OpenVPN routing with BIRD on FreeBSD

openvpntechThis tutorial by user Felix J. Ogris shows us how to get OpenVPN routing with BIRD set up on FreeBSD.

Original: http://www.ogris.de/howtos/freebsd-openvpn-bird.html

If you run OpenVPN as an unprivileged user and/or in a chroot environment, it can’t dynamically modify routes. This becomes a problem if you run multiple OpenVPN daemons, no matter whether they run on the same box or on different servers. When a client disconnects from one instance and later connects to another instance, you have to update your internal routing information for that client. To solve this, I’ve been using the BIRD Internet Routing Daemon.
The relevant part of my /usr/local/etc/openvpn.conf looks like this:

mode server
chroot /usr/local/etc/openvpn/chroot
client-connect /bin/cc.sh
client-disconnect /bin/cc.sh
script-security 2
user openvpn
group openvpn

Note that the location of the client-connect and client-disconnect script /bin/cc.sh is relative to the chroot directory /usr/local/etc/openvpn/chroot, which contains three subdirectories:

drwxr-xr-x  2 root  wheel    bin
drwxr-xr-x  2 root  wheel    ccd
drwxrwxr-x  2 root  openvpn  tmp
  • bin contains three tools:
    -r-xr-xr-x  1 root  wheel  cc.sh
    -r-xr-xr-x  2 root  wheel  nc
    -r-xr-xr-x  2 root  wheel  sh
    

    I copied sh from /rescue/sh, while nc was hardlinked to sh. All binaries in /rescue are statically linked, so they’ll work even in a chroot environment.

  • ccd contains my client config files, each containing an ifconfig-push and optionally one or more iroute statements for a particular client. Those files are owned and writeable by root only.
  • tmp contains the control socket for BIRD, and a dynamically created config file for each OpenVPN client.

When an OpenVPN client connects, cc.sh reads its ip address and routes from the config file in ccd, writes this information in BIRD compatible syntax to the config file in tmp, and informs BIRD to reload its configuration.
When a client disconnects, cc.sh just empties the config file in tmp, and reloads BIRD.
My /usr/local/etc/bird.conf looks like this:

[Read more…]

Phoronix is 11 Years Old

phoronix-advertisePhoronix, a website dedicated to bringing Linux related and open source news, is now 11 years old. They have highlighted several FreeBSD related articles as some of the most popular Phoronix articles, out of 15,000+. Congrats and thank you Phoronix for your contributions to the FreeBSD and open-source community.

Sony’s PlayStation 4 Is Running Modified FreeBSD 9
The operating system at the heart of Sony’s PlayStation 4 is FreeBSD 9.0.

FreeBSD 10 To Use Clang Compiler, Deprecate GCC
As indicated by the Q1-2012 FreeBSD Status Report, LLVM’s Clang compiler is quickly replacing GCC for this popular BSD operating system. The developers are also making much progress in a GNU-free C++11 stack. For FreeBSD 10 they’re aiming for Clang as the default C/C++ compiler, deprecate GCC, and to have a BSD-licensed C++ stack.

Ubuntu vs. OpenSolaris vs. FreeBSD Benchmarks
Over the past few weeks we have been providing several in-depth articles looking at the performance of Ubuntu Linux. We had begun by providing Ubuntu 7.04 to 8.10 benchmarks and had found the performance of this popular Linux distribution to become slower with time and that article was followed up with Mac OS X 10.5 vs. Ubuntu 8.10 benchmarks and other articles looking at the state of Ubuntu’s performance. In this article, we are now comparing the 64-bit performance of Ubuntu 8.10 against the latest test releases of OpenSolaris 2008.11 and FreeBSD 7.1.

FreeBSD 8.0 vs. Ubuntu 9.10 Benchmarks
Canonical will be releasing Ubuntu 9.10 at the end of next month while the final release of FreeBSD 8.0 is also expected within the next few weeks. With these two popular free software operating systems both having major updates coming out at around the same time, we decided it warranted some early benchmarking as we see how the FreeBSD 8.0 and Ubuntu 9.10 performance compares.

