Installing Gophernicus in OpenBSD

submited 05 October 2018

Installing a Gopher server is very easy. With OpenBSD you only have to install from packages or ports the Gophernicus server.

The BSD community linklog
Made a script? Written a blog post? Found a useful tutorial? Share it with the BSD community here or just enjoy what everyone else has found!


18 December 2018
Introducing HardenedBSD 12-STABLE  

The first public release of hardened/12-stable/master branch, which contains lots of security improvements over 11-STABLE.

Among those improvements are:

  • Non-Cross-DSO Control-Flow Integrity (CFI) for applications on amd64 and arm64. At this time, CFI is not applied to the kernel.
  • Jailed bhyve.
  • Per-jail toggles for unprivileged process debugging (the security.bsd.unprivilegedprocessdebug sysctl node).
  • Spectre v2 mitigation with retpoline applied to the entirety of base and ports.
  • Symmetric Multi-Threading (SMT) disabled by default (re-enable by setting machdep.hyperthreading_allowed to 1 in loader.conf(5)).
  • Migration of more compiler toolchain components to llvm's implementations (llvm-ar, llvm-nm, and llvm-objdump).
  • Compilation of applications with Link-Time Optimization (LTO).
17 December 2018
BSD Router Project  

BSD Router Project (BSDRP) is an embedded free and open source software router distribution based on FreeBSD with FRRouting (Quagga fork) and Bird.

New LibreSSL releases  

LibreSSL 2.7.5, 2.8.3 and 2.9.0 were released on 16 December, 2018.

14 December 2018
OPNsense 18.7.9 released  

To keep it snappy: enclosed are assorted updates and fixes, a new dnscrypt-proxy plugin as well as security updates from FreeBSD and third parties. Happy patchday!

Review: GhostBSD 18.10 - Changing the base  

Author was tentatively optimistic going into experiment with GhostBSD. The shift from a stable FreeBSD base to a rolling TrueOS base was one which they had hoped would bring new features and hardware support, but they were also concerned the result might be rough around the edges. For the most part they were pleased with what GhostBSD 18.10 provided.

FreeBSD 12 released: Here is how to upgrade FreeBSD 11 to 12  

The FreeBSD project announces the availability of FreeBSD 12.0-RELEASE. It is the first release of the stable/12 branch. The new version comes with updated software and features for a wild variety of architectures. The latest release provides performance improvements and better support for FreeBSD jails and more.

Ho, Ho, Ho - 12.0 - BSD Now 276  

FreeBSD 12.0 is finally here, partly-cloudy IPsec VPN, KLEAK with NetBSD, How to create synth repos, GhostBSD author interview, and more.

13 December 2018
HAMMER2 update on the way  

Matthew Dillon’s been working on “reliable on-media topology” for HAMMER2. If you had a crash at just the right time with HAMMER2, you wouldn’t lose data but you might have to do some manual cleanup. With these changes, that doesn’t happen any more. It’s present now in -master and will be in what should be DragonFly 5.4.1 by the end of the year.

Comprehensive and biased comparison of OpenBSD and FreeBSD  

This paper will look at some of the differences between the FreeBSD and OpenBSD operating systems. It is not intended to be solely technical but will also show the different ”visions” and design decisions that rule the way things are implemented. It is expected to be a subjective view from two BSD developers and does not pretend to represent these projects in any way.

12 December 2018
NetBSD Security Advisory 2018-009: bozohttpd can allow access to .htpasswd  

Under certain circumstances bozohttpd(8) can be tricked into revealing the contents of certain special files. These special files are configuration files for ozohttpd(8) and include the standard .htpasswd file for HTTP Basic Authorisation (RFC-7617), which contains both a list of user names and their encrypted passwords.

18.12-PRERELEASE Available  

Version 18.12-PRERELEASE of Project Trident is now available on the download page! We are rapidly approaching a “real” release of Trident later this month after TrueOS branches their 18.12 STABLE version, but we anticipate there will be one more prerelease image after this one to catch/fix any last bugs that might crop up during that STABLE release procedure for TrueOS. WARNINGS There is a known bug where the AppCafe will not allow you to browse the packages available on the remote repository.

GhostBSD 18.10 is now based on TrueOS – Easiest BSD distro for beginners  

Nowadays if you want some of that BSD on your personal desktop how to go about? There is a distro called GhostBSD which is now based on TrueOS which itself is derived from FreeBSD.

FreeBSD 12 on AWS marketplace  

FreeBSD is an advanced computer operating system used to power modern servers, desktops, and embedded platforms. It's advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive networking and storage devices.

11 December 2018
FreeBSD 12.0-RELEASE Now Available  

The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 12.0-RELEASE. This is the first release of the stable/12 branch.

Some of the highlights:

 * OpenSSL has been updated to version 1.1.1a (LTS).
 * Unbound has been updated to version 1.8.1, and DANE-TA has been
   enabled by default.
 * OpenSSH has been updated to version 7.8p1.
 * Additonal capsicum(4) support has been added to sshd(8).
 * Clang, LLVM, LLD, LLDB, compiler-rt and libc++ has been updated to
   version 6.0.1.
 * The vt(4) Terminus BSD Console font has been update to version 4.46.
 * The bsdinstall(8) utility now supports UEFI+GELI as an installation
 * The VIMAGE kernel configuration option has been enabled by default.
 * The NUMA option has been enabled by default in the amd64 GENERIC and
   MINIMAL kernel configurations.
 * The netdump(4) driver has been added, providing a facility through
   which kernel crash dumps can be transmitted to a remote host after a
   system panic.
 * The vt(4) driver has been updated with performance improvements,
   drawing text at rates ranging from 2- to 6-times faster.
 * Various improvements to graphics support for current generation
 * Support for capsicum(4) has been enabled on armv6 and armv7 by
 * The UFS/FFS filesystem has been updated to consolidate
   TRIM/BIO_DELETE commands, reducing read/write requests due to fewer
   TRIM messages being sent simultaneously.
 * The NFS version 4.1 server has been updated to include pNFS server support.
 * The pf(4) packet filter is now usable within a jail(8) using vnet(9).
 * The bhyve(8) utility has been updated to add NVMe device emulation.
 * The bhyve(8) utility is now able to be run withing a jail(8).
 * Various Lua loader(8) improvements.
 * KDE has been updated to version 5.12.5.
 * And more...
Cirrus CI support for FreeBSD  

FreeBSD support was recently added to the Cirrus CI system. Cirrus CI makes your development cycle fast, efficient, and secure by leveraging modern cloud technologies. Cirrus CI scales with your team and makes shipping software faster and cheaper. Follow the FreeBSD Virtual Machines guide to find out more.

OpenBSD in Stereo - BSD Now 275  

DragonflyBSD 5.4 has been released, down the Gopher hole with OpenBSD, OpenBSD in stereo with VFIO, BSD/OS the best candidate for legally tested open source Unix, OpenBGPD adds diversity to the routing server landscape, and more.

06 December 2018
FreeNAS 11.2  

Ladislav Sirovy has announced the release of FreeNAS 11.2, the latest stable version of the project's specialist FreeBSD-based operating system designed for computers providing Network-Attached Storage (NAS) services. The new release brings a completely redesigned web interface, among many other changes: "FreeNAS 11.2-RELEASE introduces a ton of new features, including a major revamp of the web interface, support for self-encrypting drives, and new, backwards-compatible REST and WebSocket APIs. This update also introduces iocage for improved Plugin and Jail management and simplified Plugin development. FreeNAS 11.2 introduces an updated web interface. Based on Angular and Javascript, the web interface has been modernized to be more user-friendly, snappier and aesthetically pleasing. The redundant top bar has been removed and most FreeNAS configuration menus can be accessed by clicking the appropriate item in the left column. The new design streamlines the layout with cleaner dropdown menus, while maintaining the same functionality and workflow you’ve grown familiar with while using FreeNAS. All your favorite FreeNAS features are still available, including the same robust protocol support, snapshots and pool management."

05 December 2018
NetBSD desktop pt.4: The X Display Manager (XDM)  

While XDM may not support xft, GTK/Qt themes, and other eye-candy hacks which things like GDM, SDDM, and LightDM may have, it’s extremely low on resources, quite easy to customize, included in base, and most of all, it just works.

FreeBSD Security Advisory FreeBSD-SA-18:14.bhyve  

A guest OS using a firmware image can cause the bhyve process to crash, or possibly execute arbitrary code on the host as root.

