OpenBSD Journal

Tartalom átvétel OpenBSD Journal
The OpenBSD Community.
Frissült: 1 óra 11 perc

Call for Testing: Valgrind on OpenBSD

h, 2015-07-06 14:21
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Masao Uebayashi (uebayasi@) has given us a call for testing cleverly disguised as a quick how-to on using valgrind natively on OpenBSD:
  • Use the latest OpenBSD/amd64 and devel/valgrind (valgrind-3.10.1p5).
  • Dynamically link your target program.
    • Valgrind overrides some functions (alloc, free, string, memory) in libc using $LD_PRELOAD.
  • Embed symbols (cc -g).
    • Otherwise Valgrind reports problems using symbols.
Read more...
Kategóriák: *BSD

Out With the Old, in With the New

sze, 2015-07-01 14:25
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Ted Unangst (tedu@) has given out a blog post detailing some of the recent work going into OpenBSD:

Notes and thoughts on various OpenBSD replacements and reductions. Existing functionality and programs are frequently rewritten and replaced for the sake of simplicity or security or whatever it is that OpenBSD is all about. This process has been going on for some time, of course, but some recent activity is worth highlighting. Read more...

Kategóriák: *BSD

Handling Leap Seconds the OpenBSD Way

v, 2015-06-28 22:17
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Christian Weisberger (naddy@) let us all know what we need to do to prepare for the impending leap second: As you may have heard, a leap second will be upon us at 23:59:60 UTC on June 30. The sky will fall, civilization will end, and dinosaurs will roam the earth again. Well, maybe not. Neither the OpenBSD kernel nor OpenNTPD handle leap seconds in any way. So what will happen? Read more...

Kategóriák: *BSD

BSDCan 2015 Videos Online

p, 2015-06-19 15:04

The videos of the recently-concluded BSDCan are coming online at record speed. The OpenBSD videos online are:

  • Ted Unangst, "signify: Securing OpenBSD From Us To You" (video)
  • Ray Percival, "Networking with OpenBSD in a virtualized environment" (video)
  • Reyk Flöter, "Introducing OpenBSD’s new httpd" (video, part1, part2)
  • Peter Hessler, "Using routing domains / routing tables in a production network" (video)
Kategóriák: *BSD

Quantitative analysis of issues found by afl in mandoc

p, 2015-06-19 11:34

Ingo Schwarze (schwarze@) writes in with an analysis of the issues found by afl in mandoc:

After realizing that I have nine topics for my BSDCan talk and that I can't cover them all in the depth they deserve, here are a few more details about afl and mandoc than I can't cover in the talk. Not a spoiler, there is still plenty of material for the talk! Read more...

Kategóriák: *BSD

BSDNow Episode 094: Builder's Insurance

p, 2015-06-19 09:28

On this week's episode of BSDNow, Marc Espie (espie@) talks about dpb, OpenBSD's distributed package builder, which runs the binary package builds in Theo's basement. He talks about why it came about, the security measures built in, and the minimalistic and works-out-of-the-box configuration, among other things.

The hosts also talk about their experiences at the recent BSDCan, and, ss usual, they have the roundup of the news, big and small, in the world of all things BSD.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

Kategóriák: *BSD

Call for Testing: audio(4)

p, 2015-06-12 09:52
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Alexandre Ratchov (ratchov@) posted a call for testing of a new audio(4) driver: This is a replacement for the audio(4) driver. It implements a minimal and complete subset of the audio abi. The main goal is to simplify the semantics and the code itself. Less code, less bugs, hopefuly easier development. To test this diff, simply run your regular audio stuff and let us know if you notice any difference. I'd suggest to keep a copy of the old kernel in order to be able to compare easily. In case you notice a regression, you could build the kernel with the AUDIO_DEBUG option, reboot, trigger the bug and send the resulting dmesg and any related information. thanks! -- Alexandre

As always, testing is essential to maintaining the quality of OpenBSD!

