This time on the show, we’ll be talking with Justin Cormack about NetBSD rump kernels. We’ll learn how to run them on other operating systems, what’s planned for the future and a lot more. As always, answers to viewer-submitted questions and all the news for the week, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

EuroBSDCon 2014 talks and tutorials

• The 2014 EuroBSDCon videos have been online for over a month, but unannounced – keep in mind these links may be temporary (but we’ll mention their new location in a future show and fix the show notes if that’s the case)
• Arun Thomas, BSD ARM Kernel Internals
• Ted Unangst, Developing Software in a Hostile Environment
• Martin Pieuchot, Taming OpenBSD Network Stack Dragons
• Henning Brauer, OpenBGPD turns 10 years
• Claudio Jeker, vscsi and iscsid iSCSI initiator the OpenBSD way
• Paul Irofti, Making OpenBSD Useful on the Octeon Network Gear
• Baptiste Daroussin, Cross Building the FreeBSD ports tree
• Boris Astardzhiev, Smartcom’s control plane software, a customized version of FreeBSD
• Michał Dubiel, OpenStack and OpenContrail for FreeBSD platform
• Martin Husemann & Joerg Sonnenberger, Tool-chaining the Hydra, the ongoing quest for modern toolchains in NetBSD
• Taylor R Campbell, The entropic principle: /dev/u?random and NetBSD
• Dag-Erling Smørgrav, Securing sensitive & restricted data
• Peter Hansteen, Building The Network You Need With PF
• Stefan Sperling, Subversion for FreeBSD developers
• Peter Hansteen, Transition to OpenBSD 5.6
• Ingo Schwarze, Let’s make manuals more useful
• Francois Tigeot, Improving DragonFly’s performance with PostgreSQL
• Justin Cormack, Running Applications on the NetBSD Rump Kernel
• Pierre Pronchery, EdgeBSD, a year later
• Peter Hessler, Using routing domains or tables in a production network
• Sean Bruno, QEMU user mode on FreeBSD
• Kristaps Dzonsons, Bugs Ex Ante
• Yann Sionneau, Porting NetBSD to the LatticeMico32 open source CPU
• Alexander Nasonov, JIT Code Generator for NetBSD
• Masao Uebayashi, Porting Valgrind to NetBSD and OpenBSD
• Marc Espie, parallel make, working with legacy code
• Francois Tigeot, Porting the drm-kms graphic drivers to DragonFly
• The following talks (from the Vitosha track room) are all currently missing:
• Jordan Hubbard, FreeBSD, Looking forward to another 10 years (but we have another recording)
• Theo de Raadt, Randomness, how arc4random has grown since 1998 (but we have another recording)
• Kris Moore, Snapshots, Replication, and Boot-Environments
• Kirk McKusick, An Introduction to the Implementation of ZFS
• John-Mark Gurney, Optimizing GELI Performance
• Emmanuel Dreyfus, FUSE and beyond, bridging filesystems
• Lourival Vieira Neto, NPF scripting with Lua
• Andy Tanenbaum, A Reimplementation of NetBSD Based on a Microkernel
• Stefano Garzarella, Software segmentation offloading for FreeBSD
• Ted Unangst, LibreSSL
• Ed Maste, The LLDB Debugger in FreeBSD
• Philip Guenther, Secure lazy binding
• Shawn Webb, Introducing ASLR In FreeBSD

OpenBSD adopts SipHash

• Even more DJB crypto somehow finds its way into OpenBSD’s base system
• This time it’s SipHash, a family of pseudorandom functions that’s resistant to hash bucket flooding attacks while still providing good performance
• After an initial import and some clever early usage, a few developers agreed that it would be better to use it in a lot more places
• It will now be used in the filesystem, and the plan is to utilize it to protect all kernel hash functions
• Some other places that Bernstein’s work can be found in OpenBSD include the ChaCha20-Poly1305 authenticated stream cipher and Curve25519 KEX used in SSH, ChaCha20 used in the RNG, and Ed25519 keys used in signify and SSH

