FreeBSD end-of-year fund raising drive (update)

freebsd_foundation 100.x100FreeBSD is free; it can be downloaded, used and adapted without paying any fees, unlike other major operating systems. This is why the FreeBSD Foundation needs donations to be able to fund new projects and conferences.

The FreeBSD Foundation is collecting donations for the next year. The Foundation is a regular sponsor of many events, funds trips (including mine) to FreeBSD conferences and occasionally funds projects for various enhancements to FreeBSD. What else does the Foundation do?

The Foundation writes on its blog:

We would like to thank everyone who has donated to the FreeBSD Foundation this year. We have raised $183,888 towards our 2009 goal of $300,000! We are almost 2/3 of the way to reaching our goal! Oh, and BTW, we have had 671 donors this year. This is compared to just over 300 this time last year. This is important not only to help us keep our Public Charity Status, but it shows there are many users who are passionate about FreeBSD and want to show their support.

With the weakened economy we have been very conservative with our spending this year. But, like each previous year we have increased the amount we have spent on the FreeBSD Project and community. We were blown away with the number of project proposals we received this year. We were able to fund 7 projects this year. Unfortunately we didn’t have the budget to fund all the proposals we received.

This coming year we want to double the amount we spend on project development. In order to accomplish this, we need to meet our fund-raising goal.

Continues

Colin Percival has decided to donate all income made from his online backup service, Tarsnap, to the Foundation:

As a FreeBSD user and developer, I obviously care about the success of FreeBSD. I make a small contribution towards this success via my role as Security Officer; but the time I spend working on my Tarsnap online backup service prevents me from making as much of a direct contribution as I would like. Fortunately the FreeBSD Foundation does an excellent job of supporting FreeBSD development; but like most such organizations, they are funded entirely by donations and are always in need of more. In light of this, I am pleased to announce that I will be donating all of the profits made by Tarsnap for the month of December to the FreeBSD Foundation.

Continues

In memory of donations
After the passing away of John Birrell, the Foundation has made it possible to donate-in-memory-of:
It is now possible to make a donation to the FreeBSD Foundation in memory of someone. Select the “in memory of” button on the donation page and type in the name of the person the donation is being made in memory of.
Apart from my own donation, I donate 10% of the income (adverts, donations etc) from this blog.
Why not be generous, donate and help the Foundation reach it’s goal of $300.000 ?

BSDTalk interview with Josh Paetzel (iXsystems)

BSDTalk has a 12 minute interview with Josh Paetzel, IT director at iXsystems. Will and Josh talk about the recent takeover of the FreeNAS project by iXsystems.

FreeNAS will stay FreeBSD-based, with the ZFS file system and the project will stay open source. The roadmap and some other things are still being thought about and worked on.

BSDTalk 182 – Listen to the podcast: MP3 | OGG

Juniper Networks backs FreeBSD with MIPS port

When it comes to new features in an open source operating system, sometimes features are developed by community developers and other times they are contributed by commercial vendors. The recent FreeBSD 8.0 operating system release benefited from both types of contributions.

juniper_networks_logoIn particular, as part of the FreeBSD 8.0 release, there is new experimental MIPS support which was contributed by networking vendor Juniper Networks

“Juniper has been a longtime supporter of openness in all its forms, open standards in networking, open APIs in our products, and certainly open source software that serves a greater good,”

Mike Bushong, Director of Product Management, Junos Software at Juniper Networks told InternetNews.com.

“Contributing work back to FreeBSD was just one way we could give a little something back to the community that has served us so well for more than 10 years.”

Juniper’s involvement with FreeBSD, goes deeper than just MIPS, as Juniper’s core JUNOS operating system has its roots in FreeBSD. JUNOS is used in nearly every Juniper networking product and is now also being licensed to third party vendors and is also part of the Juniper OEM gear that is sold by Dell and IBM.

Though Juniper does not directly ship FreeBSD in its commercial products today, according to Bushong, Junos continues to benefit from its roots in FreeBSD. Juniper has been updating its Junos operating system every 90 days since the operating system was first released in 1998.

