where some parts leak but other parts

This week on BSDNow, Allan is back in down from Europe! We’ll get to hear some of his wrap-up and get caught up on the latest BSD This episode was brought to you by Headlines FreeBSD Quarterly Report (http://www.freebsd.org/news/status/report-2016-01-2016-03.html) This quarterly status report starts with a rather interesting introduction by Warren Block ASLR Porting CEPH to FreeBSD RCTL I/O Rate Limiting The Graphics Stack on FreeBSD (Haswell is in, work is progressing on the next update) CAM I/O Scheduler NFS Server updates, working around the 16 group limit, and implementing pNFS, allowing NFS to scale beyond a single server Static Analysis of the FreeBSD Kernel with PVS Studio PCI-express HotPlug GitLab Port committed! WITHFASTDEPEND and other improvements to the FreeBSD build system Lots of other interesting stuff *** A Prog By Any Other Name (http://www.tedunangst.com/flak/post/a-prog-by-any-other-name) Ted Unangst looks at what goes into the name of a program “Sometimes two similar programs are really

This week, Allan is out of town, but since when has that ever stopped us from bringing you a new episode of BSDNow? We have news, This episode was brought to you by Headlines Unix's file durability problem (https://utcc.utoronto.ca/~cks/space/blog/unix/FileSyncProblem) Another article by Chris Siebenmann from the University of Toronto This time, the issue was a lost comment on his Python based blog which uses files on disk rather than a database After an unexpected restart of the system, a recently posted comment no longer existed The post goes on to investigate what the ‘right way’ to ensure file durability is The answer, as you might expect, is “it depends…” Normally, fsync() should work, but it seems with ext4 and some other file systems, you must also fsync() the directory where the file was created, or it might not be possible to find the file after a crash Do you need to fsync() the parent of that directory too? Then what is fdatasync() for? What about just calling sync()? “One issue is that unlike man

This week on the show, we will be talking to Benedict Reushling about his role with the FreeBSD foundation and the journey that took him This episode was brought to you by Headlines HardenedBSD introduces full PIE support (https://hardenedbsd.org/article/shawn-webb/2016-04-15/introducing-full-pie-support) PIE base for amd64 and i386 Only nine applications are not compiled as PIEs Tested PIE base on several amd64 systems, both virtualized and bare metal Hoped to be to enabled it for ARM64 before or during BSDCan. Shawn will be bringing ten Raspberry Pi 3 devices (which are ARM64) with to BSDCan, eight of which will be given out to lucky individuals. “We want the BSD community to hack on them and get ARM64/Aarch64 fully functional on them.” *** Lessons learned from 30 years of MINIX (http://m.cacm.acm.org/magazines/2016/3/198874-lessons-learned-from-30-years-of-minix/fulltext) Eat your own dog food. By not relying on idiosyncratic features of the hardware, one makes porting to new platforms much easier. The In