DragonFly – Page 30 – DragonFly BSD Digest

2018/08/07

ed25519 support in pam_ssh

As part of a recent update to OpenPAM, you can now use ed25519 in pam_ssh. My perception is that ed25519 is one of the better options to pick.

2018/08/022018/08/02

BSDNow 257: Great NetBSD 8

BSDNow 257 (which is not as exciting a number as last week but still prime) has no interview but manages to hit all the right notes – every major BSD is mentioned and also links to recent convention reports.

2018/08/022018/07/31

The Digest, now on Mastodon @bsd.network

This is way overdue: I’m now posting Digest notes to bsd.network/@dragonflydigest, a BSD-specific Mastodon server.

It’s bothered me for a while that I’m autoposting Digest headlines to Twitter, which is useful for Twitter users but still supporting a walled garden. Mastodon is a better implementation of a similar idea, and bsd.network nicely groups all sorts of BSD people in one place. Right now I’m just posting the Digest headlines here into the Mastodon account there, but there’s added value from the additional BSD-specific conversation around it.

I haven’t (yet) found a way to translate the local timeline on bsd.network into a RSS feed, which would be super-handy…

2018/08/012018/08/01

HAMMER2 and multi-slave disks

As part of a larger conversation about HAMMER, Matthew Dillon noted that he is planning to work on master-to-multiple-slave for HAMMER2, which would function similar to HAMMER1 mirror-stream.

2018/07/31

mtree(8) update

Sascha Wildner has brought in the NetBSD version of mtree(8), as groundwork for some other changes. There’s little user effect at this point, but it’s worth being familiar with mtree as a tool. Take a look at the man page, especially the section on trojan horse detection under EXAMPLES.

2018/07/302018/07/30

New ena(4) driver for DragonFly

DragonFly now has a port of the ena(4) driver from FreeBSD. If you aren’t familiar with it, it’s the Elastic Network Adapter used for running on Amazon EC2. That link for the commit message points at several dports tools useful for anyone wanting to try the next logical step.

2018/07/262018/07/21

More DragonFly mirrors

I’ve been remiss in noting new DragonFly mirrors, so here’s the most recent: 4 new locations in Ecuador.

2018/07/252018/07/20

Running scripts once, only once, on DragonFly

Sascha Wildner’s brought in a new rc mechanism that runs scripts on first boot, and only the first boot. It seems like something for an install process, but it’s also preparation for a new network interface.

2018/07/242018/07/20

OpenPAM updated in DragonFly

I’m a bit late on this, but: OpenPAM in DragonFly got an update to the “Resedacea” version. That most recent version lists only bugfixes, though I don’t know the age of the version we’re coming from and whether there were some intermediate upgrades in there.

2018/07/232018/07/20

Ravenports, and picking out packages

A little while back I linked to an excellent deep dive into Ravenports, and added my own bit of statistical guessing at popular packages. John Marino wants to know what packages people find most useful/most required. If you have opinions, and I’m sure you do, post something on the Ravenports Google Groups page.

If you are saying to yourself “Gee, what packages did I install and what came in as a dependency?”, here’s an easy way to find out:

pkg query -a '%n %a' | grep 0 | cut -d ' ' -f 1 | less

This lists all “vital” packages, which usually means ones installed with intent, rather than automatically. This might be a useful thing to post for Ravenports…

2018/07/20

tun(4) and tap(4) changes

Aaron LI has been making a significant number of changes to the tap(4) and tun(4) interfaces, which he recently summarized. As his summary notes, you can now create and destroy tun devices. This will be very useful for some IPv6 and probably also VPN users. There’s some new sysctls, and corresponding man page updates.

2018/07/16

Upgrade results, bonus for dragonflybsd.org

Remember the upgrade for dragonflybsd.org machines? It completed, and it’s interesting to see that SSDs have become so easily available that “spinning rust” hard disk drives are only still useful for bulk storage, and even then probably not for much longer.

Another neat side effect: disk usage on developer system leaf.dragonflybsd.org was cut in half, thanks to HAMMER2 dedup/compression. It’s a ‘free’ half-terabyte.

2018/07/10

More initrd additions

Aaron LI continues to add to initrd(7): it now has scp, grep, diff, telnet, and 70 (!) more tools, bringing the total to over 200. That’s a lot for a “minimal” rescue image.

2018/07/09

dragonflybsd.org upgrades

Various machines in dragonflybsd.org are getting hardware upgrades this week. They aren’t time-consuming, so I daresay it won’t have much effect on uptime.

2018/07/052018/07/04

Some package statistics

The article I linked yesterday about Ravenports got me wondering about what package are most popular. avalon.dragonflybsd.org is the default binary package archive for pkg, and it has httpd logs back to 2013, so I collated some information.

I read out a list of packages, and weighed them according to how recently they were downloaded. I also mushed together all the py/ruby/p5/php numbered packages, and excluded lib*.