FreeBSD 10.1-RELEASE

• FreeBSD’s release engineering team likes to troll us by uploading new versions just a few hours after we finish recording an episode
• The first maintenance update for the 10.x branch is out, improving upon a lot of things found in 10.0-RELEASE
• The vt driver was merged from -CURRENT and can now be enabled with a loader.conf switch (and can even be used on a PlayStation 3)
• Bhyve has gotten quite a lot of fixes and improvements from its initial debut in 10.0, including boot support for ZFS
• Lots of new ARM hardware is supported now, including SMP support for most of them
• A new kernel selection menu was added to the loader, so you can switch between newer and older kernels at boot time
• 10.1 is the first to support UEFI booting on amd64, which also has serial console support now
• Lots of third party software (OpenSSH, OpenSSL, Unbound..) and drivers have gotten updates to newer versions
• It’s a worthy update from 10.0, or a good time to try the 10.x branch if you were avoiding the first .0 release, so grab an ISO or upgrade today
• Check the detailed release notes for more information on all the changes
• Also take a look at some of the known problems to see if you’ll be affected by any of them
• PC-BSD was also updated accordingly with some of their own unique features and changes

arc4random – Randomization for All Occasions

• Theo de Raadt gave an updated version of his EuroBSDCon presentation at Hackfest 2014 in Quebec
• The presentation is mainly about OpenBSD’s arc4random function, and outlines the overall poor state of randomization in the 90s and how it has evolved in OpenBSD over time
• It begins with some interesting history on OpenBSD and how it became a security-focused OS – in 1996, their syslogd got broken into and “suddenly we became interested in security”
• The talk also touches on how low-level changes can shake up the software ecosystem and third party packages that everyone uses
• There’s some funny history on the name of the function (being called arc4random despite not using RC4 anymore) and an overall status update on various platforms’ usage of it
• Very detailed and informative presentation, and the slides can be found here
• A great quote from the beginning: “We consider ourselves a community of (probably rather strange) people who work on software specifically for the purpose of trying to make it better. We take a “whole-system’s” approach: trying to change everything in the ecosystem that’s under our control, trying to see if we can make it better. We gain a lot of strength by being able to throw backwards compatibility out the window. So that means that we’re able to do research and the minute that we decide that something isn’t right, we’ll design an alternative for it and push it in. And if it ends up breaking everybody’s machines from the previous stage to the next stage, that’s fine because we’ll end up in a happier place.”

Interview – Justin Cormack – justin@netbsd.org / @justincormack

NetBSD on Xen, rump kernels, various topics

News Roundup

The FreeBSD foundation’s biggest donation

• The FreeBSD foundation has a new blog post about the largest donation they’ve ever gotten
• From the CEO of WhatsApp comes a whopping one million dollars in a single donation
• It also has some comments from the donor about why they use BSD and why it’s important to give back
• Because the FreeBSD Foundation is a 501(c)(3) it must show that it has support of the general public, not just a small number of large donors. That is why individual donations are so important
• Donate even just $5, just to increase the number of names on the donors list
• Don’t know what to get your favourite FreeBSD developer for Christmas? Donations can be dedicated to others
• Spread the money around, donate to the foundation of each BSD you use when you can – every little bit helps: OpenBSD, NetBSD and DragonFly
• You use OpenSSH don’t you? gzip (bsd licensed gzip is from NetBSD)?, newfs_msdos (making FAT(32) file systems for USB devices etc, also from NetBSD)

OpenZFS Dev Summit 2014 videos

• Videos from the recent OpenZFS developer summit are being uploaded, with speakers from different represented platforms and companies
• Matt Ahrens, opening keynote
• Raphael Carvalho, Platform Overview: ZFS on OSv
• Brian Behlendorf, Platform Overview: ZFS on Linux
• Prakash Surya, Platform Overview: illumos
• Xin Li, Platform Overview: FreeBSD
• All platforms, Group Q&A Session
• Dave Pacheco, Manta
• Saso Kiselkov, Compression
• George Wilson, Performance
  Tim Feldman, Host-Aware SMR
• Pavel Zakharov, Fast File Cloning
• The audio is pretty poor on all of them unfortunately

BSDTalk 248

• Our friend Will Backman is still busy getting BSD interviews as well
• This time he sits down with Matthew Dillon, the lead developer of DragonFly BSD
• We’ve never had Dillon on the show, so you’ll definitely want to give this one a listen
• They mainly discuss all the big changes coming in DragonFly’s upcoming 4.0 release

MeetBSD 2014 videos

• The presentations from this year’s MeetBSD conference are starting to appear online as well
• Kirk McKusick, A Narrative History of BSD
• Jordan Hubbard, FreeBSD: The Next 10 Years
• Brendan Gregg, Performance Analysis
• The slides can be found here

Feedback/Questions

• Dominik writes in
• Steven writes in
  • Chromebook porting
  • Dragonfly patch
• Florian writes in
• Richard writes in
• Kevin writes in

Mailing List Gold

• Contributing without code
• Compression isn’t a CRIME
• Securing web browsers

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• If you’ve worked on any cool BSD-related projects, write about it and send it in; we’d love to feature more community content
• Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

The post Rump Kernels Revisited | BSD Now 64 first appeared on Jupiter Broadcasting.

