The freeze for pkgsrc-2012Q2 starts on the 16th of June, as recently announced. Freezes are usually 2 weeks, so that means 2012Q2 should be tagged at the end of June.
Seen multiple places, but Tomas Bodzar was the first to tell me: there’s a new BSD in town, called Bitrig. It’s forked from OpenBSD. The first release is planned for the end of the month, and it appears to have a more aggressive intended development plan than OpenBSD.
This is my 5,000th published post. This Digest has been running for approximately 9 years, so that’s an average of a post and a half per day, for around 3200 days. Yeesh!
Here’s your most recent weekly round of DragonFly/Google Summer of Code updates:
- Ivan Sichmann Freitas: 32 bit api status
- Vishesh Yadav: inotify and fs indexing service status
- Mihai Carabas: Add SMT/HT awareness to DragonFlyBSD scheduler
- Loganaden Velvindron: Privilege separation
This was going to go into a Lazy Reading post, but then I realized it shouldn’t. Here’s the source: “A Tragically Comedic Security Flaw in MySQL” (via)
The short version: MySQL, compiled a certain way, will allow 1 out of 256 root login attempts to work no matter what. I was going to link to this for the startlingly large number of MySQL installations found allowing connections from the public Internet, which means breaking into any affected servers would be easy. Then I thought about it… I don’t see a my.cnf installed by pkgsrc for at least MySQL 5.1 by default.
To fix this for your own installation, put
[mysqld]
bind-address=127.0.0.1
in /usr/pkg/etc/my.cnf to disallow remote connections. I don’t know if MySQL on DragonFly from pkgsrc is vulnerable to the issue, but it’s a good idea to not allow remote connections to the database, and ought to be on by default.
Or just use Postgres, if possible.
The June issue of BSD Magazine is out as a free PDF download. The theme is the same as last month – security – and there’s a number of other topics covered.
I got to use the ‘roguelike’ tag again this week, which always makes me happy. Surprisingly, it’s not about… that roguelike.
- RSA encryption explained. (via)
- Someone from Google went to BSDCan 2012 and blogged about it. The takeaways are interesting, especially something I’ve seen elsewhere: “Don’t buy systems that can’t take registered RAM in a bazillion sockets”.
- Occam’s Razor applies here, but still: trust nobody. (via)
- Bash One-liners Explained, part 1.
- They’re switching from ‘cvs import’ to ‘cvs add’ in pkgsrc. Now if they’d just switch the ‘cvs’ part out…
- Not even vaguely computer related: Please won’t someone make these commercially available? Wait, someone did!
- The Mechanics and Meaning of That Ol’ Dial-Up Modem Sound. (via) I feel nostalgic, but on the other hand… nobody missed 14.4 kbaud.
- Advanced Vim Macros. “As is typical in Vim, the rabbit hole of functionality goes much deeper than most users will ever plumb.” (via)
- Also at the same place: Vim Koans.
- Hey, there’s a DragonFly page on the Wine Wiki. It’s short but probably very useful if you want to run Wine.
- Also, an OpenCV fix for DragonFly, pushed upstream by a pkgsrc developer. That’s always nice to see.
- Fish, a new shell with some nice features. (via) Does this compile on DragonFly?
- Found near the same place: a screen saver that auto-plays Angband. OS X only, unfortunately. There must be an easy way to do the same with xscreensaver.
- CLANG, but not the compiler. Watch the movie.
Your unrelated link of the week: I happen to work at a salt mining operation, which leads to some unique problems (more). Mining in the US is regulated by MSHA, which has been cracking down since the Upper Big Branch incident. MSHA issues ‘fatalgrams‘ every time a miner dies. MSHA also shows up on site as soon as possible, which means they are there taking pictures within a few minutes, with equipment still running. It’s essentially crime scene photos, and a little worrying; many of the deaths are of people around my age with similar experience.
Pkgsrc already runs on a large number of different platforms, but that’s not what I’m talking about. In this case, Joyent, which uses pkgsrc internally, has a suggested change that makes binaries usable on both 32 and 64 bit systems. I don’t know if this will go into pkgsrc proper, but it’s interesting to see.