Kategóriák: *BSD

LibreSSL 2.1.7 and 2.2.0 Released

cs, 2015-06-11 20:51
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Brent Cook (bcook@) has announced the latest LibreSSL releases, which contain fixes for several CVEs: We have released LibreSSL 2.2.0, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This release is the first from the OpenBSD 5.8 development tree and features mainly on build system improvements and new OS support. We have also released LibreSSL 2.1.7, which contains additional security fixes.

Of special note is the upcoming removal of SSLv3: Note: This will likely be the last 2.2.x release with support for SSLv3, as it will be removed entirely from the main LibreSSL tree.

Kategóriák: *BSD

Microsoft Announces Support for SSH

sze, 2015-06-03 10:36
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Windows admins rejoice! Microsoft's PowerShell Team announced future support for SSH, specifically OpenSSH:

[T]he PowerShell team realized the best option will be for our team to adopt an industry proven solution while providing tight integration with Windows; a solution that Microsoft will deliver in Windows while working closely with subject matter experts across the planet to build it. Based on these goals, I’m pleased to announce that the PowerShell team will support and contribute to the OpenSSH community - Very excited to work with the OpenSSH community to deliver the PowerShell and Windows SSH solution!

A follow up question the reader might have is When and How will the SSH support be available? The team is in the early planning phase, and there’re not exact days yet. However the PowerShell team will provide details in the near future on availability dates.

Emphasis in the original. Wider adoption of secure technologies can only benefit the community. Hopefully that future is actually near, both for deployment and 'support and contribution'.

Kategóriák: *BSD

Heads Up: spamd(8) PF Rule Change

k, 2015-05-19 10:49
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

With a recent commit, Reyk Flöter (reyk@) flipped the switch on spamd(8)'s pf interfacement: hange spamd to use divert-to instead of rdr-to. divert-to has many advantages over rdr-to for proxies. For example, it is much easier to use, requires less code, does not depend on /dev/pf, works in-band without the asynchronous lookup (DIOCNATLOOK ioctl), saves us from additional port allocations by the rdr/NAT code, and even avoids potential collisions and race conditions that could theoretically happen with the lookup. Heads up: users will have to update their spamd PF rules from rdr-to to divert-to. spamd now also listens to 127.0.0.1 instead of "any" (0.0.0.0) by default which should be fine with most setups but has to be considered for some special configurations.

Those of you running spamd setups looking to upgrade need to double-check your pf configurations to make sure they still work the way you expect.

Kategóriák: *BSD

OpenBSD 5.7 CD 2 Incorrectly Pressed

p, 2015-05-15 17:37
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

OpenBSD project leader Theo de Raadt (deraadt@) outlined some issues with the CD plant, which led to an incorrectly-finished CD 2, some of which were, unfortunately, shipped prior to the issue being found.

Sadly, CD2 of the OpenBSD 5.7 shipped in a broken fashion due to errors at the manufacturing plant. Two mistakes were made.

In the rush after the first error, this error was not caught in time. Many people have received (or will soon receive) their package with this broken disc. Orders which have not yet shipped are being held back... because...

A repaired disc is on the way from the plant.

This will be shipped out to everyone, and will be inserted into the orders not yet shipped.

Kategóriák: *BSD

BSDNow Episode 089: Exclusive Disjunction

p, 2015-05-15 11:05

On this week's episode of BSDNow, the hosts interview Mike Larkin (mlarkin@) about how he got started in OpenBSD, his recent and upcoming work on W^X, and how that fits into the OpenBSD exploit mitigation ecosystem.

As always, they also have all the news and reviews in the world of all things BSD.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube ]

Kategóriák: *BSD

OpenBSD 5.7 Shipping, First Pre-orders Arriving

p, 2015-05-08 14:30
After a delay due to unfortunate production problems (the first such delay in 20 years), the OpenBSD Store announced that all pre-orders had been shipped.

And it seemed like only moments later that Raf Czlonka was the first to report on the misc@ mailing list that his pre-ordered OpenBSD 5.7 CD set had arrived.

Even if you hadn't preordered, you still have a chance to order your CD set and other swag by visting the OpenBSD Store. If you want to support the project financially in other ways, the Donations page is, as always, a good place to start.

