Monday, September 15, 2014

BSD News 15/09/2014

Last week in BSD
Releases: PC-BSD, FreeBSD
Other news: PC-BSD, Unix, OpenBSD, BSDDay, HardenedBSD, BSDSec, Unix, bash, FreeBSD, NetBSD, BSDnow, Lumina Desktop, ArchBSD


Releases




PC-BSD Notable Changes
* Cinnamon 2.2.14
* Chromium 37.0.2062.94
* NVIDIA Driver 340.24
* Lumina desktop 0.6.2-beta
* Pkg 1.3.7
* Various fixes to the Appcafe Qt UI
* Bugfixes to Warden / jail creation
* Fixed a bug with USB media not always being bootable
* Fixed several issues with Xorg setup
* Improved Boot-Environments to allow “beadm activate” to set default
* Support for jail “bulk” creation via Warden
* Fixes for relative ZFS dataset mount-point creation via Warden
* Support for full-disk (GELI) encryption without an unencrypted /boot partition
TrueOS
Along with our traditional PC-BSD DVD ISO image, we have also created a CD-sized ISO image of TrueOS, our server edition.
This is a text-based installer which includes FreeBSD 10.0-Release under the hood. It includes the following features:
* ZFS on Root installation
* Boot-Environment support
* Command-Line versions of PC-BSD utilities, such as Warden, Life-Preserver and more.
* Support for full-disk (GELI) encryption without an unencrypted /boot partition
We have some additional features also in the works for 10.1 and later, stay tuned this fall for more information.

FreeBSD 10.1-BETA1 Now Available 

The first BETA build of the 10.1-RELEASE release cycle is now available on the FTP servers for the amd64, armv6, i386, ia64, powerpc, powerpc64 and sparc64 architectures. The image checksums follow are included in the original announcement email.
Installer images and memory stick images are available here.If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list.If you would like to use SVN to do a source based update of an existing system, use the "stable/10" branch.A list of changes since 10.0-RELEASE are available on the stable/10 release notes page.


BSDSec.net
[FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 
NetBSD Security Advisory 2014-009: Multiple vulnerabilities in the execve system call 
NetBSD Security Advisory 2014-010: Multiple vulnerabilities in the compatibility layers
NetBSD Security Advisory 2014-011: User-controlled memory allocation in the modctl system call 
NetBSD Security Advisory 2014-012: Memory leak in the setsockopt system call


Other news

The Design and Implementation of the FreeBSD Operating System (2nd Ed.)   
 
The most complete, authoritative technical guide to the FreeBSD kernel’s internal structure has now been extensively updated to cover all major improvements between Versions 5 and 11. Approximately one-third of this edition’s content is completely new, and another one-third has been extensively rewritten. This book is due to release on September 15, 2014. You can […]

HardenedBSD i386 Package Repo Live

The i386 package repo based on the hardened/current/master branch is now live! The packages are signed by us. The RSA certificate used for package signing can be found attached to this post and can additionally be found here. The repository can be found here. We will be updating the i386 repo on a weekly basis.

Luminary Environment | BSD Now 54  

  
This week on the show, it's all about Lumina. We'll be giving you a visual walkthrough of the new BSD-exclusive desktop environment, as well as chatting with the main developer. There's also answers to your emails and all the latest news, on BSD Now - the place to B.. SD.

 Lumina for DragonFly 

In a bit of perfect timing, PC-BSD’s desktop environment, Lumina, has been ported to DragonFly, thanks to mneumann!  It’s not in dports yet, but it should be buildable from source…

2 Years of ArchBSD 



ArchBSD has been around for 2 years now. To view a complete list of what has been acheived in that time view the following: 2 Years of ArchBSD
 



Code stuff
Unix: Good coding practices for bash 
In Other BSDs for 2014/09/13 

Interesting articles
FreeBSD 10.0 Swap File instead of Swap Partition
Installing FreeNAS into VMware Workstation Pt1
2Q Buffer Cache in OpenBSD
BSDDay Argentina Trip Report: Damian Vicino 
Installing GNOME and MATE on FreeBSD-10 
PC-BSD at Fossetcon
Install Snort on FreeBSD 
Receive side scaling: testing UDP throughput 
Energy-efficient bcrypt cracking

