NOTES
This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon

Headlines

2022 in Review: Software Development

What can we learn from Vintage Computing

News Roundup

OpenBSD KDE Status Report 2022

A Decade of HardenedBSD

In Praise of Plan9

Beastie Bits

LibreSSL 3.7.0 Released
OPNsense 22.7.10 released
BSDCan 2023 call for papers
How to lock OpenSSH authentication agent
Once upon a time long ago, I was sitting alone in the UCLA ARPANET site...

Tarsnap

• This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

Feedback/Questions

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv ***

Notes
This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon

Headlines

Advocating for FreeBSD in 2022 and Beyond

NetBSD 9.3 released

News Roundup

OPNsense 22.7 released

CHERI-based computer runs KDE for the first time

Guide: Run FreeBSD 13.1-RELEASE for ARM64 in QEMU on Apple Silicon Mac

Beastie Bits

• [In -current, dhclient(8) now just logs warnings and executes ifconfig(8)](http://undeadly.org/cgi?action=article;sid=20220703114819)
• [Freshly installed #NetBSD 4.0.1 booting on a 80386 DX40 with 8MB of RAM in 2022](https://twitter.com/lefinnois/status/1553246084675375104)
• [nerdctl](https://twitter.com/woodsb02/status/1554481441060560898?s=28&t=8K7_A1RiWnCDU_Mme4_Yqw)
• [Even more Randomness](https://undeadly.org/cgi?action=article;sid=20220731110742)

Tarsnap

• This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

  ---

NOTES
This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon

Headlines

The journey to ZFS raidz1 with different sized disks (On NetBSD) (Wheelbarrow optional)

FreeBSD Networking Basics: WiFi and Bluetooth

News Roundup

Playstation: Hole in NetBSD driver could allow code smuggling

• Archive link if the page is down (no images)
• Original Announcment
• German Article

KDE-FreeBSD CI

Remembering Buildtool

Beastie Bits

By the Way... Kubernetes for FreeBSD
FreeBSD Games Directory
Candlelit Console patch set to the framebuffer console

Tarsnap

• This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

Feedback/Questions

• Dan - A couple things
• Paul - BSD Business Justifications
• Todd - Feedback to prior feedback

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

NOTES
This episode of BSDNow is brought to you by Tarsnap

Headlines

FreeBSD 13.0 R Annoucement

• OpenZFS 2.0 (almost 2.1) is included in 13.0
• Removed support for previously-deprecated algorithms in geli(8).
• The armv8crypto(4) driver now supports AES-GCM which is used by IPsec and kernel TLS.

Enable multi-factor authentication on OpenBSD

In this article I will explain how to add a bit more security to your OpenBSD system by adding a requirement for user logging into the system, locally or by ssh. I will explain how to setup 2 factor authentication (2FA) using TOTP on OpenBSD

News Roundup

KDE on FreeBSD 2021o2

Gosh, second octant already! Well, let’s take a look at the big things that happened in KDE-on-FreeBSD in these six-and-a-half weeks.

GSoC Reports: Make system(3), popen(3) and popenve(3) use posix_spawn(3) internally (Final report)

My code can be found at github.com/teknokatze/src in the gsoc2020 branch, at the time of writing some of it is still missing. The test facilities and logs can be found in github.com/teknokatze/gsoc2020. A diff can be found at github which will later be split into several patches before it is sent to QA for merging.
The initial and defined goal of this project was to make system(3) and popen(3) use posix_spawn(3) internally, which had been completed in June. For the second part I was given the task to replace fork+exec calls in our standard shell (sh) in one scenario. Similar to the previous goal we determined through implementation if the initial motivation, to get performance improvements, is correct otherwise we collect metrics for why posix_spawn() in this case should be avoided. This second part meant in practice that I had to add and change code in the kernel, add a new public libc function, and understand shell internals.

---

A working D compiler on OpenBSD

Dr. Brian Robert Callahan (bcallah@) blogged about his work in getting D compiler(s) working under OpenBSD.

• Full Post ***

Tarsnap

• This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

Feedback/Questions

• Vasilis - upgrade question
• Dennis - zfs questions
• Daniel Dettlaff - KTLS question

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv ***

NOTES
This episode of BSDNow is brought to you by Tarsnap

Headlines

Follow-up about FreeBSD jail advantages

I’ll admit I ran a lot of justifications together into a single paragraph because I wanted to get to configuring the jails themselves. They’re also, by and large, not specific to FreeBSD’s flavour of containerisation, though I still think it’s easily the most elegant implementation. Sometimes the simplest solution really is the best one.

---

History of FreeBSD part 4: TCP/IP

• How TCP/IP evolved and BSDs special contribution to the history of the Internet ***

FreeBSD: Install Prometheus, Node Exporter and Grafana

FreeBSD comes out of the box with three great tools for monitoring. If you need more info about how these tools work, please read the official documentation. I’ll explain the installation only and creating a simple dashboard.

---

News Roundup

Calibrate your touch-screen on OpenBSD

I didn’t expected it but my refurbished T460s came with a touch-screen. It is recognized by default on OpenBSD and not well calibrated as-is. But that’s really simple to solve.

---

Lets all shed a Tear for 386

FreeBSD is designating i386 as a Tier 2 architecture starting with FreeBSD 13.0. The Project will continue to provide release images, binary updates, and pre-built packages for the 13.x branch. However, i386-specific issues (including SAs) may not be addressed in 13.x. The i386 platform will remain Tier 1 on FreeBSD 11.x and 12.x.

---

OPNsense 21.1 Marvelous Meerkat Released

For more than 6 years, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

---

NomadBSD 1.4-RC1

We are pleased to present the first release candidate of NomadBSD 1.4.

---

find mostly doesn't need xargs today on modern Unixes

I've been using Unix for long enough that 'find | xargs' is a reflex. When I started and for a long time afterward, xargs was your only choice for efficiently executing a command over a bunch of find results.

---

OpenBSD KDE Status Report

OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing.
After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine. What a monster! With my CPU power at home, I can build it 1-2 times a day which makes testing a little bit annoying and time intensive.

---

Tarsnap

• This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

Feedback/Questions

• Karl - Firefox webcam audio solution
• Michal - openzfs
• Dave - bufferbloat

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv ***

Headlines

FuryBSD 2020Q2 Images Available for XFCE and KDE

The Q2 2020 images are not a visible leap forward but a functional leap forward. Most effort was spent creating a better out of box experience for automatic Ethernet configuration, working WiFi, webcam, and improved hypervisor support.

Technical reasons to choose FreeBSD over GNU/Linux

Since I wrote my article "Why you should migrate everything from Linux to BSD" I have been wanting to write something about the technical reasons to choose FreeBSD over GNU/Linux and while I cannot possibly cover every single reason, I can write about some of the things that I consider worth noting.

