ports – Jupiter Broadcasting

The Little Distro That Could | LINUX Unplugged 357

Wes Payne — Tue, 09 Jun 2020 12:00:00 +0000

Show Notes: linuxunplugged.com/357

The post The Little Distro That Could | LINUX Unplugged 357 first appeared on Jupiter Broadcasting.

Certified BSD | BSD Now 326

Wes Payne — Thu, 28 Nov 2019 04:00:00 +0000

Show Notes/Links: https://www.bsdnow.tv/326

The post Certified BSD | BSD Now 326 first appeared on Jupiter Broadcasting.

Builder’s Insurance | BSD Now 94

chris — Thu, 18 Jun 2015 10:30:39 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

This week on the show, we’ll be chatting with Marc Espie. He’s recently added some additional security measures to dpb, OpenBSD’s package building tool, and we’ll find out why they’re so important. We’ve also got all this week’s news, answers to your emails and even a BSDCan wrap-up, coming up on BSD Now – the place to B.. SD.

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

BSDCan 2015 videos

BSDCan just ended last week, but some of the BSD-related presentation videos are already online
Allan Jude, UCL for FreeBSD
Andrew Cagney, What happens when a dwarf and a daemon start dancing by the light of the silvery moon?
Andy Tanenbaum, A reimplementation of NetBSD using a MicroKernel
Brooks Davis, CheriBSD: A research fork of FreeBSD
Giuseppe Lettieri, Even faster VM networking with virtual passthrough
Joseph Mingrone, Molecular Evolution, Genomic Analysis and FreeBSD
Olivier Cochard-Labbe, Large-scale plug&play x86 network appliance deployment over Internet
Peter Hessler, Using routing domains / routing tables in a production network
Ryan Lortie, a stitch in time: jhbuild
Ted Unangst, signify: Securing OpenBSD From Us To You
Many more still to come…

Documenting my BSD experience

Increasingly common scenario: a long-time Linux user (since the mid-90s) decides it’s finally time to give BSD a try
“That night I came home, I had been trying to find out everything I could about BSD and I watched many videos, read forums, etc. One of the shows I found was BSD Now. I saw that they helped people and answered questions, so I decided to write in.”
In this ongoing series of blog posts, a user named Michael writes about his initial experiences with trying different BSDs for some different tasks
The first post covers ZFS on FreeBSD, used to build a file server for his house (and of course he lists the hardware, if you’re into that)
You get a glimpse of a brand new user trying things out, learning how great ZFS-based RAID arrays are and even some of the initial hurdles someone could run into
He’s also looking to venture into the realm of replacing some of his VMs with jails and bhyve soon
His second post explores replacing the firewall on his self-described “over complicated home network” with an OpenBSD box
After going from ipfwadmin to ipchains to iptables, not even making it to nftables, he found the simple PF syntax to be really refreshing
All the tools for his networking needs, the majority of which are in the base system, worked quickly and were easy to understand
Getting to hear experiences like this are very important – they show areas where all the BSD developers’ hard work has paid off, but can also let us know where we need to improve

PC-BSD starts experimental HardenedBSD builds

The PC-BSD team has created a new branch of their git repo with the HardenedBSD ASLR patches integrated
They’re not the first major FreeBSD-based project to offer an alternate build – OPNsense did that a few weeks ago – but this might open the door for more projects to give it a try as well
With Personacrypt, OpenNTPD, LibreSSL and recent Tor integration through the tools, these additional memory protections will offer PC-BSD users even more security that a default FreeBSD install won’t have
Time will tell if more projects and products like FreeNAS might be interested too

C-states in OpenBSD

People who run BSD on their notebooks, you’ll want to pay attention to this one
OpenBSD has recently committed some ACPI improvements for deep C-states, enabling the processor to enter a low-power mode
According to a few users so far, the change has resulted in dramatically lower CPU temperatures on their laptops, as well as much better battery life
If you’re running OpenBSD -current on a laptop, try out the latest snapshot and report back with your findings

NetBSD at Open Source Conference 2015 Hokkaido

The Japanese NetBSD users group never sleeps, and they’ve hit yet another open source conference
As is usually the case, lots of strange machines on display were running none other than NetBSD (though it was mostly ARM this time)
We’ll be having one of these guys on the show next week to discuss some of the lesser-known NetBSD platforms

Interview – Marc Espie – espie@openbsd.org / @espie_openbsd

Recent improvements to OpenBSD’s dpb tool

News Roundup

Introducing xhyve, bhyve on OS X

We’ve talked about FreeBSD’s “bhyve” hypervisor a lot on the show, and now it’s been ported to another OS
As the name “xhyve” might imply, it’s a port of bhyve to Mac OS X
Currently it only has support for virtualizing a few Linux distributions, but more guest systems can be added in the future
It runs entirely in userspace, and has no extra requirements beyond OS X 10.10 or newer
There are also a few examples on how to use it

4K displays on DragonFlyBSD

If you’ve been using DragonFly as a desktop, maybe with those nice Broadwell graphics, you’ll be pleased to know that 4K displays work just fine
Matthew Dillon wrote up a wiki page about some of the specifics, including a couple gotchas
Some GUI applications might look weird on such a huge resolution,
HDMI ports are mostly limited to a 30Hz refresh rate, and there are slightly steeper hardware requirements for a smooth experience

Sandboxing port daemons on OpenBSD

We talked about different containment methods last week, and mentioned that a lot of the daemons in OpenBSD’s base as chrooted by default – things from ports or packages don’t always get the same treatment
This blog post uses a mumble server as an example, but you can apply it to any service from ports that doesn’t chroot by default
It goes through the process of manually building a sandbox with all the libraries you’ll need to run the daemon, and this setup will even wipe and refresh the chroot every time you restart it
With a few small changes, similar tricks could be done on the other BSDs as well – everybody has chroots

SmallWall 1.8.2 released

SmallWall is a relatively new BSD-based project that we’ve never covered before
It’s an attempt to keep the old m0n0wall codebase going, and appears to have started around the time m0n0wall called it quits
They’ve just released the first official version, so you can give it a try now
If you’re interested in learning more about SmallWall, the lead developer just might be on the show in a few weeks…

Feedback/Questions

Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

The post Builder's Insurance | BSD Now 94 first appeared on Jupiter Broadcasting.

SSL in the Wild | BSD Now 82

chris — Thu, 26 Mar 2015 10:08:34 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We’ll be chatting with Bernard Spil about wider adoption of LibreSSL in other communities. He’s been doing a lot of work with FreeBSD ports specifically, but also working with upstream projects. As usual, all this weeks news and answers to your questions, on BSD Now – the place to B.. SD.

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

EuroBSDCon 2015 call for papers

The call for papers has been announced for the next EuroBSDCon, which is set to be held in Sweden this year
According to their site, the call for presentation proposals period will start on Monday the 23rd of March until Friday the 17th of April
If giving a full talk isn’t your thing, there’s also a call for tutorials – if you’re comfortable teaching other people about something BSD-related, this could be a great thing too
You’re not limited to one proposal – several speakers gave multiple in 2014 – so don’t hesitate if you’ve got more than one thing you’d like to talk about
We’d like to see a more balanced conference schedule than BSDCan’s having this year, but that requires effort on both sides – if you’re doing anything cool with any BSD, we’d encourage you submit a proposal (or two)
Check the announcement for all the specific details and requirements
If your talk gets accepted, the conference even pays for your travel expenses

Making security sausage

Ted Unangst has a new blog post up, detailing his experiences with some recent security patches both in and out of OpenBSD
“Unfortunately, I wrote the tool used for signing patches which somehow turned into a responsibility for also creating the inputs to be signed. That was not the plan!”
The post first takes us through a few OpenBSD errata patches, explaining how some can get fixed very quickly, but others are more complicated and need a bit more review
It also covers security in upstream codebases, and how upstream projects sometimes treat security issues as any other bug
Following that, it leads to the topic of FreeType – and a much more complicated problem with backporting patches between versions
The recent OpenSSL vulnerabilities were also mentioned, with an interesting story to go along with them
Just 45 minutes before the agreed-upon announcement, OpenBSD devs found a problem with the patch OpenSSL planned to release – it had to be redone at the last minute
It was because of this that FreeBSD actually had to release a security update to their security update
He concludes with “My number one wish would be that every project provide small patches for security issues. Dropping enormous feature releases along with a note ‘oh, and some security too’ creates downstream mayhem.”