It’s our 50th episode, and we’re going to show you how to protect your internet traffic with a BSD-based VPN. We’ll also be talking to Robert Watson, of the FreeBSD core team, about security research, exploit mitigation and a whole lot more. The latest news and answers to all of your emails, on BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

MeetBSD 2014 is approaching

• The MeetBSD conference is coming up, and will be held on November 1st and 2nd in San Jose, California
• MeetBSD has an “unconference” format, which means there will be both planned talks and community events
• All the extra details will be on their site soon
• It also has hotels and various other bits of useful information – hopefully with more info on the talks to come
• Of course, EuroBSDCon is coming up before then

First experiences with OpenBSD

• A new blog post that leads off with “tired of the sluggishness of Windows on my laptop and interested in experimenting with a Unix-like that I haven’t tried before”
• The author read the famous “BSD for Linux users” series (that most of us have surely seen) and decided to give BSD a try
• He details his different OS and distro history, concluding with how he “eventually became annoyed at the poor quality of Linux userland software”
• From there, it talks about how he used the OpenBSD USB image and got a fully-working system
• He especially liked the simplicity of OpenBSD’s “hostname.if” system for network configuration
• Finally, he gets Xorg working and imports all his usual configuration files – seems to be a happy new user!

NetBSD rump kernels on bare metal (and Kansai OSC report)

• When you’re developing a new OS or a very specialized custom solution, working drivers become one of the hardest things to get right
• However, NetBSD’s rump kernels – a very unique concept – make this process a lot easier
• This blog post talks about the process of starting with just a rump kernel and expanding into an internet-ready system in just a week
• Also have a look back at episode 8 for our interview about rump kernels and what exactly they do
• While on the topic of NetBSD, there were also a couple of very detailed reports (with lots of pictures!) of the various NetBSD-themed booths at the 2014 Kansai Open Source Conference that we wanted to highlight

OpenSSL and LibreSSL updates

• OpenSSL pushed out a few new versions, fixing multiple vulnerabilities (nine to be precise!)
• Security concerns include leaking memory, possible denial of service, crashing clients, memory exhaustion, TLS downgrades and more
• LibreSSL released a new version to address most of the vulnerabilities, but wasn’t affected by some of them
• Whichever version of whatever SSL you use, make sure it’s patched for these issues
• DragonFly and OpenBSD are patched as of the time of this recording but, even after a week, FreeBSD (outside of -CURRENT) and NetBSD are not

Interview – Robert Watson – rwatson@freebsd.org

FreeBSD architecture, security research techniques, exploit mitigation

Tutorial

Protecting traffic with a BSD-based VPN

News Roundup

A FreeBSD-based CGit server

• If you use git (like a certain host of this show) then you’ve probably considered setting up your own server
• This article takes you through the process of setting up a jailed git server, complete with a fancy web frontend
• It even shows you how to set up multiple repos with key-based user separation and other cool things
• The author of the post is also a listener of the show, thanks for sending it in!

Backup devices for small businesses

• In this article, different methods of data storage and backup are compared
• After weighing the various options, the author comes to an obvious conclusion: FreeNAS is the answer
• He praises FreeNAS and the FreeNAS Mini for their tight integration, rock solid FreeBSD base and the great ZFS featureset that it offers
• It also goes over some of the hardware specifics in the FreeNAS Mini

A new Xenocara interview

• As a follow up to last week’s OpenSMTPD interview, this Russian blog interviews Matthieu Herrb about Xenocara
• If you’re not familiar with Xenocara, it’s OpenBSD’s version of Xorg with some custom patches
• In this interview, he discusses how large and complex the upstream X11 development is, how different components are worked on by different people, how they test code (including a new framework) and security auditing
• Matthieu is both a developer of upstream Xorg and an OpenBSD developer, so it’s natural for him to do a lot of the maintainership work there

Building a high performance FreeBSD samba server

• If you’ve got to PXE boot several hundred Windows boxes to upgrade from XP to 7, what’s the best solution?
• FreeBSD, ZFS and Samba obviously!
• The master image and related files clock in at over 20GB, and will be accessed at the same time by all of those clients
• This article documents that process, highlighting some specific configuration tweaks to maximize performance (including NIC bonding)
• It doesn’t even require the newest or best hardware with the right changes, pretty cool

Feedback/Questions

• An interesting Reddit thread or two
• PB writes in
• Sean writes in
• Steve writes in
• Lachlan writes in
• Justin writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• We want to give a special thanks to our viewer Adam (aka bsdx) for writing most of today’s OpenVPN tutorial
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post VPN, My Dear Watson | BSD Now 50 first appeared on Jupiter Broadcasting.