Original – http://www.phoronix.com/scan.php?page=news_item&px=Phoronix-11-Popularity

FreeBSD 10.2 Release Process

lacisbsdsigned

The developers of FreeBSD have laid out plans to release version 10.2 in August 2015. Check the table to see the release dates for each build.

Introduction

This is the release schedule for FreeBSD 10.2. For more information about the release engineering process, please see the Release Engineering section of the web site.

General discussions about the pending release and known issues should be sent to the public freebsd-stable mailing list. MFC requests should be sent to re@FreeBSD.org.

Schedule

Action Expected Actual Description
Initial release schedule announcement 26 February 2015 Release Engineers send announcement email to developers with a rough schedule.
Release schedule reminder 20 May 2015 21 May 2015 Release Engineers send reminder announcement e-mail to developers with updated schedule.
Code slush begins 19 June 2015 Release Engineers announce that all further commits to the stable/10 branch will not require explicit approval, however new features should be avoided.
Code freeze begins 3 July 2015 Release Engineers announce that all further commits to the stable/10 branch will require explicit approval. Certain blanket approvals will be granted for narrow areas of development, documentation improvements, etc.
BETA1 builds begin 10 July 2015 First beta test snapshot.
BETA2 builds begin 17 July 2015 Second beta test snapshot.
BETA3 builds begin * 24 July 2015 Third beta test snapshot.
releng/10.2 branch 31 July 2015 Subversion branch created; future release engineering proceeds on this branch.
RC1 builds begin 31 July 2015 First release candidate.
stable/10 thaw 1 August 2015 The code freeze on the stable/10 branch is lifted.
RC2 builds begin 7 August 2015 Second release candidate.
RC3 builds begin * 14 August 2015 Third release candidate.
RELEASE builds begin 21 August 2015 10.2-RELEASE builds begin.
RELEASE announcement 31 August 2015 10.2-RELEASE press release.
Turn over to the secteam releng/10.2 branch is handed over to the FreeBSD  Security Officer Team in one or two weeks after the announcement.

“*” indicates “as-needed” items.

Original: https://www.freebsd.org/releases/10.2R/schedule.html

FreeBSD Mastery: ZFS

FreeBSD Mastery: ZFS author Michael W. Lucas has released volume 7 of his book, along with co-author Allan Jude.

Data Storage for the 21st Century and Beyond!

The first of two ZFS books, by critically acclaimed author Michael W Lucas and FreeBSD developer Allan Jude

ZFS, the fast, flexible, self-healing filesystem, revolutionized data storage. Leveraging ZFS changes everything about managing FreeBSD systems.

FreeBSD Mastery: ZFS

With FreeBSD Mastery: ZFS, you’ll learn to:

  • select hardware for ZFS systems
  • arrange your storage for optimal performance
  • configure datasets that match your enterprise’s needs
  • repair and monitor storage pools
  • expand your storage
  • use compression to enhance performance
  • determine if deduplication is right for your data
  • understand how copy-on-write changes everything
  • snapshot filesystems
  • automatically rotate snapshots
  • clone filesystems
  • optimize how ZFS uses and manages space
  • customize FreeBSD ZFS installs

Whether you’re a long-term FreeBSD administrator or a new user, FreeBSD Mastery: ZFS will help you simplify storage.

Master ZFS with FreeBSD Mastery: ZFS

“If you’re a FreeBSD (or Linux, or Unix) sysadmin, then you need this book.” — Slashdot, on FreeBSD Mastery: Storage Essentials

Get the book now!

Print and ebook bundle? If you buy the print from Amazon, you can get the ebook for $2.99.

