pkgng: First look at FreeBSD’s new package manager

Most of you will be aware that a group of developers have released the first beta of FreeBSD’s new package management: pkgng.

Jake Smith has been playing around with the new package manager and has summarised the main pkgng commands: pkgng: First look at FreeBSD’s new package manager.

Here is a quick overview of pkgng, how to use it and some of the new features that will be available. The tests on this page are based on pkgng version 1.0 beta5 running on FreeBSD 9.0 RELEASE amd64.

More info on pkgng can be found on the FreeBSD pkgng wiki page.

SSH Mastery: An Addition to Any Unix User’s Bookshelf

The first paragraph of this book’s afterword reads:

“You now know more about SSH, OpenSSH and Putty than the vast majority of IT professionals! Congratulations”.

That claim will be true for any reader of SSH Mastery who has read the book up to that point and has incorporated at least some of the elements of the configurations it describes into their own environments.

“But why a book dedicated to a single command?”, you might ask. Almost all Unixes and Unix-likes have incorporated OpenSSH, the free SSH that is developed as part of the OpenBSD project, and OpenSSH comes with excellent documentation in the form of several extensive man pages.

More

FreeBSD 9 Review by on the Linux Action Show (video)

Alan, Chris and Bryan talk about FreeBSD 9.0 on the Linux Action Show.

In my opinion, the hosts could be more focused, serious and professional, instead of joking around continually. Anyway, this is the link: FreeBSD 9.0 Review.

If you’re interested in the FreeBSD part, jump to 37:55.

Topics of the conversation:

  • UFS Softupdate Journaling
  • The FreeBSD Fast File System now supports softupdates journaling. It introduces a intent log into a softupdates-enabled file system which eliminates the need for background fsck(8) even on unclean shutdown
  • This new feature means that a fsck after an unexpected reboot is no longer required. In modern FreeBSD only a basic preen was required, and then a full fsck would take place on a snapshot of the file system, in the background after the system had finished rebooting. With the new softupdate journaling (basically an intent log), a full fsck is no longer required at all
  • Journaling support is enabled by default on all newly created file systems, and can be enabled on existing UFS2 partitions using tunefs(8)
  • Full TRIM support for SSDs
  • The FreeBSD Fast File System now supports the TRIM command when freeing data blocks. The TRIM-enable flag makes the file system send a delete request to the underlying device for each freed block
  • TRIM support can also be enabled during newfs(8) or on an existing file system with tunefs(8)
  • ZFS Upgraded to v28
  • ZFS v28 introduces support for data deduplication, triple parity RAIDZ (raidz3), snapshot holds, log device removal, zfs diff, zpool split, zpool import -F, and read-only zpool import
  • The zpool(8): utility now supports a zpool labelclear command. This allows to wipe the label data from a drive that is not active in a pool
  • HAST Improvements
  • The Highly Available Storage daemon now supports data checksumming (crc32 or sha256) and compression (zero hole or lzf) and improved security
  • Introduction of the GEOM RAID class graid(8)
  • Which supports:
    • RAID0
    • RAID1
    • RAID1E
    • RAID10
    • SINGLE
    • CONCAT
  • It also supports the on disk formats for:
    • Intel RAID BIOS
    • JMicron RAID BIOS
    • NVIDIA MediaShield RAID BIOS
    • Promise and AMD/ATI RAID BIOS
    • SiliconImage RAID BIOS
  • Additionally, geom_map(4) allows specific areas of a device to be mapped as separate devices, especially useful for embedded flash storage
  • GEOM also support the following classes: CACHE, ELI, JOURNAL, LABEL, MIRROR, MOUNTVER, MULTIPATH, NOP, PART, RAID3, SCHED, SHSEC, STRIPE and VIRSTOR
  • NFSv4 with ACLs
  • In addition to NFSv2 and v3,
  • New utmpx(3) user accounting system
  • 5 new TCP congestion control schems
  • The FreeBSD TCP/IP network stack now supports the mod_cc(9) pluggable congestion control framework. This allows TCP congestion control algorithms to be implemented as dynamically loadable kernel modules
  • The following kernel modules are available as of 9.0-RELEASE: cc_chd(4) for the CAIA-Hamilton-Delay algorithm, cc_cubic(4) for the CUBIC algorithm, cc_hd(4) for the Hamilton-Delay algorithm, cc_htcp(4) for the H-TCP algorithm, cc_newreno(4) for the NewReno algorithm, and cc_vegas(4) for the Vegas algorithm.
  • An h_ertt(4) (Enhanced Round Trip Time) module has been added, which allows per-connection, low noise estimates of the instantaneous RTT in the TCP/IP network stack.
  • New CAM based disk subsystem
  • The ATA/SATA disk subsystem has been replaced with a new cam(4)-based implementation. cam(4) stands for Common Access Method, which is an implementation of an API set originally for SCSI–2 and standardized as “SCSI–2 Common Access Method Transport and SCSI Interface Module”
  • The ada(4) driver now supports per-device write cache control. New sysctl(8) variables kern.cam.ada.write_cache and kern.cam.ada.N.write_cache settings of 1 enables and 0 disables the write cache, and –1 leaves the device default behavior. sysctl(8) variables can override the configuration in a per-device basis (the default value is –1, which means to use the global setting)
  • New Resource Accounting and Limiting APIs
  • RACCT is a new resource accounting API has been implemented. It can keep per-process, per-jail, and per-loginclass resource accounting information
  • The new resource-limiting API RCTL works in conjunction with the RACCT resource accounting implementation and takes user-configurable actions based on the set of rules it maintains and the current resource usage
  • Full USB3 support
  • OpenSSH upgraded to 5.8p2 with HPN for faster transfer speeds
  • OpenResolv to manage resolv.conf for multiple interfaces
  • Support for SHA–256 and SHA–512 cryptographic password hashing
  • sh updated
  • new arithmetic expression handling imported from dash (which is originally from NetBSD ash)
  • changes to the way builtin commands relate to PATH env
  • fixed various other bugs
  • Capsicum Capability Mode
  • New Sandboxing and compartmentalization framework from Cambridge University
  • Improved privilege separation in OpenSSH and DHClient
  • Replacement of various GPL tools and utilities with BSD licensed ones to avoid GPLv3
  • libreadline
  • grep
  • llvm/clang imported, will eventually replace gcc 4.2 (last GPL v2)
  • compiler-rt replaced libgcc