04 December 2018
Installation Manual for FreeBSD 11.2  

FreeBSD 11.2 at thinkpad x240 - Post installer configurations and steps and much more.

Xorg and fun with local root privileges  

Last week,Michael Shirk gave a talk at the CharmBUG meetup on the recent Xorg vulnerability that allowed for local users to elevate their privileges through a vulnerability in the Xorg command line options. The vulnerability allowed users to overwrite files and run code as the root user. The original vulnerability was found in recent versions of Xorg on Debian, RHEL, and CentOS, but was not patched in OpenBSD until the details of the vulnerability were released. Credit for the vulnerability discovery goes to Narendra Shinde, with Matt Hickey providing an exploit for OpenBSD.

MeetBSD 2018 Talks Up  

The presentations held for MeetBSD 2018 at Intel’s Santa Clara campus back on October are now up. The talks range from Kris Moore’s TrueOS, ZFS panel discussion, Ben’s Intel and FreeBSD talk, to a history by Dr. Kirk McKusick.

03 December 2018
DragonFly BSD 5.4.0 brings GCC 8.0 and updated drivers  

DragonFly 5.4.0 has been released. It is the latest stable release of BSD distribution that travels in a unique direction.

FreeBSD 12.0-RC3 Released With NFS Vulnerabilities Addressed, Memory Leak Fixes  

FreeBSD 12.0-RC3 is out as likely the last test release before the official FreeBSD 12.0 debut in the next week.

Approaching the finish line, FreeBSD 12.0-RC3 is understandably light on changes besides some fixes. FreeBSD 12.0-RC3 has fixes for vulnerabilities within the NFS server code, various bug fixes, and also various memory leak fixes have also been addressed.

OpenBSD VMM Hypervisor Part 4: Running Ubuntu (and possibly other distros)  

Last week, the author of post rescued a server from a pile of computers destined to be scrapped and recycled. It looked like the perfect setup for getting serious with OpenBSD VMM in home lab. Two older Xeon E5-2620 CPUs and 128 GB of RAM. No hard drives, but it came with enough empty drive trays for getting started. Author threw a pair of old SAS drives into it.

02 December 2018
Using the installers for Linux, on NetBSD  

This article covers an interesting use case of NetBSD's Linux compatibility layer: to install's distributions of Linux games, using their Linux installer.

Interview with founder and maintainer of GhostBSD, Eric Turgeon  

It’s really interesting to hear how Eric, without having a computer sciences degree, began the GhostBSD project and how he pushes it forward with every release.

Project Trident 18.11-PRERELEASE_2 Available  

Version 18.11-PRERELEASE_2 of Project Trident is now available on the download page! This version has several significant changes: ISO support for NVIDIA Optimus or other dual-GPU systems. There has been a lot of work to make the graphics driver setup aware of and support systems with multiple graphics cards now. This is still fairly new, so please make sure you submit bug reports with the associated pciconf -lv output on your system if this still does not work properly for your hardware.

30 November 2018
Language: Assembly - BSD Now 274  

Assembly language on OpenBSD, using bhyve for FreeBSD development, FreeBSD Gaming, FreeBSD for Thanksgiving, no space left on Dragonfly’s hammer2, and more.

BSDSec: 4 new OpenBSD Errata  

BSDSec, the deadsimple BSD Security Advisories and Announcements website brings you 4 new OpenBSD Errata:

28 November 2018
New FreeBSD Security Advisory and Errata Notices  

Not following BSDSec, yet? You should.

From 27. November 2018 it brings new Security Advisory and Errata Notices for FreeBSD regarding icmp, tzdata, loader and nfs.

Execute a command from host system in a jail  

This is a utility for FreeBSD system to execute a command from host system in a jail. This makes it possible to adjust jail environment without depending on its content (e.g. run ifconfig for a VNET jail with Linux system root).

27 November 2018
Celebrating 50 years of UNIX  

Try out some historical UNIX systems. Presented by the SDF Public access UNIX System.

Pinebook and FreeBSD soon  

Configuration for PINEBOOK images are being added. Pinebook is a arm64 laptop based on a Pine64 board.

Since the usb trackpad needs a quirk, they are adding a common function for adding quirk for arm board. A default one is supplied as most board do not need quirks.

Giving Tuesday  

After you’ve finished with the turkey and the shopping, take a minute to give back to your favorite OS! The Foundation is kicking off its prime giving season on one of the biggest giving days of the year, #GivingTuesday. Now in its seventh year, #GivingTuesday is a global day of giving that brings together diverse communities to foster generosity .

The Foundation is calling on the FreeBSD community to channel your passion for FreeBSD into helping us reach our #GivingTuesdayFreeBSD campaign goal of raising $5,000 in the 24 hour period. Your support, no matter the size, will have a lasting impact on the Project.

New FreeBSD 13 snapshots available  

New FreeBSD development branch installation ISOs and virtual machine disk images have been uploaded to the FreeBSD Project mirrors.

As with any development branch, the installation snapshots are not intended for use on production systems. We do, however, encourage testing on non-production systems as much as possible.

Please also consider installing the sysutils/panicmail port, which can help in providing FreeBSD developers the necessary information regarding system crashes.

Snapshots may be downloaded from the corresponding architecture directory from:

Stardew Valley on FreeBSD  

Mariusz Zaborski (oshogbo) did the porting work and you can now play Stardew Valley (and other games) on FreeBSD. In this post I’ll describe the steps I took to get it running.

26 November 2018
GhostBSD 18.10 screenshots  

Some screenshots of GhostBSD 18.10. GhostBSD 18.10 is the first release of the project with TrueOS base.

The Restoration of UNIX: Emulating UNIX version 1.0 on a 16-bit DEC PDP 11 20  

Next year, the one of the world’s first Operating Systems (OS) UNIX will celebrate its 50th birthday. This relic of the past is objectively one of the most important creations that has ever influenced the field of Computer Science. However, mysteries of this artifact were discovered in 1995. Two engineers, Paul Vixie and Keith Bostic, dug deep enough to find several DEC tapes “under the floor of the computer room [at Bell Labs]” (UNIX Past) which held several original binary files for UNIX. With much help from several individuals, these two engineers were able to reverse engineer the binary tapes they found and 15 years later, put up a repository for this ancient system on GitHub. There it has stayed, waiting for someone to use it like it was meant to be used, on a DEC PDP 11/20, the computer UNIX v1 was initially written for. Currently, the PDP 11/20 can send and receive data via a homemade serial emulator we have written in Java, and the PDP 11/20 has been loaded with a binary file for the BASIC programming language. Once the entry point for BASIC can be determined, we will start to write code to emulate paper tape readers to assist in loading UNIX v1 into the PDP 11/20's memory. In the end, we hope to have a fully functional system running the one of the world’s first Operating Systems.

Run anything (like full blown GTK apps) under Capsicum  

capsicumizer is a sandbox launcher that imposes Capsicum capability mode onto an unsuspecting program, allowing "sysadmin style" or "oblivious" sandboxing (i.e. no source code modifications, all restrictions added externally).

You just write AppArmor-esque "profiles" and capsicumizer takes care of sandboxing the applications.

capsicumizer is capable of launching some GUI applications (like gedit) on both Wayland and X11.

FreeBSD 12.0-RC2 Available  

The second RC build for the FreeBSD 12.0 release cycle is now available. ISO images for the amd64, armv6, armv7, arm64, i386, powerpc, powerpc64, powerpcspe and sparc64 architectures are available on most of our FreeBSD mirror sites.

24 November 2018
Valuable News – 2018-11-24  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems. Whenever I stumble upon something worth mentioning on the Internet I just put it here so someone else can

Today the amount information that we get using various information streams is at massive overload. Thus one needs to focus only on what is important without the need to grep(1) the Internet everyday. Hence the idea of providing such information ‘bulk’ as I already do that grep(1).

23 November 2018
DragonFlyBSD 5.5 Development Opens Up  

With DragonFlyBSD 5.4 releasing in the days ahead, its code has been branched while now open on Git master is the DragonFlyBSD 5.5 development tree.

DragonFlyBSD 5.4.0 is coming soon with all of its great improvements that were developed under the DragonFlyBSD "5.3" development series while now DragonFlyBSD 5.5 is in development for what should be released as DragonFlyBSD 5.6 in about six months time. The DragonFlyBSD 5.4 release is coming out just days before the big release of FreeBSD 12.0.