Running FreeBSD on the server, a sysadmin speaks

More BSD content is appearing on mainstream technology sites, and, more importantly, BSD Now is being mentioned
ITWire recently did an interview with Allan about running FreeBSD on servers (possibly to go with their earlier interview with Kris about desktop usage)
They discuss some of the advantages BSD brings to the table for sysadmins that might be used to Linux or some other UNIX flavor
It also covers specific features like jails, ZFS, long-term support, automating tasks and even… what to name your computers
If you’ve been considering switching your servers over from Linux to FreeBSD, but maybe wanted to hear some first-hand experience, this is the article for you

NetBSD ported to Hardkernel ODROID-C1

In their never-ending quest to run on every new board that comes out, NetBSD has been ported to the Hardkernel ODROID-C1
This one features a quad-core ARMv7 CPU at 1.5GHz, has a gig of ram and gigabit ethernet… all for just $35
There’s a special kernel config file for this board’s hardware, available in both -current and the upcoming 7.0
More info can be found on their wiki page
After this was written, basic framebuffer console support was also committed, allowing a developer to run XFCE on the device

Interview – Bernard Spil – spil.oss@gmail.com / @sp1l

LibreSSL adoption in FreeBSD ports and the wider software ecosystem

News Roundup

Monitoring pf logs with Gource

If you’re using pf on any of the BSDs, maybe you’ve gotten bored of grepping logs and want to do something more fancy
This article will show you how to get set up with Gource for a cinematic-like experience
If you’ve never heard of Gource, it’s “an OpenGL-based 3D visualization tool intended for visualizing activity on source control repositories”
When you put all the tools together, you can end up with some pretty eye-catching animations of your firewall traffic
One of our listeners wrote in to say that he set this up and, almost immediately, noticed his girlfriend’s phone had been compromised – graphical representations of traffic could be useful for detecting suspicious network activity

pkgng 1.5.0 alpha1 released

The development version of pkgng was updated to 1.4.99.14, or 1.5.0 alpha1
This update introduces support for provides/requires, something that we’ve been wanting for a long time
It will also now print which package is the reason for direct dependency change
Another interesting addition is the “pkg -r” switch, allowing cross installation of packages
Remember this isn’t the stable version, so maybe don’t upgrade to it just yet on any production systems
DragonFly will also likely pick up this update once it’s marked stable

Welcome to OpenBSD

We mentioned last week that our listener Brian was giving a talk in the Troy, New York area
The slides from that talk are now online, and they’ve been generating quite a bit of discussion online
It’s simply titled “Welcome to OpenBSD” and gives the reader an introduction to the OS (and how easy it is to get involved with contributing)
Topics include a quick history of the project, who the developers are and what they do, some proactive security techniques and finally how to get involved
As you may know, NetBSD has almost 60 supported platforms and their slogan is “of course it runs NetBSD” – Brian says, with 17 platforms over 13 CPU architectures, “it probably runs OpenBSD”
No matter which BSD you might be interested in, these slides are a great read, especially for any beginners looking to get their feet wet
Try to guess which font he used…

BSDTalk episode 252

And somehow Brian has snuck himself into another news item this week
He makes an appearance in the latest episode of BSD Talk, where he chats with Will about running a BSD-based shell provider
If that sounds familiar, it’s probably because we did the same thing, albeit with a different member of their team
In this interview, they discuss what a shell provider does, hardware requirements and how to weed out the spammers in favor of real people
They also talk a bit about the community aspect of a shared server, as opposed to just running a virtual machine by yourself

Feedback/Questions

Mailing List Gold

Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv – don’t be afraid to write about your experiences and send them to us, we’d love to read about what you guys are doing with BSD
If you’re interested in OpenZFS discussion, they’re looking to start up the office hours series again on April 2nd (with Justin Gibbs)
There’s a new BSD users group starting up in the Vancouver, British Columbia area – VanBUG will be holding an event on April 8th

The post SSL in the Wild | BSD Now 82 first appeared on Jupiter Broadcasting.

Vivaldi, The Fourth Browser | LINUX Unplugged 77

chris — Tue, 27 Jan 2015 17:21:05 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

A new browser called Vivaldi is on the scene with Linux support out of the box. Our virtual lug makes the case why it might be worth giving a try!

Plus a quick Linux laptop update, a surprise for Matt, your feedback & more!

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

Show Notes:

Pre-Show:

Linux Kernel Development Halted.

FU:

Vivaldi: A New Chromium-Powered, Multi-Platform Browser

Vivaldi is currently offered as a tech preview and is powered by Chromium with a number of features that reminisce Opera’s glory days, among them are the speed dial and mouse gestures. Vivaldi also adds in new features like allowing multiple tabs to be combined into one tab stack, support for note-taking within the browser, and other improvements to its Chromium base. Vivaldi was started by Jon von Tetzchner, the former CEO of Opera who hasn’t been with the firm for a few years.

AUR (en) – Search Criteria: Vivaldi

Thanks Matt!

Runs Linux from the people:

Send in a pic/video of your runs Linux.
Please upload videos to YouTube and submit a link via email or the subreddit.

New Shows : Tech Talk Today (Mon – Thur)

Tech Talk Today Today | Jupiter Broadcasting

Support Jupiter Broadcasting on Patreon

Post-Show

What does your prompt look like : LinuxActionShow

The post Vivaldi, The Fourth Browser | LINUX Unplugged 77 first appeared on Jupiter Broadcasting.

Patch and Notify | TechSNAP 197

chris — Thu, 15 Jan 2015 22:21:43 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Been putting off that patch? This week we’ll cover how an out of date Joomla install led to a massive breach, Microsoft and Google spar over patch disclosures & picking the right security question…

Plus a great batch of your feedback, a rocking round up & much, much more!

Thanks to:

Get Paid to Write for DigitalOcean

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

Data thieves target parking lots

“Late last year, KrebsOnSecurity wrote that two huge swaths of credit card numbers put up for sale in the cybercrime underground had likely been stolen from Park ‘N Fly and from OneStopParking.com, competing airport parking services that lets customers reserve spots in advance of travel via Internet reservation systems. This week, both companies confirmed that they had indeed suffered a breach.”
“When contacted by Krebs on Dec. 15, Atlanta-based Park ‘N Fly said while it had recently engaged multiple security firms to investigate breach claims, it had not found any proof of an intrusion. In a statement released Tuesday, however, the company acknowledged that its site was hacked and leaking credit card data, but stopped short of saying how long the breach persisted or how many customers may have been affected”
“OneStopParking.com reached via phone this morning, the site’s manager Amer Ghanem said the company recently determined that hackers had broken in to its systems via a vulnerability in Joomla for which patches were made available in Sept. 2014. Unfortunately for OneStopParking.com and its customers, the company put off applying that Joomla update because it broke portions of the site.”
“Unlike card data stolen from main street retailers — which can be encoded onto new plastic and used to buy stolen goods in physical retail stores — cards stolen from online transactions can only be used by thieves for fraudulent online purchases. However, most online carding shops that sell stolen card data in underground stores market both types of cards, known in thief-speak as “dumps” and “CVVs,” respectively.”
“Interestingly, the disclosure timeline for both of these companies would have been consistent with a new data breach notification law that President Obama called for earlier this week. That proposal would require companies to notify consumers about a breach within 30 days of discovering their information has been hacked.”
Krebs also appears to be having fun with the LizzardSquad

Microsoft pushes emergency fixes, blames Google

Microsoft and Adobe both released critical patches this week
“Leading the batch of Microsoft patches for 2015 is a drama-laden update to fix a vulnerability in Windows 8.1 that Google researchers disclosed just two days ago. Google has a relatively new policy of publicly disclosing flaws 90 days after they are reported to the responsible software vendor — whether or not that vendor has fixed the bug yet. That 90-day period elapsed over the weekend, causing Google to spill the beans and potentially help attackers develop an exploit in advance of Patch Tuesday.”
Yahoo recently announced a similar new policy, to disclose all bugs after 90 days
This is the result of too many vendors take far too long to resolve bugs after they are notified
Researchers have found that need to straddle the line between responsible disclosure, and full disclosure, as it is irresponsible to not notify the public when it doesn’t appear as if the vendor is taking the vulnerability seriously.
Microsoft also patched a critical telnet vulnerability
“For its part, Microsoft issued a strongly-worded blog post chiding Google for what it called a “gotcha” policy that leaves Microsoft users in the lurch”
There is also a new Adobe flash to address multiple issues
Krebs notes: “Windows users who browse the Web with anything other than Internet Explorer may need to apply this patch twice, once with IE and again using the alternative browser (Firefox, Opera, e.g.).” because of the way Microsoft bundles flash
Infact, if you use Chrome and Firefox on windows, you’ll need to make sure all 3 have properly updated.

What makes a good security question?

Safe: cannot be guessed or researched
Stable: does not change over time
Memorable: you can remember it
Simple: is precise, simple, consistent
Many: has many possible answers
It is important that the answer not be something that could easily be learned by friending you on facebook or twitter
Some examples:
What is the name of the first beach you visited?
What is the last name of the teacher who gave you your first failing grade?
What is the first name of the person you first kissed?
What was the name of your first stuffed animal or doll or action figure?
Too many of the more popular questions are too easy to research now
Some examples of ones that might not be so good:
- In what town was your first job? (Resume, LinkedIn, Facebook)
- What school did you attend for sixth grade?
- What is your oldest sibling’s birthday month and year? (e.g., January 1900) (Now it isn’t your facebook, but theirs that might be the leak, you can’t control what information other people expose)
Sample question scoring

Feedback:

Round Up:

The post Patch and Notify | TechSNAP 197 first appeared on Jupiter Broadcasting.