We chat with Warren Block to discuss BSD documentation efforts and future plans. If you\’ve ever wondered about the scary world of mailing lists, today\’s tutorial will show you the basics of how to get help and contribute back. There\’s lots to get to today, so sit back and enjoy some BSD Now – the place to B.. SD.

Thanks to:

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

OpenBSD on a Sun T5120

• Our buddy Ted Unangst got himself a cool Sun box
• Of course he had to write a post about installing and running OpenBSD on it
• The post goes through some of the quirks and steps to go through in case you\’re interested in one of these fine SPARC machines
• He\’s also got another post about OpenBSD on a Dell CS24-SC server

Bhyvecon 2014 videos are up

• Like we mentioned last week, Bhyvecon was an almost-impromptu conference before AsiaBSDCon
• The talks have apparently already been uploaded!
• Subjects include Bhyve\’s past, present and future, OSv on Bhyve, a general introduction to the tool, migrating those last few pesky Linux boxes to virtualization
• Lots more detail in the videos, so check \’em all out

Building a FreeBSD wireless access point

• We\’ve got a new blog post about creating a wireless access point with FreeBSD
• After all the recent news of consumer routers being pwned like candy, it\’s time for people to start building BSD routers
• The author goes through a lot of the process of getting one set up using good ol\’ FreeBSD
• Using hostapd, he\’s able to share his wireless card in hostap mode and offer DHCP to all the clients
• Plenty of config files and more messy details in the post

Switching from Synology to FreeNAS

• The author has been considering getting a NAS for quite a while and documents his research
• He was faced with the compromise of convenience vs. flexibility – prebuilt or DIY
• After seeing the potential security issues with proprietary NAS devices, and dealing with frustration with trying to get bugs fixed, he makes the right choice
• The post also goes into some detail about his setup, all the things he needed a NAS to do as well as all the advantages an open source solution would give
• Speaking of FreeNAS…

This episode was brought to you by

Interview – Warren Block – wblock@freebsd.org

FreeBSD\’s documentation project, igor, doceng

Tutorial

The world of BSD mailing lists

News Roundup

HAMMER2 work and notes

• Matthew Dillon has posted some updated notes about the development of the new HAMMER version
• The start of a cluster API was committed to the tree
• There are also links to design document, a freemap design document, that should be signed with a digital signing software from the
  sodapdf esign site

BSD Breaking Barriers

• Our friend MWL gave a talk at NYCBSDCon about BSD \”breaking barriers\”
• \”What makes the BSD operating systems special? Why should you deploy your applications on BSD? Why does the BSD community keep growing, and why do Linux sites like DistroWatch say that BSD is where the interesting development work is happening? We\’ll cover the not-so-obvious reasons why BSD still stands tall after almost 40 years.\”
• He also has another upcoming talk, (or \”webcast\”) called \”Beyond Security: Getting to Know OpenBSD\’s Real Purpose\”
• \”OpenBSD is frequently billed as a high-security operating system. That\’s true, but security isn\’t the OpenBSD Project\’s main goal. This webcast will introduce systems administrators to OpenBSD, explain the project\’s mission, and discuss the features and benefits.\”
• It\’s on May 27th and will hopefully be recorded

FreeBSD in a chroot

• Finch, \”FreeBSD running IN a CHroot,\” is a new project
• It\’s a way to extend the functionality of restricted USB-based FreeBSD systems (FreeNAS, etc.)
• All the details and some interesting use cases are on the github page
• He really needs to change the project name though

PCBSD weekly digest

• Lots of bugfixes for PCBSD coming down the tubes
• LZ4 compression is now enabled by default on the whole pool
• The latest 10-STABLE has been imported and builds are going
• Also the latest GNOME and Cinnamon builds have been imported and much more

Feedback/Questions

• Bostjan writes in (IRC suggests md5deep)
• Don writes in
• kaltheat writes in (We use R0DE Podcast microphones and Logitech C920 HD webcams)
• Harri writes in

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)
• We wanted to give the Bay Area FreeBSD Users Group a special mention, if you\’re in the San Francisco Bay Area, there\’s a very healthy BSD community there and they regularly have meet-ups
• If you listened to the audio-only version of this week\’s episode, you\’re really missing out on Warren\’s fun animations in the interview!