News Roundup

+ Not actually Linux distro review deux: GhostBSD

When I began work on the FreeBSD 12.1-RELEASE review last week, it didn't take long to figure out that the desktop portion wasn't going very smoothly.

I think it's important for BSD-curious users to know of easier, gentler alternatives, so I did a little looking around and settled on GhostBSD for a follow-up review.

GhostBSD is based on TrueOS, which itself derives from FreeBSD Stable. It was originally a Canadian distro, but—like most successful distributions—it has transcended its country of origin and can now be considered worldwide. Significant GhostBSD development takes place now in Canada, Italy, Germany, and the United States.

“TLS Mastery” sponsorships open

My next book will be TLS Mastery, all about Transport Layer Encryption, Let’s Encrypt, OCSP, and so on.

This should be a shorter book, more like my DNSSEC or Tarsnap titles, or the first edition of Sudo Mastery. I would like a break from writing doorstops like the SNMP and jails books.

JT (our producer) shared his Open Source Retail Box Collection on twitter this past weekend and there was a nice response from a few in the BSD Community showing their collections:

• JT's post: https://twitter.com/q5sys/status/1251194823589138432

  • High Resolution Image to see the bottom shelf better: https://photos.smugmug.com/photos/i-9QTs2RR/0/f1742096/O/i-9QTs2RR.jpg
  • Closeup of the BSD Section: https://twitter.com/q5sys/status/1251294290782928897

• Others jumped in with their collections:

  • Deb Goodkin's collection: https://twitter.com/dgoodkin/status/1251294016139743232 & https://twitter.com/dgoodkin/status/1251298125672660992
  • FreeBSD Frau's FreeBSD Collection: https://twitter.com/freebsdfrau/status/1251290430475350018
  • Jason Tubnor's OpenBSD Collection: https://twitter.com/Tubsta/status/1251265902214918144

Do you have a nice collection, take a picture and send it in!

Tale of OpenBSD secure memory allocator internals - malloc(3)

Hi there,

It's been a very long time I haven't written anything after my last OpenBSD blogs, that is,

OpenBSD Kernel Internals — Creation of process from user-space to kernel space.

OpenBSD: Introduction to execpromises in the pledge(2)

pledge(2): OpenBSD's defensive approach to OS Security

So, again I started reading OpenBSD source codes with debugger after reducing my sleep timings and managing to get some time after professional life. This time I have picked one of my favourite item from my wishlist to learn and share, that is, OpenBSD malloc(3), secure allocator

How I learned to stop worrying and love SSDs

my home FreeNAS runs two pools for data. One RAIDZ2 with four spinning disk drives and one mirror with two SSDs. Toying with InfluxDB and Grafana in the last couple of days I found that I seem to have a constant write load of 1 Megabyte (!) per second on the SSDs. What the ...?

So I run three VMs on the SSDs in total. One with Windows 10, two with Ubuntu running Confluence, A wiki essentially, with files for attachments and MySQL as the backend database. Clearly the writes had to stop when the wikis were not used at all, just sitting idle, right?

Well even with a full query log and quite some experience in the operation of web applications I could not figure out what Confluence is doing (productively, no doubt) but trust me, it writes a couple of hundred kbytes to the database each second just sitting idle.

My infrastructure as of 2019

I've wanted to write about my infrastructure for a while, but I kept thinking, "I'll wait until after I've done $next_thing_on_my_todo." Of course this cycle never ends, so I decided to write about its state at the end of 2019. Maybe I'll write an update on it in a couple of moons; who knows?

For something different than our usual Beastie Bits… we bring you…

We're all quarantined so lets install BSD on things! Install BSD on something this week, write it up and let us know about it, and maybe we'll feature you!

• Installation of NetBSD on a Mac Mini

• OpenBSD on the HP Envy 13

• Install NetBSD on a Vintage Computer

• BSDCan Home Lab Panel recording session: May 5th at 18:00 UTC

• Allan started a series of FreeBSD Office Hours

BSDNow is going Independent

• After being part of Jupiter Broadcasting since we started back in 2013, BSDNow is moving to become independent. We extend a very large thank you to Jupiter Broadcasting and Linux Academy for hosting us for so many years, and allowing us to bring you over 100 episodes without advertisements. What does this mean for you, the listener? Not much will change, just make sure your subscription is via the RSS feed at BSDNow.tv rather than one of the Jupiter Broadcasting feeds. We will update you with more news as things settle out.

Feedback/Questions

• Todd - LinusTechTips Claims about ZFS

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Headlines

Fighting the Coronavirus with FreeBSD

Here is a quick HOWTO for those who want to provide some FreeBSD based compute resources to help finding vaccines.

UPDATE 2020-03-22: 0mp@ made a port out of this, it is in “biology/linux-foldingathome”.

Per default it will now pick up some SARS-CoV‑2 (COVID-19) related folding tasks. There are some more config options (e.g. how much of the system resources are used). Please refer to the official Folding@Home site for more information about that. Be also aware that there is a big rise in compute resources donated to Folding@Home, so the pool of available work units may be empty from time to time, but they are working on adding more work units. Be patient.

How to configure the Wireguard VPN in OPNsense

WireGuard is a modern designed VPN that uses the latest cryptography for stronger security, is very lightweight, and is relatively easy to set up (mostly). I say ‘mostly’ because I found setting up WireGuard in OPNsense to be more difficult than I anticipated. The basic setup of the WireGuard VPN itself was as easy as the authors claim on their website, but I came across a few gotcha's. The gotcha's occur with functionality that is beyond the scope of the WireGuard protocol so I cannot fault them for that. My greatest struggle was configuring WireGuard to function similarly to my OpenVPN server. I want the ability to connect remotely to my home network from my iPhone or iPad, tunnel all traffic through the VPN, have access to certain devices and services on my network, and have the VPN devices use my home's Internet connection.

WireGuard behaves more like a SSH server than a typical VPN server. With WireGuard, devices which have shared their cryptographic keys with each other are able to connect via an encrypted tunnel (like a SSH server configured to use keys instead of passwords). The devices that are connecting to one another are referred to as “peer” devices. When the peer device is an OPNsense router with WireGuard installed, for instance, it can be configured to allow access to various resources on your network. It becomes a tunnel into your network similar to OpenVPN (with the appropriate firewall rules enabled). I will refer to the WireGuard installation on OPNsense as the server rather than a “peer” to make it more clear which device I am configuring unless I am describing the user interface because that is the terminology used interchangeably by WireGuard.

The documentation I found on WireGuard in OPNsense is straightforward and relatively easy to understand, but I had to wrestle with it for a little while to gain a better understanding on how it should be configured. I believe it was partially due to differing end goals – I was trying to achieve something a little different than the authors of other wiki/blog/forum posts. Piecing together various sources of information, I finally ended up with a configuration that met the goals stated above.