Tuesday, September 9, 2014

BSD News 08/09/2014

Last week in BSD
Releases: GhostBSD, PC-BSD
Other news: Unix, pkg, GhostBSD, DragonFly BSD, mksh, MirOS, Lumina Desktop, FreeBSD, HardenedBSD, NetBSD, OpenSSD, BSDnow


Releases

GhostBSD 4.0 RC 2 now available 

The GhostBSD team is pleased to announce the availability the Second RC build of the 4.0-RELEASE release cycle which is available on SourceForge for the amd64 and i386 architectures.
  • FreeBSD 10 RELEASE p6 back to 10 RELEASE(This fix problem with default src file) at any time user can update to the latest freebsd-update.
  • SpiderOak was not compilable and it is missing in the system.
  • VlC as been replace by Gnome MPlayer(active user have ask for it).
  • I386 is now using new xorg build and KMS users will benefit of 3D acceleration like GhostBSD x64.
Updating software using "pkg upgrade" will corrupt xorg and might corrupt GDM too. The solution is to use update the software that you want to update with "pkg install" , you can see the list of update by doing "pkg upgrade -n", "pkg install" automatically update software dependency. Be sure to not upgrade xorg-server, xorg-drivers, and any xf86 with "pkg" use "portupgrade" 

PC-BSD  10.0.3-RC2 Available for Testing  
 

Other news

pkg(8) is now the only package management tool 


The ports tree has been modified to only support pkg(8) as package management system for all supported version of FreeBSD.
if you were still using pkg_install (pkg_* tools) you will have to upgrade your system.
The simplest way is
cd /usr/ports/ports-mgmt/pkg
make install
then run
pkg2ng
You will have lots of warning, don’t be scared, they are expected, pkg_*  databases used to get easily mangled. pkg2ng is most of the time able to deal
with it.
If however you encounter a problem then please report to pkg@FreeBSD.org
A tag has been applied to the ports tree if you need to get the latest ports tree before the EOL of pkg_install:
https://svn.FreeBSD.org/ports/tags/PKG_INSTALL_EOL
A branch has been created if some committers want to provides updates on the for pkg_install users:
https://svn.FreeBSD.org/ports/branches/pkg_install
Please note that this branch is not officially maintained and that we strongly recommend that you do migrate to pkg(8)

DragonfFly: Full rebuild needed 

Because of some structure changes made by Matthew Dillon while chasing a pf bug, you will need to do a full buildworld/buildkernel on your next update – if you are running DragonFly-master.  3.8 users are unaffected by the bug or the change.

mksh R50b released 


The MirBSD Korn Shell has got a new bugfix release. Thought you’d want to know.

New Lumina source repo and FreeBSD port  

By popular demand, the source tree for the Lumina project has just been moved to its own repository within the main PC-BSD project tree on GitHub.
In addition to this, an official FreeBSD port for Lumina was just committed to the FreeBSD ports tree which uses the new repo.

It’s HAMMER Time | BSD Now 53 
It's our one year anniversary episode, and we'll be talking with Reyk Floeter about the new OpenBSD webserver - why it was created and where it's going. After that, we'll show you the ins and outs of DragonFly's HAMMER FS. Answers to viewer-submitted questions and the latest headlines, on a very special BSD Now - the place to B.. SD. 

HardenedBSD amd64 Package Repo Live

The amd64 package repo based on the hardened/current/master branch is now live! The packages are signed by us. The RSA certificate used for package signing can be found attached to this post and can additionally be found here. The repository can be found here. We will be updating the amd64 repo on a weekly basis.


Interesting articles
Unix: Better network connection insights with mtr 
Persist tmux environment across system restarts 
How to zero a buffer  +  Erratum + Zeroing buffers is insufficient 
VMWorld 2014 Recap 
Ghostbsd 4 preview/

Code stuff 
NetBSD Security Advisory 2014-008: Multiple OpenSSL vulnerabilities (updated)
An easier moused start 
Haswell graphics and port support
UDP improvements for DragonFly  
In Other BSDs for 2014/09/06 


Tuesday, September 2, 2014

BSD News 01/09/2014

Last week in BSD
Releases: pfSense, HardenedBSD
Other news: DragonFly BSD, FreeBSD, libvrt, Lumina Desktop, nginx, OpenBSD, PC-BSD, VMWare, ZFS, NetBSD, BSDSec, BSDTalk, MidnightBSD, BSDnow


Releases

pfSense2.1.5 RELEASE Now Available 


The 2.1.5 release follows shortly after 2.1.4 and is primarily a security release.