After all that… there’s a lot of noise. One install of any desktop environment pulls in hundreds of packages automatically, so it’s hard to tell what’s installed by a human and what’s installed by dependency. That being said, here’s some highlights. This is me applying an arbitrary value and then arbitrarily snipping out a list… but it’s fun to see if nothing else.

18596 python27
13564 xorg-server
13499 perl5
13391 xterm
12098 xorg
8512 cups
8453 bash
8389 ffmpeg
8367 spidermonkey170
7884 python
7432 firefox
6997 sudo
6896 bind-tools
6702 openldap-client
5651 nano
5529 xfce4-conf
5052 xfce
4663 ruby
4447 vim
3133 tmux
2578 chromium
2248 zsh
2175 samba44
2132 python36
2007 mate-desktop
1765 mysql56-client
1699 fluxbox
1690 vim-lite
1517 CoinMP
1407 openjdk8
1395 samba46
1384 lumina
1367 kde
1355 mpg123
1353 spidermonkey24
1340 vlc
1338 thunderbird
1329 wpa_supplicant
1252 firebird25-client
1164 gimp
1103 zip
1083 youtube_dl
1044 php
941 freerdp
931 mercurial
927 lynx
866 evolution
848 gnome3
845 openjdk
842 openbox
842 epiphany
799 nmap
798 go
796 mutt
796 gnuchess
743 apache24
726 rxvt-unicode
722 irssi
652 firefox-esr
652 htop
649 rust
619 smartmontools
575 fvwm
529 windowmaker
477 openvpn
472 synth
451 fish
406 npm
403 inkscape
402 enlightenment
367 firefox-i18n
351 dwm
347 neovim
341 R
339 emacs25
320 emacs
320 unbound
312 tor
310 lua
300 cinnamon
300 wireshark
282 netcat
272 pidgin
258 postfix
258 joe
252 GraphicsMagick
251 dillo
249 icewm
242 mosh
236 rtorrent
225 weechat
219 audacious
218 smtube
216 calibre
190 xmms
187 pdksh
184 redis
184 openssh-portable
183 tk85
173 rdesktop
172 nedit
164 terminator
161 fetchmail
160 KeePassX
156 dnsmasq

2018/07/04

A deep dive into Ravenports

eerielinux has written an exploratory article about Ravenports. It’s worth a read; Ravenports has been growing actively. You can install it in parallel with dports on DragonFly, or on a number of other operating systems.

2018/07/03

SSH keys and making your life easier

A tip for anyone using public keys in SSH: you can start up your xorg session using ssh-agent and then have all subsequent connections be authorized by the agent, saving you some hassle of password typing, etc. Put this in your ~/.xinitrc :

eval `/usr/bin/ssh-agent -c`
(insert line to start up your window manager here)
/bin/kill $SSH_AGENT_PID

(Yoinked from Matthew Dillon on IRC) Realistically, you should also lock your terminal or otherwise prevent physical access to any workstation where you do this, since it means immediate SSH access to other systems using your identity, for anyone touching that keyboard.

If you’re using Windows, there’s always Pageant.

2018/07/02

initrd work on DragonFly, and a man page for it

Aaron Li has been committing a good amount of work on initrd. There’s many small commits to link to, recently, but there is now also an initrd man page to remind people of when you need it. (hint: encrypted drives, or when everything else is broken.)

2018/06/252018/06/24

X2APIC enabled by default on DragonFly

DragonFly-current, that is. Some newer multi-processor systems use X2APIC to boot, and DragonFly can now use it.

2018/06/232018/06/22

In Other BSDs for 2018/06/23

Lots of announcements, lots of reading. Note the first item listed is happening today.

Book Fair, 23 June 2018. Michael W. Lucas is at the Scriptorium Book Fest today, in Michigan. Go if you are near and get a signed BSD book.
Escape from System D, Episode V. Interesting cause it mentions BSD and interesting for spot-on characterization of Twitter/Hacker News feedback. (via)
25 years of FreeBSD. (via)
NetBSD Summer of Code reports: libfuzzer, kernel address sanitizer, and kernel undefined behavior sanitizer.
Valuable News 2018/06/17.
FreeBSD Desktop, parts 1, 2, 3, 4, 5, 6, 7, 8, 9, 10. I linked to a few of the early ones before, but I want to present a complete (so far) list.
FreeBSD 11.2-RC3 Available.
OPNsense 18.1.10 released.
httpd(8) Gains Simple Request Rewrites.
SMT Disabled by Default in -current.
More Mitigations for (potential) CPU Vulnerabilities.
LDAP client added to -current. This, or a similar LDAP client, should be present in all BSDs.
KDE on FreeBSD – June 2018. 5 is almost working in DragonFly, too, by the way. (via)
itch.io Summer Sale + General itch.io Feature.
“what’s good in openbsd superior than freebsd?“
HardenedBSD 11-STABLE v1100055.4 Released. (via)
“Today I stumbled upon a BSD Wikipedia page. Why should I choose BSD over a Linux based distro?“