Show Notes/Links: https://www.bsdnow.tv/327

The post ZFS Rename Repo | BSD Now 327 first appeared on Jupiter Broadcasting.

We’re away at MeetBSD this week, but we’ve still got a great show for you. We’ll be joined by Pawel Dawidek, who’s done quite a lot of things in FreeBSD over the years, including the initial ZFS port. We’ll get to hear how that came about, what he’s up to now and a whole lot more. We’ll be back next week with a normal episode of BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Interview – Pawel Jakub Dawidek – pjd@freebsd.org

Porting ZFS, GEOM, GELI, Capsicum, various topics

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv – if you write any blog posts about BSD, send ’em our way
• Usually, you can watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
• We’ll be back with a regular episode next week, and maybe even some new interviews

The post Gift from the Sun | BSD Now 62 first appeared on Jupiter Broadcasting.

Coming up in this week’s episode, we’ll be talking with one of OpenBSD’s newest developers – Brent Cook – about the portable version of LibreSSL and how it’s developed. We’ve also got some important information about the FreeBSD port of LibreSSL. The latest news and your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD quarterly status report

• FreeBSD has gotten quite a lot done this quarter
• Changes in the way release branches are supported – major releases will get at least five years over their lifespan
• A new automounter is in the works, hoping to replace amd (which has some issues)
• The CAM target layer and RPC stack have gotten some major optimization and speed boosts
• Work on ZFSGuru continues, with a large status report specifically for that
• The report also mentioned some new committers, both source and ports
• It also covers GNATS being replaced with Bugzilla, the new core team, 9.3-RELEASE, GSoC updates, UEFI booting and lots of other things that we’ve already mentioned on the show
• “Foundation-sponsored work resulted in 226 commits to FreeBSD over the April to June period”

A new OpenBSD HTTPD is born

• Work has begun on a new HTTP daemon in the OpenBSD base system
• A lot of people are asking “why?” since OpenBSD includes a chrooted nginx already – will it be removed? Will they co-exist?
• Initial responses seem to indicate that nginx is getting bloated, and is a bit overkill for just serving content (this isn’t trying to be a full-featured replacement)
• It’s partially based on the relayd codebase and also comes from the author of relayd, Reyk Floeter
• This has the added benefit of the usual, easy-to-understand syntax and privilege separation
• There’s a very brief man page online already
• It supports vhosts and can serve static files, but is still in very active development – there will probably be even more new features by the time this airs
• Will it be named OpenHTTPD? Or perhaps… LibreHTTPD? (I hope not)

pkgng 1.3 announced

• The newest version of FreeBSD’s second generation package management system has been released, with lots of new features
• It has a new “real” solver to automatically handle conflicts, and dynamically discover new ones (this means the annoying -o option is deprecated now, hooray!)
• Lots of the code has been sandboxed for extra security
• You’ll probably notice some new changes to the UI too, making things more user friendly
• A few days later 1.3.1 was released to fix a few small bugs, then 1.3.2 shortly thereafter and 1.3.3 yesterday

FreeBSD after-install security tasks

• A number of people have written in to ask us “how do I secure my BSD box after I install it?”
• With this blog post, hopefully most of their questions will finally be answered in detail
• It goes through locking down SSH with keys, patching the base system for security, installing packages and keeping them updated, monitoring and closing any listening services and a few other small things
• Not only does it just list things to do, but the post also does a good job of explaining why you should do them
• Maybe we’ll see some more posts in this series in the future

Interview – Brent Cook – bcook@openbsd.org / @busterbcook

LibreSSL’s portable version and development

News Roundup

FreeBSD Mastery – Storage Essentials

• MWL‘s new book about the FreeBSD storage subsystems now has an early draft available
• Early buyers can get access to an in-progress draft of the book before the official release, but keep in mind that it may go through a lot of changes
• Topics of the book will include GEOM, UFS, ZFS, the disk utilities, partition schemes, disk encryption and maximizing I/O performance
• You’ll get access to the completed (e)book when it’s done if you buy the early draft
• The suggested price is $8

Why BSD and not Linux?