22 November 2018
OPNsense 18.7.8 released  

This stable update finally brings you the promised LDAP+TOTP authentication, but also renewed language translations and several third party software updates for software such as OpenSSL, OpenSSH and Sudo. A reboot is not required, but recommended.

21 November 2018
Games on FreeBSD  

What do all programmers like to do after work? Ok, what do most programers like to do after work? The answer is simple: play a good game! Recently at the Polish BSD User Group meetup mulander was telling us how you can play games on OpenBSD. Today let’s discuss how this looks in the FreeBSD world using the “server only” operating system.

20 November 2018
FreeBSD Desktop – Part 2.1 – Install FreeBSD 12  

This article is an update/rewrite to the already published FreeBSD Desktop – Part 2 – Install. With the upcoming introduction of the FreeBSD 12.0-RELESE version new possibilities arise when it comes to installation.

19 November 2018
Distrowatch reviews NetBSD 8.0  

From article: I last tried NetBSD 7.0 about three years ago and decided it was time to test drive the operating system again. In the past three years NetBSD has introduced a few new features, many of them security enhancements. For example, NetBSD now supports write exclusive-or execute (W^X) protection and address space layout randomization (ASLR) to protect programs against common attacks. NetBSD 8.0 also includes USB3 support and the ability to work with ZFS storage volumes.

18 November 2018
FreeBSD 12.0-RC1 Available  

The first RC build for the FreeBSD 12.0 release cycle is now available. ISO images for the amd64, armv6, armv7, arm64, i386, powerpc, powerpc64, powerpcspe and sparc64 architectures are available on most of the FreeBSD mirror sites.

OpenBSD Errata: November 17th, 2018  

New OpenBSD Errata for November 17th, 2018 are available for lockf, portsmash and blinding.

17 November 2018
Nixers Newsletter  

You can find the archive of past newsletters here:

16 November 2018
Detain the bhyve - BSD Now 272  

Byproducts of reading OpenBSD’s netcat code, learnings from porting your own projects to FreeBSD, OpenBSD’s unveil(), NetBSD’s Virtual Machine Monitor, what 'dependency' means in Unix init systems, jailing bhyve, and more.

15 November 2018
Send running jail stats to carbon database  

This scripts injects running jails from a FreeBSD host into carbon database. It may be consumed then by tools like graphite or grafana.

A common way to use this is set-up a crontab entry.

Microsoft is now Gold supporter of OpenBSD  

The OpenBSD Foundation is happy to announce that Microsoft has increased its support level from Silver to Gold for 2018. This is the fourth consecutive year that Microsoft has made a contribution to the OpenBSD Foundation and we are grateful for their continuing support.

Researchers discover seven new Meltdown and Spectre attacks  

A team of nine academics has revealed today seven new CPU attacks. The seven impact AMD, ARM, and Intel CPUs to various degrees.

Two of the seven new attacks are variations of the Meltdown attack, while the other five are variations on the original Spectre attack -- two well-known attacks that have been revealed at the start of the year and found to impact CPUs models going back to 1995.

14 November 2018
OpenBSD in Stereo with Linux VFIO  

Blog post author uses a Huawei Matebook X as his primary OpenBSD laptop and one aspect of its hardware support has always been lacking: audio never played out of the right-side speaker. The speaker did actually work, but only in Windows and only after the Realtek Dolby Atmos audio driver from Huawei was installed. Under OpenBSD and Linux, and even Windows with the default Intel sound driver, audio only ever played out of the left speaker.

Now, after some extensive reverse engineering and debugging with the help of VFIO on Linux, author finally have audio playing out of both speakers on OpenBSD.

OpenBSD arm64 on the NanoPi NEO2  

NanoPi NEO2 is a little board (40*40mm), which is probably the best of the smallest possible device one can run OpenBSD on.

The CPU is a quad-core ARM Cortex-A53 which is quite capable, a GENERIC.MP kernel build taking 15 minutes. On the downside, the board only has 512MB of RAM.

MeetBSD 2018: Andrew Fengler FreeBSD What to Monitor  

Reasoning behind monitoring, General Unix monitoring, FreeBSD specifics and pitfalls.

Linux and FreeBSD networking  

From the post: I work on the networking subsystem of the Linux kernel and I find networks rather fascinating. Often I read statements about the FreeBSD networking stack being faster and more mature than the Linux counterpart, but I didn’t find any comparative tests between the two OS, and I was so curious that I decided to do some tests myself.

13 November 2018
CharmBUG Meeting - Xorg and fun with local root privileges  

Next formal CharmBUG meeting will be held at Onyx Point in Hanover, MD. The goal for this meeting will be to discuss any BUG topics, or general issues, followed by a talk on Xorg and fun with local root privileges.

Michael Shirk will be giving a talk about the events that unfolded at the end of October 2018 with an interesting local root privilege escalation bug in the Xorg server. He will discuss what happened as details emerged and how the vulnerability impacted FreeBSD and OpenBSD. At the end of the talk, attendees are invited to join in on an interactive search for all of the setuid/setgid binaries in a base install of FreeBSD and OpenBSD as well as ports that install setuid/setgid binaries to highlight the issues with root privileges.

NOTE: This talk will occur on Wednesday, November 28th.

Web browsers on DragonFly  

For better or worse, there’s different browser options out there, especially for non-mainstream platforms. You know what I mean. DragonFly developer tuxillo has put together a helpful page listing options and how to get them to build.

12 November 2018
Subcarpathian BSD User Group - Podkarpacka Grupa Użytkowników BSD.  

SBUG was founded in April 2015.

At the moment, they are trying to raise awareness about the group and gather BSD enthusiasts in the Subcarpathian voivodeship, so please help them reach users in the area and join our mailing-list if you are interested.

Since December 2015, there is also an #sbug IRC channel on Freenode. Lastly, you can follow SBUG on Twitter : @sbugpl

11 November 2018
The history of Unix as seen through the eyes of Rob Pike  

In this conference call recording, you will get an insider's view of the development of some of the key pieces of the modern computing world.

FreeBSD 12.0-BETA4 Available  

The fourth BETA build for the FreeBSD 12.0 release cycle is now available. ISO images for the amd64, armv6, armv7, arm64, i386, powerpc, powerpc64, powerpcspe and sparc64 architectures are available on most of the FreeBSD mirror sites.

Project Trident RC3 Available  

Release Candidate 3 of Project Trident is now available on the download page! This version is the first one based on the “trueos-master” branch of TrueOS, and with that comes a lot of changes and breaks from the previous versions. FreeBSD version is now listed as 13-CURRENT instead of 12-CURRENT. This may cause issues with upgrading if you try to use any method other than the trueos-update utility. The default bootloader has been changed by FreeBSD to the new “lua”-based version.

09 November 2018
OPNsense 18.7.7 released  

Today we are addressing CVE-2018-18958 regarding an unenforced "deny config write" privilege. The issue was reported by brainrecursion this Monday and subsequently fixed along with several related issues. The "deny config write" privilege coupled with admin or user and group manager rights are affected combinations. It is an uncommon way to configureaccess as the "deny config write" privilege is commonly used for role-based access to non-system services, e.g. captive portals.

As we cannot be sure that no further issues of this sort exist please refrain from using the "deny config write" privilege or at least stop giving access to system services or full admin rights to these users or groups. In the midterm we will be looking for replacements of the current privilege for something that is more generic and robust in enforcement.

Additionally, the update to Suricata 4.0.6 addresses the SMTP crash vulnerability CVE-2018-18956. Since the update does not reboot without an operating system update please manually restart the intrusion detection service.


Imagine an application that can do anything with your data. Literally anything. Imagine an application which can get your private photos and send them over the internet to some external server. In UNIX-like operating systems almost all applications can do that. If you had an exploitable bug in grep(1) somebody would be able to do so. If you had an exploitable bug in cat(1) somebody would be able to do so. When your application has access to all your user data we are talking about ambient authority.

What if you could do stuff another way? What if your application could have only a capability to use the things it really needs to use. What if you grep(1) would have only read-only rights to a file that it’s should parse, and it couldn’t create a network connection or send signals to different processes. This is a capability world which Capsicum implements.

Fetching DragonFly src over https  

If you happen to be using DragonFly from a network location that only allows http/https as outbound traffic, you won’t be able to update /usr/src using defaults. /usr/Makefile pulls DragonFly source using a git:// URL.

