By: Jason Tubnor @tubsta
We have been performing some extensive and edge case updates from FreeBSD versions earlier than 13.0. While in most cases, there have been no issues and most users will have a smooth upgrade process when we finally have 13.0-RELEASE hit but there are some issues that we hit which will need a bit of clarification and some advice on how to work them.
By: Jason Tubnor @tubsta
With the release of FreeBSD 13.0 on the horizon, I wanted to see how it shapes up on my Lenovo T450 laptop. Previous major releases on this laptop, using it as a workstation, felt very rough around the edges but with 13, it feels like the developers got it right.
I like to keep things simple when it comes to a desktop operating system so the description below is how I went from a fresh install of FreeBSD 13.0RC1 to a working environment that is based on using the XFCE4 desktop experience.
This article describing the practical use of chroot on OpenBSD was originally written by Karsten Pedersen on 20 July 2014 and was located here until the IBM developerWorks connections platform was sunset at 2 January 2020. It has been kept in its entirety to help others that may have stumbled on an old Google search result.
Chroots have many uses in UNIX-like operating systems and the chroot(8) command is not unique to OpenBSD. They are often used for security reasons in order to run a potentially vulnerable service in its own environment so that if it becomes compromised and an attacker manages to escalate their privileges to that of the compromised service, they are still constrained to the chroot that the service has been run in.
As file sizes increasingly become bigger in cameras such as Go Pro and Canon EOS D, the FAT file system has become unfit for purpose. As such, instead of looking to an open source file system (probably due to no support in the Windows or Mac platforms), these camera manufacturers have just done a bump to a more recent version of a Microsoft proprietary file system, exFAT.
OpenBSD comes with a SNMP v2c and v3 daemon in base. Simplistic and privileged separated, this SNMP service is easy to configure and secure – putting Simple, backing into Simple Network Management Protocol (SNMP).
Recently, I have needed to flick on snmpd(8) to provide data to the Cacti logging service. The default configuration in /etc/examples/snmpd.conf will get most people going while only letting the daemon listen on the localhost interface, keeping your SNMP service reasonably secure.
I currently have a project need for a simple FreeBSD base install that is hooked up to a NAS/SAN back end. Coming from a Solaris background, most SPARC machines (like the V220/V420) came rack mountable and space for 2 primary hard drives simply for the OS. You would spin up your OS install, install Solstice DiskSuite (Solaris Volume Manager), apply your secret sauce of configuration and you were away. One disk could fail and you could either hot swap replace and resilver or power down, boot off the disk that was functioning and then resilver to bring the new disk online (yes, I know there are more steps than this but that is out of scope for this article).
I wanted a similar, modern day solution like this, using commodity hardware and a free, open source and liberally licensed operating system.
While FreeBSD 10.x has a stable, binary update method for maintaining production machines, this doesn’t allow you to follow –HEAD to get the latest technology for the project that you are working on. The reason that I use OpenBSD so much in production, apart from the security aspect, is that you don’t have to wait long for new technology to appear in –release. This is why I think FreeBSD –HEAD is more suitable for my needs.
I have just moved a WordPress instance from a standard cPanel installation, into a custom OpenBSD host. Everything ran smoothly from a data point of view but when I went to test the installation I got a 500 error. Turning on php error logging gave me the information I needed to start debugging the issue.
The start of May is the release time for yet another edition of OpenBSD and 2015 brings the release of OpenBSD 5.7. This edition brings some excellent hardware support that will improve the users experience with the operating system, a range of installer improvements, removal of Nginx and Sendmail from the base, IPv6 has been further integrated into the kernel and a large range of security improvements.
For OpenBSD users, it has been pretty disappointing that Digital Ocean didn’t launch other BSDs with introduction of FreeBSD, even though the technical barrier had been removed to allow it.
Today, I thought I’d try doing an OpenBSD load again (I have tried before without success due to CPU feature issues) and the results were pleasing – you can now enjoy OpenBSD on Digital Ocean.
While some use the documentation correctly and search the mailing lists, sometimes the answers don’t come up correctly due to formatting or google having issues indexing.
As I use OpenBSD more and more as a daily driver (be it still in VMWare Workstation on one machine and Virtual Box on the other), I still don’t have it on raw workstation hardware. I want my audio and video to work but out of the box on the above platforms, but my audio was either sketchy or non-existent.