That a new 7-release will be planned. Ofcourse this is entirely inline with what we saw with the 6.x releases, and now the 7.3 release will be planned and continued. It might be good advise if you start preparing to update to the 8.x releases though, I wouldn’t be surprised if 7.4 (after 7.3) might be the last release on that branch, like the 6.x releases had. Stay tuned for more (and official) news when I get a hold of it 
On January 13, 2010, In FreeBSD, by Remko
On December 21, 2009, In FreeBSD, by Remko
Hello, it’s the time again. The FreeBSD Foundation is looking for a few spare bucks here and there to reach the goal of $300.000. So I was wondering, if we all make a contribution of $1 or more, we will reach that easily. I donated $150 so you should consider donating a few spare bucks as well. The original announcement is found below.
Since the start of our ‘Be Counted!’ campaign in August of this year, over 350 new and returning donors have contributed to the FreeBSD Foundation. With your help, we are now 50% of the way to meeting our 2009 fund raising goal. Thank you donors, for your support! Now, in these last few weeks of 2009, the FreeBSD Foundation needs the support of those who have yet to donate to take us the rest of the way.
The recession has hit everyone hard. For many, every possible expense has been cut, and what spending they do is out of strict necessity. Unfortunately the challenges facing FreeBSD are undiminished by recessions and the technological landscape continues to change at a rampant pace. That is why the FreeBSD Foundation nearly doubled its 2008 budget for 2009 and needs your support so we can avoid cutting our investments in 2010.
If you benefit from FreeBSD, please donate so:
development projects are funded to support emerging technologies such as solid state disks, USB 3.0, machine and network virtualization, highly parallel processors, clustering, and data replication.
BSD conferences continue around the globe.
students and contributors have the opportunity to attend conferences and developer summits.
the infrastructure of computers and equipment supporting our community can be maintained.
the FreeBSD community is grown through marketing and outreach to users and businesses.
FreeBSD trademarks are protected and the project has access to legal counsel.
FreeBSD continues to serve as the foundation for research and enterprise.
Every donation, no matter its size, makes this work possible. As a non-profit with very low overhead, your donation is the best way to invest in FreeBSD. Please make that investment today so we can meet our dual goals for 2009 of 1000 donors and $300,000.
You can make a donation (including recurring subscriptions) by going to: http://www.freebsdfoundation.org/donate/.
On December 1, 2009, In Politics, by Remko
A lot of people had read the book 1984 by George Orwell. George Orwell was a writer and seemingly a visionair. George wrote about dictative systems that control people in every possible way. The system used there is called Big Brother.
When you mention these things towards people, they instantly recognize what you are telling them. They read the book. Sadly, when you mention that these things happen in real life, not many people recognize it. Why? We are already being controlled!
Currently every big-brother-ism is being driven by MONEY. You will see that the music-industry is lobbying very hard to take actions against revolting people. They do not wish to see the market, which seems to demand lower pricing of materials. Free is a viable alternative, reducing prices will increase people buying the goods, and will lower the amount of people that are “illegally” downloading copyrighted materials.
But the music industry isn’t the only group that is doing this. The US of A is demanding free access to -every- banktransaction within Europe. Why? Because a so called threat against the US of A. Your transactions will be logged and insightfull for the US of A, and when you come to visit the country for some reason, they will look into what you are doing. Why? Because they can!
I just mentioned the EU Government. The total idea of controlling a massive amount of people and land. A lot of countries like Ireland, the Netherlands and a few others where AGAINST the deal. People in a democracy voted NO. What happened? The EU leaders rewrote the name of the beast by calling it the European Treaty, and blowing away all people that resisted. EU Leaders wanted this to happen, they rewrite things where we are watching. A nice link to the 1984 book, where George wrote about leaders rewriting history to tell that someone didn’t exist, or some revolt didn’t happen. It’s happening right under our face and nobody is heavily revolting into it!
