BSD Magazine (June 2013): FreeBSD on Rails

June’s issue of the BSD Magazine is now available: FreeBSD on Rails (free PDF download).

FreeBSD Mag June 2013You’ll find the following subjects inside:

  • A backup server with FreeBSD for mixed networks in SOHO environment
  • Keep OpenBSD customers satisfied
  • FreeBSD in Xen Cloud Platform (XCP)
  • FreeBSD on Rails
  • Manage your Ruby Versions Under FreeBSD
  • The British Broadcasting Corporation (BBC)
  • Creating PBI’s with EasyPBI
  • Sofin, the Software Installer

Continue reading

BSD Magazine (May 2013): Jails Firewall with PF

BSD Magazine (May 2013): Jails Firewall with PFApril’s issue of the BSD Magazine is now available: Jails Firewall with PF (free PDF download).

You’ll find the following subjects inside:

  • SpiderFoot 2.0: The Open Source Footprinting Tool
  • FreeBSD Jails Firewall with PF
  • Improvements to Jail Management via the Warden
  • msearch: MidnightBSD Search
  • Useful Utilities for PF
  • FreeBSD Programming Primer: Write HTML, CSS, PHP, and SQL Code
  • DTrace: A Deeper Approach

Continue reading

New BSD Magazine (March 2013): Handling Kernel Panic

March’s issue of the BSD Magazine is now available: Handling Kernel Panic (free PDF download).

You’ll find the following subjects inside:

  • Reacting to Panic: How to Configure the System to handle Crash Dumps
  • MaheshaBSD Server: MySQL and WordPress in FreeBSD
  • FreeBSD Programming Primer: How to Embed CSS and Javascript in Pages
  • Hardening FreeBSD with TrustedBSD and MAC: configuration of mac_ifoff, mac_portacl, and MAC LOMAC modules

Handling Kernel Panic

BSD Magazine (2012-02): Rehosting in NetBSD

BSD Mag 2012-02February’s issue of the BSD Magazine is now available: Rehosting in NetBSD (free PDF download).

You’ll find the following subjects inside:

  • VAX/OpenVMS Rehosting in NetBSD 6.0 Hosts
  • What’s around the Corner: A Look at Upcoming PC-BSD Changes
  • SSL for Dovecot and Roundcube for the Qmail MTA
  • FreeBSD Unattended Installation of Servers
  • FreeBSD Programming Primer (CMS)
  • Organizational Structure and Culture at FreeBSD

Download and read: Rehosting in NetBSD

(via G+)

A decade of OS Access-control Extensibility (MAC)

This is an interesting piece on mandatory access-control by the well-known computer researcher and FreeBSD Foundation member Robert Watson:

To discuss operating system security is to marvel at the diversity of deployed access-control models: Unix and Windows NT multiuser security; Type Enforcement in SELinux; anti-malware products; app sandboxing in Apple OS X, Apple iOS, and Google Android; and application-facing systems such as Capsicum in FreeBSD. This diversity is the result of a stunning transition from the narrow 1990s Unix and NT status quo to security localization—the adaptation of operating-system security models to site-local or product-specific requirements.

A Decade of OS Access-control Extensibility

BSD Magazine (Dec 2012): Linux Jails in PC-BSD

December’s issue of the BSD Magazine is now available: Linux Jails in PC-BSD (free PDF download).

You’ll find the following subjects inside:

  • Installing and Configuring Linux Jails in PC-BSD
  • A simple DNS-DHCP Server for Small Business Network with dnsmasq
  • Hardening FreeBSD with TrustedBSD and Mandatory Access Controls
  • FreeBSD Enterprise Search with Apache Solr
  • PostgreSQL: Schemas
  • EuroBSDcon and MeetBSD California: Two Continents, One Community

The Sandbox

8:45 Monday morning. I fill the espresso filter basket with a good measure of Italian coffee, flick the switch to espresso, and 60 seconds later am rewarded with a demitasse of viscous caffeine, complete with the requisite creamy head. Coffee is an essential part of the I.T. toolkit, especially when deadlines loom and the disconnect between customer, 3rd party supplier and the gap between expectations and reality becomes wider by the day…

Installing and Configuring Linux Jails in PC-BSD

Whether you prefer the CLI or a GUI, one thing most people can agree on, is that The Warden is a great tool for managing jails. The Warden has been available as an add-on in PC-BSD since version 8, and is available as a port in FreeBSD as well. It now comes built-in to version 9.1 of PC-BSD and TrueOS (a variant of PC-BSD included in the install DVD that consists of FreeBSD and enhanced command line versions of PC-BSD tools). This article explains how to use the Warden to create a Linux jail, configure nat for it and instal Linux packages in the jail.

FreeBSD Enterprise Search with Apache Solr (Part 4)

So far, we have used Solr to access and index content found in web pages, XML files, databases and external websites. But as far as using Solr in the enterprise is concerned, how can we access disparate documents such as PDF and Microsoft Word files? This is where Apache Tika is invaluable – supporting over 14 different types of document formats. In the final part of our series on Apache Solr the author will look at Apache Tika and demonstrate how to import and index document content with Apache Solr.

PostgreSQL: Schemas

This article provides an introduction to schemas, a feature of PostgreSQL that allow Database Administrators (DBAs) to organize their database objects, mainly tables, into name spaces in order to either avoid naming conflicts and better structure the database itself. All the examples shown here have been tested on a PostgreSQL 9.1 cluster running on a FreeBSD 8.2-RELEASE machine; all the example source code is available in a GitHub repository.

