In this BSD Now episode, hosts Benedict and Allan go over EuroBSDcon’s schedule, explore Docker on OpenBSD, and show us how to run PostgreSQL on ZFS, and more. Click play below to tune in:
BSD Now weekly content roundup: http://www.bsdnow.tv/episodes/2017_05_31-postgrezfs
Jupiter Broadcasting show notes: http://www.jupiterbroadcasting.com/115251/postgrezfs-bsd-now-196/
The FreeBSD Foundation has designated June 19 as National FreeBSD Day! On June 19, 1993, FreeBSD was chosen to be the name for this open-source operating system that is now widely used across the world. Read their post on how we can celebrate and promote FreeBSD.
We’re pleased to announce that June 19 has been declared National FreeBSD Day. Join us in honoring The FreeBSD Project’s pioneering legacy and continuing impact on technology.
What is FreeBSD
FreeBSD is an open-source operating system developed out of the University of California at Berkley in 1993. Used by billions of people around the globe, FreeBSD is used to teach operating system concepts in universities. Companies also develop products on FreeBSD, and universities use it as a research platform.
In fact, there’s a good chance you’re already using at least some code derived from FreeBSD in your everyday life. For example, if you stream movies via Netflix, chat with friends on WhatsApp, or play the latest PlayStation 4 game sensation, you’re already using FreeBSD.
As a pioneer in open-source technology, FreeBSD can be modified and redesigned to meet the needs of the user, free of charge within the guidelines of the license…
Official announcement: https://www.freebsdfoundation.org/national-freebsd-day/
This tutorial by user John Ramsden shows us how to get Nextcloud set up in a FreeBSD jail. Nextcloud is an open-source file syncing platform designed to set up a cloud on your own network. See the link below for the full set of instructions.
I recently setup Nextcloud 12 inside a FreeBSD jail in order to allow me access to files I might need while at University. I figured this would be a optimal solution for files that I might need access to unexpectedly, on computers where I am not in complete control. My Nextcloud instance is externally accessible, and yet if someone were to get inside my Jail, I could rest easy knowing they still didn’t have access to the rest of my host server. I chronicled the setup process including jail setup using iocage, https with Lets Encrypt, and full setup of the web stack.
Full tutorial: https://ramsdenj.com/2017/06/05/nextcloud-in-a-jail-on-freebsd.html
In this BSD now episode, hosts Allan and Benedict discuss OpenBSD, combating ransomware with OpenZFS, and using pfSense to maximize your non-gigabit internet connection. Click play below to tune in:
BSD Now weekly content roundup: http://www.bsdnow.tv/episodes/2017_05_17-i_dont_wannacry
Jupiter Broadcasting show notes: http://www.jupiterbroadcasting.com/115041/i-dont-wannacry-bsd-now-195/
Check out these discussion posts of various users’ experience in using FreeBSD as a desktop and in the home lab.
This tiny machine has been with me for a few years now, It has mostly run OS X though I have tried OpenBSD on it. Besides the screen resolution I’m still really happy with it, hardware wise. Software wise, not so much. I use an external disk containing a zpool with my data on it. Among this data are several source trees. CVS on a ZFS filesystem on OS X is painfully slow. I dislike that builds running inside Terminal.app are slow at the expense of a responsive UI. The system seems fragile, at the slightest push the machine will either hang or become unresponsive. Buggy serial drivers which do not implement the break signal and cause instability are frustrating.
This tutorial by user cmcenroe shows us how to share your files from FreeBSD to macOS with the SMB protocol. See the link below for the full set of instructions.
This is an explanation of one way of sharing files with Mac OS X 10.11 El Capitan from FreeBSD 11.0. It uses Samba, an implementation of the SMB protocol, and Apple’s mDNSResponder for service discovery. Alternatives are listed at the end.
Background
SMB is the protocol used for file sharing between Windows systems. Mac systems previously used their own Apple Filing Protocol, but deprecated it in favour of SMB with Mac OS X 10.9 Mavericks.
mDNS, or multicast DNS, is a technology for resolving host names in a local network. On top of this, DNS service discovery, or DNS-SD, can be used to broadcast available services, such as SMB. This is how Finder discovers hosts to show in “Shared” or “Network.”