In the Netherlands the “government”-elite decided to bring in the OV-Chipkaart, which is a chip which you can use to travel with public transport. The chip logs every entry and exit within the public transport. Giving full access to agencies and people that pay enough money (or “have good reasons to view the system, as it is called legally”) about the whereabouts of the card holder.
It goes on… they are also considering “Kilometerheffing”, which is something that will have a box in every car, registering where the car is, every second of the day, and pricing the usage of it. It will again give full access to interested parties about the whereabouts of the car and the person in it. EU regulations are currently talking about enhancing this information with an automatic dial-112 procedure which is being used to report accidents etc, and allowing people to break into the car it self. More and more control over people.
Interestingly for both the publictransport chip and the kilometer heffing there are viable alternatives. We used to travel by a papercard, which is being stamped and deducted from your account. The papercard worked for decades! Everyone understood what was needed, and was a fair system. if public transport is becoming more expensive (which is the case with the chipcard eventhough the government lies and states that things will not become more expensive, like they said with the EURO, prices have doubled or tripled for most common goods since the introduction!), the price should be raised. That will meet resistance ofcourse, but would allow the system to keep working.
Beyond that, fuel prices makes sure that someone pays by usage, in the future electricity will be used for powering cars and fuel-demanding items, and you can charge on usage there as well. If you are using more then X amount of electricity, you will pay more. Like with the payroll tax, if you earn 100.000Euro’s, a large part of that will be in the 51% tax rate. If you earn 1000Euro’s, you will pay a maximum of 20% (or whatever the lowest scale is!), or even less if you are below the set rates.
Additionally, there is the electronic patientendossier, a file about hospital visits etc, giving the interested parties, like possible employers, full access to the medical status of an individual. vision that you are solliciting on a job, the employer reads your file, and tells you that he cannot give you the job because you are a great risk. Somehow the data was altered stating that you had HIV in the past. Same goes for medical treatment and the insurance, they can deny access to common-goods because something is written in the file.
The above is all being driven by money and “democratic” control. In the past Russia would have killed millions of people to get this information. Adolf Hitler would have given infinite resources to get this information, being able to massify the holocaust even more, because it’s easy to trace people with this. In the past these things where being held by governments etc because the collective-memory (something from 1984 again) was still remembering the wars, and what it caused. But slowly and surely, these things are being forgotten, technology advances and the democraty countries are being turned into police-states. You are guilty unless proven differently. You are no longer in charge of your country, you are a slave of your country. You are living in a dictative-regime. Why? Companies need money, do not want to get to the future, and invest in alternative ways on getting new funds.
People are naive, they believe what the government(s) tell them. Not many people see the urgent threat against their lives. They were afraid of Adolf Hitler and Joszef Stalin, but they do not recognize those faces from the smiling people in front of the camera’s, which are actually doing exactly the same!
It is time that people start revolting against these actions. IF we do not do that, 1984 WILL become very very real. Getting afraid? Good, because this threat is real!
Reference to a full summary of 1984: http://wikisummaries.org/1984
Edit: added the following information:
I just read an article from one of our ministers (Ter Horst), she said that she is happy that the people in the country are only allowed to vote for a new government, and nothing else. It had been quickly ‘corrected’ by someone later on, but I think this exactly hits the spot:
http://www.spitsnieuws.nl/archives/buitenland/2009/11/ter_horst_minarettenverbod_bed.html, yes the article is initially about something else, but that’s an entirely different topic.
Welcome to FreeBSD 8!
In this article I will write about the latest release from FreeBSD, 8.0. This is a major version that offers new functionality and much improved parts of the code.
Why are major releases so special?
Major releases offer the possibility to include changes in the system that are not allowed in stable branches. This could be new applications or API/ABI interfaces, or serious changes to datastructures and things like that.
FreeBSD brings out major releases every 18 months. Ofcourse the 18 months may vary, depending on the amount of new features and problems found while preparing for the first .0 release. The schedule should guide as a reference on when to expect something new.
FreeBSD 8?