News Roundup

NomadBSD 1.3.1

NomadBSD 1.3.1 has recently been made available. NomadBSD is a lightweight and portable FreeBSD distribution, designed to run on live on a USB flash drive, allowing you to plug, test, and play on different hardware. They have also started a forum as of yesterday, where you can ask questions and mingle with the NomadBSD community. Notable changes in 1.3.1 are base system upgraded to FreeBSD 12.1-p2. automatic network interface setup improved, image size increased to over 4GB, Thunderbird, Zeroconf, and some more listed below.

GhostBSD 20.02

Eric Turgeon, main developer of GhostBSD, has announced version 20.02 of the FreeBSD based operating system. Notable changes are ZFS partition into the custom partition editor installer, allowing you to install alongside with Windows, Linux, or macOS. Other changes are force upgrade all packages on system upgrade, improved update station, and powerd by default for laptop battery performance.

New FuryBSD XFCE and KDE images

This new release is now based on FreeBSD 12.1 with the latest FreeBSD quarterly packages. This brings XFCE up to 4.14, and KDE up to 5.17. In addition to updates this new ISO mostly addresses community bugs, community enhancement requests, and community pull requests. Due to the overwhelming amount of reports with GitHub hosting all new releases are now being pushed to SourceForge only for the time being. Previous releases will still be kept for archive purposes.

pf-badhost 0.3 Released

pf-badhost is a simple, easy to use badhost blocker that uses the power of the pf firewall to block many of the internet's biggest irritants. Annoyances such as SSH and SMTP bruteforcers are largely eliminated. Shodan scans and bots looking for webservers to abuse are stopped dead in their tracks. When used to filter outbound traffic, pf-badhost blocks many seedy, spooky malware containing and/or compromised webhosts.

Beastie Bits

• DragonFly i915 drm update
• CShell is punk rock
• The most surprising Unix programs

Feedback/Questions

• Master One - Torn between OpenBSD and FreeBSD
• Brad - Follow up to Linus ZFS story
• Filipe Carvalho - Call for Portuguese BSD User Groups

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Headlines

Distrowatch Fury BSD Review

FuryBSD is the most recent addition to the DistroWatch database and provides a live desktop operating system based on FreeBSD. FuryBSD is not entirely different in its goals from NomadBSD, which we discussed recently. I wanted to take this FreeBSD-based project for a test drive and see how it compares to NomadBSD and other desktop-oriented projects in the FreeBSD family.

FuryBSD supplies hybrid ISO/USB images which can be used to run a live desktop. There are two desktop editions currently, both for 64-bit (x86_64) machines: Xfce and KDE Plasma. The Xfce edition is 1.4GB in size and is the flavour I downloaded. The KDE Plasma edition is about 3.0GB in size.

My fresh install of FuryBSD booted to a graphical login screen. From there I could sign into my account, which brings up the Xfce desktop. The installed version of Xfce is the same as the live version, with a few minor changes. Most of the desktop icons have been removed with just the file manager launchers remaining. The Getting Started and System Information icons have been removed. Otherwise the experience is virtually identical to the live media.

FuryBSD uses a theme that is mostly grey and white with creamy yellow folder icons. The application menu launchers tend to have neutral icons, neither particularly bright and detailed or minimal.

LLDB now works on i386

Upstream describes LLDB as a next generation, high-performance debugger. It is built on top of LLVM/Clang toolchain, and features great integration with it. At the moment, it primarily supports debugging C, C++ and ObjC code, and there is interest in extending it to more languages.

In February 2019, I have started working on LLDB, as contracted by the NetBSD Foundation. So far I've been working on reenabling continuous integration, squashing bugs, improving NetBSD core file support, extending NetBSD's ptrace interface to cover more register types and fix compat32 issues, fixing watchpoint and threading support.

The original NetBSD port of LLDB was focused on amd64 only. In January, I have extended it to support i386 executables. This includes both 32-bit builds of LLDB (running natively on i386 kernel or via compat32) and debugging 32-bit programs from 64-bit LLDB.

News Roundup

wpa_supplicant is definitely a lower-class citizen, sorry

wpa_supplicant is definitely a lower-class citizen, sorry.

I increasingly wonder why this stuff matters; transit costs are so much lower than the period when eduroam was setup, and their reliance on 802.11x is super weird in a world where, for the most part
+ entire cities have open wifi in their downtown core
+ edu vs edu+transit split horizon problems have to be solved anyways
+ many universities have parallel open wifi
+ rate limiting / fare-share approaches for the open-net, on unmetered
+ flat-rate solves the problem
+ LTE hotspot off a phone isn't a rip off anymore
+ other open networks exist

essentially no one else feels compelled to do use 802.11x for a so called "semi-open access network", so I think they've lost the plot on friction vs benefit.

(we've held hackathons at EDU campus that are locked down like that, and in every case we've said no way, gotten a wire with open net, and built our own wifi. we will not subject our developers to that extra complexity).

KDE FreeBSD Updates Feb 2020

Some bits and bobs from the KDE FreeBSD team in february 2020. We met at the FreeBSD devsummit before FOSDEM, along with other FreeBSD people. Plans were made, schemes were forged, and Groff the Goat was introduced to some new people.

• The big ticket things:
  • Frameworks are at 5.66
  • Plasma is at 5.17.5 (the beta 5.18 hasn’t been tried)
  • KDE release service has landed 19.12.2 (same day it was released)
• Developer-centric:
  • KDevelop is at 5.5.0
  • KUserfeedback landed its 1.0.0 release
  • CMake is 3.16.3
• Applications:
  • Musescore is at 3.4.2
  • Elisa now part of the KDE release service updates
• Fuure work:
  • KIO-Fuse probably needs extra real-world testing on FreeBSD. I don’t have that kind of mounts (just NFS in /etc/fstab) so I’m not the target audience.
  • KTextEditor is missing .editorconfig support. That can come in with the next frameworks update, when consumers update anyway. Chasing it in an intermediate release is a bit problematic because it does require some rebuilds of consumers.

Travel Grant Application for BSDCan is now open

Hi everyone,

The Travel Grant Application for BSDCan 2020 is now open. The Foundation can help you attend BSDCan through our travel grant program. Travel grants are available to FreeBSD developers and advocates who need assistance with travel expenses for attending conferences related to FreeBSD development. BSDCan 2020 applications are due April 9, 2020. Find out more and apply at: https://www.freebsdfoundation.org/what-we-do/grants/travel-grants/

Did you know the Foundation also provides grants for technical events not specifically focused on BSD? If you feel that your attendance at one of these events will benefit the FreeBSD Project and Community and you need assistance getting there, please fill out the general travel grant application. Your application must be received 7 weeks prior to the event. The general application can be found here: https://goo.gl/forms/QzsOMR8Jra0vqFYH2

Creating a ZFS dataset for testing iocage within a jail

• Be warned, this failed. I’m stalled and I have not completed this.