The Daemon’s Apprentice | BSD Now 57

chris — Thu, 02 Oct 2014 11:54:25 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We’re back from EuroBSDCon! This week we’ll be talking with Steve Wills about mentoring new BSD developers. If you’ve ever considered becoming a developer or helping out, it’s actually really easy to get involved. We’ve also got all the BSD news for the week and answers to your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

NetBSD at Hiroshima Open Source Conference

NetBSD developers are hard at work, putting NetBSD on everything they can find
At a technology conference in Hiroshima, some developers brought their exotic machines to put on display
As usual, there are lots of pictures and a nice report from the conference

FreeBSD’s Linux emulation ports rehaul

For a long time, FreeBSD’s emulation layer has been based on an ancient Fedora 10 system
If you’ve ever needed to install Adobe Flash on BSD, you’ll be stuck with all this extra junk
With some recent work, that’s been replaced with a recent CentOS release
This opens up the door for newer versions of Skype to run on FreeBSD, and maybe even Steam someday

pfSense 2.2-BETA

Big changes are coming in pfSense land, with their upcoming 2.2 release
We talked to the developer a while back about future plans, and now they’re finally out there
The 2.2 branch will be based on FreeBSD 10-STABLE (instead of 8.3) and include lots of performance fixes
It also includes some security updates, lots of package changes and updates and much more
You can check the full list of changes on their wiki

NetBSD on the Raspberry Pi

This article shows how you can install NetBSD on the ever-so-popular Raspberry Pi
As of right now, you’ll need to use a -CURRENT snapshot to do it
It also shows how to grow the filesystem to fill up an SD card, some pkgsrc basics and how to get some initial things set up
Can anyone find something that you can’t install NetBSD on?

Interview – Steve Wills – swills@freebsd.org / @swills

Mentoring new BSD developers

News Roundup

MidnightBSD 0.5 released

We don’t hear a whole lot about MidnightBSD, but they’ve just released version 0.5
It’s got a round of the latest FreeBSD security patches, driver updates and various small things
Maybe one of their developers could come on the show sometime and tell us more about the project

BSD Router Project 1.52 released

The newest update for the BSD Router Project is out
This version is based on a snapshot of 10-STABLE that’s very close to 10.1-RELEASE
It’s mostly a bugfix release, but includes some small changes and package updates

Configuring a DragonFly BSD desktop

We’ve done tutorials on how to set up a FreeBSD or OpenBSD desktop, but maybe you’re more interested in DragonFly
In this post from Justin Sherrill, you’ll learn some of the steps to do just that
He pulled out an old desktop machine, gave it a try and seems to be pleased with the results
It includes a few Xorg tips, and there are some comments about the possibility of making a GUI DragonFly installer

Building a mini-ITX pfSense box

Another week, another pfSense firewall build post
This time, the author is installing to a Jetway J7F2, a mini-ITX device with four LAN ports
He used to be a m0n0wall guy, but wanted to give the more modern pfSense a try
Lots of great pictures of the hardware, which we always love

Feedback/Questions

All the tutorials are posted in their entirety at bsdnow.tv
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Slides from most of the EuroBSDCon talks are up, hopefully we’ll have the links to all the videos soon
We got lots of great interviews, so look forward to those in the coming months
The Book of PF’s third edition is now available to buy digitally, and physical copies will be available later this month
OpenBSD 5.6 preorders are up on their new store, openbsdstore.com – there’s also some other cool things there
Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post The Daemon's Apprentice | BSD Now 57 first appeared on Jupiter Broadcasting.

CRUX Interview | LINUX Unplugged 52

chris — Tue, 05 Aug 2014 17:06:31 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Our team reviews the famous CRUX Linux and we discuss this unique distribution with one of its long time developers.

Plus details about Fedora COPR and is Desktop Linux stuck in an uncanny valley? We debate.

Thanks to:

Direct Download:

RSS Feeds:

Become a supporter on Patreon:

Show Notes:

Pre-Show:

Compare Microsoft vs. Linux

FU:

In the next few months I hope to do a series of blog posts that talk about Mozilla’s Thunderbird email client and its future. Here’s the TL;DR version (though still pretty long). These are my personal views, I have no authority to speak for Mozilla or for the Thunderbird project.

Suggestion about Video Conference SW (kinda)

CRUX REVIEW

About: Crux

CRUX is a lightweight Linux distribution for the x86-64 architecture targeted at experienced Linux users. The primary focus of this distribution is keep it simple, which is reflected in a straightforward tar.gz-based package system, BSD-style initscripts, and a relatively small collection of trimmed packages. The secondary focus is utilization of new Linux features and recent tools and libraries. CRUX also has a ports system which makes it easy to install and upgrade applications.

When Linux Was Perfect Enough « FOSS Force

Today’s computer user just wants the computer to work, without problems, out of the box. They don’t want to have to figure out why Hulu or Netflix doesn’t work or why their fonts display properly in some applications and not in others.

Runs Linux from the people:

Send in a pic/video of your runs Linux.
Please upload videos to YouTube and submit a link via email or the subreddit.

New Shows : Tech Talk Today (Mon – Thur) HowTo Linux (Fridays)

Tech Talk Today Today | Jupiter Broadcasting

Support Jupiter Broadcasting on Patreon

Post-Show

India opens up to operating system Ubuntu

The post CRUX Interview | LINUX Unplugged 52 first appeared on Jupiter Broadcasting.

ownCloud 7 Interview | LAS 324

chris — Sun, 03 Aug 2014 15:37:55 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

The founder of ownCloud joins us to discuss their latest release, future plans and challenges. And we’ll ask a batch of the tough questions you sent in.

Then we take a look at CRUX, a legendary Linux distribution with an amazing history. Plus an app pick that will instantly tickle your retro bone, a cautious tale…

AND SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

Download:

RSS Feeds:

Become a supporter on Patreon:

— Show Notes: —

CRUX Linux Review:

Brought to you by: System76

Today we’re kicking off our most substantial Ubuntu computer sale of the year.…

About: Crux

CRUX is a lightweight Linux distribution for the x86-64 architecture targeted at experienced Linux users. The primary focus of this distribution is keep it simple, which is reflected in a straightforward tar.gz-based package system, BSD-style initscripts, and a relatively small collection of trimmed packages. The secondary focus is utilization of new Linux features and recent tools and libraries. CRUX also has a ports system which makes it easy to install and upgrade applications.

In short, CRUX might suit you very well if you are:

A somewhat experienced Linux user who wants a clean and solid Linux distribution as the foundation of your installation.
A person who prefers editing configuration files with an editor to using a GUI.
Someone who does not hesitate to download and compile programs from the source.

History of CRUX

Started May 2000
No public releases made during this time
A strong community by 2002, and was responsible for working together and adding important package management features to the distro.
CRUX was built from scratch and has never been based on any other Linux distribution.
Tracked by Distrowatch since 2002-01-14

CRUX vs Arch

Before creating Arch, Judd Vinet admired and used CRUX; a minimalist distribution created by Per Lidén. Originally inspired by ideas in common with CRUX and BSD, Arch was built from scratch, and pacman was then coded in C.
Arch and CRUX share some guiding principles: for instance, both are architecture-optimized, minimalist and K.I.S.S.-oriented.
Both ship with ports-like systems, and, like *BSD, both provide a minimal base environment to build upon.
Arch features pacman, which handles binary system package management and works seamlessly with the Arch Build System. CRUX uses a community contributed system called prt-get, which, in combination with its own ports system, handles dependency resolution, but builds all packages from source (though the CRUX base installation is binary).
Arch officially supports x86_64 and i686 only, whereas CRUX officially offers only x86_64.
Arch uses a rolling-release system and features a large array of binary package repositories as well as the Arch User Repository. CRUX provides a more slimmed-down officially supported ports system in addition to a comparatively modest community repository.

CRUX 3.1 Released July 17th 2014

Toolchain updates

CRUX 3.1 comes with a multilib toolchain which includes glibc 2.19.0, gcc 4.8.3 and binutils 2.24

Kernel

Linux 3.12.24

Xorg

CRUX 3.1 ships with Xorg 7.7 and xorg-server 1.15.1.

CRUX Install:

Very Manual.

Packages in CRUX

The package system (pkgutils) is made with simplicity in mind, where all packages are plain tar.gz files (i.e. without any kind of meta data).

When a package is installed using pkgadd a new record is added to the package database (stored in /var/lib/pkg/db). The basic package system does not have any kind of dependency checking, thus it will not warn you if you install a package that requires other packages to be installed. The included prt-get tool, however, does support dependencies.

Since the package file itself does not contain any meta data. Instead, the package manager uses the package filename to determine the package name and version.
Thus, when installing a package file named bash#2.05-1.pkg.tar.gz, the package manager will interpret this as a package named bash at version 2.05-1.