FreeBSD 9.0 Review

Thanks to David Rogers for making me aware of this review. Submit your news.

 

FreeBSD 9.0 Press Release and Review

The FreeBSD Foundation has released a FreeBSD 9.0 press release: Release of FreeBSD 9.0 Delivers More Power to Serve.

Today, the FreeBSD Foundation announced the recent release of FreeBSD 9.0. FreeBSD 9.0-RELEASE raises the bar for open source operating systems in terms of file system reliability, IPv6-readiness, networking capabilities, compiler and toolchain technologies, and security. Many of its new features directly benefit system administrators, application developers, and companies that use or base their products on FreeBSD.

“FreeBSD 9.0 represents the culmination of over two years of ground-breaking work in operating system performance, reliability, and security,”

said Ken Smith, Release Engineer for the FreeBSD Project.

“We are proud to dedicate this release to the memory of Dennis M. Ritchie, one of the founding fathers of the UNIX® operating system, whose vision and work laid the foundations for FreeBSD.”

Filesystem changes in this release provide great benefits to both UFS and ZFS users. When installing with UFS, softupdates journaling (UFS+SUJ) is automatically enabled. UFS+SUJ uses an intent log which safely eliminates the need for a long filesystem check and recovery process, even after an unclean shutdown.

ZFS has been updated to version 28 which supports data deduplication, triple parity RAIDZ3, snapshot holds, log device removal, zfs diff, zpool split, zpool import -F, and read-only zpool import.

FreeBSD 9.0 also introduces the Highly Available STorage (HAST) framework which provides transparent storage of the same data across several systems connected by a TCP/IP network. In combination with other high availability features of FreeBSD like the CARP fail-over protocol, HAST makes it possible to build a highly available storage cluster that is resistant to hardware failures.

Continuing its heritage of innovating in the area of security research, FreeBSD 9.0 introduces Capsicum. Capsicum is a lightweight framework which extends a POSIX UNIX kernel to support new security capabilities and adds a userland sandbox API. Originally developed as a collaboration between the University of Cambridge Computer Laboratory and Google and sponsored by a grant from Google, FreeBSD was the prototype platform and Chromium was the prototype application. FreeBSD 9.0 provides kernel support as an experimental feature for researchers and early adopters. Application support will follow in a later FreeBSD release and there are plans to provide some initial Capsicum-protected applications in FreeBSD 9.1.