The fix is to use the read-only Github mirror. You can set origin manually or just change GITHOST in /usr/Makefile (or GITURL_SRC if you are on DragonFly-master) to “”.

Automatic Drive Tests - BSD Now 271  

MidnightBSD 1.0 released, MeetBSD review, EuroBSDcon trip reports, DNS over TLS in FreeBSD 12, Upgrading OpenBSD with Ansible, how to use smartd to run tests on your drives automatically, and more.

08 November 2018
NetBSD and support for two finger scroll emulation  

Brett Lymn added support for two finger scroll emulation for synaptics touchpads

FreeBSD 10.4 end-of-life  

As of October 31, 2018, FreeBSD 10.4 reached end-of-life and is no longer supported by the FreeBSD Security Team.

Users of FreeBSD 10.4 are strongly encouraged to upgrade to a newer release as soon as possible.

malloc.conf replaced with a sysctl  

Otto Moerbeek ([email protected]) moved malloc handling from a softlink in /etc to a sysctl instead.

07 November 2018
OpenSMTPD released and upcoming filters preview  

TL;DR: Filters have been a (the most ?) long awaited feature in OpenSMTPD. There is still a bit of work required but the trickiest parts are done.

This article describes how filters are implemented and what to expect.

LDAP replication and CRYPT userPassword  

Author have just discovered some issues with previous article on OpenLDAP replication between Synology DSM and OpenBSD OpenLDAP. In the end, it is not possible to log-in on the OpenBSD LDAP instance using the original userPassword. Short story: CRYPT seem to not be various-platform-compatible.

06 November 2018
Learning Notes on FreeBSD Jails  

User genneko shares us their notes on what they learned about FreeBSD after using it in a production environment. They walk us through templates, configuring the jail NAT, to building the VIMAGE-enabled kernel.

ip6addrctl in DragonFly  

Aaron LI’s added ip6addrctl(8) to DragonFly; on by default.

05 November 2018
XigmaNAS available  

XigmaNAS is an embedded Storage distribution for Windows, Mac, & UNIX-like systems based on FreeBSD.

OpenSSH has broader key revocation than I thought  

A while back, OpenSSH gained support for doing host and user authentication through a local Certificate Authority. Instead of directly trusting public keys, you configured a CA (or more than one) and then trusted anything signed by that CA. For user keys, this has the usual weakness of the basic CA model; for host keys, it's probably an improvement in practice but I'd like to know what happens if you get handed a new CA-signed host key for a host that you already saw one for.

02 November 2018
NextCloud on OpenBSD - updated  

NextCloud and OpenBSD are complimentary to one another. NextCloud is an awesome, secure and private alternative for propietary platforms, whereas OpenBSD forms the most secure and solid foundation to serve it on. Setting it up in the best way isn't hard, especially using this step by step tutorial.

Ghostly Releases - BSD Now 270  

OpenBSD 6.4 released, GhostBSD RC2 released, MeetBSD - the ultimate hallway track, DragonflyBSD desktop on a Thinkpad, Porting keybase to NetBSD, OpenSSH 7.9, and draft-ietf-6man-ipv6only-flag in FreeBSD.

How to create an image for Azure with Packer  

Cloud and automation are hot in the infrastructure space these days. As such I am constantly looking at how to automate things for FreeBSD. HashiCorp provides some very cool and good Cloud Infrastructure Automation tools. The nice thing is that these are all available for FreeBSD! One such tool is Packer. It is an open source tool for creating identical machine images for multiple platforms from a single source configuration.

This post shows how to create a customized FreeBSD image with Packer for Azure. And all is done from a FreeBSD box!

GhostBSD 18.10 Now Available  

GhostBSD 18.10 is the first official release of GhostBSD with TrueOS under the hood, and the official desktop is MATE. However, in the future, there might be some community release, but for now, there is no community released yet.

ll images checksum, hybrid ISO(DVD, USB) and torrent are available here:

01 November 2018
BSD Users Stockholm Meetup 4  

It is time for the fourth BSD Users Stockholm Meetup!

Once again, we meet at the B3 offices in central Stockholm to talk about our favorite operating systems. Mark your calendar for November 13. There will be presentations, food and interesting discussions.

If you have something you like to present, long or short, or just want to help out, please let me know. Presentations can be in either Swedish or English.

Nixers Newsletter  

New newsletter is out. You can find the archive of past newsletters here:

31 October 2018
Beginners Guide To x86 Shellcoding on FreeBSD  

The purpose of this tutorial is to help familiarize you with creating shellcode on the FreeBSD operating system. The code within was adapted from linux code examples in The Shellcoders Handbook

PostgreSQL benchmark on FreeBSD, CentOS, Ubuntu Debian and openSUSE  

In this post, I’m going to show benchmark results of the recently released PostgreSQL 10.1. I’ve benchmarked the DB on these OSes (all are 64-bit):

  • Ubuntu 16.04, kernel 4.10.0-38-generic
  • openSUSE 42.3, kernel 4.4.87-25-default
  • CentOS 7.4, kernel 3.10.0-693.2.2.el7.x86_64
  • Debian 9.2, kernel 4.9.0-4-amd64
  • FreeBSD 11.1
Chris (from Linux Unplugged) Goes to MeetBSD  

MeetBSD 2018 took place at the sprawling Intel Santa Clara campus. The venue itself felt more like an olive branch than a simple friendly gesture by Intel. In truth it felt like a bit of an apology. You get the subtle sense they feel bad about how the BSD's were treated with the Meltdown and Specter flaws. In fact, you may be right to think they felt a bit sorry towards the entire open source community.

Upgrade to OpenSMTPD 6.4.0  

It’s no secret that configuration for OpenSMTPD changed a lot with version 6.4.0. Despite the fact that changes were announced long time ago and that many configuration examples have popped-up, my particular usage wasn’t covered(1). Namely: using OpenSMTPD with Dovecot and Rspamd as chained MTA.

30 October 2018
NetBSD ARM Bootable Images  

Select your board from the list and download a ready-to-go SD card images.

Hardkernel ODROID-XU3 and XU4 images for NetBSD are the latest additions available.

GhostBSD18.10 RC3 is Available for testing  

This third release candidate of GhostBSD 18.10 is the third official testing release of GhostBSD with TrueOS under the hood. The official desktop of GhostBSD is MATE. However, in the future, there might be an XFCE community release, but for now, there is no community release yet.

29 October 2018
Introducing the OpenBSD Virtualization FAQ  

Returning readers are likely aware that OpenBSD in its OpenBSD/amd64 and OpenBSD/i386 varieties comes with virtualization built in, brought to you by the vmm(4) subsystem. Now getting started with OpenBSD virtualization has become even easier: The OpenBSD FAQ has a new Virtualization section, written mainly by Solene Rapenne ([email protected]) and added to the site in this commit, that offers an introduction to the concepts as well as instructions on how to get started with vmm(4). That's right: go read the thing, and play with vmm!

FreeBSD Moves Ahead With Deprecating Some Of Their 10/100 Network Drivers  

Reported at the start of the month were plans for FreeBSD 12 to deprecate many of their 10/100 Ethernet drivers with just leaving the popular fast Ethernet drivers and focusing on Gigabit and beyond networking drivers moving forward.

There was some backlash to deprecating all of the 10/100 Ethernet drivers with some still relying upon some older NICs, but a good portion of them did get deprecated for this week's FreeBSD 12.0 Beta 2 release.

SoloBSD 11.2-STABLE-1028  

There is a new build of SoloBSD 11.2-STABLE-1028 based on the latest HardenedBSD stable branch version v1100056.7.

28 October 2018
DNS over TLS in FreeBSD 12  

With the arrival of OpenSSL 1.1.1, an upgraded Unbound, and some changes to the setup and init scripts, FreeBSD 12.0, currently in beta, now supports DNS over TLS out of the box.

DNS over TLS is just what it sounds like: DNS over TCP, but wrapped in a TLS session. It encrypts your requests and the server’s replies, and optionally allows you to verify the identity of the server. The advantages are protection against eavesdropping and manipulation of your DNS traffic; the drawbacks are a slight performance degradation and potential firewall traversal issues, as it runs over a non-standard port (TCP port 853) which may be blocked on some networks. Let’s take a look at how to set it up.

What I learned from porting my projects to FreeBSD  

The post's author set up a local FreeBSD VirtualBox VM to test something, and it seemed to work very well. Due to the novelty factor, they decided to get their software projects to build and pass the tests there.