If pkgadd is unable to interpret the filename (e.g. # is missing or the filename does not end with .pkg.tar.gz) an error message will be printed and pkgadd will abort without installing the package.

Package management frontend: prt-get

To address the different requirements towards package management in CRUX, a number of users started discussion about an advanced package management frontend to pkgutils, with dependency handling and support for large install transactions. The result of this community effort is prt-get, a tool which provides a number of features on top of pkgutils while keeping pkgutils’ original character and power. Its main features are

Dependency handling
Build logging
Powerful search and query functionality

Nowadays prt-get is an official project and tool of the CRUX project.

The Ports System

The term Ports System refers to a remote repository containing ports and a client program capable of downloading ports from that repository. CRUX users use the ports(8) utility to download ports from the repository and place them in /usr/ports/. The ports utility uses rsync(1) or httpup(1) to do the actual downloading/synchronization.

A port is a directory containing the files needed for building a package using pkgmk. This means that this directory at least has the files Pkgfile (which is the package build description) and .footprint (which is used for regression testing and contains a list of files this package is expected to contain once it is built). Further, a port directory can contain patches and/or other files needed for building the package. It is important to understand that the actual source code for the package is not necessarily present in port directory. Instead the Pkgfile contains an URL which points to a location where the source can be downloaded.

Have a Question about CRUX? Ask one of the Devs!

— PICKS —

Runs Linux

The Future of Desktop Computing? – Computerphile – YouTube

Tablets are taking over from desktop computing but what if we merge the two? This prototype demonstrates something new, that builds upon something centuries old – working with paper on your desk.

How To Install and Configure Syncthing to Synchronize Directories on Ubuntu 14.04 | DigitalOcean

Desktop App Pick

cool-old-term

‘cool-old-term’: This retro styled Terminal Emulator could be the coolest we’ve seen yet! | Tech Drive-in

Developed by Swordfish’s Labs, cool-old-term is a terminal emulator which tries to mimic the look and feel of the old cathode tube screens. It has been designed to be eye-candy, customizable, and reasonably lightweight.

Weekly Spotlight

Toxic

Toxic is a Tox-based instant messaging client which formerly resided in the Tox core repository, and is now available as a standalone application.

qTox

Powerful Tox client that tries to follow the Tox UI mockup while running on all major systems.
This GUI uses code from @nurupo’tos ProjectTox-Qt-GUI, in particular the “Core” Toxcore wrapper.
However, it is not a fork.

Features

One to one chat with friends
Group chats
File transfers, with previewing of images
Audio calls
Video calls (alpha)
Tox DNS
Translations in various languages

Missed any of our OSCON 2014 Interviews? Here’s each interview broken out and added to an OSCON Playlist

— NEWS —

OpenSUSE Factory Turns Into Rolling Release Distribution

OpenSUSE Factory will still serve where openSUSE development takes place, but it’s also going to aim for being a distribution on its own as a “tested and stable fresh-daily bleeding-edge distribution.”

Fedora security team is announced

== What are we doing? ==

The Security Team’s mission is to assist packagers in closing security vulnerabilities. Once alerted to a
vulnerability on a package, the security team can help work with upstream to obtain a patch or a new release
of a package. Once we have a patch or a new release we attach it to the vulnerability bug and work with
packagers to get the fix pushed.

== How bad is the problem now? ==

As of a few days ago we had 566 open vulnerability tickets that cover both Fedora and EPEL. The breakdown of
those bugs by severity looks like this:

Critical: 3
Important: 69
Moderate: 366
Low: 128
Answering questions regarding the Fedora Security Team | Sparks’ Open Source and Security Journal

Fedora 21 Has Been Delayed By Three Weeks

At Wednesday’s Fedora Engineering and Steering Committee it was agreed upon to push back the entire release process by three weeks. This three weeks is to give additional time to finish outstanding work prior to the changes freeze and for also then working around Fedora’s “Flock” contributor conference.

Fedora 21 will not be officially released now until at least 4 November while the alpha release is at 26 August, beta release on 30 September, and the final change deadline on 21 October. The updated Fedora 21 schedule can be found via this Fedora Wiki page.

OMG! Fedora is just getting a security team? Does this mean Fedora has been insecure this entire time?!?

Umm, no, it doesn’t mean that Fedora has been insecure this entire time. In all actuality Fedora is in pretty good shape overall. There is always room for improvement and so we’re organizing a team to help facilitate that improvement.

XBMC Is Getting a New Name – Introducing Kodi 14

We are excited to announce that the media center software we’ve all loved for so many years will have a new name, starting with version 14. Instead of XBMC 14, we’d like to introduce you to Kodi 14.

ownCloud 7 Released With more Sharing And Control | ownCloud.org

ownCloud 7 Community Edition has significant feature improvements for users, administrators and developers.

ownCloud 7 Released With more Sharing And Control | ownCloud.org

Questions for Frank:

What brought about Server-to-Server syncing, and how close to real time is that syncing?
Sleepee asks: Any plans for better auditing on who shared filed. He’s working in an Enterprise, and the management would like some records.
Seal20 asks: I could not find anyway to replace the last closed and evil tool: evernote. I hate it but I couldn’t switch to any other free alternative. Do you plan do include an evernote alternative somewhere down the road?
Seal20 also asks: What about an “owncloud phone” you could rip off an android os from all google or even better start from a firefox os and include all owncloud related apps: cal/carddav sync, owncloud news, sync apps, etc! I and i am sure others will surely pay a premium for this!
pierre4l asks: I wonder whether the focus of OwnCloud is going to be home users wanting to set up their personal cloud servers, or whether it is veering more to the enterprise deployments. Or is it trying to be a solution for all?
OwnCloud apps seems to be really growing. Where do you see OwnCloud apps going? Even casual games on apps.ownCloud.com
autodidactos: I know there are two email client apps available (roundcube and rainloop) but neither seem to be as integrated as an official client would be. Are there any plans for an official OwnCloud email client?

— FEEDBACK —

— CHRIS’ STASH —

jupiterbroadcasting on Instagram

Hang in our chat room:

irc.geekshed.net #jupiterbroadcasting

— MATT’S STASH —

Find us on Google+

Find us on Twitter

Follow the network on Facebook

Jupiter Broadcasting on Facebook

Catch the show LIVE Sunday 10am Pacific / 1pm Eastern / 6pm UTC:

The post ownCloud 7 Interview | LAS 324 first appeared on Jupiter Broadcasting.

Package Design | BSD Now 43

chris — Thu, 26 Jun 2014 10:06:40 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

It’s a big show this week! We’ll be interviewing Marc Espie about OpenBSD’s package system and build cluster. Also, we’ve been asked many times “how do I keep my BSD box up to date?” Well, today’s tutorial should finally answer that. Answers to all your emails and this week’s headlines, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

EuroBSDCon 2014 talks and schedule

The talks and schedules for EuroBSDCon 2014 are finally revealed
The opening keynote is called “FreeBSD, looking forward to another 10 years” by jkh
Lots of talks spanning FreeBSD, OpenBSD and PCBSD, and we finally have a few about NetBSD and DragonflyBSD too! Variety is great
It looks like Theo even has a talk, but the title isn’t on the page… how mysterious
There are also days dedicated to some really interesting tutorials
Register now, the conference is on September 25-28th in Bulgaria
If you see Allan and Kris walking towards you and you haven’t given us an interview yet… well you know what’s going to happen
Why aren’t the videos up from last year yet? Will this year also not have any?

FreeNAS vs NAS4Free

More mainstream news covering BSD, this time with an article about different NAS solutions
In a possibly excessive eight-page article, Ars Technica discusses the pros and cons of both FreeNAS and NAS4Free
Both are based on FreeBSD and ZFS of course, but there are more differences than you might expect
Discusses the different development models, release cycles, features, interfaces and ease-of-use factor of each project
“One is pleasantly functional; the other continues devolving during a journey of pain” – uh oh, who’s the loser?