“Google is excited to see the award-winning Capsicum work incorporated in FreeBSD 9.0, bringing native capability security to mainstream UNIX for the first time,”

said Ulfar Erlingsson, Manager, Security Research at Google.

FreeBSD has been been an early adopter and active participant in the IPv6 community since FreeBSD 4.0 was released in 2000 with the KAME reference implementation of IPv4/IPv6 networking support. In addition, the FreeBSD Project has been serving releases from IPv6-enabled servers for more than 8 years and FreeBSD’s website, mailing lists, and developer infrastructure have been IPv6-enabled since 2007. FreeBSD 9.0 introduces IPv6-only snapshots which completely remove IPv4 from the operating system.

2012 has been called the ‘year of IPv6′ and “the FreeBSD project is well positioned to be one of the leaders in IPv6-Only validation work,” stated Bjoern Zeeb, member of the FreeBSD Release Engineering Team and recipient of the 2010 Itojun Service Award for his significant improvements in open source implementations of IPv6.

“The growing usage of FreeBSD’s IPv6 networking stack by appliance builders, integration of a more flexible interface configuration, and the implementation of new standards such as Secure Neighbor Discovery, DNS Options for Router Advertisements, and CPE Requirements, makes FreeBSD 9.0 the perfect open source operating system to build your IPv6 deployments and products on.”

Other new features include:

  • userland DTrace has been added to supplement kernel-level DTrace
  • the FreeBSD world and kernel can now be compiled using the BSD-licensed LLVM toolchain
  • resource limit actions can be applied to processes, users, login classes, and jails
  • the addition of a pluggable congestion framework and five new TCP congestion control algorithms
  • HPN-SSH is enabled by default and increases transfer speeds on long, high bandwidth network links
  • NFSv4 support added
  • flattened device trees (FDT) allows for hardware resource enumeration and simplifies configuration on embedded platforms

A complete list of the features in this release is available on the web at http://www.freebsd.org/releases/9.0R/relnotes.html. FreeBSD 9.0 can be downloaded for free from the FreeBSD website or purchased from FreeBSDMall.com.

 

FreeBSD Quarterly Status Report (October – December 2011)

The FreeBSD Quarterly Status Report for FreeBSD project work taken place between October – December 2011 is now available. There are 32 items in this update:

Projects

User-land Programs

FreeBSD Team Reports

Kernel

Documentation

Architectures

Ports

BSD Certification Study DVD and interview

The Winter/Spring 2012 Edition of the BSDA Study DVD is now available from the BSD Certification website, as announced here.

The DVD contains:

  • FreeBSD 8.2 and its ports collection
  • NetBSD 5.1 and the latest version of pkgsrc
  • OpenBSD 5.0 and its ports collection
  • DragonFly BSD 2.10.1
  • the qemu and aqemu virtual environments so you can install and network all 4 BSDs on one system
  • all of the Handbooks, Guides, and FAQs for each of the BSDs
  • all of the BSD Certification publications

There’s an interesting interview on BSDTalk with Jim Brown from bsdcertification.org. Jim and Will talk about the two available exams and the differences between them.

FreeBSD Events Updates (Scale, AsiaBSDCon, BSDCan)

A new year, a new series of FreeBSD Conferences. Mark them in your diaries if you’re planning to go.

SCALE 2012

iXsystem, FreeNAS, PC-BSD and the FreeBSD Foundation will be represented at SCALE Linux Expo 2012. The Southern California Linux Expo (SCALE) is an annual Linux, Open-Source, and Free Software conference held in Los Angeles. This event will be held in Los Angeles from 20-22 Jan.

AsiaBSDCon 2012

AsiaBSDCon 2012 is a conference for users and developers on BSD based systems. The next conference will be held in Tokyo from 22-25 March. You can apply for a FreeBSD Foundation travel grant.

BSDCan 2012

BSDCan 2012 will be held 11-12 May, 2012 in Ottawa at the University of
Ottawa. It will be preceded by two days of tutorials on 9-10 May. There’s a call for papers.