I’m going to do jails within a jail. I already do that with poudriere in a jail but here I want to test an older version of iocage before upgrading my current jail hosts to a newer version.

• In this post:
  • FreeBSD 12.1
  • py36-iocage-1.2_3
  • py36-iocage-1.2_4

This post includes my errors and mistakes. Perhaps you should proceed carefully and read it all first.

Beastie Bits

• Reminder: the FreeBSD Journal is free! Check out these great articles
• Serenity GUI desktop running on an OpenBSD kernel
• The Open Source Parts of MacOS
• FOSDEM videos available

Feedback/Questions

• Michael - Install with ZFS
• Mohammad - Server Freeze
• Todd - ZFS Questions

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

##Headlines

###AsiaBSDCon 2019 Call for Papers

• You have until Jan 30th to submit
• Full paper requirement is relaxed a bit this year (this year ONLY!) due to the short submission window. You don’t need all 10-12 pages, but it is still preferred.
• Send a message to secretary@asiabsdcon.org with your proposal. Could be either for a talk or a tutorial.
• Two days of tutorials/devsummit and two days of conference during Sakura season in Tokyo, Japan
• The conference is also looking for sponsors
• If accepted, flight and hotel is paid for by the conference

###Project Trident 18.12 Released

• Twitter account if you want to keep up on project news
• Screenshots
• Project Trident Community Telegram Channel
• DistroWatch Page
• LinuxActionNews Review
• RoboNuggie’s in depth review

###Building Spotifyd on NetBSD

These are the steps I went through to build and run Spotifyd (this commit at the time of writing) on NetBSD AMD64. It’s a Spotify Connect client so it means I still need to control Spotify from another device (typically my phone), but the audio is played through my desktop… which is where my speakers and headphones are plugged in - it means I don’t have to unplug stuff and re-plug into my phone, work laptop, etc. This is 100% a “good enough for now solution” for me; I have had a quick play with the Go based microcontroller from spotcontrol and that allows a completely NetBSD only experience (although it is just an example application so doesn’t provide many features - great as a basis to build on though).

##News Roundup

###OPNsense 18.7.10 released

2019 means 19.1 is almost here. In the meantime accept this small
incremental update with goodies such as Suricata 4.1, custom passwords
for P12 certificate export as well as fresh fixes in the FreeBSD base.
A lot of cleanups went into this update to make sure there will be a
smooth transition to 19.1-RC for you early birds. We expect RC1 in 1-2
weeks and the final 19.1 on January 29.

###Introducing the Ultra EPYC AMD Powered Sun Ultra 24 Workstation

A few weeks ago, I got an itch to build a workstation with AMD EPYC. There are a few constraints. First, I needed a higher-clock part. Second, I knew the whole build would be focused more on being an ultra high-end workstation rather than simply utilizing gaming components. With that, I decided it was time to hit on a bit of nostalgia for our readers. Mainly, I wanted to do an homage to Sun Microsystems. Sun made the server gear that the industry ran on for years, and as a fun fact, if you go behind the 1 Hacker Way sign at Facebook’s campus, they left the Sun Microsystems logo. Seeing that made me wonder if we could do an ultimate AMD EPYC build in a Sun Microsystems workstation.

###OpenRsync

This is a clean-room implementation of rsync with a BSD (ISC) license. It is designed to be compatible with a modern rsync (3.1.3 is used for testing). It currently compiles and runs only on OpenBSD.
This project is still very new and very fast-moving.
It’s not ready for wide-spread testing. Or even narrow-spread beyond getting all of the bits to work. It’s not ready for strong attention. Or really any attention but by careful programming.
Many have asked about portability. We’re just not there yet, folks. But don’t worry, the system is easily portable. The hard part for porters is matching OpenBSD’s pledge and unveil.

###The first report on LLD porting

LLD is the link editor (linker) component of Clang toolchain. Its main advantage over GNU ld is much lower memory footprint, and linking speed. It is of specific interest to me since currently 8 GiB of memory are insufficient to link LLVM statically (which is the upstream default).
The first goal of LLD porting is to ensure that LLD can produce working NetBSD executables, and be used to build LLVM itself. Then, it is desirable to look into trying to build additional NetBSD components, and eventually into replacing /usr/bin/ld entirely with lld.
In this report, I would like to shortly summarize the issues I have found so far trying to use LLD on NetBSD.

###Ring in the new

It’s the second week of 2019 already, which means I’m curious what Nate is going to do with his series This week in usability … reset the numbering from week 1? That series is a great read, to keep up with all the little things that change in KDE source each week — aside from the release notes.
For the big ticket items of KDE on FreeBSD, you should read this blog instead.

• In ports this week (mostly KDE, some unrelated):
• KDE Plasma has been updated to the latest release, 5.14.5.
• KDE Applications 18.12.1 were released today, so we’re right on top of them.
• Marble was fixed for FreeBSD-running-on-Power9.
• Musescore caught up on 18 months of releases.
• Phonon updated to 4.10.1, along with its backends.
• And in development, Qt WebEngine 5.12 has been prepared in the incongruously-named plasma-5.13 branch in Area51; that does contain all the latest bits described above, as well.

##Beastie Bits

• NomadBSD 1.2-RC1 Released
• ZFS - The First Enterprise Blockchain
• Powersaving with DragonFly laptop
• NetBSD reaches 100% reproducable builds
• Potential Bhyve Web Interface?
• LibGDX proof of concept on OpenBSD - Video
• LiteCLI is a user-friendly CommandLine client for SQLite database
• In honor of Donald Knuth’s 81 birthday Stanford uploaded 111 lectures on Youtube
• Portland BSD Pizza Night - 2018-01-31 19:00 - Sweet Heart Pizza
• Stockholm BSD February meetup
• Polish BSD User Group: Jan 25 18:15 - 21:00
• AsiaBSDcon 2019 CfP

##Feedback/Questions

• Greg - VLANs and jails
• Tara - ZFS on removable disks
• Casey - Interview with Kirk McKusick

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Headlines

The future of ZFS in FreeBSD

The sources for FreeBSD’s ZFS support are currently taken directly from Illumos with local ifdefs to support the peculiarities of FreeBSD where the Solaris Portability Layer (SPL) shims fall short. FreeBSD has regularly pulled changes from Illumos and tried to push back any bug fixes and new features done in the context of FreeBSD. In the past few years the vast majority of new development in ZFS has taken place in DelphixOS and zfsonlinux (ZoL). Earlier this year Delphix announced that they will be moving to ZoL: https://www.delphix.com/blog/kickoff-future-eko-2018 This shift means that there will be little to no net new development of Illumos. While working through the git history of ZoL I have also discovered that many races and locking bugs have been fixed in ZoL and never made it back to Illumos and thus FreeBSD. This state of affairs has led to a general agreement among the stakeholders that I have spoken to that it makes sense to rebase FreeBSD’s ZFS on ZoL. Brian Behlendorf has graciously encouraged me to add FreeBSD support directly to ZoL https://github.com/zfsonfreebsd/ZoF so that we might all have a single shared code base. A port for ZoF can be found at https://github.com/miwi-fbsd/zof-port Before it can be committed some additional functionality needs to be added to the FreeBSD opencrypto framework. These can be found at https://reviews.freebsd.org/D18520 This port will provide FreeBSD users with multi modifier protection, project quotas, encrypted datasets, allocation classes, vectorized raidz, vectorized checksums, and various command line improvements.