Quality software costs money, heartbleed was free

PHK writes an article for ACM Queue about open source software projects’ funding efforts
A lot of people don’t realize just how widespread open source software is – TVs, printers, gaming consoles, etc
The article discusses ways to convince your workplace to fund open source efforts, then goes into a little bit about FreeBSD and Varnish’s funding
The latest heartbleed vulnerability should teach everyone that open source projects are critical to the internet, and need people actively maintaining them
On that subject, “Earlier this year the OpenSSL Heartbleed bug laid waste to Internet security, and there are still hundreds of thousands of embedded devices of all kinds—probably your television among them—that have not been and will not ever be software-upgraded to fix it. The best way to prevent that from happening again is to avoid having bugs of that kind go undiscovered for several years, and the only way to avoid that is to have competent people paying attention to the software”
Consider donating to your favorite BSD foundation (or buying cool shirts and CDs!) and keeping the ecosystem alive

Geoblock evasion with pf and OpenBSD rdomains

Geoblocking is a way for websites to block visitors based on the location of their IP
This is a blog post about how to get around it, using pf and rdomains
It has the advantage of not requiring any browser plugins or DNS settings on the users’ computers, you just need to be running OpenBSD on your router (hmm, if only a website had a tutorial about that…)
In this post, the author wanted to get an American IP address, since the service he was using (Netflix) is blocked in Australia
It’s got all the details you need to set up a VPN-like system and bypass those pesky geographic filters

Interview – Marc Espie – espie@openbsd.org / @espie_openbsd

OpenBSD’s package system, building cluster, various topics

Tutorial

Keeping your BSD up to date

News Roundup

BoringSSL and LibReSSL

Yet another OpenSSL fork pops up, this time from Google, called BoringSSL
Adam Langley has a blog post about it, why they did it and how they’re going to maintain it
You can easily browse the source code
Theo de Raadt also weighs in with how this effort relates to LibReSSL
More eyes on the code is good, and patches will be shared between the two projects

More BSD Tor nodes wanted

Friend of the show bcallah posts some news to the Tor-BSD mailing list about monoculture in the Tor network being both bad and dangerous
Originally discussed on the Tor-Relays list, it was made apparent that having such a large amount of Linux nodes weakens the security of the whole network
If one vulnerability is found, a huge portion of the network would be useless – we need more variety in the network stacks, crypto, etc.
The EFF is also holding a Tor challenge for people to start up new relays and keep them online for over a year
Check out our Tor tutorial and help out the network, and promote BSD at the same time!

FreeBSD 10 OpenStack images

OpenStack, to quote Wikipedia, is “a free and open-source software cloud computing platform. It is primarily deployed as an infrastructure as a service (IaaS) solution.”
The article goes into detail about creating a FreeBSD instant, installing and converting it for use with “bsd-cloudinit”
The author of the article is a regular listener and emailer of the show, hey!

BSDday 2014 call for papers

BSD Day, a conference not so well-known, is going to be held August 9th in Argentina
It was created in 2008 and is the only BSD conference around that area
The “call for papers” was issued, so if you’re around Argentina and use BSD, consider submitting a talk
Sysadmins, developers and regular users are, of course, all welcome to come to the event

Feedback/Questions

All the tutorials are posted in their entirety at bsdnow.tv
Just a reminder for those who don’t check the website, you’ll also find contact information for every guest we’ve ever had in the show notes – so if you have follow up questions for them, it’s easy to get in touch
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
If you want to come on for an interview or have a tutorial you’d like to see, let us know
Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)
Congrats to Matt Ahrens for getting FreeBSD commit access – hopefully lots of great ZFS stuff to come
A special 21st happy birthday to FreeBSD

The post Package Design | BSD Now 43 first appeared on Jupiter Broadcasting.

A BUG’s Life | BSD Now 38

chris — Thu, 22 May 2014 10:22:23 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We\’re back from BSDCan! This week on the show we\’ll be chatting with Brian Callahan and Aaron Bieber about forming a local BSD users group. We\’ll get to hear their experiences of running one and maybe encourage some of you to start your own!

After that, we\’ve got a tutorial on the basics of NetBSD\’s package manager, pkgsrc. Answers to your emails and the latest headlines, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

FreeBSD 11 goals and discussion

Something that actually happened at BSDCan this year…
During the FreeBSD devsummit, there was some discussion about what changes will be made in 11.0-RELEASE
Slides from Dev Summit
Some of MWL\’s notes include: the test suite will be merged to 10-STABLE, more work on the MIPS platforms, LLDB getting more attention, UEFI boot and install support
A large list of possibilities was also included and open for discussion, including AES-GCM in IPSEC, ASLR, OpenMP, ICC, in-place kernel upgrades, Capsicum improvements, TCP performance improvements and A LOT more
There\’s also some notes from the devsummit virtualization session, mostly talking about bhyve
Lastly, he also provides some notes about ports and packages and where they\’re going

An SSH honeypot with OpenBSD and Kippo

Everyone loves messing with script kiddies, right?
This blog post introduces Kippo, an SSH honeypot tool, and how to use it in combination with OpenBSD
It includes a step by step (or rather, command by command) guide and some tips for running a honeypot securely
You can use this to get new 0day exploits or find weaknesses in your systems
OpenBSD makes a great companion for security testing tools like this with all its exploit mitigation techniques that protect all running applications

NetBSD foundation financial report

The NetBSD foundation has posted their 2013 financial report
It\’s a very \”no nonsense\” page, pretty much only the hard numbers
In 2013, they got $26,000 of income in donations
The rest of the page shows all the details, how they spent it on hardware, consulting, conference fees, legal costs and everything else
Be sure to donate to whichever BSDs you like and use!

Building a fully-encrypted NAS with OpenBSD

Usually the popular choice for a NAS system is FreeNAS, or plain FreeBSD if you know what you\’re doing
This article takes a look at the OpenBSD side and explains how to build a NAS with security in mind
The NAS will be fully encrypted, no separate /boot partition like FreeBSD and FreeNAS require – this means the kernel itself is even protected
The obvious trade-off is the lack of ZFS support for storage, but this is an interesting idea that would fit most people\’s needs too
There\’s also a bit of background information on NAS systems in general, some NAS-specific security tips and even some nice graphs and pictures of the hardware – fantastic write up!

Interview – Brian Callahan & Aaron Bieber – admin@lists.nycbug.org & admin@cobug.org

Forming a local BSD Users Group

Tutorial

The basics of pkgsrc

News Roundup

FreeBSD periodic mails vs. monitoring

If you\’ve ever been an admin for a lot of FreeBSD boxes, you\’ve probably noticed that you get a lot of email
This page tells about all the different alert emails, cron emails and other reports you might end up getting, as well as how to manage them
From bad SSH logins to Zabbix alerts, it all adds up quickly
It highlights the periodic.conf file and FreeBSD\’s periodic daemon, as well as some third party monitoring tools you can use to keep track of your servers

Doing cool stuff with OpenBSD routing domains

A blog post from our viewer and regular emailer, Kjell-Aleksander!
He manages some internally-routed IP ranges at his work, but didn\’t want to have equipment for each separate project
This is where OpenBSD routing domains and pf come in to save the day
The blog post goes through the process with all the network details you could ever dream of
He even named his networking equipment… after us

LibreSSL, the good and the bad

We\’re all probably familiar with OpenBSD\’s fork of OpenSSL at this point
However, \”for those of you that don\’t know it, OpenSSL is at the same time the best and most popular SSL/TLS library available, and utter junk\”
This article talks about some of the cryptographic development challenges involved with maintaining such a massive project
You need cryptographers, software engineers, software optimization specialists – there are a lot of roles that need to be filled
It also mentions some OpenSSL alternatives and recent LibreSSL progress, as well as some downsides to the fork – the main one being their aim for backwards compatibility

PCBSD weekly digest

Lots going on in PCBSD land this week, AppCafe has been redesigned
The PBI system is being replaced with pkgng, PBIs will be automatically converted once you update
In the more recent post, there\’s some further explanation of the PBI system and the reason for the transition
It\’s got lots of details on the different ways to install software, so hopefully it will clear up any possible confusion
Working on adding support for FDE with GELI using GRUB for 10.0.2
Any devs who can grock the GRUB geli code are welcome to contact Kris

Feedback/Questions

All the tutorials are posted in their entirety at bsdnow.tv
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
If you\’ve got something cool to talk about and want to come on for an interview, shoot us an email
Michael Lucas will be giving a live presentation next Tuesday, \”Beyond Security: Getting to Know OpenBSD’s Real Purpose\” so be sure to catch that
Preorders for the book of PF\’s third edition are up
We got a picture of a bunch of old FreeBSD CDs
Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post A BUG's Life | BSD Now 38 first appeared on Jupiter Broadcasting.

Let’s Get RAID | BSD Now 36

chris — Fri, 09 May 2014 09:25:39 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

This week on the show we\’ll be showing you how to set up RAID arrays in FreeBSD. There\’s also an interview with David Chisnall – of the FreeBSD core team – about the switch to Clang and a lot more.