27 October 2018
Attaching a Bluetooth keyboard to a NetBSD machine  

I am FINALLY able to use my Apple Bluetooth keyboard with NetBSD! I am writing this blog post right now using it. The NetBSD Guide helped me a LOT with this, but I believe it requires a little bit of updating… so in the meantime, let me show you how I did it.

Valuable News – 2018.10.27  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems. Whenever I stumble upon something worth mentioning on the Internet I just put it here so someone else can

Today the amount information that we get using various information streams is at massive overload. Thus one needs to focus only on what is important without the need to grep(1) the Internet everyday. Hence the idea of providing such information ‘bulk’ as I already do that grep(1).

26 October 2018
GhostBSD18.10 RC2 is Available for testing  

This second release candidate of GhostBSD 18.10 is the second official release of GhostBSD with TrueOS under the hood. The official desktop of GhostBSD is MATE. However, in the future, there might be an XFCE community release, but for now, there is no community release yet.

OpenBSD Errata: October 25th, 2018 (xserver)  

Errata patches for Xorg have been released for OpenBSD 6.3 and 6.4.

The Xorg X server incorrectly validates certain options, allowing arbitrary files to be overwritten.

Binary updates for the amd64, i386, and arm64 platforms are available via the syspatch utility.

OPNsense 18.7.6 released  

Noteworthy are the addition of the PIE shaper option and firewall alias API. Both Unbound and Dnsmasq have been updated to their latest version.

25 October 2018
Tiny Daemon Lib - BSD Now 269  

FreeBSD Foundation September Update, tiny C lib for programming Unix daemons, EuroBSDcon trip reports, GhostBSD tested on real hardware, and a BSD auth module for duress

GhostBSD 18.10 software packages update ready  

A new software packages build did finish you can now upgrade.

For those who run on 18.10 RC1 do the following command to fix issues from RC1:

sudo pkg update -f

sudo pkg install -f libarchive curl libgksu

sudo pkg upgrade

This will update you to RC2 also.

24 October 2018
The OpenBSD Foundation has reached its 2018 fundraising goal  

For 2018 The OpenBSD Foundation will recognize donors in the following categories based on contribution amount. Recognition is based on the Canadian dollar value of the contribution at the time the contribution is received. If you wish to achieve a particular recognition level please contact [email protected] to ensure your donation will be sufficient to get the desired recognition.

On request we will provide a link to your website for donations of $5000 or more, and display your logo for donations of $10,000 or more.

LibreSSL 2.8.2 Released  

This is the first stable release from the 2.8 series.

It includes the following changes from 2.8.1

  • Added Wycheproof support for ECDH and ECDSA Web Crypto test vectors, along with test harness fixes.

  • Fixed memory leak in nc(1)

23 October 2018
Installing Arcan on FreeBSD  

Arcan from the beginning has had good FreeBSD support. This is a guide for installing it on your FreeBSD system and additional tips for getting it configured for graphical acceleration without utilizing Xorg/X11. For the most part the build instructions just work as described on the project page and Wiki for Arcan.

FuguIta 6.4 pre-release  

FuguIta-6.4-{i386,amd64}-201810231beta.iso (OpenBSD live system) - a test version for debugging is available

22 October 2018
Development Release FreeBSD 12.0-BETA1  

Following ten alpha releases and several schedule adjustments, the development process of FreeBSD 12.0 is back on track with the arrival of the first beta build. The supported architectures include amd64, i386, aarch64, armv6, armv7, powerpc, powerpc64, powerpcspe and sparc64.

DragonFly BSD introduces flexible virtual machine memory  

A DragonFly BSD developer, who goes by the nickname "ddegroot", has created a special driver which allows the user to increase or decrease the amount of memory available to a guest operating system in a virtual machine. The driver uses what is called a "memory balloon" which expands or shrinks to change the amount of RAM available to the guest operating system.

21 October 2018
GhostBSD18.10 RC1 is out and Available for testing  

This first release candidate of GhostBSD 18.10 is the first official release of GhostBSD with TrueOS under the hood. The official desktop of GhostBSD is MATE, in the future there might be some community release like XFCE, but for there is no community release yet.

19 October 2018
Absolute OpenBSD Giveaway  

Twitter's @freebsdbytes has a spare copy of Absolute OpenBSD by @mwlauthor, in nearly new condition. Happy to give it away to anyone interested.

If you want a chance to get it for free, follow @freebsdbytes and retweet the tweet message with hashtag #FollowBSD before 27/10.

OpenBSD on the Lenovo A485  

Read on to see what works. Spoilers: not everything.

OPNsense 18.7.5 released  

While the HardenedBSD 11.2 adoption is almost finished behind the scenes, this release merely revolves around minor corrections and additions that make your life easier. We are also confident that 18.7.6 finally ships the firewall alias API.

Of worthy mention are also the IPsec phase 1 changes that allow multiple DH groups and hashes to be selected simultaneously to tackle interoperability between different mobile client requirements. Also check out the Nginx plugin which has again extended its utility belt to include limiting, permanent bans, caching and more.

18 October 2018
OpenBSD 6.4 released  

We are pleased to announce the official release of OpenBSD 6.4. This is our 45th release. We remain proud of OpenBSD's record of more than twenty years with only two remote holes in the default install.

As in our previous releases, 6.4 provides significant improvements, including new features, in nearly all areas of the system.

Netcat Demystified - BSD Now 268  

6 metrics for zpool performance, 2FA with ssh on OpenBSD, ZFS maintaining file type information in dirs, everything old is new again, netcat demystified, and more.

17 October 2018
New Nixers Newsletter is out  

New newsletter is out. You can find the archive of past newsletters here:

Serial drivers out  

Did you use the digi(4), rp(4) and si(4) serial device drivers in DragonFly? I don’t think so, but you definitely can’t now.

The Trouble with FreeBSD  

While FreeBSD isn’t in any danger of disappearing any time soon, it does have issues with attracting new contributors, keeping its existing contributors and keeping its community healthy. These issues are not always unique to FreeBSD but FreeBSD provides an interesting case study.

This presentation will cover:

  • How FreeBSD’s community and its processes have evolved over the years and how this compares to other, often newer, projects.
  • What FreeBSD could learn from other projects.
  • How this all fits into broader issues around open source development communities and things that do and don’t work.
16 October 2018
NextCloud on OpenBSD  

NextCloud is an awesome, secure and private alternative for proprietary platforms like Dropbox and Google Drive. Installing NextCloud can be achieved easily with pkg_add nextcloud - but I'd like to do it manually to benefit performance and stability.

Absolute FreeBSD now shipping  

Grab an ebook/print bundle direct from No Starch Press. NSP coupon code ILUVMICHAEL gives you 30% off any NSP purchase and puts a few extra bucks in my pocket, so that’s cool. And there’s Amazon. There’s always Amazon, the company we all love to loathe.

The byproducts of reading OpenBSD netcat code  

Long story to short, reading classical source code is a rewarding process, and you can consider to try it yourself.

OpenBSD and home automation  

Share your stories in this Reddit discussion.

14 October 2018
What should longtime Linux users know about DragonFly?  

What should longtime Linux users know about DragonFly? Also, how is the project organized and what are the rules for contribution?


slant is a remote system monitor. For the time being, it only works with OpenBSD hosts. All sources use the ISC (like OpenBSD) license.

13 October 2018
Valuable News – 2018-10-13  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems. Whenever I stumble upon something worth mentioning on the Internet I just put it here so someone else can

Today the amount information that we get using various information streams is at massive overload. Thus one needs to focus only on what is important without the need to grep(1) the Internet everyday. Hence the idea of providing such information ‘bulk’ as I already do that grep(1).

Laptop recommendations for DragonFly  

In case it’s useful to you, here’s several laptop recommendations for DragonFly.

12 October 2018
MidnightBSD 1.0  

MidnightBSD is happy to announce the availability of MidnightBSD 1.0 for amd64 and i386. Over the years, many ambitious goals were set for our 1.0 release. As it approached, it was clear we wouldn’t be able to accomplish all of them. This release is more of a natural progression rather than a groundbreaking event. It includes many updates to the base system, improvements to the package manager, an updated compiler, and tools.

Of particular note, you can now boot off of ZFS and use NVME SSDs and some AMD Radeon graphics cards support acceleration. AMD Ryzen support has greatly improved in this release. We also have added bhyve from FreeBSD.

