BSDCan 2015 Trip Report: Koop Mast

FreeBSD ports developer Koop Mast recounts his experience at BSDCan 2015. His trip was sponsored by the FreeBSD Foundation. BSDCan was held at the University of Ottawa in June.


I have been to two EuroBSDCon conferences and now I can add my first BSDCan to the list. The trip to Ottawa was just as interesting as the conference itself, it was the first time I stepped aboard an airplane. Purely by chance I found out, after I booked my flight, that I shared the same flight with Ed Schouten and Massimiliano Stucchi so they could help me with the confusing ant hill that is your average airport.

We arrived the 9th in Ottawa and after dropping off our stuff at the residence, we went to the Royal Oak for drinks and social activities.

During the dev summit or the actual BSDCan you can meet people you’ve only heard of before and have a conversation. In some cases, you can also find out they have heard of you before too. That happened to me during lunch on Wednesday, when I met Michael W. Lucas at Cora’s.

While I mostly work on FreeBSD ports, it was interesting to see how a company like Isilon uses at least part of the Project you work on in their product and how they’ve changed their policy over the years to keep up with all the shiny new stuff.

The hacking lounge was a mixed bag of what people were doing: talking with other people attending the conference about different subjects, discussing future projects, doing some code hacking or taking a soldering iron to “harmless” wireless routers. During one of the hacking lounges, Johannes Jost Meixner ask me to do a simple test with a few new ports to see if the skype4 port worked on HEAD. I also put the inspiration I got during a presentation into solving a segfault in PulseAudio that was bugging me for a while.


[Read more…]

FreeBSD Errata Notice FreeBSD-EN-15:13.vidcontrol

FreeBSD has issued an errata notice regarding vidcontrol(1) for syscons(4). Please see below to implement the proper measures.


Hash: SHA512

FreeBSD-EN-15:13.vidcontrol                                     Errata Notice
                                                          The FreeBSD Project

Topic:          Allow size argument to vidcontrol(1) for syscons(4)

Category:       core
Module:         vidcontrol
Announced:      2015-08-18
Credits:        Ed Maste
Affects:        FreeBSD 10.2-RELEASE
Corrected:      2015-08-04 15:15:06 UTC (stable/10, 10.2-STABLE)
                2015-08-18 19:30:17 UTC (releng/10.2, 10.2-RC3-p1)
                2015-08-18 19:30:17 UTC (releng/10.2, 10.2-RELEASE-p1)

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit

I.   Background

The vidcontrol(1) utility is used to set various options for the syscons(4) or
vt(4) console driver, such as video mode, colors, cursor shape, screen output
map, font, and screen saver timeout.

The vidcontrol(1) utility allows specifying a font size and font file as
arguments to the '-f' flag.  When no size or file are specified, vidcontrol(1)
the default font will be used.

II.  Problem Description

The vidcontrol(1) does not properly allow specifying the font size when
invoked from the command line.

[Read more…]

Install Wine on FreeBSD

This tutorial by the folks at WineHQ shows us how to get Wine set up on FreeBSD. Wine is a compatibility layer that allows you to run Windows application on several open source operating systems.




The FreeBSD Ports repository contains up-to-date packages for both Wine’s stable and development releases, not to mention the experimental wine-staging release (currently a separate project from wine, but not really a fork… it’s complicated).

Installing the necessary package is very easy. If you’re on a 32-bit version of FreeBSD, use the pkg install command with one of wine (stable release), wine-devel (development release), or wine-staging (separate experimental release). For example, to install the wine development release:

pkg install wine-devel

If you’re on a 64-bit version of FreeBSD, support for 64-bit Windows apps hasn’t been implemented yet, but you can still run 32-bit Windows apps fine. Instead of the packages listed above, just choose from i386-wine, i386-wine-devel, or i386-wine-staging.

Building Wine

{i} This section is mostly taken from the FreeBSD Wiki’s page on 32-bit Wine

Since FreeBSD doesn’t yet support cross-compiling 32-bit programs from a 64-bit environment, you’ll need to use a chroot. Otherwise, the process shouldn’t be hard at all….

  1. Load the necessary i386 files for a chroot into a folder
  2. Add mount points for necessary directories to the chroot
  3. Enter the chroot, set a few environment variables, and start ldconfig running

  4. Move to your desired version’s build directory and make the package [Read more…]

How To Set Up the Unbound Caching DNS Resolver on FreeBSD 10.1

This tutorial by user Chad Milios (DigitalOcean) shows us how to get Unbound (caching DNS resolver) set up on FreeBSD 10.1. DigitalOcean is a cloud infrastructure that offers many open source platforms, including FreeBSD.