Sit back and enjoy some BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

OpenBSD 5.5 released

If you ordered a CD set then you\’ve probably had it for a little while already, but OpenBSD has formally announced the public release of 5.5
This is one of the biggest releases to date, with a very long list of changes and improvements
Some of the highlights include: time_t being 64 bit on all platforms, release sets and binary packages being signed with the new signify tool, a new autoinstall feature of the installer, SMP support on Alpha, a new AViiON port, lots of new hardware drivers including newer NICs, the new vxlan driver, relayd improvements, a new pf queue system for bandwidth shaping, dhcpd and dhclient fixes, OpenSMTPD 5.4.2 and all its new features, position-independent executables being default for i386, the RNG has been replaced with ChaCha20 as well as some other security improvements, FUSE support, tmpfs, softraid partitions larger than 2TB and a RAID 5 implementation, OpenSSH 6.6 with all its new features and fixes… and a lot more
The full list of changes is HUGE, be sure to read through it all if you\’re interested in the details
If you\’re doing an upgrade from 5.4 instead of a fresh install, pay careful attention to the upgrade guide as there are some very specific steps for this version
Also be sure to apply the errata patches on your new installations… especially those OpenSSL ones (some of which still aren\’t fixed in the other BSDs yet)
On the topic of errata patches, the project is now going to also send them out (signed) via the announce mailing list, a very welcome change
Congrats to the whole team on this great release – 5.6 is going to be even more awesome with \”Libre\”SSL and lots of other stuff that\’s currently in development

FreeBSD foundation funding highlights

The FreeBSD foundation posts a new update on how they\’re spending the money that everyone donates
\”As we embark on our 15th year of serving the FreeBSD Project and community, we are proud of what we\’ve done to help FreeBSD become the most innovative, reliable, and high-performance operation system\”
During this spring, they want to highlight the new UEFI boot support and newcons
There\’s a lot of details about what exactly UEFI is and why we need it going forward
FreeBSD has also needed some updates to its console to support UTF8 and wide characters
Hopefully this series will continue and we\’ll get to see what other work is being sponsored

OpenSSH without OpenSSL

The OpenSSH team has been hard at work, making it even better, and now OpenSSL is completely optional
Since it won\’t have access to the primitives OpenSSL uses, there will be a trade-off of features vs. security
This version will drop support for legacy SSH v1, and the only two cryptographic algorithms supported are an in-house implementation of AES (in counter mode) and the new combination of the Chacha20 stream cipher with Poly1305 for packet integrity
Key exchange is limited to elliptic curve Diffie-Hellman and the newer Curve25519 KEXs
No support for RSA, DSA or ECDSA public keys – only Ed25519
It also includes a new buffer API and a set of wrappers to make it compatible with the existing API
Believe it or not, this was planned before all the heartbleed craziness
Maybe someday soon we\’ll have a mini-openssh-portable in FreeBSD ports and NetBSD pkgsrc… would be really cool

BSDMag\’s April 2014 issue is out

The free monthly BSD magazine has got a new issue available for download
This time the articles include: pascal on BSD, an introduction to revision control systems and configuration management, deploying NetBSD on AWS EC2, more GIMP tutorials, an AsiaBSDCon 2014 report and a piece about how easily credit cards are stolen online
Anyone can contribute to the magazine, just send the editors an email about what you want to write
No Linux articles this time around

Interview – David Chisnall – theraven@freebsd.org

The LLVM/Clang switch, FreeBSD\’s core team, various topics

Tutorial

RAID in FreeBSD and OpenBSD

News Roundup

BSDTalk episode 240

The original BSD podcaster Will Backman has uploaded a new episode of BSDTalk, this time with our other buddy GNN as the guest – mainly to talk about NTP and keeping reliable time
Topics include the specific details of crystals used in watches and computers to keep time, how temperature affects the quality, different sources of inaccuracy, some general NTP information, why you might want extremely precise time, different time sources (GPS, satellite, etc), differences in stratum levels, the problem of packet delay and estimating the round trip time, some of the recent NTP amplification attacks, the downsides to using UDP instead of TCP and… much more
GNN also talks a little about the Precision Time Protocol and how it\’s different than NTP
Two people we\’ve interviewed talking to each other, awesome
If you\’re interested in NTP, be sure to see our tutorial too

m2k14 trip reports

We\’ve got a few more reports from the recent OpenBSD hackathon in Morocco
The first one is from Antoine Jacoutot (who is a key GNOME porter, and gave us the screenshots for the OpenBSD desktop tutorial)
\”Since I always fail at actually doing whatever I have planned for a hackathon, this time I decided to come to m2k14 unprepared about what I was going to do\”
He got lots of work done with ports and pushing GNOME-related patches back up to the main project, then worked on fixing ports\’ compatibility with LibreSSL
Speaking of LibreSSL, there\’s an article all would-be portable version writers should probably read and take into consideration
Jasper Adriaanse also writes about what he got done over there
He cleaned up and fixed the puppet port to work better with OpenBSD

Why you should use FreeBSD on your cloud VPS

Here we have a blog post from Atlantic, a VPS and hosting provider, about 10 reasons for using FreeBSD
Starts off with a little bit of BSD history for those who are unfamiliar with it and only know Linux and Windows
(Spoiler) the 10 reasons are: community, stability, collaboration, ease of use, ports, security, ZFS, GEOM, sound and having lots of options
The post goes into detail about each of them and why FreeBSD makes a great choice for a VPS OS

PCBSD weekly digest

Big changes coming in the way PCBSD manages software
The PBI system, AppCafe and related tools are all going to use pkgng now
The AppCafe will no longer be limited to PBIs, so much more software will be easily available from the ports tree
New rating system coming soon and much more

Feedback/Questions

All the tutorials are posted in their entirety at bsdnow.tv
The Tor and mailing list tutorials have gotten some fixes and updates
The OpenBSD router tutorial has also gotten a bit of a makeover, and now includes new scripts for 5.5 and signify
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
If you\’ve got something cool to talk about and want to come on for an interview, shoot us an email
If any listeners have a collection of old FreeBSD or OpenBSD CDs, we\’d love for you to send in a picture of the whole set together so we can show it off
Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)
We will be at BSDCan next week – be sure to say hi if you run into us!

The post Let's Get RAID | BSD Now 36 first appeared on Jupiter Broadcasting.

PXE Dust | BSD Now 32

chris — Thu, 10 Apr 2014 18:43:25 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We show off OpenBSD\’s new \”autoinstall\” feature to do completely automatic, unattended installations. We also have an interview with Dru Lavigne about all the writing work she does for FreeBSD, PCBSD and FreeNAS. The latest headlines and answers to your emails, on BSD Now – it\’s the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

FreeBSD ASLR status update

Shawn Webb gives us a little update on his address space layout randomization work for FreeBSD
He\’s implemented execbase randomization for position-independent executables (which OpenBSD also just enabled globally in 5.5 on i386)
Work has also started on testing ASLR on ARM, using a Raspberry Pi
He\’s giving a presentation at BSDCan this year about his ASLR work
While we\’re on the topic of BSDCan…

BSDCan tutorials, improving the experience

Peter Hansteen writes a new blog post about his upcoming BSDCan tutorials
The tutorials are called \”Building the network you need with PF, the OpenBSD packet filter\” and \”Transitioning to OpenBSD 5.5\” – both scheduled to last three hours each
He\’s requesting anyone that\’ll be there to go ahead and contact him, telling him exactly what you\’d like to learn
There\’s also a bit of background information about the tutorials and how he\’s looking to improve them
If you\’re interested in OpenBSD and going to BSDCan this year, hit him up

pkgsrc-2014Q1 released

The new stable branch of pkgsrc packages has been built and is ready
Python 3.3 is now a \”first class citizen\” in pkgsrc
14255 packages for NetBSD-current/x86_64, 11233 binary packages built with clang for FreeBSD 10/x86_64
There\’s a new release every three months, and remember pkgsrc works on MANY operating systems, not just NetBSD – you could even use pkgsrc instead of pkgng or ports if you were so inclined
They\’re also looking into signing packages

Only two holes in a heck of a long time, who cares?

A particularly vocal Debian user, a lost soul, somehow finds his way to the misc@ OpenBSD mailing list
He questions \”what\’s the big deal\” about OpenBSD\’s slogan being \”Only two remote holes in the default install, in a heck of a long time!\”
Luckily, the community and Theo set the record straight about why you should care about this
Running insecure applications on OpenBSD is actually more secure than running them on other systems, due to things like ASLR, PIE and all the security features of OpenBSD
It spawned a discussion about ease of management and Linux\’s poor security record, definitely worth reading

Interview – Dru Lavigne – dru@freebsd.org / @bsdevents

FreeBSD\’s documentation printing, documentation springs, various topics

Tutorial

Automatic, unattended OpenBSD installs with PXE

News Roundup

pfSense 2.1.1 released

A new version of pfSense is released, mainly to fix some security issues
Tracking some recent FreeBSD advisories, pfSense usually only applies the ones that would matter on a firewall or router
There are also some NIC driver updates and other things
Of course if you want to learn more about pfSense, watch episode 25
2.1.2 is already up for testing too

FreeBSD gets UEFI support

It looks like FreeBSD\’s battle with UEFI may be coming to a close?
Ed Maste committed a giant list of patches to enable UEFI support on x86_64
Look through the list to see all the details and information
Thanks FreeBSD foundation!