“Today, we still use FreeBSD as our base operating system, Bushong said. “FreeBSD has proven to be quite flexible in supporting vendor innovation, and its proven track record of reliability, performance, and scalability is paramount in the networking world.”

Juniper’s connection to FreeBSD isn’t limited to historical connections either and goes beyond its Junos roots.

“Juniper maintains a strong relationship with the FreeBSD committer community, sponsoring various projects within FreeBSD that will ultimately serve the entire user base, “

said Bushong.

Whole article: Juniper Backs FreeBSD With MIPS Port

First look at FreeBSD 8.0

Jesse Smith from Distrowatch has taken FreeBSD 8.0 for a ride. Below his findings.

freebsd project logo 100x100FreeBSD has long been recognised as a fast, stable and reliable operating system, powering large server farms of some of the biggest web sites and search engines on the Internet. This week Jesse Smith installed the project’s latest release, version 8.0, on his home server to ascertain that it works as advertised. What were his findings? Read on to find out.

Sometimes it feels to me as if Linux distributions overshadow all other aspects of the open source ecosystem. It can be very easy to jump from one flavour of Linux to another, and to yet another, without being aware of the many other options available. This week, I decided to go in a different direction and explore the latest offering from the BSD communities: FreeBSD, version 8.0.

The FreeBSD operating system is very flexible and well-suited to many different environments, including embedded systems and desktop machines. However, as the project’s motto, “The Power To Serve,” indicates, FreeBSD gains most of its strong reputation from running servers. Keeping that in mind, I borrowed an old desktop box with a 1 GHz CPU and 512 MB of RAM and installed the latest version of FreeBSD on it to see how it would function as a home server.

One of the first things that stand out about the FreeBSD project is its web site. The layout is easy to read, the presentation is professional and there is more documentation than you can shake a USB stick at. It is wonderfully easy to find just about any information one needs on this site. When troubles arise or when advice is needed, there is a friendly community forum. The latest version of this operating system comes in several different flavours, including a CD edition, with the basic system, and a DVD edition with all the bells and whistles. The operating system will run on 32-bit and 64-bit x86 architectures, Sparc64 and PowerPC systems, among others. All in all, there’s a wide variety to choose from and likely a download to suite just about everybody. I grabbed the CD image for i386 machines and got to work.


Conclusion:

In the past, I’ve referred to FreeBSD as both stable and powerful and this release confirms that reputation. After spending a week installing, configuring and using the latest version of FreeBSD, I’d like to add that it’s a very mature and polished operating system too. On the surface, the system looks complex and arcane, but great lengths have been taken to make each step of each task smooth for the administrator. This is largely thanks to the FreeBSD Handbook, but credit should also be given to unusually clear man pages. I found the output, error messages and defaults for most commands were helpful, increasing the refined, friendly feel of the system. There are a number of minor surprises for people coming from Linux systems, mostly in small differences in commands and the layout of the file system, but nothing significant. In fact, I found the FreeBSD directories to be clean and well organized. At various points during the week, I visited the project’s forums and always found a friendly community member willing to answer questions. Version 8.0 of the FreeBSD operating system is fast, powerful, well crafted and rock solid; I highly recommend it for anyone who is interested in setting up their own server.

Full review

Well, what’s stopping you from installing FreeBSD on your server?

FreeBSD shines while Apple fails

This is an article by Paul Rubens on Serverwatch. Paul analyses the difference between Apple and the FreeBSD (security) Team with regards to tackling security problems:

Apple is making a lot of money these days. The more money it makes, the greater the contempt for its customers it seems to display. A critical bug recently discovered in FreeBSD, and the speed with which this bug was resolved, illustrates this rather well. If you use Apple’s products in your business, be afraid; be very afraid.

Here’s how the sorry story unfolds. FreeBSD 8.0 was released last week, and the latest version of the UNIX-like OS was generally received with approval. FreeBSD enjoys a good reputation with its followers, and many OSes and products contain code based on or borrowed from the OS, including Juniper routers, and — ironically, as we shall see — Mac OS X.