Kategóriák: *BSD

New disklabel(8) templates make for a more flexible autoinstall

k, 2015-05-05 14:30
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } In a this commit, a first in a series, Henning Brauer (henning@) made disk allocations during automatic installs much more flexible via the introduction of diskablel templates. The matching installer bits came along via this commit by Robert Peichaer (rpe@).

Quoting the updated disklabel(8) man page,

A template for the automatic allocation can be passed to disklabel using -T option.

But the more exciting news is the template format:

Read more...

Kategóriák: *BSD

OpenBSD 5.7 Released

p, 2015-05-01 00:12
May 1st, 2015, Calgary, AB, CA and elsewhere:

OpenBSD 5.7 has been released. The brand new 5.7 subdirectory should now be available and filled up on all relevant mirrors for those of you who have yet to receive your CD orders.

The release announcement, posted on project mailing lists earlier today, and the release home page both mention some highlights of the new release, while the complete changelog for the release is available on the OpenBSD website.

While you are too late to be the first to preorder a shiny OpenBSD release CD set, you can order one of your own, as well as a very cool 5.7-release poster.

Kategóriák: *BSD

OpenBSD has accepted projects from Google Summer of Code 2015

sze, 2015-04-29 10:03
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } The OpenBSD page for Google Summer of Code 2015 has been updated with the list of accepted projects for this year. Asynchronous USB Transfers From Userland
ARM SD/MMC Driver & Controller Driver In libsa For OpenBSD
Port HAMMER2 to OpenBSD
Implement KMS Driver For Cirrus Cards
Improving USB Userland Tools And ioctl(2)
Automating Module Porting
Many thanks to those that responded, and we wish the best of luck on all projects!
Kategóriák: *BSD

EU study recommends OpenBSD

h, 2015-04-27 10:54
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } In this European Parliament study: “EU should finance key open source tools” pointed out to us by Paul Irofti (pirofti@), and especially at study 2, they come to the conclusion that:
"[...] the use of open source computer operating systems and applications reduces the risk of privacy intrusion by mass surveillance. Open source software is not error free, or less prone to errors than proprietary software, the experts write. But proprietary software does not allow constant inspection and scrutiny by a large community of experts." Read more...
Kategóriák: *BSD

CfP extended for EuroBSDCon 2015

sze, 2015-04-22 09:34
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Due to overwhelming response, the deadline for submitting talks to EuroBSDCon has been extended:

Since there was a huge rush of submissions just on the very last day, we have decided to give a second chance for all of you that didn’t quite finish your talk or tutorial proposal in time for the deadline.

The new date is set to May 22nd, but you don’t have to wait until the very last moment. Send in your suggestions right away. We think there still is room for some more topics related to *BSD left to present.

For those of you who already have sent in yours, we are very happy to see so many good submissions. Don’t hesitate to add another topic to your submissions if you haven’t run out of good ideas yet.

If you've been sitting on that paper, now's the time to ship it!

Kategóriák: *BSD

BSDNow Episode 085: PIE in the Sky

k, 2015-04-21 09:34

A bit late out of the gate, Undeadly readers are likely interested in the latest episode of BSDNow, featuring news of Solaris working to include OpenBSD's pf as an option on upcoming releases, the Bay Area BSD User Group keeping a stream of videos from their meetings going, some long-form blogging about the OpenBSD ports system, a discussion about keeping your home firewalls up to date, LLVM growing a fuzzing library, and most especially an interview with Pascal Stumpf (pascal@), with an overview of the whys and hows of address space layout randomization (ASLR) and the work extending position-independent executable (PIE) to statically-linked binaries.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

Kategóriák: *BSD

p2k15 Hackathon Report: schwarze@ on USE_GROFF

h, 2015-04-20 09:29
td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Ingo Schwarze (schwarze@) writes in with our fourth report from the p2k15 ports hackathon:

When groff was removed from the OpenBSD base system in October 2010, Marc Espie@ marked more than 3000 ports with the USE_GROFF bsd.port.mk(5) variable, meaning that their manuals were formatted with groff at port build time and the preformatted versions included in the package. Over time, as mandoc(1) matured and learnt to handle more and more syntax, the number of ports having USE_GROFF gradually decreased. Read more...

Kategóriák: *BSD