Ideas for the next DragonflyBSD release

Mr. Dragonfly release engineer himself, Justin Sherrill posts some of his ideas for the upcoming release
They\’re aiming for late May for the next version
Ideas include better support for running in a VM, pkgng fixes, documentation updates and PAM support
Gasp, they\’re even considering dropping i386

PCBSD weekly digest

Lots of new PBI updates for 10.0, new runtime implementation
New support for running 32 bit applications in PBI runtime
Autodetection for DVD / Audio CD insertion / plus playback
Latest GNOME 3 and Cinnamon merged, new edge package builds

Feedback/Questions

BSD Now has an official IRC channel now. #bsdnow on irc.freenode.net
All the tutorials are posted in their entirety at bsdnow.tv
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
If you\’ve got something cool to talk about and want to come on for an interview, shoot us an email
Also if you have any tutorial requests, we\’d be glad to show whatever the viewers want to see
Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)
Just a quick reminder: If you\’re running OpenSSL 1.0.1 through 1.0.1f please update it and regenerate, rotate and revoke your keys if you run a server with HTTPS, IMAPS, etc – huge security hole! (Also DES offers some insight on the FreeBSD security process)
We\’re lucky it wasn\’t OpenSSH

The post PXE Dust | BSD Now 32 first appeared on Jupiter Broadcasting.

Port Authority | BSD Now 26

chris — Thu, 27 Feb 2014 21:34:25 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

On today\’s show we have an interview with Joe Marcus Clark, one of the original portmgr members in FreeBSD, and one of the key GNOME porters. Keeping along with that topic, we have a FreeBSD ports tutorial for you as well. The latest news and answers to your BSD questions, right here on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

Tailoring OpenBSD for an old, strange computer

The author of this article had an OmniBook 800CT, which comes with a pop-out mouse, black and white display, 32MB of RAM and a 133MHz CPU
Obviously he had to install some kind of BSD on it!
This post goes through all his efforts of trimming down OpenBSD to work on such a limited device
He goes through the trial and error of \”compile, break it, rebuild, try again\”
After cutting a lot out from the kernel, saving a precious megabyte here and there, he eventually gets it working

pkgsrcCon and BSDCan

pkgsrccon is \”a technical conference for people working on the NetBSD Packages Collection, focusing on existing technologies, research projects, and works-in-progress in pkgsrc infrastructure\”
This year it will be on June 21st and 22nd
The schedule is still being worked out, so if you want to give a talk, submit it
BSDCan\’s schedule was also announced
We\’ll be having presentations about ARM on NetBSD and FreeBSD, PF on OpenBSD, Capsicum and casperd, ASLR in FreeBSD, more about migrating from Linux to BSD, FreeNAS stuff and much more
Kris\’ presentation was accepted!
Tons of topics, look forward to the recorded versions of all of them hopefully!

Two factor auth with pushover

A new write-up from our friend Ted Unangst
Pushover is \”a web hook to smartphone push notification gateway\” – you sent a POST to a web server and it sends a code to your phone
His post goes through the steps of editing your login.conf and setting it all up to work
Now you can get a two factor authenticated login for ssh!

The status of GNOME 3 on BSD

It\’s no secret that the GNOME team is a Linux-obsessed bunch, almost to the point of being hostile towards other operating systems
OpenBSD keeps their GNOME 3 ports up to date very well, and Antoine Jacoutot writes about his work on that and how easy it is to use
This post goes through the process of how simple it is to get GNOME 3 set up on OpenBSD and even includes a screencast
A few recent posts from some GNOME developers show that they\’re finally working with the BSD guys to improve portability
The FreeBSD and OpenBSD teams are working together to bring the latest GNOME to all of us – it\’s a beautiful thing
This goes right along with our interview today!

This episode was brought to you by

Interview – Joe Marcus Clark – marcus@freebsd.org

The life and daily activities of portmgr, GNOME 3, Tinderbox, portlint, various topics

Tutorial

The FreeBSD Ports Collection

News Roundup

DragonflyBSD 3.8 goals and 3.6.1 release

The Dragonfly team is thinking about what should be in version 3.8
On their bug tracker, it lists some of the things they\’d like to get done before then
In the meantime, 3.6.1 was released with lots of bugfixes

NYCBSDCon 2014 wrap-up piece

We\’ve got a nice wrap-up titled \”NYCBSDCon 2014 Heats Up a Cold Winter Weekend\”
The author also interviews GNN about the conference
There\’s even a little \”beginner introduction\” to BSD segment
Includes a mention of the recently-launched journal and lots of pictures from the event

FreeBSD and Linux, a comparative analysis

GNN in yet another story – he gave a presentation at the NYLUG about the differences between FreeBSD and Linux
He mentions the history of BSD, the patch set and 386BSD, the lawsuit, philosophy and license differences, a complete system vs \”distros,\” development models, BSD-only features and technologies, how to become a committer, overall comparisons, different hats and roles, the different bsds and their goals and actual code differences
Serves as a good introduction you can show your Linux friends

PCBSD CFT and weekly digest

Upgrade tools have gotten a major rewrite
You have to help test it, there is no choice! Read more here
How dare Kris be \”unimpressed with\” freebsd-update and pkgng!?
Various updates and fixes

Feedback/Questions

Jeffrey writes in: https://slexy.org/view/s213KxUdVj
Shane writes in: https://slexy.org/view/s20lwkjLVK
Ferdinand writes in: https://slexy.org/view/s21DqJs77g
Curtis writes in: https://slexy.org/view/s20eXKEqJc
Clint writes in: https://slexy.org/view/s21XMVFuVu
Peter writes in: https://slexy.org/view/s20Xk05MHe

All the tutorials are posted in their entirety at bsdnow.tv
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Our email backlog is totally caught up now, so email us all your questions!
Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post Port Authority | BSD Now 26 first appeared on Jupiter Broadcasting.

Eclipsing Binaries | BSD Now 18

chris — Tue, 31 Dec 2013 21:36:57 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

Put away the Christmas trees and update your ports trees! We\’re back with the first show of 2014, and we\’ve got some catching up to do. This time on the show, we have an interview with Baptiste Daroussin about the future of FreeBSD binary packages. Following that, we\’ll be highlighting a cool script to do binary upgrades on OpenBSD. Lots of holiday news and listener feedback, on BSD Now – the place to B.. SD.

Thanks to:

iXsystems: This is what 80 cores and 1TB of RAM looks like!

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

Faces of FreeBSD continues

Our first one details Shteryana Shopova, the local organizer for EuroBSDCon 2014 in Sophia
Gives some information about how she got into BSD
\”I installed FreeBSD on my laptop, alongside the Windows and Slackware Linux I was running on it at the time. Several months later I realized that apart from FreeBSD, I hadn\’t booted the other two operating systems in months. So I wiped them out.\”
She wrote bsnmpd and extended it with the help of a grant from the FreeBSD Foundation
We\’ve also got one for Kevin Martin
Started off with a pinball website, ended up learning about FreeBSD from an ISP and starting his own hosting company
\”FreeBSD has been an asset to our operations, and while we have branched out a bit, we still primarily use FreeBSD and promote it whenever possible. FreeBSD is a terrific technology with a terrific community.\”

OpenPF?

A blog post over at the Dragonfly digest
What if we had some cross platform development of OpenBSD\’s firewall?
Similar to portable OpenSSH or OpenZFS, there could be a centrally-developed version with compatibility glue
Right now FreeBSD 9\’s pf is old, FreeBSD 10\’s pf is old (but has the best performance of any implementation due to custom patches), NetBSD\’s pf is old (but they\’re working on a fork) and Dragonfly\’s pf is old
Further complicated by the fact that PF itself doesn’t have a version number, since it was designed to just be ‘the pf that came with OpenBSD 5.4’
Not likely to happen any time soon, but it\’s good food for thought

Year of BSD on the server

A good blog post about switching servers from Linux to BSD
2014 is going to be the year of a lot of switching, due to FreeBSD 10\’s amazing new features
This author was particularly taken with pkgng and the more coherent layout of BSD systems
Similarly, there was also a recent reddit thread, \”Why did you choose BSD over Linux?\”
Both are excellent reads for Linux users that are thinking about making the switch, send \’em to your friends

Getting to know your portmgr

This time in the series they interview Bryan Drewery, a fairly new addition to the team
He started maintaining portupgrade and portmaster, and eventually ended up on the ports management team
Believe it or not, his wife actually had a lot to do with him getting into FreeBSD full-time
Lots of fun trivia and background about him
Speaking of portmgr, our interview for today is…

This episode was brought to you by

Interview – Baptiste Daroussin – bapt@freebsd.org

The future of FreeBSD\’s binary packages, ports\’ features, various topics

Tutorial

Binary upgrades in OpenBSD

Using a third party script, binary upgrades in OpenBSD are easy
It automates a lot of the manual work and saves time – great for large deployments

News Roundup

pfSense december hang out

Interview/presentation from pfSense developer Chris Buechler with an accompanying blog post
\”This is the first in what will be a monthly recurring series. Each month, we’ll have a how to tutorial on a specific topic or area of the system, and updates on development and other happenings with the project. We have several topics in mind, but also welcome community suggestions on topics\”
Speaking of pfSense, they recently opened an online store
We\’re planning on having a pfSense episode next month!