The post Documentation is King | BSD Now 30 first appeared on Jupiter Broadcasting.

We chat with Antti Kantee from the NetBSD project about a crazy little thing called rump kernels. We\’ll also be showing you all the different cool things you can do with BSD and the Tor network, as well as discussing all the latest news. So sit back and enjoy BSD Now – the place to B.. SD.

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD July-September 2013 Status Report

• Quarterly FreeBSD status report is out with A LOT of updates, we\’ll cover a few of them
• Highlights include AES-NI Improvements for GELI, Capsicum development, Continuation of the Newcons Project, Download Manager Service for the Ports Collection, status updates from all the various FreeBSD teams, FreeBSD on EC2 news, updates to the CSPRNG, much more
• We\’ve covered some of these things already, but there\’s lots to read in the announcement
• See full page for details on everything

Dragonfly SMP contention update

• Lots of work going in to reducing SMP contention in the next Dragonfly release
• Anything which forks and/or execs a lot will now run as close to optimally as it is possible to run on a multi-core box
• The lead developer was using poudriere and noticed the performance difference, says this is \”a fairly major milestone for the project\”
• Lots of technical details in the mailing list post, check it out

FreeBSD gets \”first boot\” rc.d scripts

• Colin Percival added support for scripts that run on the first boot
• Might be desirable for embedded systems to automatically download and apply patches
• Similarly, it can be used to invoke freebsd-update to patch your system on the first bootup
• Could also be used to download and run a script or install ports or packages
• Already MFCed to 10-STABLE and 9-STABLE and added to ports
• Lots of possibilities

NetBSD gets lua scripting in the kernel

• NetBSD gained support for the Lua scripting language in the kernel
• A luactl command was added to easily manipulate it
• It will be interesting to see what can come out of this
• Speaking of NetBSD kernels, that leads us into our interview!

— Interview –

Interview – Antti Kantee – pooka@netbsd.org / @anttikantee

The anykernel and rump kernels
rump kernels in userspace, rump kernels + applications on Xen, fs-utils, rump kernel compiled to javascript

Tutorial

Running a Tor relay, bridge, exit or hidden service

• The BSDs, with their great network performance and security, make great Tor nodes
• This tutorial shows the different cool things you can do with Tor
• Help out the network by donating some bandwidth
• We need more BSD nodes. Our random number generator isn\’t backdoored like Linux\’s

News Roundup

Second PCBSD feature digest it out

• Weekly PCBSD digest is out to tell you about new features
• Mentions switching over all bug reports to trac​.pcbsd​.org
• Life Preserver has finished development and is now being tested
• PCBSD 10.0 ISOs coming soon

OpenBSD imports VXLAN interface

• VXLAN is a virtual extensible local area network tunnel interface
• UDP-based tunneling protocol for overlaying virtualized layer 2 networks over layer 3 networks

OpenZFS Office Hours

• The question and answer session with Matt has been uploaded
• Covers lots of topics ranging from cross-compatibility to performance improvements and trivia

BSDMag\’s October issue is out

• Free monthly BSD magazine releases another issue
• Topics include FreeBSD moving to SVN, a BSD programming intro, new PCBSD utilities, migrating from Linux to BSD and OpenBSD LTS updates (which we already covered!)

Feedback/Questions

• Ben writes in: https://slexy.org/view/s20MUQmfuD
  • PCBSD pkg config: https://github.com/pcbsd/pcbsd/blob/master/build-files/conf/port-make.conf
• Brian writes in: https://slexy.org/view/s20oVdxaE5
• Toby writes in: https://slexy.org/view/s2GfQkSSDz
• Noah writes in: https://slexy.org/view/s2IFpjbWVr

• All the tutorials are posted in their entirety at bsdnow.tv
• Send questions, comments, show ideas/topics, etc to feedback@bsdnow.tv
• We don’t check YouTube comments, JB comments, Reddit, etc. If you want us to see it, send it via email (the preferred way) or Twitter (also acceptable)
• Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

The post A Brief Intorduction | BSD Now 8 first appeared on Jupiter Broadcasting.