FreeBSD Desktop – Part 17 – Automount Removable Media  

In this article in the FreeBSD Desktop series author will introduce various methods to automatically (or not) mount external/removable devices such as USB or eSATA disks/pendrives or SD/microSD flash cards.

Porting Keybase to NetBSD  

Keybase significantly simplifies the whole keypair/PGP thing and makes what is usually a confusing, difficult experience actually rather pleasant. At its heart is an open-source command line utility that does all of the heavy cryptographic lifting. But it's also hooked up to the network of all other Keybase users, so you don't have to work very hard to maintain big keychains. Pretty cool! So, this evening, I tried to get it to all work on NetBSD.

11 October 2018
OpenBSD's unveil()  

One of the key aspects of hardening the user-space side of an operating system is to provide mechanisms for restricting which parts of the filesystem hierarchy a given process can access. Linux has a number of mechanisms of varying capability and complexity for this purpose, but other kernels have taken a different approach. Over the last few months, OpenBSD has inaugurated a new system call named unveil() for this type of hardening that differs significantly from the mechanisms found in Linux.

Committer-signed “Absolute FreeBSD 3rd Ed” auction  

This post is for bids on the brand new third edition of “Absolute FreeBSD” that I’m going to have signed by every developer I can catch at MeetBSD. Proceeds go to the FreeBSD Foundation.

Rules are on the announcement page, but in short: the auction ends on 20 October 2018, at the close of MeetBSD. Each bid must be at least $5 more than the prior bid. I’ll hand over or mail the copy upon getting a copy of the receipt for the FreeBSD Foundation.

The auction takes place entirely on the page. Folks at MeetBSD get no special advantage.

New FreeBSD snapshots available: head (20181009 r339271)  

New FreeBSD development branch installation ISOs and virtual machine disk images have been uploaded to the FreeBSD Project mirrors.

As with any development branch, the installation snapshots are not intended for use on production systems. We do, however, encourage testing on non-production systems as much as possible.

Please also consider installing the sysutils/panicmail port, which can help in providing FreeBSD developers the necessary information regarding system crashes.

BSD PL meetup tonight  

When: October 11, 2018, 18:15 - 21:15

Where: Warsaw University of Technology, Faculty of Electrical Engineering, ul. Koszykowa 75, Warsaw


BSD-PL 0.5. Usergroup Half-birthday. Krzysztof Szczepański

A Brief History of Time in FreeBSD. Miłosz Kaniewski

What are containers anyway? Maciej Pasternacki

Project Cardigan - Deep Learning Based Image Retrieval Mariusz Wołoszyn

Absolute FreeBSD - BSD Now 267  

Long interview with fiction and non-fiction author Michael W. Lucas for you this week as well as questions from the audience.

10 October 2018
Brian Kernighan Remembers the Origins of grep  

This month saw the release of a fascinating oral history, in which 76-year-old Brian Kernighan remembers the origins of the Unix command grep.

Kernighan is already a legend in the world of Unix — recognized as the man who coined the term Unix back in 1970. His last initial also became the “k” in awk — and the “K” when people cite the iconic 1978 “K&R book” about C programming.

09 October 2018
DragonFlyBSD 5.3 Offering Some Performance Improvements  

Since the release of DragonFlyBSD 5.2 this past April there have been many improvements to this popular BSD operating system, including on the performance front.

A lot of recent DragonFlyBSD coverage has been around its support/optimizations for Threadripper 2 with lead DragonFlyBSD developer Matthew Dillon being a big fan of these new high-core count CPUs. In this article though tests are being done from an Intel Xeon "Skylake" CPU for looking at the performance work outside of that scope.

Among the work that has landed in DragonFlyBSD 5.3-DEVELOPMENT have been SMP performance improvements, improvements around Spectre/Meltdown, continuing to mature its homegrown HAMMER2 file-system, defaulting to the GCC 8 compiler over the old GCC5 previous default, and countless other tweaks large and small.

Running FreeBSD on OSX using xhyve, a port of bhyve  

bhyve is a hypervisor/virtual machine manager developed on FreeBSD.

xhyve is port of bhyve to OS X. It is built on top of Hypervisor.framework in OS X 10.10 Yosemite and higher, runs entirely in userspace, and has no other dependencies.

SoloBSD 11.2-STABLE-1009  

There is a new build of SoloBSD 11.2-STABLE-1009 based on the latest HardenedBSD stable branch version v1100056.6.

FOSDEM 2019 Call for participation  

We now invite proposals for main track presentations, developer rooms, stands and lightning talks.

FOSDEM offers open source and free software developers a place to meet, share ideas and collaborate. Renowned for being highly developer-oriented, the event brings together some 8000+ geeks from all over the world.

The nineteenth edition will take place on Saturday 2nd and Sunday 3rd February 2019 at the usual location: ULB Campus Solbosch in Brussels.

We will record and stream all main tracks, devrooms and lightning talks live. The recordings will be published under the same licence as all FOSDEM content (CC-BY). If, exceptionally, you believe there is a legitimate reason why your presentation should not be streamed or recorded, you must seek our agreement before submitting it.

An Insight into the Future of TrueOS BSD and Project Trident  

Last month, TrueOS announced that they would be spinning off their desktop offering. The team behind the new project, named Project Trident, have been working furiously towards their first release. They did take a few minutes to answer some of our question about Project Trident and TrueOS.

Oct Dbl Header: PingCAPs "Intro to TiDB" & iXsystems "TrueOS as a build platform  

First up will be Kevin Xu from PingCAP presenting, "Introducing TiDB: an open-source MySQL compatible Distributed Database that Handles Hybrid Data Workloads"

His talk will introduce TiDB's architecture, technology, key use cases, a deep-dive user story with Mobike, one of the largest bikesharing platforms in the world, and a live demo of how to deploy TiDB in a cloud-native environment.

Next up to bat will be iXsystem's Kris Moorse to talk about, "Using TrueOS as a platform to build your own FreeBSD based project".

08 October 2018
The proper way to update FreeBSD jails between point releases  

FreeBSD has this concept of a jail which allows you to isolate an environment from the host operating system. This isolation keeps the rest of the system safe from whatever is being run inside of the jail. You can liken it to running an application in a virtual machine, but without the overhead of emulating a computer within another computer.

Article shows using of the ezjail-admin application to update jails the right way and how to recover from doing it the wrong way.

07 October 2018
Valuable News – 2018-10-07  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems. Whenever I stumble upon something worth mentioning on the Internet I just put it here so someone else can

Today the amount information that we get using various information streams is at massive overload. Thus one needs to focus only on what is important without the need to grep(1) the Internet everyday. Hence the idea of providing such information ‘bulk’ as I already do that grep(1).

05 October 2018
Announcing the pkgsrc-2018Q3 release  

The pkgsrc developers are proud to announce the 60th quarterly release of pkgsrc, the cross-platform packaging system. pkgsrc is available with more than 22,000 packages, running on 23 separate platforms; more information on pkgsrc itself is available at

In total, 161 packages were added, 25 packages were removed, and 1,321 package updates (to 996 unique packages) were processed since the pkgsrc-2018Q2 release.

Installing Gophernicus in OpenBSD  

Installing a Gopher server is very easy. With OpenBSD you only have to install from packages or ports the Gophernicus server.

File Type History - BSD Now 266  

Running OpenBSD/NetBSD on FreeBSD using grub2-bhyve, vermaden’s FreeBSD story, thoughts on OpenBSD on the desktop, history of file type info in Unix dirs, Multiboot a Pinebook KDE neon image, and more.

04 October 2018
Polish BSD User Group  

Polish BSD User Group has been running for almost half a year! Are you interested in how the organisation of it looks behind the scenes?

What would you change as a benevolent dictator of FreeBSD?  

If you were the Linus Torvalds of FreeBSD and there was no Core Team, what would be the first thing you'd change (kernel, userland, organisation, governance etc.)?

03 October 2018
New mandoc feature: -T html -O toc  

During EuroBSDCon 2018 in Bucuresti, Adam Kalisz suggested to add a table of contents near the top of the HTML output of mandoc, and Ingo Schwarze just implemented and committed that.

02 October 2018
VPN Solutions on FreeBSD and OpenBSD — OpenVPN approach  

Virtual Private Network (VPN) is a required solution in our current interconnected world to protect our own privacy and to interconnect different network through internet. Lot of commercial solutions exists around the world to deploy any kind of VPN, but, can we trust big corporation? In this series, the author will show you how to deploy rapidly multiple VPN software on my two favorites operating systems: OpenBSD and FreeBSD.