BSDMag December issue is out

The free monthly BSD magazine gets a new release for December
Topics include CARP on FreeBSD, more BSD programming, \”unix basics for security professionals,\” some kernel introductions, using OpenBSD as a transparent proxy with relayd, GhostBSD overview and some stuff about SSH

OpenBSD gets tmpfs

In addition to the recently-added FUSE support, OpenBSD now has tmpfs
To get more testing, it was enabled by default in -current
Should make its way into 5.5 if everything goes according to plan
Enables lots of new possibilities, like our ccache and tmpfs guide

PCBSD weekly digests

Catching up with all the work going on in PCBSD land..
10.0-RC2 is now available
The big pkgng 1.2 problems seem to have been worked out

Feedback/Questions

Remy writes in: https://slexy.org/view/s2UrUzlnf6
Jason writes in: https://slexy.org/view/s2iqnywwKX
Rob writes in: https://slexy.org/view/s2IUcPySbh
John writes in: https://slexy.org/view/s21aYlbXz2
Stuart writes in: https://slexy.org/view/s21vrYSqU8

All the tutorials are posted in their entirety at bsdnow.tv
The jail tutorial and disk encryption tutorial have gotten some improvements and updates
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
Happy new year everybody!

The post Eclipsing Binaries | BSD Now 18 first appeared on Jupiter Broadcasting.

Kickin’ NAS | BSD Now 15

chris — Thu, 12 Dec 2013 22:07:53 +0000

To view this video please enable JavaScript, and consider upgrading to a web browser that supports HTML5 video

We\’ll be looking at the new version of FreeNAS, a BSD-based network attached storage solution, as well as talking to Josh Paetzel – one of the key developers of FreeNAS. Actually, he\’s on the FreeBSD release engineering team too, and does quite a lot for the project. We\’ve got answers to viewer-submitted questions and plenty of news to cover, so get ready for some BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

RSS Feeds:

– Show Notes: –

Headlines

More faces of FreeBSD

Another installment of the FoF series
This time they talk with Reid Linnemann who works at Spectra Logic
Gives a history of all the different jobs he\’s done, all the programming languages he knows
Mentions how he first learned about FreeBSD, actually pretty similar to Kris\’ story
\”I used the system to build and install ports, and explored, getting actively involved in the mailing lists and forums, studying, passing on my own limited knowledge to those who could benefit from it. I pursued my career in the open source software world, learning the differences in BSD and GNU licensing and the fragmented nature of Linux distributions, realizing the FreeBSD community was more mature and well distributed about industry, education, and research. Everything steered me towards working with and on FreeBSD.\”
Now works on FreeBSD as his day job
The second one covers Brooks Davis
FreeBSD committer since 2001 and core team member from 2006 through 2012
He\’s helped drive our transition from a GNU toolchain to a more modern LLVM-based toolchain
\”One of the reasons I like FreeBSD is the community involved in the process of building a principled, technically-advanced operating system platform. Not only do we produce a great product, but we have fun doing it.\”
Lots more in the show notes

We cannot trust Intel and Via’s chip-based crypto

We woke up to see FreeBSD on the front page of The Register, Ars Technica and Hacker News for their strong stance on security and respecting privacy – good to see big news outlets giving credit where it\’s due
At the EuroBSDCon dev summit, there was some discussion about removing support for hardware-based random number generators.
FreeBSD\’s /dev/random got some updates and, for 10.0, will no longer allow the use of Intel or VIA\’s hardware RNGs as the sole point of entropy
\”It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more\”
Hopefully others will follow FreeBSD\’s example very soon

OpenSMTPD 5.4.1 released

The OpenBSD developers came out with major a new version
Improved config syntax (please check your smtpd.conf before upgrading)
Adds support for TLS Perfect Forward Secrecy and custom CA certificate
MTA, Queue and SMTP server improvements
SNI support confirmed for the next version
Check the show notes for the full list of changes, pretty huge release
Watch Episode 3 for an interview we did with the developers

More getting to know your portmgr

The portmgr secretary, Thomas Abthorpe, interviews… himself!
Joined as -secretary in March 2010, upgraded to full member in March 2011
His inspiration for using BSD is \”I wanted to run a webserver, and I wanted something free. I was going to use something linux, then met up with a former prof from university, and shared my story with him. He told me FreeBSD was the way to go.\”
Mentions how he loves that anyone can contribute and watch it \”go live\”
The second one covers Baptiste Daroussin
The reason for his nick, bapt, is \”Baptiste is too long to type\”
There\’s even a video of bapt joining the team!

Interview – Josh Paetzel – josh@ixsystems.com / @freenasteam

FreeNAS 9.2.0

Tutorial

[FreeNAS walkthrough]

News Roundup

Introducing configinit

CloudInit is \”a system originally written for Ubuntu which performs configuration of a system at boot-time based on user-data provided via EC2\”
Wasn\’t ideal for FreeBSD since it requires python and is designed around the concept of configuring a system by running commands (rather than editing configuration files)
Colin Percival came up with configinit, a FreeBSD alternative
Alongside his new \”firstboot-pkgs\” port, it can spin up a webserver in 120 seconds from \”launch\” of the EC2 instance
Check the show notes for full blog post

OpenSSH support for Ed25519 and bcrypt keys

New Ed25519 key support (hostkeys and user identities) using the public domain ed25519 reference code
SSH private keys were encrypted with a symmetric key that\’s just an MD5 of their password
Now they\’ll be using bcrypt by default
We\’ll get more into this in next week\’s interview

The FreeBSD challenge

A member of the Linux foundation blogs about using FreeBSD
Goes through all the beginner steps, has to \”unlearn\” some of his Linux ways
Only a few posts as of this time, but it\’s a continuing series that may be helpful for switchers
Maybe some day he\’ll be on the FreeBSD foundation instead!

PCBSD weekly digest

GNOME3, cinnamon and mate desktops are in the installer
Compat layer updated to CentOS 6, enables newest Skype
Looking for people to test printers and hplip
Continuing work on grub, but the ability to switch between bootloaders is back

Feedback/Questions

Bostjan writes in: https://slexy.org/view/s20k2gumbP
Jason writes in: https://slexy.org/view/s2PM8tfKfe
John writes in: https://slexy.org/view/s2KgXIKqrJ
Kjell-Aleksander writes in: https://slexy.org/view/s20DLk8bac
Alexy writes in: https://slexy.org/view/s2nmmJHvgR

All the tutorials are posted in their entirety at bsdnow.tv
Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post Kickin' NAS | BSD Now 15 first appeared on Jupiter Broadcasting.

Arch Made Easy | LAS | s19e03

chris — Sun, 30 Oct 2011 13:39:32 +0000

Is the Chakra Project a beautifully simple ready to go Arch Linux desktop, or off the tracks onto an island of it’s own? We find out, plus what sets pacman apart from FreeBSD’s Ports system!

Also – Chris blasts Google for leaving Nexus One owns behind, Jolicloud ditches the Netbook, and we celebrate a new geek holiday!

PLUS SO MUCH MORE!

All this week on, The Linux Action Show!

Thanks to:

GoDaddy.com Use our codes LINUX to save 10% at checkout, or LINUX20 to save 20% on hosting!

20% off WebSite Tonight plans (12 months or longer)

Code: linux12

By: Nov 15, 2011

Direct Episode Download Links:

[ad#shownotes]

Show Notes:

News:

Chakra Project Review, IE Arch Made Easy:

Arch Linux Review | Linux Action Show
Arch “Based”
Rolling Release
Uses it’s own Bundles system for apps
Built their own Installer, not bad… Drive managment feels a bit awkward.
Built there own tools, like Chakra GTK Config, Cinstall, and LiveScripts2 The Chakra Project – Tools
The Chakra Project
Official LAS VirtualBox Image of Chakra
VM Username: linuxactionshow
VM Password: jblive

Pacman vs Ports

Pacman is the binary package tool for Arch Linux. The FreeBSD equivalent is pkg_add
the Arch Build System (ABS) is designed to mimic some of the capabilities of FreeBSD’s ports system
Both Ports and ABS consist of a number of directories named after various packages sorted into categories (ie ABS: extra/daemons/apache Ports: www/apache22). These directories do not contain the files or source code for firefox, but rather just a few script files that provide the infrastructure to allow you to build firefox.
Both Ports and ABS automate the process of building software, including the following steps:
Download source code from mirrors
Checksum the file (for security and integrity)
Extract the files
Apply any required patches (FreeBSD changes the default paths for a lot of apps to follow the FreeBSD directory structure)
Run the configure script (FreeBSD provides a text based menu for selecting options)
Compile the application
BSD ONLY: Install the application
BSD ONLY: checksum all the files that were installed
BSD ONLY: Uninstall the application (remove any unmodified files using checksums from earlier)
Create a package that can be installed (with pacman or pkg_add respectively)
ABS is only a build system used to build packages, that are then installed and managed by pacman
Ports is integrated with pkg_add and the package registry, and allows you to install the build application without the additional step of building a package.

Find us on Google+

Chris
Allan

Find us on Twitter:

Follow the network on Facebook:

Jupiter Broadcasting on Facebook

Catch the show LIVE Sunday 10am PDT:

The post Arch Made Easy | LAS | s19e03 first appeared on Jupiter Broadcasting.