Skip to main content.

Episode 074: That Sly MINIX


Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid


The missing EuroBSDCon videos

FreeBSD on a MacBook Pro (or two)

  • We've got a couple posts about running FreeBSD on a MacBook Pro this week
  • In the first one, the author talks a bit about trying to run Linux on his laptop for quite a while, going back and forth between it and something that Just Works™
  • Eventually he came full circle, and the focus on using only GUI tools got in the way, instead of making things easier
  • He works on a lot of FreeBSD-related software, so switching to it for a desktop seems to be the obvious next step
  • He's still not quite to that point yet, but documents his experiments with BSD as a desktop
  • The second article also documents an ex-Linux user switching over to BSD for their desktop
  • It also covers power management, bluetooth and trackpad setup
  • On the topic of Gentoo, "Underneath the beautiful and easy-to-use Portage system lies the same glibc, the same turmoil over a switch to a less-than-ideal init system, and the same kernel-level bugs that bring my productivity down"
  • Check out both articles if you've been considering running FreeBSD on a MacBook

Remote logging over TLS

  • In most of the BSDs, syslogd has been able to remotely send logs to another server for a long time
  • That feature can be very useful, especially for forensics purposes - it's much harder for an attacker to hide their activities if the logs aren't on the same server
  • The problem is, of course, that it's sent in cleartext, unless you tunnel it over SSH or use some kind of third party wrapper
  • With a few recent commits, OpenBSD's syslogd now supports sending logs over TLS natively, including X509 certificate verification
  • By default, syslogd runs as an unprivileged user in a chroot on OpenBSD, so there were some initial concerns about certificate verification - how does that user access the CA chain outside of the chroot?
  • That problem was also conquered, by loading the CA chain directly from memory, so the entire process can be run in the chroot without issue
  • Some of the privsep verifcation code even made its way into LibreSSL right afterwards
  • If you haven't set up remote logging before, now might be an interesting time to try it out

FreeBSD, not a Linux distro

  • George Neville-Neil gave a presentation recently, titled "FreeBSD: not a Linux distro"
  • It's meant to be an introduction to new users that might've heard about FreeBSD, but aren't familiar with any BSD history
  • He goes through some of that history, and talks about what FreeBSD is and why you might want to use it over other options
  • There's even an interesting "thirty years in three minutes" segment
  • It's not just a history lesson though, he talks about some of the current features and even some new things coming in the next version(s)
  • We also learn about filesystems, jails, capsicum, clang, dtrace and the various big companies using FreeBSD in their products
  • This might be a good video to show your friends or potential employer if you're looking to introduce FreeBSD to them

Long-term support considered harmful

  • There was recently a pretty horrible bug in GNU's libc (BSDs aren't affected, don't worry)
  • Aside from the severity of the actual problem, the fix was delayed for quite a long time, leaving people vulnerable
  • Ted Unangst writes a post about how this idea of long-term support could actually be harmful in the long run, and compares it to how OpenBSD does things
  • OpenBSD releases a new version every six months, and only the two most recent releases get support and security fixes
  • He describes this as both a good thing and a bad thing: all the bugs in the ecosystem get flushed out within a year, but it forces people to stay (relatively) up-to-date
  • "Upgrades only get harder and more painful (and more fragile) the longer one goes between them. More changes, more damage. Frequent upgrades amortize the cost and ensure that regressions are caught early."
  • There was also some discussion about the article you can check out

Interview - Andrew Tanenbaum - / @minix3

MINIX's integration of NetBSD

News Roundup

Using AFL on OpenBSD

  • We've talked about American Fuzzy Lop a bit on a previous episode, and how some OpenBSD devs are using it to catch and fix new bugs
  • Undeadly has a cool guide on how you can get started with fuzzing
  • It's a little on the advanced side, but if you're interested in programming or diagnosing crashes, it'll be a really interesting article to read
  • Lots of recent CVEs in other open source projects are attributed to fuzzing - it's a great way to stress test your software

Lumina 0.8.1 released

  • A new version of Lumina, the BSD-licensed desktop environment from PCBSD, has been released
  • This update includes some new plugins, lots of bugfixes and even "quality-of-life improvements"
  • There's a new audio player desktop plugin, a button to easily minimize all windows at once and some cool new customization options
  • You can get it in PCBSD's edge repo or install it through regular ports (on FreeBSD, OpenBSD or DragonFly!)
  • If you haven't seen our episode about Lumina, where we interview the developer and show you a tour of its features, gotta go watch it

My first OpenBSD port

  • The author of the "Code Rot & Why I Chose OpenBSD" article has a new post up, this time about ports
  • He recently made his first port and got it into the tree, so he talks about the whole process from start to finish
  • After learning some of the basics and becoming comfortable running -current, he noticed there wasn't a port for the "Otter" web browser
  • At that point he did what you're supposed to do in that situation, and started working on it himself
  • OpenBSD has a great porter's handbook that he referenced throughout the process
  • Long story short, his browser of choice is in the official ports collection and now he's the maintainer (and gets to deal with any bug reports, of course)
  • If some software you use isn't available for whatever BSD you're using, you could be the one to make it happen

How to slide with DragonFly

  • DragonFly BSD has a new HAMMER FS utility called "Slider"
  • It's used to easily browse through file history and undelete files - imagine something like a commandline version of Apple's Time Machine
  • They have a pretty comprehensive guide on how to use it on their wiki page
  • If you're using HAMMER FS, this is a really handy tool to have, check it out

OpenSMTPD with Dovecot and Salt

  • We recently had a feedback question about which mail servers you can use on BSD - Postfix, Exim and OpenSMTPD being the big three
  • This blog post details how to set up OpenSMTPD, including Dovecot for IMAP and Salt for quick and easy deployment
  • Intrigued by it becoming the default MTA in OpenBSD, the author decided to give it a try after being a long-time Postfix fan
  • "Small, fast, stable, and very easy to customize, no more ugly m4 macros to deal with"
  • Check it out if you've been thinking about configuring your first mail server on any of the BSDs


Mailing List Gold

  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to
  • Also send us your ideas for the new discussion segment - we might start that either next week or the week after, depending on how much feedback we get about it (which has been almost none so far)
  • Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

Latest News

New announcement


We understand that Michael Dexter, Brad Davis, and George Rosamond think there should be more real news....

Two Year Anniversary


We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment


We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?


We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

Episode 281: EPYC Server battle


Direct Download:MP3 AudioVideo Headlines scp client multiple vulnerabilities Overview SCP clients from multiple vendors are susceptible to a malicious scp server performing unauthorized changes to target directory and/or client output manipulation. Description Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and...

Episode 280: FOSS clothing


Direct Download:MP3 AudioVideo Headlines A EULA in FOSS clothing? There was a tremendous amount of reaction to and discussion about my blog entry on the midlife crisis in open source. As part of this discussion on HN, Jay Kreps of Confluent took the time to write a detailed response — which...

Episode 279: Future of ZFS


Direct Download:MP3 AudioVideo Headlines The future of ZFS in FreeBSD The sources for FreeBSD's ZFS support are currently taken directly from Illumos with local ifdefs to support the peculiarities of FreeBSD where the Solaris Portability Layer (SPL) shims fall short. FreeBSD has regularly pulled changes from Illumos and tried to push...

Episode 278: The real McCoy


Direct Download:MP3 AudioVideo Interview - Kirk McKusick - 25 years of FreeBSD How Kirk got started in BSD, at the very beginning Predicting the Future How the code and community grew The leadership of the project, and how it changed over time UFS over the years (reading disks from 1982 in 2018) Conferences The rise and fall of...