FreeBSD 8 will be the latest version of FreeBSD that is currently on the market, it was preceded by FreeBSD 6 and 7, where we found features like ZFS, Improved Jail support, the widely known Danish Axe was used to further take out the GIANT lock, and many more features that had been in the previous release.
What will FreeBSD 8 offer us?
FreeBSD 8 will offer us the following:
USB Storage hotplug removal
Previously it was not possible to take out lets say an USB storage device while the operating system was running, without crashing it. The system code is updated to make it possible to take out an USB storage device without the system crashing. This will make many people happy!
Multi-IP/IPv6 jails
With FreeBSD 8 it will be possible to assign multiple IPv4 addresses to a jail, as well as assigning IPv6 addresses. People that offer hosting services can greatly enjoy these features, a jailed webserver for example can now use many more addresses and do proper SSL virtualhosting.
NFSv4 support
NFSv4 support is added to the FreeBSD Operating System, while this is still experimental, it gives you a NFSv4 client, as well as a server that can service NFSv4 nodes. NFSv4 gives you better security access control’s, a stateful protocol, performance improvements, etc.
Enhanced ULE scheduler
The ULE scheduler is much improved for FreeBSD 8, this allows even better scheduling and responses to systems running FreeBSD 8, especially when used with SMP systems. Systems running the FreeBSD 8 operating system, have this scheduler enabled by default.
DTrace
DTrace is a suite of applications imported from Solaris. DTrace will assist you in profiling your system and applications, data which you can use to make the system perform even better under your specific configuration. Every key developer needs a tool like this.
Wireless Mesh Networking
The Wireless Mesh Networking (802.11s) is an experimental feature and early adoption framework that gives the ability to setup a Meshed Wireless network. Currently most Wireless networks are build around one central access points, with leaf nodes / bridges / repeaters attached to them. This experimental feature offers the ability to ‘perfectly’ roam accross the network, without being tied to one specific Access Point.
VIMAGE
VIMAGE, is an network virtualisation project that aims in delivering multiple networking related instances. So for example you can give your jails, their own vimage, enabling them to run IPSEC, Packet filter(s), setting their own routing tables etc. So this actually makes your jails, more or less independant servers.
Multiple routing tables
Multiple routing tables, enable you to select different routing tables for different services. For example you can setup different routes for your webserver(s) and mailserver(s). The “setfib” utility is added to provide a management layer for these FIB’s (Routing tables).
Equal Cost multipath routing
Equal-Cost Multi-Path Routing (ECMP) is a new feature under FreeBSD 8, that enables the administrator to loadbalance traffic by equally balancing traffic over various routes. In theory this could increase the bandwidth that you can use, so be sure to check this out!
FreeBSD ports Parallel building
The FreeBSD ports framework is adopted to that multiple ports can be build at once. People with multi core systems will definitly see significant improvements in this region. While this update is not limited to the 8.0 release itself, it is the first release that will have this feature onboard. (after fetching the ports tree ofcourse).
MPSafe TTY
The TTY subsystem is one of the last sections of the entire operating system that had not been rewritten or massively updated in the last decade or two. FreeBSD 8 will have a replaced version that no longer uses the GIANT lock. That reduces the impact of the lock even more and will assist with fine grained multiprocessor capabilities. It is also more modular and will make it easier to hook into the new layer. This will help in lagging console and X.org sessions.
Procstat
Procstat is a new application, eliminating the need for procfs(4), it gives the user information about processes, command line arguments, kernel thread stacks, and many other functions that could assist people in troubleshooting and debugging.
Textdumps
Textdumps had been written to make it much easier to get coredump information back from the Operating System after fatal events occured.
The application had been setup to generate a tar archive that includes several text files with valuable troubleshooting information. Users that send this tar file to one of the appropriate lists, make a much better chance in getting their problem fixed. Before this tool one needed to do this manually, often making this an impossible step for the average user. Not only will this help the user that is facing problems, but also the bugbusters that will have all required information available without needing to explain on how to get the information there.
Experimental AHCI driver
An experimental AHCI driver had been added to the tree, which gives direct and native AHCI commands through the CAM layer. This includes the NCQ feature (Native Command Queueing).