New Build of HardenedBSD 

We've just published a new build, so head on over to the Latest Builds page to check it out. The new build contains a new HardenedBSD-only change (so a change we will not upstream) that adds a sysctl tunable to fully disable mmap(MAP_32BIT) support on amd64. Mappings that reside only in the 32bit address space don't have enough bits to randomize, so disabling this feature entirely removes one more attack vector. Now that pkg 1.3.7 is out, we're building our first pkg repo. Over time, we'll apply security-centric patches to the ports tree and this pkg repo will be a good developmental/test repo. My next goal is to automate the build process so we can have nightly builds of base and weekly (or semi-weekly) builds of ports.

Other news

DragonFly: New kernel and new target


You should perform a full world and kernel install if on master.
Several people (including me) have been getting bit by a problem: when performing an installworld with a changed kernel, the vn kernel module is loaded, but it was built by the previous kernel and may cause problems when it doesn’t match up.
To fix that, vn is now built in, instead of being a separate module.  The rescue initrd (which is what is being mounted when it has this problem) is now installed via a ‘make rescue‘ command that can wait until a successful installworld and reboot.
 PC-BSD 10.0.3 Preview: Lumina Desktop


As we are getting ready for PC-BSD 10.0.3, I wanted to share a little preview of what to expect with the Lumina desktop environment as you move from version 0.4.0 to 0.6.2.

ZFS support in libvirt


An upcoming release of libvirt, 1.2.8 that should be released early September, will include an initial support of managing ZFS volumes.
That means that it's possible to boot VMs and use ZFS volumes as disks. Additionally, it allows to control volumes using the libvirt API. Currently, supported operations are:
  • list volumes in a pool
  • create and delete volumes
  • upload and download volumes
It's not possible to create and delete pools yet, hope to implement that in the next release.

Heads Up: Nginx Removed From Base OpenBSD 
  
With this commit, Robert Nagy (robert@) removed nginx(8) from base:

Log message:
remove nginx from the base system in favor of OpenBSD's own httpd(8)
Read more...

bsdtalk244 – The Lumina Desktop Environment with Ken Moore 

An interview with Ken Moore about the Lumina Desktop Environment.File Info: 28Min, 14MB.
Ogg Link: https://archive.org/download/bsdtalk244/bsdtalk244.ogg

Reverse Takeover | BSD Now 52   


Coming up this week, we'll be chatting with Shawn Webb about his recent work with ASLR and PIE in FreeBSD.
After that, we'll be showing you how you can create a reverse SSH tunnel to a system behind a firewall... how sneaky. Answers to your emails plus the latest news, on BSD Now, the place to B.. SD.

FreeBSD Foundation announces IPsec Enhancement Project 

The Internet Protocol Security (IPsec) suite is used to implement virtual private networks on FreeBSD and other operating systems. As the networking world continues its transition from 1 to 10, to 40 gigabit per second speeds, and faster, improvements in IPsec’s cryptographic building blocks are necessary to keep pace. The FreeBSD Foundation is pleased to announce that long-time FreeBSD developer John-Mark Gurney is adding modern AES modes to FreeBSD’s cryptographic framework and IPsec. This project is co-sponsored by the FreeBSD Foundation and Netgate, a leading vendor of BSD-based firewalls and networking gear.


Some MidnightBSD news

0.5-CURRENT is building again.
PostgreSQL 9 mport updated to 9.0.18
Another bug was fixed where ports using unzip were using the wrong path to unzip.
A bug was fixed today with any ports using gmake. In some cases, gmake was not being used to build.

It is strongly recommended that you reinstall all perl ports if you're tracking current and update. Perl was updated in base recently.

