kFreeBSD with ZFS, Bordeaux on PC-BSD, benchmarks and pfSense

Debian’s GNU/kFreeBSD Installer will support ZFS

“While Debian GNU/kFreeBSD has supported the ZFS file-system with its FreeBSD-8 kernel, support for installing the Debian GNU/kFreeBSD distribution to a root ZFS file-system will now be possible with the Debian 6.0 “Squeeze” release.

For those unfamiliar with Debian GNU/kFreeBSD, it takes the GNU user-land but runs it atop the FreeBSD kernel rather than Debian GNU/Linux with the Linux kernel. You can still use apt-get and do most anything you would with the Linux-based Debian distribution (aside from different hardware compatibility and other support differences), but instead you’re running the FreeBSD kernel.

While the upstream FreeBSD project doesn’t have an easy root ZFS file-system installation option within FreeBSD 8.0/8.1, this isn’t particularly ground-breaking, as the FreeBSD-based PC-BSD already has ZFS installation support that is quite easy to work.”

Full post on Phoronix: Debian’s GNU/kFreeBSD Installer Will Support ZFS

Review of Running Bordeaux on PC-BSD

Jesse Smith of Distrowatch has used Bordeaux for a week and written up his (mostly positive) experience (feature story):

“The Bordeaux Technology Group is a company specializing in compatibility software. Specifically, they work at making it as easy as possible to run Windows programs on the UNIX family of operating systems. Their Bordeaux tool is built to run on Linux, FreeBSD, Solaris, OpenIndiana and Mac OS X. Bordeaux is, at its heart, a customized build of Wine. They take a recent version of Wine, add some special tools and test their build for compatibility against a group of popular Windows software. They then sell this bundle (along with support) for about US$20 – 25, much less than the typical cost of a Windows license. A few weeks ago I had a chance to chat with Tom, a member of the Bordeaux Technology Group, and he was kind enough to give me a copy of Bordeaux (PC-BSD edition) to test-drive.

The provided PBI package was about 44 MB and it installed without any problems. With the install completed, two icons were added to my desktop and application menu. These new icons were labelled “Bordeaux” and “Cellar Manager”. I launched Bordeaux first and was presented with a new window featuring three tabs along the top. These three tabs are called “Install Applications”, “Manage Wine” and “Unsupported Packages”. At the bottom of the window, regardless of which tab is selected, are two buttons called “Help” and “Install”. Clicking the Help button always opens a browser window to the Bordeaux documentation website. The Install button actually performs different functions depending on which tab is selected.”

Read on for the remainder of the story, and the conclusion: Test-driving Bordeaux 2.0.8

NB, Bordeaux Group has a 50% offer going: Bordeaux 50% off recession busting sale

New benchmarks of OpenSolaris, BSD & Linux

Phoronix has benchmarked the latest OpenSolaris-based distributions (OpenSolaris, OpenIndiana, and Augustiner-Schweinshaxe), compared to PC-BSD, Fedora, and Ubuntu. The Phoronix review concludes:

There you have it, the performance of the latest OpenSolaris distributions against PC-BSD/FreeBSD and two of the most popular Linux distributions. The Fedora and Ubuntu operating systems won most of the tests, but there were a few leads for PC-BSD while the OpenSolaris operating systems just one won test (Local Adaptive Thresholding via GraphicsMagick) at least for our benchmarking selection and workload. If you are using an OpenSolaris-based operating system hopefully you are not using it for a performance critical environment but rather to take advantage of its technical features like DTrace, ZFS (though that is becoming moot with its availability on PC-BSD/FreeBSD and even Linux), etc.

Check out the article for the graphs, benchmark details and hardware used: New benchmarks of Opensolaris, BSD and Linux

Build your own Router (pfSense)

Martin Diers set up pfSense for a new warehouse.

My company is expanding into a warehouse, and so for the first time, I have to setup a WAN. That’s a Wide Area Network, which basically means joining together two or more LANs so everyone can see each other, even if you are across the country.

At my company, I have our local internet router running pfSense on a traditional PC with two network cards. It works just like your home linksys or netgear router. It’s just faster and can handle a lot more traffic. It is also extremely stable. I never have to reboot the thing. You configure it just like your home router: through a web interface

He finishes the article by saying how easy setting up a wlan with pfsense (and cheap), compared to the 90′s:

pfSense has been the best router software I have ever used. It is as capable as anything put out by Cisco or HP, and it is open source. For the cost of the bare hardware, you can have a world-class router that supports many other services such as local DNS resolution, content filtering, bandwidth monitoring, Quality of Service controlls, the list goes on, and you can even have it in an little fanless package.