Get the ebook from:

Print

Original: https://www.michaelwlucas.com/nonfiction/freebsd-mastery-zfs

Another Data Center Site Visit – NYI

Glen Barber at the FreeBSD Foundation made a visit to New York Internet data center, which houses some FreeBSD servers. Follow them along on their journey through the internet’s closets:

Original: http://freebsdfoundation.blogspot.com/2015/05/another-data-center-site-visit-nyi.html

No Systems Administrators Were Harmed While Writing This Blog Entry

Mmm…  Freshly-unboxed servers.  There really is nothing better to wake up to in the morning.

Well, okay, coffee.  But new servers – definitely second.

In late April, the FreeBSD Foundation generously purchased more machines to keep the FreeBSD.org infrastructure operating smoothly.  While the new servers are not yet in production (a task the Cluster Administrators will undertake while at BSDCan in June), we have planned far in advance what we intend to do with the new hardware.

In mid-May, I spent several days at our East-Coast US colocation facility, racking, cabling, installing, and configuring the new servers.

As They Say in Real-Estate: Colocation, Colocation, Colocation

The new hardware is located at New York Internet in Bridgewater, New Jersey, who generously provides colocation services to the FreeBSD Project.  They have an amazing staff, and whether we are on-site or working with them through their ticket system, are always friendly, knowledgeable, and of course, helpful.

New Hardware Specs

[Read more…]

For FreeBSD automatic installation of using bsdinstall [ZFS Operations]

This tutorial by user kunst1080 shows us how to get an FreeBSD automatic installation set up using bsdinstall. *Note that this is a translated article.

Original: http://kunst1080.hatenablog.com/entry/2015/05/30/181955, translated:  http://kunst1080.hatenablog.com/entry/2015/05/31/221431

bsdinstall-config-components

Now, we take a look at how to install to ZFS using bsdinstall.

Installation of ZFS in an auto layout

As it is described in the manual, to the first half (PREAMBLE), if describe the environment variable “ZFSBOOT_DISKS” instead of “PARTITIONS”, ZFS allows you to install to.

However, care must be taken of the following two points.

  • If you want to automatically install, set environment variable “nonInteractive”.
  • It needs to be export environment variables “ZFSBOOT_DISKS” and “nonInteractive”.

In particular, care must be taken with regard to the second point.

(I tried to read freebsd/script at master · freebsd/freebsd · GitHub, I am feeling that because DISTRIBUTIONS has been export, but such ZFSBOOT_DISKS has not been export, …… and it is the cause)

First half (PREAMBLE)

[Read more…]

How to Run a Django Site with Apache, mod_wsgi, and MySQL on FreeBSD 10.1

This tutorial by FreeBSD user Chad Stovern (DigitalOcean) shows us how to get a Django website set up with Apache, mod_wsgi, and MySQL on FreeBSD 10.1.

Original: https://www.digitalocean.com/community/tutorials/how-to-run-a-django-site-with-apache-mod_wsgi-and-mysql-on-freebsd-10-1

django apache_software_foundation_logo_3074   mysql-logo

Introduction

This article shows you how to deploy a web application using Django, the popular Python framework. The beauty of developing with popular web frameworks is that a lot of repetitious work has been done for you, so you can focus on building your site.

Whether you’re a developer or not, it’s great to know that the core of what you’re running on your Droplet has undergone the scrutiny of a large open-source community and should be less susceptible to large security holes.

One thing that is not inherently simple is knowing how to get these web frameworks up and running outside of your own development or testing environment. In this article we’ll show you how to do just that, using a standard Apache, mod_wsgi, and MySQL stack running on top of FreeBSD 10.1.

Goals

  • Install and configure a Python virtual environment for your Django site
  • Create and configure a sample Django site for testing
  • Configure a simple and secure MySQL server
  • Configure a simple Apache virtual host that will serve your Django site
  • Test that the newly minted site works properly

Prerequisites

Before you begin this guide you’ll need the following:

  • A FreeBSD 10.1 Droplet
  • Access to your root account or an account with sudo privileges following this tutorial
  • A working knowledge of how to edit text files from the command line
  • The Bash shell environment, since we’ll be using Virtualenv later on this tutorial. Follow the instructions in the Changing the Default Shell section of the How To Get Started with FreeBSD 10.1 tutorial. You may need to log out and log in again to get the Bash shell for your freebsd user