• Yet another thread comes up asking why you should choose BSD over Linux or vice-versa
• Lots of good responses from users of the various BSDs
• Directly ripping a quote: “Features like Ports, Capsicum, CARP, ZFS and DTrace were stable on BSDs before their Linux versions, and some of those are far more usable on BSD. Features like pf are still BSD-only. FreeBSD has GELI and ipfw and is “GCC free”. DragonflyBSD has HAMMER and kernel performance tuning. OpenBSD have upstream pf and their gamut of security features, as well as a general emphasis on simplicity.”
• And “Over the years, the BSDs have clearly shown their worth in the nix ecosystem by pioneering new features and driving adoption of others. The most recent on OpenBSD were 2038 support and LibreSSL. FreeBSD still arguably rules the FOSS storage space with ZFS.”
• Some other users share their switching experiences – worth a read

More g2k14 hackathon reports

• Following up from last week’s huge list of hackathon reports, we have a few more
• Landry Breuil spent some time with Ansible testing his infrastructure, worked on the firefox port and tried to push some of their patches upstream
• Andrew Fresh enjoyed his first hackathon, pushing OpenBSD’s perl patches upstream and got tricked into rewriting the adduser utility in perl
• Ted Unangst did his usual “teduing” (removing of) old code – say goodbye to asa, fpr, mkstr, xstr, oldrdist, fsplit, uyap and bluetooth
• Luckily we didn’t have to cover 20 new ones this time!

BSDTalk episode 243

• The newest episode of BSDTalk is out, featuring an interview with Ingo Schwarze of the OpenBSD team
• The main topic of discussion is mandoc, which some users might not be familiar with
• mandoc is a utility for formatting manpages that OpenBSD and NetBSD use (DragonFlyBSD and FreeBSD include it in their source tree, but it’s not built by default)
• You may also want to watch Ingo’s BSDCan talk about mandoc
• We’ll catch up to you soon, Will…

Feedback/Questions

• Thomas writes in
• Stephen writes in
• Sha’ul writes in
• Florian writes in
• Bob Beck writes in – and note the “Caution” section that was added to libressl.org

• All the tutorials are posted in their entirety at bsdnow.tv
• Just can’t get enough LibreSSL? Brent also did a text-only interview for Undeadly, which we also have a link to there
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Want to come on for an interview or have a tutorial you’d like to see? Let us know
• If you’re a big PCBSD fan, or have been curious about what it has to offer over regular FreeBSD, you’ll like next week’s episode
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post Liberating SSL | BSD Now 48 first appeared on Jupiter Broadcasting.

On this week\’s episode, we\’ll be giving you an introductory guide on OpenBSD\’s ports and package system.

There\’s also a pretty fly interview with Karl Lehenbauer, about how they use FreeBSD at FlightAware.

Lots of interesting news and answers to all your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

BSDCan 2014 talks and reports, part 2

• More presentations and trip reports are still being uploaded
• Ingo Schwarze, New Trends in mandoc
• Vsevolod Stakhov, The Architecture of the New Solver in pkg
  
• Julio Merino, The FreeBSD Test Suite
• Zbigniew Bodek, Transparent Superpages for FreeBSD on ARM
• There\’s also a trip report from Michael Dexter and another (very long and detailed) trip report from our friend Warren Block that even gives us some linkage, thanks!

Beyond security, getting to know OpenBSD\’s real purpose

• Michael W Lucas (who, we learn through this video, has been using BSD since 1986) gave a \”webcast\” last week, and the audio and slides are finally up
• It clocks in at just over 30 minutes, managing to touch on a lot of OpenBSD topics
• Some of those topics include: what is OpenBSD and why you should care, the philosophy of the project, how it serves as a \”pressure cooker for ideas,\” briefly touches on GPL vs BSDL, their \”do it right or don\’t do it at all\” attitude, their stance on NDAs and blobs, recent LibreSSL development, some of the security functions that OpenBSD enabled before anyone else (and the ripple effect that had) and, of course, their disturbing preference for comic sans
• Here\’s a direct link to the slides
• Great presentation if you\’d like to learn a bit about OpenBSD, but also contains a bit of information that long-time users might not know too

FreeBSD vs Linux, a comprehensive comparison

• Another blog post covering something people seem to be obsessed with – FreeBSD vs Linux
• This one was worth mentioning because it\’s very thorough in regards to how things are done behind the scenes, not just the usual technical differences
• It highlights the concept of a \”core team\” and their role vs \”contributors\” and \”committers\” (similar to a presentation Kirk McKusick did not long ago)
• While a lot of things will be the same on both platforms, you might still be asking \”which one is right for me?\” – this article weighs in with some points for both sides and different use cases
• Pretty well-written and unbiased article that also mentions areas where Linux might be better, so don\’t hate us for linking it

