FreeBSDNews.com

Benno Rice – The Trouble with FreeBSD

By Leave a Comment

Benno Rice, FreeBSD committer and Core Team member, discusses issues in keeping the community alive through contributors, as well as addresses several solutions to the problem. This presentation was recorded at linux.conf.au in Hobart, Australia. Follow the link to view the full presentation.

Screenshot at 2017-01-27 17:59:09
An open source project’s community is what makes it a living thing. Without its community the project is a static lump of code. FreeBSD is one of the largest and longest continuously running open source projects around. Not only that, it comes from an even longer lineage before it via the original BSD work at the University of California, Berkeley. That doesn’t necessarily mean that it is without its problems.

While FreeBSD isn’t in any danger of disappearing any time soon, it does have issues with attracting new contributors, keeping its existing contributors and keeping its community healthy. These issues are not always unique to FreeBSD but FreeBSD provides an interesting case study.

This presentation will cover:

* How FreeBSD’s community and its processes have evolved over the years and how this compares to other, often newer, projects.
* What FreeBSD could learn from other projects.
* How this all fits into broader issues around open source development communities and things that do and don’t work.

Benno Rice – The Trouble with FreeBSD: https://www-tracey.archive.org/details/lca2017-The_Trouble_with_FreeBSD

Hacker News: https://news.ycombinator.com/item?id=13559902

[How-To] Beaglebone Black, FreeBSD, Android, Arduino and more

By Leave a Comment

This tutorial/blog from Victoria Raspberry PiMakers will show you how to get FreeBSD set up on a Beaglebone Black board for a DIY home security solution. In this project, they aim to eliminate the third party, leaving control and privacy in the hands of the user. Follow the link below for the full set of instructions.

IotBlockDiagramI’ve been mildly interested in home security and automation for a
few years, and I now have the time and resources to dive in and
see what can be done.

My goals for this project/presentation are:

  1. Introduce the Beaglebone Black;
  2. Use a smartphone as a remote control;
  3. Use the Internet as a conduit for control messages;
  4. Do this securely – i.e. high resistance to break-in and no
    eaves-dropping;
  5. Introduce some useful, but maybe little known technologies.

Oh yes, and light an LED and read a sensor.  Here is a block
diagram of the infrastructure:

Full tutorial: http://vicpimakers.ca/projects/beaglebone-black-freebsd-android-arduino-and-more/

[How-To] FreeBSD UEFI Root on ZFS and Windows Dual Boot

By Leave a Comment

User Kevin Bowling shows us how to get FreeBSD and Windows to dual boot on a single machine. This method uses UEFI as the main bootloader. Follow the link provided for the full set of instructions.

bsdmag_photo_40371_20150828Somehow I’ve managed to mostly not care about UEFI until now. On my new laptop, I decided I should give it a go. There are some small benefits, nothing life changing, but booting multiple OSes is a lot easier, especially if they are UEFI-native, and you can get a nice frame buffer the boot manager and the OS can use before starting graphically (and after, if you don’t have accelerated graphics drivers).

For reference, how I run FreeBSD desktop/laptop: digital-life*

Full tutorial: https://bsdmag.org/freebsd_uefi_root/

[How-To] Installing Dream Daemon in FreeBSD

By Leave a Comment

This tutorial by user Audeuro will show you how to get Dream Daemon running on FreeBSD. Dream Daemon is a tool for using your machine as a server for BYOND games. Follow the link below for the full set of instructions.

byondlogoInstalling Dream Daemon(“DD”) on a FreeBSD system is a fairly straightforward process. The caveat is that it will require Linux (32-bit) compat layer(“Linuxolator”). If you do not have root access and cannot request the Linuxolator be enabled, then this guide is not for you.

The first step to installing DD is enabling the Linuxolator. You may refer to this section of the FreeBSD handbook for guidance on doing so, or in summary:

First, ensure Linux support is enabled in the kernel. If your kernel configuration does not enable “options COMPAT_LINUX32”, or you are not sure, then you will need to load it as a kernel module:

kldload linux

Full tutorial: http://www.byond.com/forum/?post=2196304

[How-To] Reading DHT11 Temp. Sensor on Raspberry Pi FreeBSD

By Leave a Comment

This tutorial by user Alex Samorukov shows us how to get the DHT-11 temperature sensor readings configured on a Raspberry Pi running FreeBSD. Follow the link provided below for the full set of instructions.

rpi_pinout

Connecting sensor to the RPi

DHT-11 is a very cheap temperature/humidity sensor which is commonly used in the IoT devices. It is not very accurate, so for the accurate measurement i would recommend to use DHT21 instead. Anyway, i had DHT-11 in my tool box, so decided to start with it. DHT-11 using very simple 1 wire protocol – host is turning on chip by sending 18ms low signal to the data output and then reading 40 bytes of data. Details about the protocol could be found in the specification. To read data from the chip it should be connected to the power (5v) and gpio pin. I used pin 2 as VCC, 6 as GND and 11 as GPIO (it is GPIO17, see pinout):

Full tutorial:

Reading DHT11 temperature sensor on Raspberry Pi under FreeBSD

FreeBSD Security Advisory: OpenSSH vulnerabilities 1/11/2017

By Leave a Comment

A FreeBSD Security Advisory concerning an OpenSSH vulnerability has recently been issued. You can view the full description of the vulnerability and solution on the mailing list page. User Vivek Gite also provides a solution for the problem below.

I.   Background

OpenSSH is an implementation of the SSH protocol suite, providing an
encrypted and authenticated transport for a variety of services,
including remote shell access.

OpenSSH supports accessing keys provided by a PKCS#11 token.

II.  Problem Description

The ssh-agent(1) agent supports loading a PKCS#11 module from outside a
trusted whitelist.  An attacker can request loading of a PKCS#11 module
across forwarded agent-socket. [CVE-2016-10009]

When privilege separation is disabled, forwarded Unix domain sockets
would be created by sshd(8) with the privileges of 'root' instead of
the authenticated user. [CVE-2016-10010]

Original announcement: https://lists.freebsd.org/pipermail/freebsd-security-notifications/2017-January/000305.html

OpenSSH is critical for both sysadmin and programmers. It is an implementation of the SSH protocol suite, from OpenBSD project. It provides an encrypted session to your server.

OpenSSH multiple vulnerabilities

OpenSSH has multiple vulnerabilities as of 11th January 2017 running on FreeBSD operating system. From the advisory:

The ssh-agent(1) agent supports loading a PKCS#11 module from outside a trusted whitelist. An attacker can request loading of a PKCS#11 module across forwarded agent-socket. [CVE-2016-10009]

When privilege separation is disabled, forwarded Unix domain sockets would be created by sshd(8) with the privileges of ‘root’ instead of the authenticated user. [CVE-2016-10010]

Patch your FreeBSD server: https://www.nixcraft.com/patch-your-freebsd-server-for-openssh-vulnerabilities-11jan2017/168/