A simple DNS-DHCP Server for Small Business Network with dnsmasq

From this article you will learn how to setup and manage a Small Business DNS/DHCP server. A real example of small LAN business network are the so called “SoHo” (single office/home office SOHO), namely a category of businesses that has 1 to 10 employees, but this is only the staring point. In fact, there are examples of deployable environment for Dnsmasq configurations used for more than 1000 hosts. On the other side of the coin there are still some limitations, such as a very basic support for IPv6 router advertisements for DHCPv6 to work and the inability to serve many zone files (many domains), but this project brought us many surprises in time and will only get better. Knowing the strengths and limits of this daemon, a network administrator can now decide whether to install Dnsmasq.

Hardening FreeBSD with TrustedBSD and Mandatory Access Controls (Part 4)

Most system administrators understand the need to lock down permissions for files and applications. In addition to these configuration options on FreeBSD, there are features provided by TrustedBSD that add additional layers of specific security controls to fine tune the operating system for multilevel security. Since version 5.0 of FreeBSD, the TrustedBSD extensions have been included with the default install of the operating system. By default, this functionality is disabled and requires support to be compiled in or kernel modules to be loaded at boot time. For the purpose of this article, support will be loaded in with kernel modules already available with FreeBSD 9. Part 4 of the TrustedBSD series will cover the basic configuration of the mac_seeotheruids module.

EuroBSDcon and MeetBSD California: Two Continents, One Community

This year’s EuroBSDcon and MeetBSD California took place just a few weeks apart in two very different locations but together demonstrated seamless solidarity on the part of the BSD community. MeetBSD in Sunnyvale, California was like a reunion for many speakers and attendees who had recently met in Warsaw, Poland for EuroBSDcon. Some familiar European faces such as Robert Watson and Alexander Motin even made appearances only at the more distant event, showing once again that the geography of BSD and its community is “the Internet”. Read the overview describing both these wonderful events. Check what you have missed or refresh your memory.

PgDay.IT 2012

The sixth edition of the Italian PostgreSQL Day (PgDay) held at the Monash University Center in Prato, Tuscany, on November the 23th has been a success. The Italian community did respond very well to the event, and guests from all over the country came to discuss, acquire knowledge and share experience about this great database. Here is a great example of how passion can gather people together. Just follow their steps.

Download the December issue: Linux Jails in PC-BSD

BSD Magazine (Nov 2012): Run FreeBSD as NAT Instance in Cloud

Run FreBSD as NAT instance in CloudNovember’s issue of the BSD Magazine is now available: Run FreeBSD as NAT Instance in Cloud (free PDF download).

You’ll find the following subjects inside:

NETGEAR Universal Wifi Adapter

The trend towards increased internet connectivity of media devices (TV’s, gaming consoles, DVR’s) has brought a work-around for one of few my frustrations with BSD operating systems – the limited support for newer wireless adapters. Many of these media devices have an ethernet port, but no way to attach a wireless adapter. Several companies have stepped up to this opportunity and have created universal wireless adapters that connect to the ethernet port rather than an expansion port. Since the device connects to the ethernet port, no driver is needed. Since no driver is needed, these devices should work with BSD operating systems. In this article, I will test Netgear’s Universal Wifi Adapter, model WNCE2001.

Automating the Deployment of FreeBSD and PC-BSD Systems

In PC-BSD 9.x every installation is fully-scripted, due to the the pc-sysinstall backend. This backend can also be used to quickly automate the deployment of FreeBSD servers and PC-BSD desktops using a PXE boot environment. In PC-BSD & TrueOS 9.1 and higher, this functionality is easy to setup and deploy using the “pc-thinclient” utility. PXE booting allows you to boot systems via the LAN interface, as opposed to using traditional media, such as DVD or USB. In order for clients to boot via PXE they will need a PXE capable network adapter.

Network Concepts, Routing and Firewalls

This article is aimed at anyone who wants to learn more about networking, routers and firewalls. We will discuss this topic in terms of a BSD/PF firewall/router.

FreeBSD as a NAT Instance in Amazon Cloud

Amazon VPC lets you launch instances in a virtual network that closely resembles a traditional network that you might operate in your own data center. You place publicly accessible servers (for example, web servers, DNS server etc.) into a public-facing subnet, and place your backend systems (databases, application servers etc.) in a private subnet with no Internet access. Instances in the private subnet can access the Internet only by routing their traffic through a NAT instance in a public subnet. This article is intended for beginners wanting to install and run FreeBSD as a NAT instance in Amazon Virtual Private Cloud (Amazon VPC).

PostgreSQL: Indexes (Part 2)

This article continues the previous one, presenting the readers with a few index examples and how the access costs are computed by the query planner. All the examples shown here have been tested on a PostgreSQL 9.1 cluster running on a FreeBSD 8.2-RELEASE machine; all the example source code are available in a GitHub repository.

FreeBSD Enterprise Search with Apache Solr (Part 3)

One of the important facets of enterprise search is to be able to search internal (Intranet) and external websites. On a smaller scale, it is relatively trivial to assemble some code in PHP or Perl to pull web pages from a site, extract the links from the HTML and then “wash, rinse, repeat”. The difficulty arises when we want to index, rank, and effectively manage these results on a large scale. Almost 10 years ago, Apache Nutch was developed as the key technology to crawl 100 million webpages, and has proved time and again that it is an efficient scalable solution. Nutch can be clustered, it is robots.txt friendly, and using modular plug-ins ans schemas, can be tuned to bias certain results first. While Nutch integration and tuning is quite specialized, it is fairly trivial to configure Nutch to dump results of a crawl session into MySQL (or any other JDBC based database for that matter), and rank / review these queries in Solr.

Download and read the whole magazine: Run FreeBSD as NAT Instance in Cloud