Gvinum v2
Gvinum had been updated and reworked, making it much more production ready and usable then before.
Disk utility upgrades
Several disk utility applications had been updated, or adjusted to become the default. For example the GEOM_PART utility becomes the defacto standard for disk slicing. One should pay attention when this comes in to play though, since the labels might be read differently with GEOM_PART your devices might be enumerated in a different way then before. Make sure you are actively involved with the upgrade and make sure you have serial access to the machine in case of problems!
Beyond that GPT partitions are now capable of being boot from, and the bsdlabel utility supports up to 26 partitions now.
ProPolice Stack Protector
The ProPolice SSP framework is added to the builds, protecting the kernel and userland (where configured) from being stack-smashed. This will make it harder to exploit stack based buffer overflows.
ZFS
ZFS is updated to version 13, and sees several improvements. The experimental warning is removed, making it a production ready filesystem which you can use with very large datapools. Make sure you have enough memory when playing with it though!
Wireless Virtual AP
The Wireless code is updated to support Virtual AP’s. Within the /etc/rc.conf file you are now able to clone the ‘direct hardware interface’ like ath0 into a wlan device. If you clone this more often you will be able to support more SSID’s and things like that. For small companies or freaky home users, you can setup your own protected SSID, and a guest SID which visitors can use and is protected differently.
VirtualBox Host support
The FreeBSD ports tree saw VirtualBox added to the tree, making FreeBSD 8 one of the possible candidates for Virtual Machines delivered through VirtualBox. This makes it a good alternative for VMWare.
NULL-pointer dereferences made harder
The FreeBSD Security Team included a little rewrite of the NULL pointer handling within FreeBSD. Programs are no longer able to make use of the NULL pointer by default and will be stacked on a random address location. This feature makes FreeBSD a bit safer against NULL pointer dereference vulnerabilities.
lukemftpd build disabled by default
Personally I axed the build of lukemftpd. This is one of the two ftp daemons that we have in the base system, and was opted for removal a long time ago. That had happened and the daemon is no longer available by default on the latest version of FreeBSD. Further removal of the lukemftpd software will be investigated to see what consequences will popup because of that.
How to upgrade?
Now that we spoiled you with all the new features in FreeBSD 8, there is probably interest in how one can upgrade to the FreeBSD 8 release.
Before explaining the process of upgrading the system, I expect that you already have a FreeBSD system running on 7.2 or 7-STABLE, if you are unsure on how to get that going, please refer to my previous article in BSDMag which explains this in great detail (and it includes pictures too!).
Ofcourse it is also be possible to install FreeBSD 8 from CD/DVD, please browse to ftp://ftp.langcode.FreeBSD.org/pub/FreeBSD/ISO-IMAGES-yourarchitecturehere/8.0
and fetch the proper media. All you have to do is follow the instructions that are printed on screen. If you need more details about this, there is an excellent handbook that will guide you through it, or again my previous article will assist you. The FreeBSD handbook can be found here:
http://www.FreeBSD.org/doc/en/books/handbook/
In some cases there are localised versions, like the Dutch Handbook:
http://www.FreeBSD.org/doc/nl/books/handbook
replace ‘/nl’ by ‘/yourlangcode’ to see whether your version also exists.
As mentioned we will be upgrading a running 7.2 / 7-STABLE system to FreeBSD 8.0-RELEASE.
We use “csup” for this, which will fetch our source code. This will lead up to a new system and new kernel.
For the instructions that follow, you will need “root” access, if you do not have this access, please consult your system administrator and ask him for help on how to upgrade FreeBSD as “root”.