The system of domain name servers (DNS) is a global hierarchy of databases dedicated to the simple but essential task of looking up host names like and turning them into one or more IP addresses. Whenever an email is sent or a connection to a host is initiated by its name, the DNS system is used. You can read this introduction to the DNS system for more information.

Such an essential and fundamental component of Internet infrastructure gets a lot of use. It is not uncommon for a busy system to make hundreds of name lookups per second or more. If services running on your server perform much work at all behind the scenes then it is likely that security and performance will benefit from verifying and caching within your own systems the name lookups that your service performs to conduct its operations.

In this tutorial, you will learn how to set up a FreeBSD server to remember all DNS lookups in a system-wide cache. Information will automatically expire from this cache, honoring each looked-up domain’s individual policy for rechecking.


In order to follow this tutorial, you will need:

  • One FreeBSD 10.1 Droplet

Step 1 — Enabling Unbound

FreeBSD 10.1 includes the verifying caching resolver Unbound (version 1.4.22) as part of the base system.

Once you are logged into your server via SSH, enabling FreeBSD’s included resolver is as simple as issuing the following command:

  • sudo sysrc local_unbound_enable=YES

Your Droplet is now configured to start Unbound at the next system reboot.

Step 2 — Starting Unbound

[Read more…]

FreeBSD 10.2-RELEASE Now Available

The developers of FreeBSD have made available version 10.2. Several changes noted are updates for resolvconf(8), ntp suite, rc(8), growfs, Linux(R) compatability, GNOME, KDE, ZFS performance & reliability improvements, and more. See below for the full list of changes. Download the ISO here.



Hash: SHA256

                       FreeBSD 10.2-RELEASE Announcement

   The FreeBSD Release Engineering Team is pleased to announce the
   availability of FreeBSD 10.2-RELEASE. This is the third release of the
   stable/10 branch, which improves on the stability of FreeBSD 10.1-RELEASE
   and introduces some new features.

   Some of the highlights:

     * The resolvconf(8) utility has been updated to version 3.7.0, with
       improvements to protect DNS privacy.

     * The ntp suite has been updated to version 4.2.8p3.

     * A new rc(8) script, growfs, has been added, which will resize the
       root filesystem on boot if the /firstboot file exists.

     * The Linux(R) compatibility version has been updated to support
       Centos(TM) 6 ports.

     * The drm code has been updated to match Linux(R) version 3.8.13,
       allowing running multiple X servers simultaneously.

     * Several enhancements and updates for improved FreeBSD/arm support.

     * Several ZFS performance and reliability improvements.

     * GNOME has been updated to version 3.14.2.

     * KDE has been updated to version 4.14.3.

     * And much more...

   For a complete list of new features and known problems, please see the
   online release notes and errata list, available at:



[Read more…]

shell injection vulnerability in patch(1)

FreeBSD has issued a Security Advisory concerning a shell injection vulnerability in patch(1). Please see below on how to apply the patches.


Hash: SHA512

FreeBSD-SA-15:18.bsdpatch                                   Security Advisory
                                                          The FreeBSD Project

Topic:          shell injection vulnerability in patch(1)

Category:       contrib
Module:         patch
Announced:      2015-08-05
Credits:        Martin Natano
Affects:        FreeBSD 10.x.
Corrected:      2015-08-05 22:05:02 UTC (stable/10, 10.2-PRERELEASE)
                2015-08-05 22:05:02 UTC (stable/10, 10.2-BETA2-p3)
                2015-08-05 22:05:12 UTC (releng/10.2, 10.2-RC1-p2)
                2015-08-05 22:05:12 UTC (releng/10.2, 10.2-RC2-p1)
                2015-08-05 22:05:18 UTC (releng/10.1, 10.1-RELEASE-p17)
CVE Name:       CVE-2015-1418

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:>.

I.   Background

The patch(1) utility takes a patch file produced by the diff(1) program and
apply the differences to an original file, producing a patched version.

The patch(1) utility supports patches that uses ed(1) script format, as
required by the POSIX.1-2008 standard.

ed(1) is a line-oriented text editor.

II.  Problem Description

[Read more…]