Reading this HAMMER2 commit carefully shows some future plans: remote cluster control, and the ability to mount nonlocal HAMMER2 volumes. A reminder: those are future plans, not what you can do now.
The i386-only doscmd(1) is gone from DragonFly. I don’t think I ever used it, as other emulators/systems are so prevalent and complete.
Apparently a lot of modular-xorg packages in pkgsrc received updates. I think I found some of the changes, but probably not all, so I don’t have a good way to sum up the actual effect.
Update: see the end of this cvsweb pkgsrc CHANGES-2012 page for all the changed parts.
There’s a number of packages out there that assume you are using the GNU versions of ls, wc, and so on. However, you aren’t when using a BSD system. Pkgsrc has historically dealt with this when GNU tools are needed for a package by prefixing them with a ‘g’. ‘ls’ becomes ‘gls’, and so on. Aleksey Cheusov proposed a fix to keep these utilities under their original names, which I think will go into the next quarterly pkgsrc release.
Pkgsrc packages that have source files that can’t be redistributed, and go missing for the length of an entire quarterly release, will get removed. They are effectively broken at that point anyway.
That policy is now formally in place; I don’t think there was a clear prescription before.
The cache coherency management code in DragonFly has been removed, but it’s coming back under HAMMER2, as part of how HAMMER2 maintains multiple master drives.
Venkatesh Srinivas, currently on his colossal bike ride, introduced a different way of creating a tmpfs. This was test code, and Johannes Hofmann benchmarked it (see same page). It’s interesting cause there are numbers, and nice to see one person jumping in to test someone else’s results/idea.
I think I’ve mentioned building DragonFly with clang before, but not pkgsrc. There’s two variables to set, plus some special handling for libf2c. Thomas Klausner has details. This is not tested on DragonFly.
Week 2 Summer of Code status reports from Loganaden Velvindron, Mihai Carabas (plus followup), Vishesh Yadav, and Ivan Sichmann Freitas are available. Ivan Sichmann Freitas also has a RFC on changes to DragonFly’s 32-bit API.
So many links this week I’m already working on next week’s entry. Enjoy!
- git aliae so that you never lose work (part 2). (via) Aliae is the plural of alias?
- The Setup; people’s work environments. I’ve linked to it before, when nabbing links from Trivium, but I never realized how many people there were to look at. People like Chet Faliszek, Gabe Newell, ‘bunnie’ Huang, _why the lucky stiff, Lee Hardcastle, Joel Johnson, MC Frontalot, Derek Yu, Eric Meyer, Anil Dash, Jordan Mechner, Andy Hertzfeld, and Ryan North. There’s a lot more. If any of those names are unfamiliar, you should go look them up and be pleasantly surprised.
- How to use DragonFly to troll Amiga users. Funny/sad, like most trolling.
- One does not simply run Unicorn in DragonFlyBSD. Not sure what Unicorn is, but I feel bad that it crashed.
- Become a Vim Master By Learning these 30+ Key Bindings. Well, it’s vim, not vi, but oh well. It’s the standard list of commands that normally makes up articles like this, but I still look, in the hopes that I’ll permanently absorb another movement pattern and get that much faster.
- Which hashing algorithm is best for uniqueness and speed? (via) The colorized hash maps are a pretty interlude in a technical discussion.
- Speaking of Vim, here’s the M command, implemented for a web page. (via) The only better thing would be a vertical split screen view.
- End of a Fishing Expedition. Makes a good point about the recently-lost-by-Oracle lawsuit about copyrighting APIs: if that was possible, most Unixish operating systems, including BSD, would suddenly have legal problems. Also, the judge in the case apparently knows how to program, and actually established a point of law instead of shrugging and saying “These kids and their newfangled Internets confuse me.”
- CPU wars. (via) A trump cards game based on CPUs. Super-nerdy!
- Oops.
Your unrelated comic link of the week: Make Good Art. (via) The comic version of Neil Gaiman’s recent commencement speech, cause comics are more fun than video.
DragonFly has a page on updating pkgsrc, and so does NetBSD. I don’t think I linked to the latter before, but even if I didn’t, it’s still useful.