Expand FreeNAS with plugins

• One of the things people love the most about FreeNAS (other than ZFS) is their cool plugin framework
• With these plugins, you can greatly expand the feature set of your NAS via third party programs
• This page talks about a few of the more popular ones and how they can be used to improve your NAS or media box experience
• Some examples include setting up an OwnCloud server, Bacula for backups, Maraschino for managing a home theater PC, Plex Media Server for an easy to use video experience and a few more
• It then goes into more detail about each of them, how to actually install plugins and then how to set them up

Interview – Karl Lehenbauer – karl@flightaware.com / @flightaware

FreeBSD at FlightAware, BSD history, various topics

Tutorial

Ports and packages in OpenBSD

News Roundup

Code review culture meets FreeBSD

• In most of the BSDs, changes need to be reviewed by more than one person before being committed to the tree
• This article describes Phabricator, an open source code review system that we briefly mentioned last week
• Instructions for using it are on the wiki
• While not approved by the core team yet for anything official, it\’s in a testing phase and developers are encouraged to try it out and get their patches reviewed
• Just look at that fancy interface!!

Michael Lucas\’ next tech books

• Sneaky MWL somehow finds his way into both our headlines and the news roundup
• He gives us an update on the next BSD books that he\’s planning to release
• The plan is to release three (or so) books based on different aspects of FreeBSD\’s storage system(s) – GEOM, UFS, ZFS, etc.
• This has the advantage of only requiring you to buy the one(s) you\’re specifically interested in
• \”When will they be released? When I\’m done writing them. How much will they cost? Dunno.\”
• It\’s not Absolute FreeBSD 3rd edition…

CARP failover and high availability on FreeBSD

• If you\’re running a cluster or a group of servers, you should have some sort of failover in place
• But the question comes up, \”how do you load balance the load balancers!?\”
• This video goes through the process of giving more than one machine the same IP, how to set up CARP, securing it and demonstrates a node dying
• Also mentions DNS-based load balancing as another option

PCBSD weekly digest

• This time in PCBSD land, we\’re getting ready for the 10.0.2 release (ISOs here)
• AppCafe got a good number of fixes, and now shows 10 random highlighted applications
• EasyPBI added a \”bulk\” mode to create PBIs of an entire FreeBSD port category
• Lumina, the new desktop environment, is still being worked on and got some bug fixes too

Feedback/Questions

• Paul writes in
• Matt writes in
• Kjell writes in
• Paul writes in
• Tom writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you want to come on for an interview or have a tutorial you\’d like to see, let us know
• Just a reminder, if you\’re using vnd (vnconfig) on OpenBSD for encryption, it\’s being retired for 5.7 – start planning to migrate your data to softraid
• There were also some security advisories for FreeBSD recently, make sure you\’re all patched up
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post AirPorts & Packages | BSD Now 40 first appeared on Jupiter Broadcasting.

Find out how the 2012 Olympics are preparing for cyper war, we’ll answer a great batch of questions.

And Allan’s embarrassing tech war story!

All that and more, on this week’s TechSNAP!

GoDaddy.com Use our codes TechSNAP10 to save 10% at checkout, or TechSNAP20 to save 20% on hosting!

Free Private Registration

GoDaddy Offer Code: techsnap17
Link: https://www.godaddy.com/domainaddon/private-registration.aspx?isc=techsnap17

$1.99 hosting for the first 3 months

GoDaddy Offer Code: techsnap11

HD Video | Large Video | Mobile Video | MP3 Audio | OGG Audio | YouTube

   
Subscribe via RSS and iTunes:
Subscribe... --RSS-- TechSNAP HD TechSNAP Large TechSNAP Mobile TechSNAP MP3 TechSNAP OGG --iTunes-- TechSNAP iTunes HD TechSNAP iTunes Mobile TechSNAP iTunes Large TechSNAP iTunes MP3

Show Notes:

Big Oil the next big target for cyber attacks?

• The IT Manager for Royal Dutch Shell told the World Petroleum Conference that their company has been receiving an ever increasing number of cyber attacks against its infrastructure.
• The attacks are said to be motivated by commercial interest, as well as political and criminal interests.
• If attackers managed to gain access to critical control systems, they would be able to manipulate valves and pumps, and cause unimaginable damage, physical, monetary and environmental.
• British Petroleum said they had seen a large increase in cyber attacks after the US Golf Oil Spill disaster.
• This is only further evidence that industrial control systems need to be completely isolated from the internet, not protected by just a firewall, but entirely isolated. Even then, threats such as stuxnet or duqu can be introduced by portable media such as USB flash drives. Physical and System security needs to be taken much more seriously.