Interesting articles
VMWare Tools on FreeBSD 10 
Time Machine backups on FreeBSD 10  
BSDNow Interview 

SpiderOak installation into a Jail (FreeNas 9.2)


Code stuff
NetBSD Security Advisory 2014-008: Multiple OpenSSL vulnerabilities 
NetBSD Security Advisory 2014-009: Multiple vulnerabilities in the execve system call 
NetBSD Security Advisory 2014-010: Multiple vulnerabilities in the compatibility layers 
NetBSD Security Advisory 2014-011: User-controlled memory allocation in the modctl system call 
Special procedure to update pkg 1.3.6 
In Other BSDs for 2014/08/30 

Sunday, August 31, 2014

Experiment with ads

On G+, someone asked me whether I have any income from DiscoverBSD and/or related projects (BSDSec.net). Answer is no, but it got me thinking: would be nice to cover domain expenses and hosting expenses somehow.

I don't think that sites are so popular that I can get interest of sponsors (eg. companies doing VPS with BSD or so), so I decided to try ads. I will run it for some time and I will see. Ads will be only here, not on BSDSec. So far ads are only on Desktop, not Mobile. Maybe later I will try mobile, but I guess better save your traffic.

If I decide to keep it, I will publish monthly reports of earnings. 

Not very optimistic about it, but let's see.

Tuesday, August 26, 2014

BSD News 25/08/2014

Last week in BSD
Releases: None
Other news:  FreeBSD, EuroBSDCon, freeNAS, DragonFly BSD, OpenBSD, BSDNow, nginx, MeetBSD


Releases

seems like none

Other news

EuroBSDCon 2014 Early bird registrations deadline extended to August 25th 

Dear all, The early bird rates end for registrations to the EuroBSDCon 2014 conference has been extended until August 25th 2014. If you haven't registered already, you can still get the early bird rates if you register now! Please go to http://2014.eurobsdcon.org/registration/ and follow the prompts to complete your registration.  

[EuroBSDCon] Google are offering 5 travel grants for female computer scientists to attend EuroBSDCon 2014 

As part of Google’s ongoing commitment to encourage women to excel in computing and technology, Google is pleased to offer Women in Tech Travel and Conference Grants to attend the EuroBSDcon 2014 conference[1]. 5 grants are offered, which include: * Free registration for the conference * Up to 1000 EUR towards travel costs (to be paid after the conference) To be eligible for a grant, the candidate must: * Be a woman working in or studying Computer Science, Computer Engineering, or technical field related to the conference subject * Have a strong academic background * Demonstrated leadership in the workplace or in school * Attend the core day(s) of the main conference

FreeBSD Foundation August Update Now Available


The FreeBSD Foundation August Update is now available. Get the latest Foundation news at: https://www.freebsdfoundation.org/press/2014augupdate.pdf
 
Happy 20th birthday FreeBSD ports tree!   
 
It all started with this commit from Jordan Hubbard on August 21, 1994:
Commit my new ports make macros
Still not 100% complete yet by any means but fairly usable at this stage.
Twenty years later the ports tree is still there and actively
maintained. A video was prepared to celebrate the event and to thank
all of you who give some of their spare time and energy to the project!

Engineering Nginx | BSD Now 51   

We'll be showing you how to set up a secure, SSL-only webserver. There's also an interview with Eric Le Blan about community participation and FreeBSD's role in the commercial server space. All that and more, on BSD Now - the place to B.. SD. 

MeetBSD California 2014 

MeetBSD California 2014 (https://www.meetbsd.com/), Western Digital Campus, San Jose, United States 1 - 2 November, 2014. MeetBSD 2014 uses a mixed unConference format featuring both scheduled talks and community-driven events such as birds-of-a-feather meetings, lightning talks, and speed geeking sessions.


Code stuff
OpenBSD: Heads up: rcctl(8) the rc.conf.local management tool landing in base soon 
DragonFly BSD: New dhclient and other improvements 
pkg upgrade tip for pkg 1.3 
syslogd(8) Now IPv6-Capable 
Heads Up: BIND Disabled in Base 
In Other BSDs for 2014/08/23 

Interesting articles
Unix: Viewing your processes through the eyes of /proc
FreeNAS 9.2.1.7 FTP Configuration 
iwn trick: ifconfig wlan0 -ht 
X with glamor on vc4 
Unix: Cozying up to ethtool