FreeBSD Quarterly Status Update

With FreeBSD having gone all the way to 12, it is perhaps useful to take a look back at all the things that have been accomplished, in terms of many visible changes, as well as all the things that happen behind the scenes to ensure that FreeBSD continues to offer an alternative in both design, implementation, and execution. The things you can look forward to reading about are too numerous to summarize, but cover just about everything from finalizing releases, administrative work, optimizations and depessimizations, features added and fixed, and many areas of improvement that might just surprise you a little. Please have a cup of coffee, tea, hot cocoa, or other beverage of choice, and enjoy this culmulative set of reports covering everything that’s been done since October, 2017. —Daniel Ebdrup

News Roundup

One year of flying with the Raven: Ready for the Desktop?

It has been a little over one year now that I’m with the Ravenports project. Time to reflect my involvement, my expectations and hopes.

• Ravenports

Ravenports is a universal packaging framework for *nix operating systems. For the user it provides easy access to binary packages of common software for multiple platforms. It has been the long-lasting champion on Repology’s top 10 repositories regarding package freshness (rarely dropping below 96 percent while all other projects keep below 90!).

For the porter it offers a well-designed and elegant means of writing cross-platform buildsheets that allow building the same version of the software with (completely or mostly) the same compile-time configuration on different operating systems or distributions.

And for the developer it means a real-world project that’s written in modern Ada (ravenadm) and C (pkg) – as well as some Perl for support scripts and make. Things feel very optimized and fast. Not being a programmer though, I cannot really say anything about the actual code and thus leave it to the interested reader’s judgement.

Modern KDE on FreeBSD

New stuff in the official FreeBSD repositories! The X11 team has landed a newer version of libinput, opening up the way for KDE Plasma 5.14 in ports. That’s a pretty big update and it may frighten people with a new wallpaper. What this means is that the graphical stack is once again on-par with what Plasma upstream expects, and we can get back to chasing releases as soon as they happen, rather than gnashing our teeth at missing dependencies. The KDE-FreeBSD CI servers are in the process of being upgraded to 12-STABLE, and we’re integrating with the new experimental CI systems as well. This means we are chasing sensibly-modern systems (13-CURRENT is out of scope).

The many ways to launch FreeBSD in EC2

Talking to FreeBSD users recently, I became aware that while I’ve created a lot of tools, I haven’t done a very good job of explaining how, and more importantly when to use them. So for all of the EC2-curious FreeBSD users out there: Here are the many ways to launch and configure FreeBSD in EC2 — ranging from the simplest to the most complicated (but most powerful):

• Launch FreeBSD and SSH in
• Launch FreeBSD and provide user-data
• Use the AMI Builder to create a customized FreeBSD AMI
• Build a FreeBSD AMI from a modified FreeBSD source tree
• Build your own disk image

I hope I’ve provided tools which help you to run FreeBSD in EC2, no matter how common or unusual your needs are. If you find my work useful, please consider supporting my work in this area; while this is both something I enjoy working on and something which is useful for my day job (Tarsnap, my online backup service), having support would make it easier for me to prioritize FreeBSD/EC2 issues over other projects.

Using the GOG.com installers for Linux, on NetBSD

GOG.com prefers that you use their GOG Galaxy desktop app to download, install and manage all of your GOG games. But customers always have the option to install the game on their own terms, with a platform-specific installer. GOG offers these installers for Mac, Windows and/or Linux, depending on which platforms the game is available for.

• The installers truly are platform-specific:
• macOS games are distributed in a standard .pkg
• Windows games are distributed in a setup wizard .exe
• Linux games are distributed in a goofy shell archive

Of course, none of those are NetBSD. So, if I wanted to even attempt to play a game distributed by GOG.com on NetBSD, which one should I pick? The obvious choice is the Linux installer, since Linux is the most similar to NetBSD, right? Au contraire! In practice, I found that it is easier to download the Windows installer.

Here’s what I mean. For example, I ported the open source version of Aquaria to pkgsrc, but that package is only the game’s engine, not the multimedia data. The multimedia data is still copyrighted. Therefore, you need to get it from somewhere else. GOG is usually a good choice, because they distribute their games without DRM. And as mentioned earlier, picking the Linux installer seemed like a natural choice.

Now, actually PLAYING the games on NetBSD is a separate matter entirely. The game I’ve got here, though, my current obsession Pyre, is built with MonoGame and therefore could theoretically work on NetBSD, too, with the help of a library called FNA and a script for OpenBSD called fnaify. I do hope to create a pkgsrc package for FNA and port the fnaify script to NetBSD at some point.

Beastie Bits

• Software as a Reflection of Values With Bryan Cantrill
• Collection of bmc talks, updated 2018
• wump: incorrect wumpus movement probability
• Debugging Rust with VSCode on FreeBSD
• SMB/CIFS on FreeBSD
• BSD Tattoo
• pkgsrc-2018Q4 branch announcement
• toying with wireguard on openbsd
• new USB audio class v2.0 driver
• Todd Mortimer Removing ROP Gadgets from OpenBSD EuroBSDCon 2018
• OpenBSD 6.5 release page is online
• shell access to historical Unix versions in your browser

Feedback/Questions

• Brad - ZFS Features and Upgrades
• Andre - Splitting ZFS array
• Michael - Priority/nice value for Jails?

• Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

##Headlines
###What ZFS block pointers are and what’s in them

I’ve mentioned ZFS block pointers in the past; for example, when I wrote about some details of ZFS DVAs, I said that DVAs are embedded in block pointers. But I’ve never really looked carefully at what is in block pointers and what that means and implies for ZFS.

The very simple way to describe a ZFS block pointer is that it’s what ZFS uses in places where other filesystems would simply put a block number. Just like block numbers but unlike things like ZFS dnodes, a block pointer isn’t a separate on-disk entity; instead it’s an on disk data format and an in memory structure that shows up in other things. To quote from the (draft and old) ZFS on-disk specification (PDF):

A block pointer (blkptr_t) is a 128 byte ZFS structure used to physically locate, verify, and describe blocks of data on disk.

Block pointers are embedded in any ZFS on disk structure that points directly to other disk blocks, both for data and metadata. For instance, the dnode for a file contains block pointers that refer to either its data blocks (if it’s small enough) or indirect blocks, as I saw in this entry. However, as I discovered when I paid attention, most things in ZFS only point to dnodes indirectly, by giving their object number (either in a ZFS filesystem or in pool-wide metadata).