Copy over the example csup file to /root and begin editing:
# cp /usr/share/examples/cvsup/stable-supfile /root/8-release
# vi /root/8-release
Navigate to the line which mentions ‘default host’, and change it to a server near you, so for example in the Netherlands you would use:
*default host=cvsup.nl.FreeBSD.org
Now find the part that has ‘default release’ mentioned. We need to update that as well. Change the contents of the tag parameter to RELENG_8_0. Thus the line would look like something as:
*default release=cvs tag=RELENG_8_0
Note that there is another tag that will give you the actual release bits (RELENG_8_0_0_RELEASE), but this will not get updated for Errata Notice’s and Security Advisories, making it an unwanted tag to use.
After making sure the above updates were done, we will need to update our tree. If you are a survivor of my previous article you will have an old tree and old objects tree which you might want to save for future reference.
# mv /usr/src /usr/src.releng7
# mv /usr/obj /usr/obj.releng7
Now we can download / update the new tree.
# csup /root/8-release
Wait for it to finish, and after that we can build a new kernel and world. We will not do modifications to the kernel and world this will be very straightforward.
# cd /usr/src
# make buildworld && make buildkernel
This will generate both a new world, and a new kernel, which we will use later on.
When this had been done, we will update the configuration files by issueing:
# mergemaster -p
This will update the configuration files that are needed before the new release can be started at all. If no output is given then the current configuration is sufficient to start the 8.0 version later on.
Configuration had been updated, so we can start by installing the kernel, after which we need to reboot the system:
# make installkernel
# reboot
The system will restart, when the bootloader starts, press a key and/or start the system in single user mode. In case you do not have the menu; you should issue “boot -s” on the command line so that the system starts in single user mode.
Assuming that nothing went wrong and the system starts normally into the single user mode, we can continue by installing the new world.
# cd /usr/src
# make installworld
Next we need to run a new mergemaster, but this time without any additional flags, so that “optional” configuration files will get updated.
# mergemaster
Walk through all differences and make updates where you think they are appropriate. Be carefull though, if you update passwd and group, you might no longer be able to login remotely. I have been there, done it and got the t-shirt. Again I’d assume you made all the changes you wanted to, without messing up with the system itself. We need to reboot one more time before we can be a happy 8.0 user.
# reboot
And the system will reboot and restart all services under the new world order.
Updating the jails:
In my previous article we also installed jails, that will do our hosting needs, without compromising the host machine. They are not updated through the way described above. Though a fairly simple way of doing that is by installing the new world over the old jail-world. For this you need to stop the jails, because otherwise the system might not be able to update essential files because they are in use.
Once again navigate to the usr/src tree so that we can start by updating the jails. I’d assume you have stopped the jails already so we are safe to go.
# cd /usr/src
Next, update the jails master infrastructure:
# make installworld DESTDIR=/home/j/mroot
However, please do note that it might be possible that certain ports need to be rebuild. Carefully inventorize what kind of applications you currently use, and check whether they might be using libraries that are no longer provided. After you did this you are free to cleanup old libraries:
# cd /usr/src
# make delete-old-libs
# make delete-old
Again this is at your own risk. If you fail to update bash for example to use the new libraries, you are no longer able to restart it if you relogin. Again I have been there, done it and, got a nice second t-shirt!
Conclusion:
So now you are running a fresh and modern 8 system, which you can use to do various kind of (new) things. Not only did we update your base system, we also updated your jail infrastructure and you also updated several ports so survive this cleanup. You also got an impression about what new features you can use under FreeBSD, so I’d suggest you start playing with them now. In case you find problematic things, please consider sending an email to the various mailing lists of FreeBSD, located at http://lists.FreeBSD.org
In case of a more serious problem, which cannot be resolved by the various mailing lists, please consider sending in a bug report so that the developer crew can act accordingly and if there is enough information available resolve the problem you are facing.
Do realise though: Most people working on FreeBSD is a volunteer, who all work for bosses or are being hired for different projects. They also have families, kids, and a social life that demand attention. Please take care when sending in a problem report. Make the report as detailed as possible, send in the textdump if that is available, and give people time to respond. Most often a gentle prod works better then bashing around.