October 9th 2018 - MUG Meeting  

They meet at 6:30pm on the second Tuesday of each month at the Farmington Community Library.

Topics Include: Michael W. Lucas talks FreeBSD (and whatever else he wants)

EuroBSDCon 2018 and NetBSD sanitizers  

Kamil Rytarowski presented the state of NetBSD sanitizers during EuroBSDCon 2018 held in Bucharest, Romania. He gave two talks, one covered userland sanitizers and the other one kernel sanitizers. Unfortunately video recordings from the conference are not available, but he uploaded slides online:

LLVM Sanitizers in the NetBSD userland Taking NetBSD kernel bug roast to the next level: Kernel Sanitizers

01 October 2018
Dual booting Linux and FreeBSD  

Exploring-two-operating-systems asks: I think a good topic for your Q&A section would be dual-booting BSDs (if you need a specific one FreeBSD would likely be best) and Linux. It's not something that is well documented on-line and many Linux users are at least somewhat interested in trying out BSDs.

OpenBSD is now on Twitter  

Follow them for news, announcements, security advisories, noteworthy commits and much more.

Installing Hugo and publishing Hugo web-pages on OpenBSD server  

Article about the installation of Hugo - a static site generator and then hosting static web pages on OpenBSD server (6.3).

What should long time Linux users know about OpenBSD?  

Reddit question: I've been interested in BSDs for a long time, and think it's about time I install it on a machine or two. Everyone I've asked says OpenBSD is a good choice. What should I know before I dive in?

Valuable News 2018-09-29  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems.

27 September 2018
OPNsense 18.7.4 released  

This update reboots into the latest and greatest Realtek driver version 1.95. Also included is a web proxy implementation of the WPAD protocol. Furthermore LibreSSL was moved from version 2.6 to 2.7.

Originally planned was the release of the firewall alias API, but this will have to way a while longer.

Read article for the full patch notes.

26 September 2018
Deploying Anycast DNS using OpenBSD and BGP  

Author's home network is connected to NYCMesh, a community-owned open network. Recently, the failure of an SD card inside a Raspberry Pi at an adjacent large hub has left the area of the network without a caching recursive resolver to serve DNS for both the .mesh TLD and the wider internet. Author stood up own instance of the anycast DNS resolver to service DNS in the neighbourhood of the network.

LibreSSL 2.8.1 Released  

We have released LibreSSL 2.8.1, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. This is the second development release from the 2.8 series, which will eventually be part of OpenBSD 6.4.

The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.

What is ZFS? Why are People Crazy About it?  

Article takes a look at ZFS, an advanced file system. It will discuss where it came from, what it is, and why it is so popular among techies and enterprise.

25 September 2018
EuroBSDcon 2018 slides available  

EuroBSDcon 2018 is now over, and slides for OpenBSD-related presentations are now available from the usual place. As always, there's some great reading there (especially for those of us who were unable to attend the conference).

Unfortunately, there will not be any video this year.

pkgsrc now frozen in preparation for 2018Q3  

pkgsrc is now frozen. Please use this opportunity to test pkgsrc bootstraps on your favourite esoteric OS or architecture, view the pkgsrc-bulk mailing list and fix some low-hanging fruit, and help them make this a great release.

If everything goes well there will be cutting the release some time over the weekend.

GhostBSD tested on real hardware T410 – better than TrueOS?  

Nowadays if you want some of that BSD on your personal desktop how to go about? Well there is a full package or distro called GhostBSD which is based on FreeBSD current with a Mate or XFCE desktop preconfigured.

pfSense 2.4.4-RELEASE now available  

Netgate is excited to announce the release of pfSense® software version 2.4.4, now available for new installations and upgrades!

pfSense software version 2.4.4 brings security patches, numerous new features, support for new Netgate hardware models, and stability fixes for issues present in previous pfSense 2.4.x branch releases.

pfSense 2.4.4-RELEASE updates and installation images are available now!

23 September 2018
In Other BSDs for 2018-09-22  

BSD-related links from DragonFly BSD Digest website.

22 September 2018
Valuable News – 2018/09/22  

The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX or BSD systems. Whenever I stumble upon something worth mentioning on the Internet I just put it here so someone else can

Today the amount information that we get using various information streams is at massive overload. Thus one needs to focus only on what is important without the need to grep(1) the Internet everyday. Hence the idea of providing such information ‘bulk’ as I already do that grep(1).

21 September 2018
Optimized-out - BSD Now 264  

FreeBSD and DragonflyBSD benchmarks on AMD’s Threadripper, NetBSD 7.2 has been released, optimized out DTrace kernel symbols, stuck UEFI bootloaders, why ed is not a good editor today, tell your BSD story, and more.

Errata patches for the kernel have been released for OpenBSD 6.3 and 6.2.  

On AMD CPUs, LDTR must be managed crossing between VMs.

Binary updates for the amd64 platform are available via the syspatch utility. Source code patches can be found on the respective errata pages:

As these affect the kernel, a reboot will be needed after patching.

pfSense Release 2.3.x EOL Reminder  

Network security is serious business so let’s get right to the point: pfSense® software version 2.3.x is nearing End Of Life, October 31, 2018.

19 September 2018
Introducing FreeBSD VPC - BSDCan 2018  

This talk presents this collection of enhancements required to provide Virtual Private Clouds using FreeBSD. We will walk through some of the problems seen with running FreeBSD as a hypervisor, the kernel modifications required to provide performant bhyve guest networking, and the required userland administrative interfaces required to stitch together a working VPC based on FreeBSD/VPC.

FreeBSD Desktop – Part 16 – Configuration – Pause Any Application  

Article will show you how to freeze any X11 application with single keyboard shortcut or mouse gesture if you utilize them in any way with small simple script.

18 September 2018
Next KnoxBUG meetup announced  

KnoxBUG will welcome Nick Principe as guest speaker . He will being doing an encore presentation of his SDC 2018 talk: Real-world Performance Advantages of NVDIMM and NVMe: A Case Study with OpenZFS

Date: Monday, October 1, 2018 - 6:00pm Place: at the New iX Systems offices (by FootHills Mall)

Announcing The HardenedBSD Foundation  

On 06 September 2018, HardenedBSD Foundation Corp was granted 501(c)(3) status, from which point all US-based persons making donations can deduct the donation from their taxes.

17 September 2018
Looking for privacy-oriented analytics for  

Do you have a self-hosted matomo instance? Would you like to create an account for DiscoverBSD and help us?

Here at DiscoverBSD, we value privacy of our users, therefore we are not using Google Analytics. But at the same time, we would like to be able track how many people come here. Can you help us?

SoloBSD 11.2-STABLE-0916 Viva Mexico Edition  

There is a new build of SoloBSD 11.2-STABLE-0916 Viva Mexico! Edition based on the latest HardenedBSD stable branch version v1100056.5.

16 September 2018
Highly Available DHCP Server on FreeBSD  

Highly available DHCP server setup on FreeBSD system, but it should be similarly simple on other UNIX and Unix-like systems. We will use the most obvious choice here – the Internet Systems Consortium implementation – ISC DHCP server – available in the FreeBSD Ports and packages as well.

n2k18 Hackathon report: Ken Westerback ([email protected]) on disklabel(8) work, dhclient(8) progress  

Fresh from the just concluded n2k18 hackathon comes this report from Ken Westerback ([email protected]).

14 September 2018
People who run BSD  

Wondering who runs BSDs and how/what for do they use them? Look no further!

HardenedBSD-stable 11-STABLE v1100056.5  


  • MFC 338603: Correct ELF header parsing code to prevent invalid ELF sections from (4bfdb79b43e74833a67eb9d7f2afcf632b136917) [FreeBSD-SA-18:12.elf CVE-2018-6924]
  • MFC r338126: MFV r338092: ntp 4.2.8p12. (900dde8260d39322fa4c1816fcc5978c204071d2) [CVE-2018-12327]
  • MFC r338068, r338113: Update L1TF workaround to sustain L1D pollution from NMI. (d9d4e900945e90a783c711019255120ffc7a4163)
  • MFC r333063: Update ELF Tool Chain to r3614 (e90f3bfc9bb4deb6c5da699ebe5ad305ee6391e1)
  • MFC r337505, r337865, r337869: dd status=progress (8c00a8c01e99dcdb8ef723f02b90e98fb6f2444c)
13 September 2018
Encrypt That Pool - BSD Now 263  

Mitigating Spectre/Meltdown on HP Proliant servers, omniOS installation setup, debugging a memory corruption issue on OpenBSD, CfT for OpenZFS native encryption, Asigra TrueNAS backup appliance shown at VMworld, NetBSD 6 EoL, and more.

