Someday you will need this – Page 6

2018/05/092018/05/09

CVE-2018-8897 fix in, more Spectre fixes for DragonFly

A recent and new CPU bug, CVE-2018-8897, is fixed in DragonFly. THis applies to both Intel and AMD processors. I’m happy to see that the CERT page lists equal notification timing for a whole lot of operating systems, rather than the few that heard about Spectre/Meltdown early.

Following that topic, Matthew Dillon has “fleshed out” Spectre mitigations, and his commit message details the current state. The sysctl ‘machdep.spectre_mitigation’ will tell you what’s set at any given point.

Update: update.

2018/04/212018/04/20

In Other BSDs for 2018/04/21

Opinion time: The Reddit / Hacker News forums have reached the anything/everything point where there’s no longer a focus. Lobste.rs is worth visiting, though, for BSD content and in general.

MAP_STACK Stack Register Checking Committed to -current.
Nextcloud 13 on FreeBSD. (via)
Run OpenBSD on your web server. (via)
Introduction to HardenedBSD World. (via)
MirBSD Korn Shell on Jehanne. (via)
Distributed Object Storage with Minio on FreeBSD. (via)
Open vSwitch Overview.
How to do math on the Linux command line. Or BSD.
IKEV2 EAP User name/Password client on *BSD.
Taylor Campbell, new to netbsd-core.
[on sale] Bioware, FTL, System Shock, and more. (OpenBSD Gaming, though it may extend to other BSDs.)
BSD Magazine wants article feedback.
OpenBSD router/firewall?

2018/04/082018/04/07

Lazy Reading for 2018/04/08

Accidental theme this week: Social media is a dead end.

ViperCard – An open source re-creation and re-imagination of HyperCard. I… could have sworn I already linked to this but I can’t find it. (via)
gokrazy – Go userland. Every language eventually reinvents the wheel this way. (via)
The Game of Everything, Part 4: Civilization and Geography. First 3 parts linked last week.
It’s Time for a RSS Revival. (via)
Growth At Any Cost. Facebook is designed to take your data and give it to others. It will never not do that. Don’t participate.
Cracks in the Wall. Blogging is better than social media, but of course I would say that. (via)
And here’s some more reinforcement of that idea. (via)
A 1970s disk drive that wouldn’t seek: getting our Xerox Alto running again. I like the platter shots.
An oral history of the L0pht. Part 1, with subsequent parts linked. (via)
The definitive resource for imagemagick scripts. I have needed this many times. (via)
AlterEgo: A Personalized Wearable Silent Speech Interface. Neat but creepy creepy creepy from the illustations. (via)
dotdrop, dotfile management. (via)
Prince of Persia from Apple ][ to BBC Master. (via)

Your unrelated food link for the week: King Arthur test kitchen disasters. Summarized annually on April Fools Day, every year.

2018/03/292018/03/29

BSDNow 239: The Return to ptrace

BSDNow 239 does not have an interview, but it does talk about using OpenBSD to prevent unwanted traffic out to the internet, plus a ‘poetic license’.

2018/03/14

Shell tool for updating DragonFly

Aaron LI wrote a tool to update a running DragonFly system from an existing image – release or snapshot. I haven’t tried it yet, but it’s very promising. It’s up on Github so if this gets you excited, you know what to do.

2018/01/24

Loader hint to stop attachments

Rimvydas Jasinskas created a loader.conf(5) hint that keeps various nata(4) devices from attaching during boot. This is super useful if it’s a device that screws up your boot process. and I think it’s also great if you get irritated having something in your dmesg every time about the device you never use, like a CDROM.

2018/01/16

morse(6) now encodes and decodes

I’m sure this was needed by someone: morse(6) can now encode and decode Morse code, signified by . and – of course.

2018/01/152018/01/14

One more microcode tip

I say “one more” like I know when this saga will end. If you are using the devcpu-data port to update your processors, you’ll need to add

microcode_update_enable="YES"

to your /etc/rc.conf, as Sepherosa Ziehau points out.

2018/01/12

HAMMER1, mounted and unmounted cleanup

The regular maintenance scripts for HAMMER1 assume that it’s mounted at the time of cleanup. If you have them unmounted, they won’t go through that regular maintenance, but it’s easy enough to fix.