So what’s in a block pointer itself? You can find the technical details for modern ZFS in spa.h, so I’m going to give a sort of summary. A regular block pointer contains:

• various metadata and flags about what the block pointer is for and what parts of it mean, including what type of object it points to.
• Up to three DVAs that say where to actually find the data on disk. There can be more than one DVA because you may have set the copies property to 2 or 3, or this may be metadata (which normally has two copies and may have more for sufficiently important metadata).
• The logical size (size before compression) and ‘physical’ size (the nominal size after compression) of the disk block. The physical size can do odd things and is not necessarily the asize (allocated size) for the DVA(s).
• The txgs that the block was born in, both logically and physically (the physical txg is apparently for dva[0]). The physical txg was added with ZFS deduplication but apparently also shows up in vdev removal.
• The checksum of the data the block pointer describes. This checksum implicitly covers the entire logical size of the data, and as a result you must read all of the data in order to verify it. This can be an issue on raidz vdevs or if the block had to use gang blocks.

Just like basically everything else in ZFS, block pointers don’t have an explicit checksum of their contents. Instead they’re implicitly covered by the checksum of whatever they’re embedded in; the block pointers in a dnode are covered by the overall checksum of the dnode, for example. Block pointers must include a checksum for the data they point to because such data is ‘out of line’ for the containing object.

(The block pointers in a dnode don’t necessarily point straight to data. If there’s more than a bit of data in whatever the dnode covers, the dnode’s block pointers will instead point to some level of indirect block, which itself has some number of block pointers.)

There is a special type of block pointer called an embedded block pointer. Embedded block pointers directly contain up to 112 bytes of data; apart from the data, they contain only the metadata fields and a logical birth txg. As with conventional block pointers, this data is implicitly covered by the checksum of the containing object.

Since block pointers directly contain the address of things on disk (in the form of DVAs), they have to change any time that address changes, which means any time ZFS does its copy on write thing. This forces a change in whatever contains the block pointer, which in turn ripples up to another block pointer (whatever points to said containing thing), and so on until we eventually reach the Meta Object Set and the uberblock. How this works is a bit complicated, but ZFS is designed to generally make this a relatively shallow change with not many levels of things involved (as I discovered recently).

As far as I understand things, the logical birth txg of a block pointer is the transaction group in which the block pointer was allocated. Because of ZFS’s copy on write principle, this means that nothing underneath the block pointer has been updated or changed since that txg; if something changed, it would have been written to a new place on disk, which would have forced a change in at least one DVA and thus a ripple of updates that would update the logical birth txg.

However, this doesn’t quite mean what I used to think it meant because of ZFS’s level of indirection. If you change a file by writing data to it, you will change some of the file’s block pointers, updating their logical birth txg, and you will change the file’s dnode. However, you won’t change any block pointers and thus any logical birth txgs for the filesystem directory the file is in (or anything else up the directory tree), because the directory refers to the file through its object number, not by directly pointing to its dnode. You can still use logical birth txgs to efficiently find changes from one txg to another, but you won’t necessarily get a filesystem level view of these changes; instead, as far as I can see, you will basically get a view of what object(s) in a filesystem changed (effectively, what inode numbers changed).

(ZFS has an interesting hack to make things like ‘zfs diff’ work far more efficiently than you would expect in light of this, but that’s going to take yet another entry to cover.)

###Rewards of Up to $500,000 Offered for FreeBSD, OpenBSD, NetBSD, Linux Zero-Days

Exploit broker Zerodium is offering rewards of up to $500,000 for zero-days in UNIX-based operating systems like OpenBSD, FreeBSD, NetBSD, but also for Linux distros such as Ubuntu, CentOS, Debian, and Tails.
The offer, first advertised via Twitter earlier this week, is available as part of the company’s latest zero-day acquisition drive. Zerodium is known for buying zero-days and selling them to government agencies and law enforcement.
The company runs a regular zero-day acquisition program through its website, but it often holds special drives with more substantial rewards when it needs zero-days of a specific category.

• BSD zero-day rewards will be on par with Linux payouts

The US-based company held a previous drive with increased rewards for Linux zero-days in February, with rewards going as high as $45,000.
In another zero-day acquisition drive announced on Twitter this week, the company said it was looking again for Linux zero-days, but also for exploits targeting BSD systems. This time around, rewards can go up to $500,000, for the right exploit.
Zerodium told Bleeping Computer they’ll be aligning the temporary rewards for BSD systems with their usual payouts for Linux distros.
The company’s usual payouts for Linux privilege escalation exploits can range from $10,000 to $30,000. Local privilege escalation (LPE) rewards can even reach $100,000 for “an exploit with an exceptional quality and coverage,” such as, for example, a Linux kernel exploit affecting all major distributions.
Payouts for Linux remote code execution (RCE) exploits can bring in from $50,000 to $500,000 depending on the targeted software/service and its market share. The highest rewards are usually awarded for LPEs and RCEs affecting CentOS and Ubuntu distros.

• Zero-day price varies based on exploitation chain

The acquisition price of a submitted zero-day is directly tied to its requirements in terms of user interaction (no click, one click, two clicks, etc.), Zerodium said.
Other factors include the exploit reliability, its success rate, the number of vulnerabilities chained together for the final exploit to work (more chained bugs means more chances for the exploit to break unexpectedly), and the OS configuration needed for the exploit to work (exploits are valued more if they work against default OS configs).

• Zero-days in servers “can reach exceptional amounts”

“Price difference between systems is mostly driven by market shares,” Zerodium founder Chaouki Bekrar told Bleeping Computer via email.
Asked about the logic behind these acquisition drives that pay increased rewards, Bekrar told Bleeping Computer the following:
"Our aim is to always have, at any time, two or more fully functional exploits for every major software, hardware, or operating systems, meaning that from time to time we would promote a specific software/system on our social media to acquire new codes and strengthen our existing capabilities or extend them.”
“We may also react to customers’ requests and their operational needs,” Bekrar said.

• It’s becoming a crowded market

Since Zerodium drew everyone’s attention to the exploit brokerage market in 2015, the market has gotten more and more crowded, but also more sleazy, with some companies being accused of selling zero-days to government agencies in countries with oppressive or dictatorial regimes, where they are often used against political oponents, journalists, and dissidents, instead of going after real criminals.
The latest company who broke into the zero-day brokerage market is Crowdfense, who recently launched an acquisition program with prizes of $10 million, of which it already paid $4.5 million to researchers.