References:
I used Ivan Voras’ list of “Whats cooking for FreeBSD 8″ as my main source for new and improved updates. You can find the list at the following URL:
http://ivoras.sharanet.org/freebsd/freebsd8.html
About the Author:
Remko Lodder is a 26 year old FreeBSD enthusiast, in his spare time he likes being with his son and girlfriend, playing with FreeBSD systems, and wearing various FreeBSD hats to help the community. In his professional life Remko is an Unix Engineer for Snow B.V. in the Netherlands mostly focussing on Firewalls and Security (Checkpoint/Juniper etc.). You can contact him by sending an email to: remko@FreeBSD.org, or if you want to hire him send an email to Remko.Lodder@Snow.nl or check out their website on: http://snow.nl
On November 24, 2009, In Weblog, by Remko
For -many many- years I am a big fan of the original Queen music, with the famous leadsinger Freddy Mercury. Like last year, I’ll write a little in Memorial for Freddy.
I still deeply miss Freddy, I would have loved to see the band in action, live. Sadly I cannot and will never ever be able to see it. Hopefully you are still resting in piece, and rocking the stars!
On November 13, 2009, In FreeBSD, by Remko
A couple of days ago Ken Smith changed the branch information for 8.0-RELEASE to -RC3. This is the final Release Candidate which is unlikely to last for more then a week, unless some serious show stopper is found ofcourse. So ‘gentlemen, for the pride of your nations, start your engines’, because we are going to blast in the near future!
Stay tuned!
On October 29, 2009, In FreeBSD, by Remko
A few days ago the FreeBSD team released RC2 of the 8.0 version. This is the fore-last before 8.0-RELEASE will see the light. Some problems had been ironed out, especially that had fallout of the NULL mapping removal option. PIE was one of the things that broke, things like Samba seemed to be affected.
This had been resolved now, and everyone is advised to test -RC2. -RC3 will also follow in around two weeks from now, closing in on the -RELEASE version. Stay tuned!
p.s. I am also writing a “Welcome to FreeBSD 8″ article. This is currently being reviewed by my employer (which supported me in writing this) and will be published soon..
On October 25, 2009, In Weblog, by Remko
This weekend I had a little project, wiring the bottom floor with Ethernet. There was a telephone cable patched towards the bedroom upstairs, so I figured it would be possible to put an ethernet wire through the same pipe. This could have been possible, after extracting the TV cable it worked fine. After getting in the Ethernet cable, the pain started. I cut off the RJ45 connectors and tried to made new ones (hey, the RJ45 doesn’t fit through the pipe!). WRONG. It wasn’t as easy as people had been telling me. Somehow I couldn’t do it. After 6 hours of fiddling, I was through my stock of connectors and messed up the cable terribly. I also was very grumpy at that stage.
Somewhat later I traveled to Alternate, and ordered 100m patchcable and new connectors. I took out the old (prefab) cable, and pulled the new one through it (as an experiment actually because the TV cable was unable to get back upstairs again, grmbl). I tried putting on a connector, and without much hassle this worked in < 5 minutes. So I went downstairs and tried to make the second connection, which took me a bit longer because the wires weren't coorporating, but within 20 minutes I had wired the cable; and connectors! I now have working ethernet downstairs without needing to drill. The PS3 had been connected to it, as well as the telephone (or actually the ADSL line, because that was living in my bedroom first). No more blinking lights when I am heading to bed, just a few wires here and there.
Now the next challenge is to bring back TV to the first and second floor (it’s splitted in my bedroom). Lets see how we can arrange that!
So, now a while after the disconnect of ”lukemftpd”, I only got one response from Ed Schouten mentioning that I could have done it with a ‘src.conf’ setting. I decided not to do that, but that were all reactions. So given that, it might be that people are either not noticing it, or something else is wrong. I would have assumed that at least several people would complain that their lukemftpd doesn’t work any longer, or at least no longer gets installed.
+1 for success
On October 21, 2009, In Weblog, by Remko
WordPress just released a new version, 2.8.5 The hardening release. Evilcoder.org and relevant surrounding blogs had been updated already.. How far are you with the upgrade process?
English 
Dutch 