---

Olympic Control Center prepares for simulated Cyber Attacks

• The new Olympic Control Center in Canary Wharf that will provide support and management for the IT infrastructure of the 2012 Olympics in London is preparing for a variety of Simulated Cyber Attacks in order to improve their preparedness for the Olympic games.
• The simulated attacks will include a Denial of Service attack, which they plan to mitigate by using a distributed website, and viruses and other malware getting in to the organizers’ computers.
• The computer network is used to store and record scores from the games and feed information to the public and the media.
• The operations Center has a staff of 180 permanent employees.
• “Another key principle is to keep mission-critical games systems quite isolated from anything web-facing. So very much partitioned and separated, thus making it hard for an external attack to succeed.”
• The company running the Operations Center is Atos, a very large multinational IT services company. However Atos has had issues of its own.
• In the autumn of 2008, Atos Origin was the subject of a government enquiry after a memory stick with passwords and user names for an important government computer system was found in a car park. BBC Coverage

---

War Story

Allan’s rm -rf / war story (Sovereign)

When I was in high school and college, I ran an IRC shell provider. It started out as one little home brew server on a 128kbit colocation, and grew to its peak of 9 dedicated servers in 4 data centers. As you can imagine, there were plenty of times where people tries to attack, hack or root my servers. It always made me laugh when they tried the latest Redhat exploit against my FreeBSD 4.x machine.

One such exploit involved a symbolic link to / with a obfuscated name (If I recall correctly, it was dot space space and then some unicode characters). As part of the cleanup, I went to remove the offending symlink. Because of the special characters etc in the name, I used the shell’s tab complete feature. Out of admittedly bad habit I used rm -rf rather than just rm, and either the shell or I put a trailing / on the symlink, so rather than removing the symlink, the shell resolved the symlink and started to execute the equivalent of rm -rf /. I knew something was wrong after a second or two when the command prompt did not return, and before I could figure out what was going on, I saw error messages about how /bin/tcsh could not be removed because it was in use, and that the kernel would not be deleted because it was flagged ‘system immutable’. I felt the blood drain out of my face and I quickly broke out in a cold sweat. I immediately hit control+c to prevent any further damage, but things were pretty far gone. /etc and /bin were gone, save for my shell because it was in use. So, without even ls, it was a little difficult to even tell what was left. This server had about 100 customers on it, and a decent uptime (175 days or so if I recall correctly).

Luckily, because of proper disaster planning on my part, daily Bacula backups of that server existed on our central backup server. A few commands to the bacula console and I was restoring /etc, /boot and /bin. Then I did a verify/compare operation to determine what other files may have been deleted, and restored them as well. Amazingly, all of this was pulled off without a reboot, and without a single complaint from a customer. Total time from disaster to recovery was less than 1 hour, and I managed to maintain the uptime.

---

Feedback

Q: (Matt) I listened to TechSnap – 28 and 34 about the ZFS Server Build. Now I’m a little confused, How is Allan’s ZFS server configured? If ZFS will do all the RAID stuff and he’s using RAID Z2 for the RAID–6 option then why are his drives on an Adaptec RAID controller and how is the Adaptec configured? Are you using a big RAID–0?

A: We’ve gotten this question quite a bit, because using a RAID controller is contrary to what I said during the TechSNAP 28 ZFS episode. In this case, I did not have a choice, I needed a controller that was supported under BSD, so I went with the Adaptec. The motherboard’s onboard Intel controller only has 6 ports, and 2 of those are used for the dedicated OS drives, which are mirrored in FreeBSD software using GEOM. The adaptec had the added advantage to their unique solution for battery backup. I have configured the Adaptec to pass-thru each drive directly to ZFS without any RAID, and then ZFS deals with the drives individually, making the RAID Z2 array. As I said during the initial episode, you don’t want to back your ZFS with a RAID device, because you lose control, and some ZFS features, like the ability to swap a device out. If I had done a big RAID–0 device exposed to ZFS, I could not have created the RAID Z2 array, because it requires at least 3 devices. Also, if one drive in a RAID–0 dies, the entire array is lost, so that would not be very good either.
*

Q: (Graham) I am looking to do a Raid set up but I would like to know if need two hard drives to be the same make or model or can they be two hard drives of the same size?