Twitter Announcement

Digital Ocean
http://do.co/bsdnow

###KDE on FreeBSD – June 2018

The KDE-FreeBSD team (a half-dozen hardy individuals, with varying backgrounds and varying degrees of involvement depending on how employment is doing) has a status message in the #kde-freebsd channel on freenode. Right now it looks like this:

http://FreeBSD.kde.org | Bleeding edge 
http://FreeBSD.kde.org/area51.php | Released: Qt 5.10.1, KDE SC 4.14.3, KF5 5.46.0, Applications 18.04.1, Plasma-5.12.5, Kdevelop-5.2.1, Digikam-5.9.0

It’s been a while since I wrote about KDE on FreeBSD, what with Calamares and third-party software happening as well. We’re better at keeping the IRC topic up-to-date than a lot of other sources of information (e.g. the FreeBSD quarterly reports, or the f.k.o website, which I’ll just dash off and update after writing this).

• In no particular order:
• Qt 5.10 is here, in a FrankenEngine incarnation: we still use WebEnging from Qt 5.9 because — like I’ve said before — WebEngine is such a gigantic pain in the butt to update with all the necessary patches to get it to compile.
• Our collection of downstream patches to Qt 5.10 is growing, slowly. None of them are upstreamable (e.g. libressl support) though.
• KDE Frameworks releases are generally pushed to ports within a week or two of release. Actually, now that there is a bigger stack of KDE software in FreeBSD ports the updates take longer because we have to do exp-runs.
• Similarly, Applications and Plasma releases are reasonably up-to-date. We dodged a bullet by not jumping on Plasma 5.13 right away, I see. Tobias is the person doing almost all of the drudge-work of these updates, he deserves a pint of something in Vienna this summer.
• The freebsd.kde.org website has been slightly updated; it was terribly out-of-date.

So we’re mostly-up-to-date, and mostly all packaged up and ready to go. Much of my day is spent in VMs packaged by other people, but it’s good to have a full KDE developer environment outside of them as well. (PS. Gotta hand it to Tomasz for the amazing application for downloading and displaying a flamingo … niche usecases FTW)

##News Roundup
###New FreeBSD Core Team Elected

Active committers to the project have elected your tenth FreeBSD Core
Team.

• Allan Jude (allanjude)
• Benedict Reuschling (bcr)
• Brooks Davis (brooks)
• Hiroki Sato (hrs)
• Jeff Roberson (jeff)
• John Baldwin (jhb)
• Kris Moore (kmoore)
• Sean Chittenden (seanc)
• Warner Losh (imp)

Let’s extend our gratitude to the outgoing Core Team members:

• Baptiste Daroussin (bapt)
• Benno Rice (benno)
• Ed Maste (emaste)
• George V. Neville-Neil (gnn)
• Matthew Seaman (matthew)

Matthew, after having served as the Core Team Secretary for the past
four years, will be stepping down from that role.

The Core Team would also like to thank Dag-Erling Smørgrav for running a
flawless election.

• To read about the responsibilities of the Core Team, refer to https://www.freebsd.org/administration.html#t-core.

###NetBSD WiFi refresh

The NetBSD Foundation is pleased to announce a summer 2018 contract with Philip Nelson (phil%NetBSD.org@localhost) to update the IEEE 802.11 stack basing the update on the FreeBSD current code. The goals of the project are:

• Minimizing the differences between the FreeBSD and NetBSD IEEE 802.11 stack so future updates are easier.
• Adding support for the newer protocols 801.11/N and 802.11/AC.
• Improving SMP support in the IEEE 802.11 stack.
• Adding Virtual Access Point (VAP) support.
• Updating as many NIC drivers as time permits for the updated IEEE 802.11 stack and VAP changes.

Status reports will be posted to tech-net%NetBSD.org@localhost every other week
while the contract is active.

iXsystems

###Poor Man’s CI - Hosted CI for BSD with shell scripting and duct tape

Poor Man’s CI (PMCI - Poor Man’s Continuous Integration) is a collection of scripts that taken together work as a simple CI solution that runs on Google Cloud. While there are many advanced hosted CI systems today, and many of them are free for open source projects, none of them seem to offer a solution for the BSD operating systems (FreeBSD, NetBSD, OpenBSD, etc.)

The architecture of Poor Man’s CI is system agnostic. However in the implementation provided in this repository the only supported systems are FreeBSD and NetBSD. Support for additional systems is possible.

Poor Man’s CI runs on the Google Cloud. It is possible to set it up so that the service fits within the Google Cloud “Always Free” limits. In doing so the provided CI is not only hosted, but is also free! (Disclaimer: I am not affiliated with Google and do not otherwise endorse their products.)

• ARCHITECTURE

A CI solution listens for “commit” (or more usually “push”) events, builds the associated repository at the appropriate place in its history and reports the results. Poor Man’s CI implements this very basic CI scenario using a simple architecture, which we present in this section.

• Poor Man’s CI consists of the following components and their interactions:

• Controller: Controls the overall process of accepting GitHub push events and starting builds. The Controller runs in the Cloud Functions environment and is implemented by the files in the controller source directory. It consists of the following components:

  • Listener: Listens for GitHub push events and posts them as work messages to the workq PubSub.
  • Dispatcher: Receives work messages from the workq PubSub and a free instance name from the Builder Pool. It instantiates a builder instance named name in the Compute Engine environment and passes it the link of a repository to build.
  • Collector: Receives done messages from the doneq PubSub and posts the freed instance name back to the Builder Pool.




• PubSub Topics:

  • workq: Transports work messages that contain the link of the repository to build.
  • poolq: Implements the Builder Pool, which contains the name’s of available builder instances. To acquire a builder name, pull a message from the poolq. To release a builder name, post it back into the poolq.
  • doneq: Transports done messages (builder instance terminate and delete events). These message contain the name of freed builder instances.




• builder: A builder is a Compute Engine instance that performs a build of a repository and shuts down when the build is complete. A builder is instantiated from a VM image and a startx (startup-exit) script.




• Build Logs: A Storage bucket that contains the logs of builds performed by builder instances.




• Logging Sink: A Logging Sink captures builder instance terminate and delete events and posts them into the doneq.




• BUGS

The Builder Pool is currently implemented as a PubSub; messages in the PubSub contain the names of available builder instances. Unfortunately a PubSub retains its messages for a maximum of 7 days. It is therefore possible that messages will be discarded and that your PMCI deployment will suddenly find itself out of builder instances. If this happens you can reseed the Builder Pool by running the commands below. However this is a serious BUG that should be fixed. For a related discussion see https://tinyurl.com/ybkycuub.

$ ./pmci queue_post poolq builder0
# ./pmci queue_post poolq builder1
# ... repeat for as many builders as you want

The Dispatcher is implemented as a Retry Background Cloud Function. It accepts work messages from the workq and attempts to pull a free name from the poolq. If that fails it returns an error, which instructs the infrastructure to retry. Because the infrastructure does not provide any retry controls, this currently happens immediately and the Dispatcher spins unproductively. This is currently mitigated by a “sleep” (setTimeout), but the Cloud Functions system still counts the Function as running and charges it accordingly. While this fits within the “Always Free” limits, it is something that should eventually be fixed (perhaps by the PubSub team). For a related discussion see https://tinyurl.com/yb2vbwfd.