Read the whole post: Build your own router (trojanbadger.com)

pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.”

Bjoern Zeeb receives 2nd Itojun Service Award

Bjoern Zeeb received the second Itojun Service Award at he IETF 79 meeting in Beijing last month.

Bjoern A. Zeeb, a FreeBSD Developer, received the award for his dedicated work to make significant improvements in open source implementations of IPv6. IPv6 is the next generation of Internet protocol that will help ensure the continued rapid growth of the Internet as a platform for innovation.

First awarded last year, the Itojun Service Award honours the memory of Dr. Jun-ichiro “itojun” Hagino, who passed away in 2007, aged just 37. The award, established by the friends of itojun and administered by the Internet Society (ISOC), recognises and commemorates the extraordinary dedication exercised by itojun over the course of IPv6 development.

“For many years, Bjoern has been a committed champion of, and contributor to, implementing IPv6 in open source operating systems used in servers, desktops, and embedded computer platforms, including those used by some of the busiest websites in the world,”

said Jun Murai of the Itojun Service Award committee and Founder of the WIDE Project.

“On behalf of the Itojun Service Award committee, I am extremely pleased to present this award to Bjoern for his outstanding work in support of IPv6 development and deployment.”

The Itojun Service Award is focused on pragmatic contributions to developing and deploying IPv6 in the spirit of serving the Internet. The award, expected to be presented annually, includes a presentation crystal, a US$3,000 honorarium, and a travel grant.

“This is a great honour, and I would like to thank the people who recommended me for the award and the committee for believing my work was valuable. I never met Itojun but he was one of the people helping me, and I have the highest respect for his massive foundational work,”

said Bjoern A. Zeeb.

“As the Internet community works to roll out IPv6 to more and more people all around the globe, we also need to help others–developers, businesses, and users–understand and use the new Internet protocols so that the vision Itojun was working so hard for comes true.”

Each Internet-connected device uses an IP address and, with the number of Internet-connected devices growing rapidly, the supply of unallocated IPv4 addresses is expected to be exhausted within the next year. To help ensure the continued rapid growth of the Internet, IPv6 provides a huge increase in the number of available addresses. And, while the technical foundations of IPv6 are well established, significant work remains to expand the deployment and use of IPv6.

IPv6 was developed within the Internet Engineering Task Force (IETF), the Internet’s premier standards-making body responsible for the development of protocols used in IP-based networks. IETF participants represent an international community of network designers, operators, vendors, and researchers involved in the technical operation of the Internet and the continuing evolution of Internet architecture. More information on the Itojun Service Award is available at: http://www.isoc.org/itojun

Source: ISOC monthly newsletter (Nov 2010)

Bordeaux Sale on (50% discount)

bordeaux wine windows softwareTom Wickline has announced a 50% off recession busting sale on Bordeaux for FreeBSD and PC-BSD. If sustainable, the sale will last till US unemployment rate falls below 7%.

To help the FreeBSD Foundation in it’s end-of-year fund-raise drive, I will donate any affiliate commission I receive this month, if you buy Bordeaux through this link.

If you’ve not heard of Bordaux (apart from the French wine), with Bordeaux you can run many of todays most popular Windows based office applications and games on your operating system of choice.

From the announcement:

“The Bordeaux Technology Group is proud to announce a 50% off recession busting sale on Bordeaux for Linux, Mac, FreeBSD, PCBSD and OpenIndiana. With the current US unemployment rate hovering near 10% and rumors of the possibility of a double dip recession. We want to do our part to help save individuals and small business as much money as we can on their Wine related software needs. With Bordeaux you can run many of todays most popular Windows based office applications and games on your operating system of choice.

Over the past two years their has been a large multitude of changes that have taken place in Wine. And with Wine 1.2.1 being recently released users can run more of their favorite Applications and Games on their unix operating system of choice.

Bordeaux for Linux and BSD will be marked down to only $10.00 and Bordeaux for Mac and OpenIndiana will cost only $12.50 during this sale.

This sale will last until the US unemployment rate falls below 7% or as long as we can feasibly run this half off sale. So, if you have ever wanted to try Wine or Bordeaux and have put off your purchase in the past this is the perfect time to try Bordeaux and save 50% off the normal selling price.