A: While the two drives do not have to be the same model, size, or even manufacturer, it is best if they are. Then you are striping or mirroring, the performance is mostly dictated by the slower of the two drives, so identical drives means that one drive is not constantly waiting for the other. There are also be issues with timing when the drives have drastically different performance. However, depending on your configuration, sometimes it is possible to make use of the additional performance of one of the drives. The FreeBSD software RAID driver GEOM’s mirroring mode supports different balancing methods, including: load, prefer, round-robin and split.
*

Q: (Bill) Currently I am designing/developing a client/server communications platform. I would love to make the project Open Source when I start developing the code but I am concerned about potential security implications. The plan is to use a user auth system so users can easily contact each other. This is making my security senses tingle because if you have the code for the auth system you could it break down easily. I would love to hear your opinions about this as there are ways it could be done but they could kill ease of use.

A: If you rely on nothing more than the fact that no one knows how your security system works (called Security Through Obscurity), then it is not really security at all. Rather than writing your own authentication system, it might be best to use an existing library, depending on what exactly you are trying to authenticate against. Standard libraries for cryptography like AES, SHA and Blowfish, and authenticity libraries like GPG and SSL/TLS. In the end, being open source allows other developers to spot any mistakes you make, and either notify you about them, or contribute patches to resolve them.

Round-Up:

• Howard L. Berman, author of SOPA : SOPA
• Exclusive: Iran hijacked US drone, says Iranian engineer
• Google Wallet leaves sensitive data unencrypted and accessible, says security firm
• Google gives £550k to Bletchley Park
• iBahn, the hotel ISP, denies data breach by Chinese hackers
• Universal Music Group has podcast pulled from YouTube just because they do not like it

Holiday Reading:

[asa default]0307269930[/asa]
[asa default]0765323117[/asa]

Audible Audio Book Version

   

The post Simulated Cyber War | TechSNAP 36 first appeared on Jupiter Broadcasting.

]]> https://original.jupiterbroadcasting.net/12371/easy-lvm-las-s18e08/ Sat, 24 Sep 2011 17:25:20 +0000 https://original.jupiterbroadcasting.net/?p=12371 Want to stack your Linux box full of hard drives? Join them into one giant pool of storage? We’ll show you how to combine two drives, or even hundreds!

The post Easy LVM | LAS | s18e08 first appeared on Jupiter Broadcasting.

]]>

Want to stack your Linux box full of hard drives? Join them into one giant pool of storage? It’s easy, we’ll show you how to combine two drives, or even hundreds!

Plus – Is Microsoft trying keep Linux off PC’s with Windows 8? We discuss!

And so much more!

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com Use our codes LINUX to save 10% at checkout, or LINUX20 to save 20% on hosting!

Direct Episode Download Links: HD Video | Large Video | Mobile Video | WebM Video | MP3 | OGG Audio | OGG Video | YouTube

Subscribe…— The Linux Action Show! —iTunes MP3iTunes Large VideoiTunes iPod VideoLarge Video RSSiPod Video RSSMP3 Audio RSSOgg Audio RSS— ALL SHOWS —iTunes Large VideoiTunes MP3Large Video RSSMP3 Audio RSSOGG Audio RSS— PODCAST NETWORKS —StitcherMiroZuneiTunes

[ad#shownotes]

Episode Show Notes:

News:

• The Microsoft Update: Next-gen boot spec could forever lock Linux off Windows 8 PCs
• How Microsoft Can Lock Linux Off Windows 8 PCs
• UEFI and “secure boot”
• UEFI secure booting – Red Hat’s Matthew Garrett
• Subsystem for UNIX Applications deprecated in Windows 8
• Casio paying Microsoft to use Linux in new patent deal
• Richard Stallman: “Android Phones Do Not Respect Your Freedom”
• OpenShot Video Editor Version 1.4, Sweeties, and the Future!
• Inferno OS Running On Android Phones
• Inside Linux Mint

LVM Easy:

• A LVM Frontend for KDE
• Using system-config-lvm
• Format your drives as a Physical volume (PV) then you can add that raw storage to a volume group.
• Then create logical volumes, and these will show up as drive devices. Format these with your file system of choice.
• Chris often creates his home directory on a logical volume, for future growth!
• Logical Volume Manager Overview
• FreeBSD GEOM

Find us on Google+

• Chris
• Allan

Find us on Twitter:

• Chris – ChrisLAS
• Allan – AllanJude

Follow the network on Facebook:

• Jupiter Broadcasting on Facebook

Catch the show LIVE at 10am on Sunday:

• https://jblive.tv

The post Easy LVM | LAS | s18e08 first appeared on Jupiter Broadcasting.

]]>