12 September 2018
New FreeBSD Errata Notice and Security Advisory  

Improper ELF header parsing and LazyFPU remediation causes potential data corruption

11 September 2018
Backing up my FreeNAS to Backblaze B2  

Read up to learn about what is Backblaze’s B2 Cloud Storage, how much work did it wind up being, how to set up Backblaze B2, configuring FreeNAS and few gotchas.

Mirror updates for DragonFly  

There’s several new mirrors for DragonFly, all listed on the mirrors page thanks to Matthias Schmidt: Checkdomain GmbH, Philipps-University Marburg (both in Germany), and KoDDos (Japan).

07 September 2018
OpenBSD Surfacing with BSD Now 262  

OpenBSD on Microsoft Surface Go, FreeBSD Foundation August Update, What’s taking so long with Project Trident, pkgsrc config file versioning, and MacOS remnants in ZFS code.

OPNsense 18.7.2 released  

New release brings lots of third party security updates, plugin updates and minor enhancements in overall system reliability.

In other news the firewall alias API has been finished in the development version. If you use the development version you cannot go back to the production version until the API has been released there as well, which is probably 18.7.3 so not too far away.

They will soon also begin the migration work for FreeBSD 11.2 for 19.1, but please keep in mind that they will be issuing security advisories to 11.1 when they arise even beyond the original end of life policy.

06 September 2018
Fuzzing the OpenBSD Kernel  

Anton Lindqvist ([email protected]) gave a talk at BSD Users Stockholm Meetup #3 on the kernel coverage tracing kit he committed recently. Slides are now available via the OpenBSD Events and Papers page.

The slides contain a list of bugs found and fixed as a result of this work.

DragonFlyBSD Defaulting To GCC 8 Compiler, Replacing The Old GCC 5  

With the last of the major GCC 8 build issues of the DragonFlyBSD code-base resolved, this BSD operating system has switched to using this latest stable release of the GNU Compiler Collection by default.

This is a big default change for DragonFlyBSD as up to now its default compiler was using the several year old GCC 5. With the default move to GCC 8 comes many optimizations, particularly for newer Intel and AMD CPU microarchitectures. This is especially good news for AMD Zen "znver1" CPU users. There is also support for newer C/C++ language features and many other enhancements as we've covered over the past few years.

BSD Virtual Memory  

Intriguing article from 2016 about BSD history and virtual memory systems.

05 September 2018
FreeBSD 11.1 end-of-life  

As of September 30, 2018, FreeBSD 11.1 will reach end-of-life and will no longer be supported by the FreeBSD Security Team.

Users of FreeBSD 11.1 are strongly encouraged to upgrade to a newer release as soon as possible.

04 September 2018
Finishing leftover tasks from Google Summer of Code for NetBSD  

Read more about honggfuzz ptrace(2) features, Sanitizers and merged commits.

03 September 2018
NetBSD 7.2 released  

The NetBSD Project is pleased to announce NetBSD 7.2, the second feature update of the NetBSD 7 release branch.

It represents a selected subset of fixes deemed important for security or stability reasons, as well as new features and enhancements.

If you are running an earlier release of NetBSD and are (for whatever reasons) not able to update to the latest major release, NetBSD 8.0, we suggest updating to 7.2.

For more details, please see the release notes at:

Complete source and binaries for NetBSD are available for download at many sites around the world. A list of download sites providing FTP, AnonCVS, and other services may be found at:

01 September 2018
OpenBSD on the Microsoft Surface Go  

Recently Microsoft announced a smaller, cheaper version of its Surface tablets called Surface Go which piqued author's interest. Read the article to learn support status relative to OpenBSD-current as of 2018-08-31.

31 August 2018
Script to show memory usage on FreeBSD  

meminfo - Script to show memory usage on FreeBSD

FreeBSDcon Flashback - BSD Now 261  

Insight into TrueOS and Trident, stop evildoers with pf-badhost, Flashback to FreeBSDcon ‘99, OpenBSD’s measures against TLBleed, play Morrowind on OpenBSD in 5 steps, DragonflyBSD developers shocked at Threadripper performance, and more.

30 August 2018
OpenBSD Gaming Resource  

Author wants to show you what games are available on OpenBSD. How can you search for something you don't know exists? After reading this document you will have an overview of what games, emulators, and other game tools are out there and be able to find more on your own.

27 August 2018
Mac-like FreeBSD Laptop  

This is a tour of FreeBSD laptop. Goal is configuring a Unix laptop with focused and efficient user interface, suitable for all sorts of office work, research and entertainment tasks. Point of reference for this machine is the 13-inch Retina MacBook Pro 2015 and Jobs-era MacOS versions, on which my choices of user interface elements are mainly based.

25 August 2018
OpenBSD Foundation gets first 2018 Iridium donation  

The OpenBSD Foundation is excited to announce that it has received the first 2018 Iridium level donation. This year the first $100K+ donation came from Handshake (

We thank Handshake for its very generous support! This donation will no doubt fund many exciting projects in the coming years.

24 August 2018
Upcoming meeting of Polish BSD User Group  

When: 13th September 2018, 18:30 - 21:00

Where: Wheel Systems Office, Aleje Jerozolimskie 178, Warsaw


  • BSDCam 2018 Recap by Konrad Witaszczyk
  • OpenBSD Daily by Adam Wołk
  • Why is ARM a Tier 2 platform? by Patryk "Keijo" Jaworski
Hacking Tour of Europe  

Trip reports from the Essen Hackathon and BSDCam, CfT: ZFS native encryption and UFS trim consolidation, ZFS performance benchmarks on a FreeBSD server, how to port your OS to EC2, Vint Cerf about traceability, Remote Access console to an RPi3 running FreeBSD, and more.

OpenBSD Errata for vmml1tf and fpufork  

Errata patches for the kernel have been released for OpenBSD 6.3 and 6.2.

23 August 2018
End of life for NetBSD 6.x  

In keeping with NetBSD's policy of supporting only the latest (8.x) and next most recent (7.x) major branches, the recent release of NetBSD 8.0 marks the end of life for NetBSD 6.x.

As of now, the following branches are no longer maintained:

  • netbsd-6-1
  • netbsd-6-0
  • netbsd-6
22 August 2018
DragonFly will now run on a Threadripper 2990wx  

What’s more, Matthew Dillon has published some testing results showing how power, CPU use, and memory speed all interact with these things.

SG-5100 Desktop Available for Pre-order  

Netgate® SG-5100 pfSense® Security Gateway appliance, Intel C3000 based appliance, which provides significant performance and engineering improvements relative to the SG-4860, is now available for pre-order.

19 August 2018
OPNsense 18.7.1 released  

This is the first stable update and includes security updates for several third party software and FreeBSD. A Bind plugin was released with DNSBL support and the reported problems with the HAProxy plugin have been sorted out thanks to enthusiastic reporters and testers.

13 August 2018
NAS4Free is renamed into XigmaNAS  

NAS4Free were working on the trademark for project. However they faced some difficulties as they tried to trademark NAS4Free as name.

Review of NomadBSD  

NomadBSD is a 64-bit live system for USB flash drives, based on FreeBSD. Together with automatic hardware detection and setup, it is configured to be used as a desktop system that works out of the box, but can also be used for data recovery

Libtls tutorial  

This tutorial is designed for people with some C experience on a POSIX, BSD like machine with the latest libtls installed.

It focuses on changes that are necessary to make an existing program written in C that uses the POSIX sockets api to use TLS over those same connections.

04 August 2018
MidnightBSD 1.0 Current  

MidnightBSD's dev talking about progress towards 1.0

03 August 2018
Reflection on one-year usage of OpenBSD  

A summary of the one more one year experience with OpenBSD.

  • What do I get from OpenBSD?
  • What I give back to OpenBSD?
BSDNow Great NetBSD 8  

NetBSD 8.0 available, FreeBSD on Scaleway’s ARM64 VPS, encrypted backups with OpenBSD, Dragonfly server storage upgrade, zpool checkpoints, g2k18 hackathon reports, and more.

load more