2018/01/092018/01/10

Microcode updates on DragonFly

One side effect of Meltdown/Spectre are CPU microcode (firmware) updates. For future needs: sysutils/devcpu-data is the port that has the updates for Intel, and cpucontrol(8) is the program you run on DragonFly to add them.

I haven’t used this myself, yet, so I can’t tell you how necessary an immediate update could be – but you will probably want to use it soon.

Update: Newer CPUs might require this sizing change.

Update update: a better explanation of applying microcode updates. There’s new ones out, too. (via)

2018/01/082018/01/08

More Meltdown fixes

If you’re on the bleeding edge of DragonFly and already updated for Meltdown fixes, there’s a few more commits you’ll want to get.

Matthew Dillon wrote a summary of the current status, noting there’s not much you can do for Spectre beyond new hardware. There is an update to the “defensive browser setup” plan for DragonFly (using –site-per-process) that can help at least with Javascript versions of Spectre.

Update: step-by-step microcode fixes from Intel if you really want to trash your performance.

2018/01/062018/01/07

In Other BSDs for 2018/01/06

Note the non-profit link; that may be useful to you.

BSD on New Hardware.
BSDCAN2017 Interview with Peter Hessler, Reyk Floeter, and Henning Brauer. (video)
Moving bacula-sd into a FreeBSD jail.
As noted here in a comment, you can name a BSD non-profit as a recipient of the ‘commission’ from Amazon purchases. Doesn’t cost you anything, or at least Amazon keeps that part of their pricing opaque.
OpenBSD Workstation Guide. More hardware detail than I expected… and I really like the key storage idea. (via)
Scripts to run an OpenBSD mirror, rsync and verify. (via)
Best BSD for PowerPC machine?
The LLVM Memory Sanitizer support work in progress. On NetBSD. (via)
Linux Professional Institute and BSD Certification Group Join Efforts. (via)
Thinking of joining Mastodon? Try bsd.network!
Which BSD systems are affected by new Intel cpu bug?
Meltdown, aka “Dear Intel, you suck”
Every day a bug is embargoed is actually two days. Looking at it that way, the 48 hours it took Matt Dillon to patch DragonFly turned into 367 days – and it was Google/Intel’s decision to have it that way. (via)
MWL’s 2017 Wrap-Up. Ironically, systemd is a moneymaker for him.

2018/01/032018/01/03

Fixed up archives

A minor bit of housekeeping: the archives page has been fixed up to correctly list all categories, and list posts grouped by month. So if you want to see what I posted under the roguelike category, or see what I posted in February 2011, you can. Post counts provided, too.

2017/12/13

Longer console history

Syscons now holds 10 screens back, not 4. Every few years, I really, really need that.

2017/11/272017/11/24

DragonFly on Vagrant with shared folders

For your ease of use: a Vagrant box with shared folders enabled. (via)

2017/11/232017/11/24

Remember: don’t kldload i915 too soon

I just wasted an hour trying to figure out why xorg had strange output but no errors on this laptop, and it’s because I had i915_load=”YES” in /boot/loader.conf instead of i915_load=”YES” in /etc/rc.conf. I’m almost nearly sure I’ve mentioned that before, but if not: here you go.

(though if you never plan to run X, you can put it in loader.conf and everything will just work.)

(Title updated for a more correct sentence)

2017/11/14

DragonFly, IPv6, and direct routes

Noted from this commit: if you are routing over IPv6 directly to another address, the sysctl net.inet6.icmp6.nd6_onlink_ns_rfc4861 must be set to 1.

2017/11/03

Encrypting /home, post-install

A writeup that may help someone in the future: if you decide you want to encrypt your /home directory, on DragonFly, this is how you do it.

2017/10/09

A SMART trick

If for some reason smartmontools seems to think your disks aren’t SMART-capable, force smartd to use SCSI ioctls. has a snippet to use in your smartd.conf for just that.

2017/09/27

KDE starting tip

If you are starting KDE on DragonFly, you’ll want to be sure dbus is started too. Mentioning it juuuuuust in case…