FreeBSD Quarterly Status Report (January – March 2012)

The FreeBSD project has released its quarterly project update. The latest report covers FreeBSD related projects between January and March 2012, and is the first of the four reports planned for 2012.

This quarter was highlighted by releasing the next major version of FreeBSD, 9.0, which was finally released in the beginning of January 2012. The FreeBSD Project dedicates the FreeBSD 9.0-RELEASE to the memory of Dennis M. Ritchie, one of the founding fathers of the UNIX operating system.

Projects

User-land Programs

FreeBSD Team Reports

Kernel

Network Infrastructure

Documentation

Architectures

Ports

Soure and full report: FreeBSD Quarterly Status Report (January – March 2012)

PC-BSD 9-STABLE-20120505 Snapshot Available for Testing

Kris has announced the availability of the next testing snapshot. If you are using Intel video or would like to upgrade from a previous snapshot, read the Errata section below.

The next snapshot in the PC-BSD 9-STABLE branch has just been released
for i386 and amd64 architectures. This snapshot provides both users and developers a means to test out new features in the upcoming PC-BSD 9.1 release. This snapshot may contain buggy code and features, so users are encouraged to run it only on non-critical systems.

Changes since the previous Snapshot:

* FreeBSD 9-STABLE from 05-01-2012
* Xorg 7.5.2 / Xorg-server 1.10.6
* Includes the GEM kernel support patches
* Added fail2ban for SSH brute force blocking
* Added ossec to base system
* Added support for all i18n languages currently in Pootle
* Fixed sorting of installed Applications in AppCafe
* Fixed some bugs in server install causing CLI apps to fail
* Fixed stamping boot on BootCamp partitions.
* Enable starting Warden jails at system bootup
* Enable booting installer on systems with < 512MB of RAM
* Enabled splash screen support
* Multiple bugfixes to included utilities / apps

Highlights for the upcoming 9.1:

* New system installer! Greatly simplified for desktop and server installs.
* New “PC-BSD Server” installation option. Includes command-line
utilities like pbi-manager, warden, metapkgmanager and more.
* Support for ZFS mirror / raidz(1,2,3) during installation.
* Support for SWAP on ZFS, allowing entire disk ZFS installation.
* Support for setting additional ZFS data-set options, such as compression, noexec, etc.
* Warden jail management integrated into system. Allows creating jails
via GUI, adding packages and other administration.
* First boot setup wizard allows OEM installs to be easily performed.
* New Bluetooth paring tray / GUI utilities.
* New AppCafe improvements and preferences
* Improvements to wifi utility
* Fixed bug causing untranslated strings to show up empty.
* Numerous bug-fixes to PC-BSD related utilities
* And much more!

Errata

* Due to some port changes the updated Xorg Intel driver did not get
automatically included. You add it post-install by adding the line
“WITH_NEW_XORG=yes” to /etc/make.conf and then building the
/usr/ports/x11-drivers/xf86-video-intel port. This will be corrected in the next snapshot.

* It is possible to update from the previous snapshot to the current version, however you will manually need to update the
/usr/local/bin/pc-updatemanager command first.

(As root)
# fetch
http://?trac?.pcbsd?.org/?e?x?p?o?r?t?/?1?6?6?6?2?/?p?c?b?s?d?/?c?u?r?r?e?n?t?/?s?r?c?-?s?h?/?p?c?-?u?p?d?a?t?e?m?a?n?a?g?e?r?/?p?c?-?u?p?d?a?t?e?m?a?n?a?ger –o /usr/local/bin/pc-updatemanager
# chmod 755 /usr/local/bin/pc-updatemanager

You may now update via the system updater GUI.

Protect Your BSD – BSD Magazine (May 2012)

April’s issue of the BSD Magazine is now available: BSD Security – Protect Your BSD (free PDF download).

Covering the following topics:

- A Fresh Look at the Warden for PC-BSD 9.1
- Intro to DTrace
- A Web Application Firewall for Nginx
- Introducing EasyPBI – Making PBI Modules With a Few Mouse Clicks
- Mysql-zrm: Enterprise Level Backups for MySQL
- Anatomy of FreeBSD Compromise (Part 5)
- Hardening FreeBSD with TrustedBSD and Mandatory Access Controls (MAC)
- Security Best Practice for DNS Servers

Setting up your first VPS FAMP Stack

Diego from RootBSD has put together a handy blog post (Setting Up Your First VPS FAMP Stack) showing how to set up a FAMP stock (FreeBSD, Apache, MySQL, PHP) on a (RootBSD) VPS.

Just 5 easy steps and a bit of configuration and it’s all done.

  • Upgrading Ports Tree Using Portsnap
  • Installing Apache 2.2.x
  • Installing PHP 5.3.x
  • Installing MySQL
  • Additional Modules
  • Finished

RootBSD is a provider of FreeBSD and OpenBSD hosting and VPS Solutions. Having your hosting account with RootBSD gives you ease of mind and full control with all of the advantages from a dedicated server: full root access, customizable environment, and guaranteed hardware resources. Find out more.

Disclosure: freebsdnews.com it affiliated with RootBSD.

GSoC 2012 FreeBSD projects announced

It’s that time of the year again. Holiday season is approaching in a few months time, so it’s time to get ready for the annual Google Summer of Code, GSoC 2012.

Each year Google pays quite a number of mainly students to contribute to an open source project. The applications have been gone through and 15 FreeBSD related projects have been approved.

I’m quite excited about the BHyVe, TrueCrypt and parallization projects.