Samba
First, install Samba. There are two versions available in FreeBSD. This is the newer one.
pkg install samba42
Full tutorial: https://cmcenroe.me/2017/01/08/freebsd-macos-file-sharing.html
This tutorial by user BRANDON.LEE shows us how to get FreeNAS 9.10 and NFS set up with a datastore VMware ESXi. See the link below for the full set of instructions.
Many choose to use NFS as opposed to iSCSI in their VMware vSphere environments. NFS has a lot of benefits and use cases particularly when we look at the efficiency of NFS. With NFS there is no encapsulation that needs to take place as there is with iSCSI. Like iSCSI, NFS can use an existing IP network as well. So, starting off simple here, let’s take a look at how to configure FreeNAS 9.10 NFS VMware ESXi 6 datastore.
Configure FreeNAS 9.10 NFS VMware ESXi 6 datastore
The specific version of FreeNAS I am using is 9.10.2 U3 and is the most recent GA version on the FreeNAS site at the time of this writing. I am not covering here the setup of FreeNAS in general. You will want to provision your storage and your network connectivity on the appliance itself. For the purposes of the post, I am running FreeNAS as a VM which is a great way to play around with iSCSI and NFS in a lab. I have setup a management IP as well as another interface that I have bound for NFS connectivity.
If you haven’t seen it already, the developers of FreeBSD have released their first quarter status report. Phoronix notes that the ports collection is reaching 30,000, and significant progress is being made for the Linux compatibility layer. Check out the links below for full details.
While a few of these projects indicate they are a “plan B” or an “attempt III”, many are still hewing to their original plans, and all have produced impressive results. Please enjoy this vibrant collection of reports, covering the first quarter of 2017.
—Benjamin Kaduk
FreeBSD Q1 Status Report: https://www.freebsd.org/news/status/report-2017-01-2017-03.html
The FreeBSD team has published their quarterly status report to reflect the progress made by this open-source operating system during Q1’2017.
FreeBSD’s quarterly status reports remain a great way to stay updated on the current initiatives and projects being pursued by the foundation and individual developers.
Phoronix: http://www.phoronix.com/scan.php?page=news_item&px=FreeBSD-Q1-2017-Status
User Eric McCorkle discusses some security aspects of FreeBSD, notably signatures (executables, library, kernel) in his latest blog. This article is broken down in sections such as signed elf binaries, portable verification library, key management, etc. Read the whole thing at the link below.
About a month ago, I started a discussion on freebsd-hackers and freebsd-security about a system for signed executables, with a focus on signed kernels and kernel modules. This is part of a larger agenda of mine to equip FreeBSD with OS-level tamper resistance features.
While the initial use of this is for signing the kernel and its modules, and checking signatures during the loader process as well as at runtime when kernel modules are loaded. However, it is desirable to build a system that is capable of growing in likely directions, such as executable and library signing.
This article details the current state of the design of this system.
Desiderata
I originally outlined a number of goals for this system:
Be able to check for a correct cryptographic signature for any kernel or modules loaded at boot time for some platforms (EFI at a minimum)
Be able to check for a correct cryptographic signature for any kernel module loaded during normal operations (whether or not to do this could be controlled by a sysctl, securelevel, or some similar mechanism) ….
Original post: https://ericmccorkleblog.wordpress.com/2017/05/19/design-of-a-trust-system-for-freebsd/
In this BSD Now episode, hosts Benedict and Allan cover the latest FreeBSD status report, discuss a plan for Open Source software development, centrally managing bhyve with Ansible, libvirt, pkg-ssh, and more. Click play below to tune in:
BSD Now weekly content roundup: http://www.bsdnow.tv/episodes/2017_05_17-daemonic_plans
Jupiter Broadcasting show notes: http://www.jupiterbroadcasting.com/114751/daemonic-plans-bsd-now-194/