So far so good. Until Monday morning, when researcher Nikolaos Rangos announced he discovered “an unbelievable [sic] simple local r00t bug in recent FreeBSD versions,” along with some exploit code. The vulnerability affected the 8.0 release, as well as the older 7.1 and 7.0 versions of FreeBSD.

All software has bugs, but it’s how people react when things go wrong that you can judge them. Did the FreeBSD folks sit around and do nothing? Did they busy themselves with other things and leave 8.0, 7.1 and 7.0 users vulnerable to pwnage? No, they did not!

Continued

Nvidia 64bit graphics card drivers for FreeBSD

freebsd_nvidia_logoThe NVIDIA Corporation releases an initial BETA version of NVIDIA 195.22 FreeBSD graphics drivers for both i386 and amd64 architectures. The drivers support recent versions of the FreeBSD operating system, i.e. 7.2-STABLE and 8.0-RELEASE and provide support for features like SLI, improved compatibility and performance, especially on systems with 4GB or more of RAM. This marks the first driver release for amd64, as it was previously available only for i386 architecture. Please see the original announcement for more information.

I am pleased to announce the initial release of NVIDIA FreeBSD BETA graphics drivers that take advantage of kernel features (see http://wiki.freebsd.org/NvidiaFeatureRequests) added in FreeBSD 7.3 and 8.0 that enable improved NVIDIA graphics driver support for FreeBSD/i386 and initial support for FreeBSD/amd64.

The binary components of this release are functionally identical to those included with the 195.22 NVIDIA FreeBSD BETA graphics driver release announced earlier (see http://www.nvnews.net/vbulletin/showthread.php?t=142095). However, the kernel interface layer updated for FreeBSD 7.3 and 8.0 provides improved compatibility, especially on systems with 4GB or more of RAM, improved performance (mileage will vary between systems) and support for features like SLI. It also introduces support for FreeBSD/amd64.

In order to use this driver release, your system will need to have either FreeBSD 7.3 or FreeBSD 8.0 (or later) installed. Until FreeBSD 7.3 has been released, you can use FreeBSD 7.2 with a current RELENG_7 kernel (__FreeBSD_version__ >= 702106; use of a top-of-tree RELENG_7 kernel is recommended to ensure recent Linux ABI compatibility fixes are picked up). For general installation instructions, please see the README.

Both the FreeBSD/x86 and FreeBSD/x86-64 driver packages include 32-bit Linux ABI compatibility libraries; 64-bit Linux libraries may be included with a future release (when support for Linux/x86-64 compatibility is added to FreeBSD/amd64). The FreeBSD/x86-64 package does not include the FreeBSD/x86 OpenGL libraries; however, the libraries shipped with the FreeBSD/x86 driver package have been tested on FreeBSD/x86-64.

More

FreeBSD 7.x & 8.x Root Exploit Patched!

A security bug in the latest version of FreeBSD can be exploited to grant unprivileged users complete control over the operating system, a German researcher discovered.

The flaw is present in FreeBSD 8.0 and is known to affect versions 7.1 and 7.2.

“A short time ago a “local root” exploit was posted to the full-disclosure mailing list; as the name suggests, this allows a local user to execute arbitrary code as root.

Normally it is the policy of the FreeBSD Security Team to not publicly discuss security issues until an advisory is ready, but in this case since exploit code is already widely available I want to make a patch available ASAP. Due to the short timeline, it is possible that this patch will not be the final version which is provided when an advisory is sent out; it is even possible (although highly doubtful) that this patch does not fully fix the issue or introduces new issues — in short, use at your own risk (even more than usual).” (source)

More information and the patch can be found here.

The run-time link-editor, rtld, links dynamic executable with their needed libraries at run-time. It also allows users to explicitly load libraries via various LD_ environmental variables.

II. Problem Description

When running setuid programs rtld will normally remove potentially dangerous environment variables. Due to recent changes in FreeBSD environment variable handling code, a corrupt environment may result in attempts to unset environment variables failing.

III. Impact

An unprivileged user who can execute programs on a system can gain the privileges of any setuid program which he can run. On most systems configurations, this will allow a local attacker to execute code as the root user.