FreeBSD Foundation May 2015 Update

The FreeBSD Foundation have published their updates for May 2015. Follow the link for news on development projects, conferences, a behind-the-scene look on FreeBSD running on servers, as well as this year’s fundraising goals. We would also like to extend our condolences to long time BSD advocate, Paul Schenkeveld, his contributions to the community will be remembered.

freebsdfoundationThe start of summer is upon us and that also means the beginning of a particularly fun few months at the Foundation. From meeting FreeBSD developers at BSD events to installing new hardware, we’re continuing to come up with new ways to support the Project. As always, we can’t do anything without your help so, thank you again for all you do, and enjoy our latest update!
Deb
View the FreeBSD Foundation May 2015 Update: https://www.freebsdfoundation.org/press/2015mayupdate.pdf

A Repository with 44 Years of Unix Evolution

provenance.png

Interested in a bit of some FreeBSD history? This article by, Diomidis Spinellis (Department of Management Science and Technology, Athens University of Economics and Business), details the history of Unix’s evolution of the repository system all the way to its use in FreeBSD.

Original PDF: http://www.dmst.aueb.gr/dds/pubs/conf/2015-MSR-Unix-History/html/Spi15c.pdf
Original HTML: http://www.dmst.aueb.gr/dds/pubs/conf/2015-MSR-Unix-History/html/Spi15c.html

A Repository with 44 Years of Unix Evolution

Abstract

The evolution of the Unix operating system is made available as a version-control repository, covering the period from its inception in 1972 as a five thousand line kernel, to 2015 as a widely-used 26 million line system. The repository contains 659 thousand commits and 2306 merges. The repository employs the commonly used Git system for its storage, and is hosted on the popular GitHub archive. It has been created by synthesizing with custom software 24 snapshots of systems developed at Bell Labs, Berkeley University, and the 386BSD team, two legacy repositories, and the modern repository of the open source FreeBSD system. In total, 850 individual contributors are identified, the early ones through primary research. The data set can be used for empirical research in software engineering, information systems, and software archaeology.

1  Introduction

The Unix operating system stands out as a major engineering breakthrough due to its exemplary design, its numerous technical contributions, its development model, and its widespread use. The design of the Unix programming environment has been characterized as one offering unusual simplicity, power, and elegance [1]. On the technical side, features that can be directly attributed to Unix or were popularized by it include [2]: the portable implementation of the kernel in a high level language; a hierarchical file system; compatible file, device, networking, and inter-process I/O; the pipes and filters architecture; virtual file systems; and the shell as a user-selectable regular process. A large community contributed software to Unix from its early days [3], [4,pp. 65-72]. This community grew immensely over time and worked using what are now termed open source software development methods [5,pp. 440-442]. Unix and its intellectual descendants have also helped the spread of the C and C++ programming languages, parser and lexical analyzer generators (yacc, lex), document preparation tools (troff, eqn, tbl), scripting languages (awk, sed, Perl), TCP/IP networking, and configuration management systems (SCCS, RCS, Subversion, Git), while also forming a large part of the modern internet infrastructure and the web.

Luckily, important Unix material of historical importance has survived and is nowadays openly available. Although Unix was initially distributed with relatively restrictive licenses, the most significant parts of its early development have been released by one of its right-holders (Caldera International) under a liberal license. Combining these parts with software that was developed or released as open source software by the University of California, Berkeley and the FreeBSD Project provides coverage of the system’s development over a period ranging from June 20th 1972 until today.

Curating and processing available snapshots as well as old and modern configuration management repositories allows the reconstruction of a new synthetic Git repository that combines under a single roof most of the available data. This repository documents in a digital form the detailed evolution of an important digital artefact over a period of 44 years. The following sections describe the repository’s structure and contents (Section II), the way it was created (Section III), and how it can be used (Section IV).

2  Data Overview

[Read more…]