###The Power of Ctrl-T

Did you know that you can check what a process is doing by pressing CTRL+T?
Has it happened to you before that you were waiting for something to be finished that can take a lot of time, but there is no easy way to check the status. Like a dd, cp, mv and many others. All you have to do is press CTRL+T where the process is running. This will output what’s happening and will not interrupt or mess with it in any way. This causes the operating system to output the SIGINFO signal.
On FreeBSD it looks like this:

ping pingtest.com
PING pingtest.com (5.22.149.135): 56 data bytes
64 bytes from 5.22.149.135: icmp_seq=0 ttl=51 time=86.232 ms
64 bytes from 5.22.149.135: icmp_seq=1 ttl=51 time=85.477 ms
64 bytes from 5.22.149.135: icmp_seq=2 ttl=51 time=85.493 ms
64 bytes from 5.22.149.135: icmp_seq=3 ttl=51 time=85.211 ms
64 bytes from 5.22.149.135: icmp_seq=4 ttl=51 time=86.002 ms
load: 1.12 cmd: ping 94371 [select] 4.70r 0.00u 0.00s 0% 2500k
5/5 packets received (100.0%) 85.211 min / 85.683 avg / 86.232 max
64 bytes from 5.22.149.135: icmp_seq=5 ttl=51 time=85.725 ms
64 bytes from 5.22.149.135: icmp_seq=6 ttl=51 time=85.510 ms

As you can see it not only outputs the name of the running command but the following parameters as well:

94371 – PID
4.70r – since when is the process running
0.00u – user time
0.00s – system time
0% – CPU usage
2500k – resident set size of the process or RSS
``

> An even better example is with the following cp command:

cp FreeBSD-11.1-RELEASE-amd64-dvd1.iso /dev/null
load: 0.99 cmd: cp 94412 [runnable] 1.61r 0.00u 0.39s 3% 3100k
FreeBSD-11.1-RELEASE-amd64-dvd1.iso -> /dev/null 15%
load: 0.91 cmd: cp 94412 [runnable] 2.91r 0.00u 0.80s 6% 3104k
FreeBSD-11.1-RELEASE-amd64-dvd1.iso -> /dev/null 32%
load: 0.91 cmd: cp 94412 [runnable] 4.20r 0.00u 1.23s 9% 3104k
FreeBSD-11.1-RELEASE-amd64-dvd1.iso -> /dev/null 49%
load: 0.91 cmd: cp 94412 [runnable] 5.43r 0.00u 1.64s 11% 3104k
FreeBSD-11.1-RELEASE-amd64-dvd1.iso -> /dev/null 64%
load: 1.07 cmd: cp 94412 [runnable] 6.65r 0.00u 2.05s 13% 3104k
FreeBSD-11.1-RELEASE-amd64-dvd1.iso -> /dev/null 79%
load: 1.07 cmd: cp 94412 [runnable] 7.87r 0.00u 2.43s 15% 3104k
FreeBSD-11.1-RELEASE-amd64-dvd1.iso -> /dev/null 95%

> I prcessed CTRL+T six times.  Without that, all the output would have been is the first line.

> Another example how the process is changing states:

wget https://download.freebsd.org/ftp/releases/amd64/amd64/ISO-IMAGES/11.1/FreeBSD-11.1-RELEASE-amd64-dvd1.iso
–2018-06-17 18:47:48– https://download.freebsd.org/ftp/releases/amd64/amd64/ISO-IMAGES/11.1/FreeBSD-11.1-RELEASE-amd64-dvd1.iso
Resolving download.freebsd.org (download.freebsd.org)… 96.47.72.72, 2610:1c1:1:606c::15:0
Connecting to download.freebsd.org (download.freebsd.org)|96.47.72.72|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 3348465664 (3.1G) [application/octet-stream]
Saving to: ‘FreeBSD-11.1-RELEASE-amd64-dvd1.iso’

FreeBSD-11.1-RELEASE-amd64-dvd1.iso 1%[> ] 41.04M 527KB/s eta 26m 49sload: 4.95 cmd: wget 10152 waiting 0.48u 0.72s
FreeBSD-11.1-RELEASE-amd64-dvd1.iso 1%[> ] 49.41M 659KB/s eta 25m 29sload: 12.64 cmd: wget 10152 waiting 0.55u 0.85s
FreeBSD-11.1-RELEASE-amd64-dvd1.iso 2%[=> ] 75.58M 6.31MB/s eta 20m 6s load: 11.71 cmd: wget 10152 running 0.73u 1.19s
FreeBSD-11.1-RELEASE-amd64-dvd1.iso 2%[=> ] 85.63M 6.83MB/s eta 18m 58sload: 11.71 cmd: wget 10152 waiting 0.80u 1.32s
FreeBSD-11.1-RELEASE-amd64-dvd1.iso 14%[==============> ] 460.23M 7.01MB/s eta 9m 0s 1

> The bad news is that CTRl+T doesn’t work with Linux kernel, but you can use it on MacOS/OS-X:

—> Fetching distfiles for gmp
—> Attempting to fetch gmp-6.1.2.tar.bz2 from https://distfiles.macports.org/gmp
—> Verifying checksums for gmp
—> Extracting gmp
—> Applying patches to gmp
—> Configuring gmp
load: 2.81 cmd: clang 74287 running 0.31u 0.28s

> PS: If I recall correctly Feld showed me CTRL+T, thank you!

***


##Beastie Bits
+ [Half billion tries for a HAMMER2 bug](http://lists.dragonflybsd.org/pipermail/commits/2018-May/672263.html)
+ OpenBSD with various Desktops
 + [OpenBSD 6.3 running twm window manager](https://youtu.be/v6XeC5wU2s4)
 + [OpenBSD 6.3 jwm and rox desktop](https://youtu.be/jlSK2oi7CBc)
 + [OpenBSD 6.3 cwm youtube video](https://youtu.be/mgqNyrP2CPs)
+ [pf: Increase default state table size](https://svnweb.freebsd.org/base?view=revision&revision=336221)
***

**Tarsnap**

##Feedback/Questions
+ Ben Sims - [Full feed?](http://dpaste.com/3XVH91T#wrap)
+ Scott - [Questions and Comments](http://dpaste.com/08P34YN#wrap)
+ Troels - [Features of FreeBSD 11.2 that deserve a mention](http://dpaste.com/3DDPEC2#wrap)
+ [Fred - Show Ideas](http://dpaste.com/296ZA0P#wrap)
***

- Send questions, comments, show ideas/topics, or stories you want mentioned on the show to [feedback@bsdnow.tv](mailto:feedback@bsdnow.tv)
***

***

iXsystems [It's all NAS](https://www.ixsystems.com/blog/its-all-nas/)