That Sly MINIX | BSD Now 74

That Sly MINIX | BSD Now 74

Coming up this week, we’ve got something a little bit different for you. We’ll be talking with Andrew Tanenbaum, the creator of MINIX. They’ve recently imported parts of NetBSD into their OS, and we’ll find out how and why that came about. As always, all the latest news and answers to your emails, on BSD Now – the place to B.. SD.

Thanks to:




Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –


The missing EuroBSDCon videos

FreeBSD on a MacBook Pro (or two)

  • We’ve got a couple posts about running FreeBSD on a MacBook Pro this week
  • In the first one, the author talks a bit about trying to run Linux on his laptop for quite a while, going back and forth between it and something that Just Works™
  • Eventually he came full circle, and the focus on using only GUI tools got in the way, instead of making things easier
  • He works on a lot of FreeBSD-related software, so switching to it for a desktop seems to be the obvious next step
  • He’s still not quite to that point yet, but documents his experiments with BSD as a desktop
  • The second article also documents an ex-Linux user switching over to BSD for their desktop
  • It also covers power management, bluetooth and trackpad setup
  • On the topic of Gentoo, “Underneath the beautiful and easy-to-use Portage system lies the same glibc, the same turmoil over a switch to a less-than-ideal init system, and the same kernel-level bugs that bring my productivity down”
  • Check out both articles if you’ve been considering running FreeBSD on a MacBook

Remote logging over TLS

  • In most of the BSDs, syslogd has been able to remotely send logs to another server for a long time
  • That feature can be very useful, especially for forensics purposes – it’s much harder for an attacker to hide their activities if the logs aren’t on the same server
  • The problem is, of course, that it’s sent in cleartext, unless you tunnel it over SSH or use some kind of third party wrapper
  • With a few recent commits, OpenBSD’s syslogd now supports sending logs over TLS natively, including X509 certificate verification
  • By default, syslogd runs as an unprivileged user in a chroot on OpenBSD, so there were some initial concerns about certificate verification – how does that user access the CA chain outside of the chroot?
  • That problem was also conquered, by loading the CA chain directly from memory, so the entire process can be run in the chroot without issue
  • Some of the privsep verifcation code even made its way into LibreSSL right afterwards
  • If you haven’t set up remote logging before, now might be an interesting time to try it out

FreeBSD, not a Linux distro

  • George Neville-Neil gave a presentation recently, titled “FreeBSD: not a Linux distro”
  • It’s meant to be an introduction to new users that might’ve heard about FreeBSD, but aren’t familiar with any BSD history
  • He goes through some of that history, and talks about what FreeBSD is and why you might want to use it over other options
  • There’s even an interesting “thirty years in three minutes” segment
  • It’s not just a history lesson though, he talks about some of the current features and even some new things coming in the next version(s)
  • We also learn about filesystems, jails, capsicum, clang, dtrace and the various big companies using FreeBSD in their products
  • This might be a good video to show your friends or potential employer if you’re looking to introduce FreeBSD to them

Long-term support considered harmful

  • There was recently a pretty horrible bug in GNU’s libc (BSDs aren’t affected, don’t worry)
  • Aside from the severity of the actual problem, the fix was delayed for quite a long time, leaving people vulnerable
  • Ted Unangst writes a post about how this idea of long-term support could actually be harmful in the long run, and compares it to how OpenBSD does things
  • OpenBSD releases a new version every six months, and only the two most recent releases get support and security fixes
  • He describes this as both a good thing and a bad thing: all the bugs in the ecosystem get flushed out within a year, but it forces people to stay (relatively) up-to-date
  • “Upgrades only get harder and more painful (and more fragile) the longer one goes between them. More changes, more damage. Frequent upgrades amortize the cost and ensure that regressions are caught early.”
  • There was also some discussion about the article on Hacker News

Interview – Andrew Tanenbaum – / @minix3

MINIX’s integration of NetBSD

News Roundup

Using AFL on OpenBSD

  • We’ve talked about American Fuzzy Lop a bit on a previous episode, and how some OpenBSD devs are using it to catch and fix new bugs
  • Undeadly has a cool guide on how you can get started with fuzzing
  • It’s a little on the advanced side, but if you’re interested in programming or diagnosing crashes, it’ll be a really interesting article to read
  • Lots of recent CVEs in other open source projects are attributed to fuzzing – it’s a great way to stress test your software

Lumina 0.8.1 released

  • A new version of Lumina, the BSD-licensed desktop environment from PCBSD, has been released
  • This update includes some new plugins, lots of bugfixes and even “quality-of-life improvements”
  • There’s a new audio player desktop plugin, a button to easily minimize all windows at once and some cool new customization options
  • You can get it in PCBSD’s edge repo or install it through regular ports (on FreeBSD, OpenBSD or DragonFly!)
  • If you haven’t seen our episode about Lumina, where we interview the developer and show you a tour of its features, gotta go watch it

My first OpenBSD port

  • The author of the “Code Rot & Why I Chose OpenBSD” article has a new post up, this time about ports
  • He recently made his first port and got it into the tree, so he talks about the whole process from start to finish
  • After learning some of the basics and becoming comfortable running -current, he noticed there wasn’t a port for the “Otter” web browser
  • At that point he did what you’re supposed to do in that situation, and started working on it himself
  • OpenBSD has a great porter’s handbook that he referenced throughout the process
  • Long story short, his browser of choice is in the official ports collection and now he’s the maintainer (and gets to deal with any bug reports, of course)
  • If some software you use isn’t available for whatever BSD you’re using, you could be the one to make it happen

How to slide with DragonFly

  • DragonFly BSD has a new HAMMER FS utility called “Slider”
  • It’s used to easily browse through file history and undelete files – imagine something like a commandline version of Apple’s Time Machine
  • They have a pretty comprehensive guide on how to use it on their wiki page
  • If you’re using HAMMER FS, this is a really handy tool to have, check it out

OpenSMTPD with Dovecot and Salt

  • We recently had a feedback question about which mail servers you can use on BSD – Postfix, Exim and OpenSMTPD being the big three
  • This blog post details how to set up OpenSMTPD, including Dovecot for IMAP and Salt for quick and easy deployment
  • Intrigued by it becoming the default MTA in OpenBSD, the author decided to give it a try after being a long-time Postfix fan
  • “Small, fast, stable, and very easy to customize, no more ugly m4 macros to deal with”
  • Check it out if you’ve been thinking about configuring your first mail server on any of the BSDs


Mailing List Gold

  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to
  • Also send us your ideas for the new discussion segment – we might start that either next week or the week after, depending on how much feedback we get about it (which has been almost none so far)
  • We’d love to get more emails from the listeners in general
  • Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)

Question? Comments? Contact us here!