Port FreeBSD/arm to BeagleBoard-xM
Aleksander Dutkowski
The purpose of this project is to run FreeBSD on BeagleBoard-xM device – OMAP3 based multifunctional board. The main work will be to implement OMAP3 support and peripherals like ethernet, usb host, audio and DVI video devices included in BeagleBoard-xM

Parallelization in the ports collection
Alexander Pronin
The main idea of the project is to give a user an opportunity to make install of several ports at the same time. Another part of the project is to be able to build port’s dependencies in parallel. The main aim of this project is to make system update process faster and easier.

Re-enginer the wheel: a rejuvenation of BSD callout(9) and timer facilities
Davide Italiano
In all the BSD kernels, timers are provided using the callout(9) facility, which allows a function to be registered in order to be called at a future time. Right now, FreeBSD can’t handle timeouts less then 2/HZ and precision less then 1/HZ. According to some recent tests, other OSes can do it much better. Some consumers may need better resolution, and this is important in lots of applications, e.g. allow faster TCP recovery in case of error or package loss, or real-time applications.

Kernel level file integrity checker
Efstratios Karatzas
This project will focus on providing file integrity checking capabilities to pefs. The file integrity checker will compare cryptographic checksums of files against a static signed checksum list at access time. The files are thought to be immutable and use of securelevel will guarantee that lower filesystems will protect those files. Securelevel will be extended to only permit execution of files with immutable flag set.

EFI Boot Support for amd64/i386
Eric McCorkle
Complete the implementation of EFI boot support on the amd64 and possibly i386 platforms (including Intel Macs). The end result should allow the FreeBSD kernel to boot on an EFI system.

Userland Lock Profiling and Verification
Greg Miller
This project will provide userland lock profiling and lock order verification functionality, based on the LOCK_PROFILING and WITNESS kernel options. Application developers will be able to build an instrumented application and query statistics via additional library API calls or a gperf-style external data file.

FreeBSD/arm and FDT cleanup
Jakub Klama
This project aims to clean up and refactor FreeBSD/arm and Flattened Device Tree implementation code.

Improve BSD-licensed text processing tools.
Jesse H.
This project aims to improve, complete, and optimize the BSD-licensed text processing tools grep, sort, diff, diff3, sdiff, and mdocml. This will include adding features to diff/diff3/sdiff and mdocml and improving the efficiency of grep and sort.

IPV6 Improvement [Userland]
Jonathan Calmels
Improve the IPv6 support in userland according to the TODO list provided by the FreeBSD network team.

Port TrueCrypt as a geom_gate userland disk device implementation (GSoC)
Monty Chaney-Geib
This project aims to port TrueCrypt as a geom_gate userland disk device implementation. Basically what this will be doing is encrypting a virtual disk in real time.

Port NetBSD’s UDF implementation
Oleksandr
FreeBSD has an implementation of the UDF filesystem but it is not the latest version and doesn’t support many features from newer UDF revisions (>=2.01), such as Metadata Partition or Pseudo OverWrite method. Support UDF is also readonly. NetBSD implementation by Reinoud Zandijk supports most of new UDF features and has write support too. First of all I will support new revisions only for reading and subsequently write support.

CPU percentage limits
Rudolf Tomori
The goal of the project is to add the CPU percentage usage accounting to the existing racct/rctl infrastructure. I want to make it possible for the system administrator to limit either a particular process, a particular user or a particular jail to for example 30% CPU.

BHyVe BIOS emulation to boot legacy systems
Takuya ASADA
Implement BIOS emulation on BHyVe hypervisor, to make BHyVe able to support more guest OSes.

Automated Kernel Crash Reporting System
Tzanetos Balitsaris
This project aims to develop a system for automated kernel crash reports for the FreeBSD Operating System. This includes the creation of a crash reporter program specifically for the FreeBSD kernel, and a service that receive those data, store them in a database according to some rules, and present them via two different web pages. One for the community, and one for the developers of the FreeBSD Project.

NTFS for FreeBSD

Miscelaneous News Links: auditdistd, Xorg, Linuxulator, OpenSSH

auditdistd

The auditdistd project is complete. Pawel Jakub Dawidek provides the following report regarding the project: auditdist project completed.

Xorg 7.5.2

The Xorg Team has announced the next round of Xorg updates. Phoronix’ analysis here.

Linuxulator and Linux Base

‘This week­end I made some progress in the lin­ux­u­la­tor‘.

OpenSSH

OpenSSH 6.0 has just been released.

 

PC-BSD 9-STABLE-20120418 snapshot available

The PC-BSD team has made the first public 9-STABLE snapshot available for 64bit systems! Read the announcement.

This snapshot provides both users and developers a means to test out new features in the upcoming PC-BSD 9.1 release. This snapshot may contain buggy code and features, so users are encouraged to run it only on non-critical systems.

Highlights in this release are:

  • FreeBSD 9-STABLE from 4-11-2012
  • New system installer! Greatly simplified for desktop and server installs.
  • New “PC-BSD Server” installation option. Includes command-line utilities like pbi-manager, warden, metapkgmanager and more.
  • Support for ZFS mirror / raidz(1,2,3) during installation.
  • Support for SWAP on ZFS, allowing entire disk ZFS installation.
  • Support for setting additional ZFS data-set options, such as compression, noexec, etc.
  • Warden jail management integrated into system. Allows creating jails via GUI, adding packages and other administration.
  • First boot setup wizard allows OEM installs to be easily performed.
  • New Bluetooth paring tray / GUI utilities.
  • New AppCafe improvements and preferences
  • Improvements to wifi utility
  • Fixed bug causing untranslated strings to show up empty.
  • Numerous bug-fixes to PC-BSD related utilities
  • And much more!

Happy testing.

Should you come across any problems or issues, share them with the Team on the PC-BSD Testing Mailing List.

Download PC-BSD 9-STABLE-20120418 snapshot (64bit)