Supported Applications/Games:

  • Microsoft Office 2007
  • Microsoft Office 2003
  • Microsoft Office 2000
  • Microsoft Office 97
  • Microsoft Office Visio 2003
  • Microsoft Office Project 2003
  • Adobe Photoshop 6
  • Adobe Image Ready 3
  • Adobe Photoshop 7
  • Adobe Image Ready 7
  • Adobe Photoshop CS
  • Adobe Photoshop CS2
  • Microsoft Internet Explorer 7
  • Microsoft Internet Explorer 6
  • FireFox 3.6.8 and multimedia plug ins
  • Apple Safari 5.0 Web Browser
  • Steam and Steam based Games
  • Google SketchUp 7.1
  • VLC 1.1.0
  • Apple QuickTime 6.5.2 Player
  • IrfanView 4.27 (Image files only)
  • Winetricks support”

Buy here and support the FreeBSD Foundation.

FreeBSD Security Advisory (openssl)

The FreeBSD Security Team has identified a security bug in openssl:

I. Background

FreeBSD includes software from the OpenSSL Project. The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.

II. Problem Description

A race condition exists in the OpenSSL TLS server extension code parsing when used in a multi-threaded application, which uses OpenSSL’s internal caching mechanism. The race condition can lead to a buffer overflow.

A double free exists in the SSL client ECDH handling code, when processing specially crafted public keys with invalid prime numbers.

III. Impact

For affected server applications, an attacker may be able to utilize the buffer overflow to crash the application or potentially run arbitrary code with the privileges of the application.

It may be possible to cause a DoS or potentially execute arbitrary in the context of the user connection to a malicious SSL server.

To find out more about the impact, a work-around and solution, check out the advisory page: FreeBSD Security Advisory (openssl)

FreeBSD Foundation EOY fund-raise drive

The FreeBSD Foundation has kicked off its annual end-of-year fund-raise drive, and is calling happy (Free)BSD users make a small donation to help the FreeBSD Project fund new initiatives, sponsor FreeBSD Conferences, grant travel grants etc.

The Foundation has received some large (corporate) donations already, but the number of last year’s individual donations hasn’t been matched yet. More than half of the £350k goal has been given. If you want and can help, you can donate here (I am not affiliated with the FreeBSD Foundation).

FreeBSD Foundation president Justin Gibbs writes:

As the year is winding down I’m writing this note to remind you of the motivation behind the FreeBSD Foundation’s work, its benefits to you, and to ask for your financial assistance in making our work possible.

Ten years ago, I created the FreeBSD Foundation to repay a debt I owe to the FreeBSD project. While working on FreeBSD I learned the fundamentals of sound software design, how to successfully manage a large code base, and experienced the challenges of release engineering. Beyond the benefits of this education, FreeBSD has provided a robust platform that has allowed me to build several successful commercial products while being well paid to work on an operating system I love.

Today, through my volunteer work with the FreeBSD Foundation, I’m still paying down this debt.

This year, despite the slow pace of the economic recovery, the FreeBSD Foundation has an impressive list of accomplishments:

Provided $100,000 in grants for projects that improve FreeBSD in the areas of:

  • DTrace support
  • High availability storage
  • Enhanced SNMP reporting
  • Virtualization and resource partitioning
  • Embedded device support
  • Networking stack improvements

Allocated $50,000 for equipment to enhance FreeBSD project infrastructure.

Sponsored 8 FreeBSD related conferences.

Funded 16 travel grants giving increased community and developer access to conferences.

Provided legal support to the FreeBSD project.

How do our activities benefit you? If you are a company using FreeBSD, our work to strengthen the FreeBSD community ensures the continued viability of FreeBSD and a large pool of developers to tap into. If you are an end user, our work brings you new features and access to conferences. And if you are a FreeBSD developer, the FreeBSD Foundation is providing the resources needed to make your next innovation possible.

The FreeBSD project thrives through the hard work of our community, but it also requires financial backing. This year we set a fund-raising goal of $350,000. We are pleased to report that we are half way there, but we need your help to reach our goal. Every donation, no matter its size, helps to make our work possible. As a non-profit with very low overhead, your donation is the best way to invest in FreeBSD. Please make that investment today.

Source: FreeBSD Foundation blog

Released: FreeNAS 8 (Beta)

Warner Losh, of iXsystems, announced last week the availability of FreeNAS 8. Since there were some issues with the initial beta, ensure you’re downloading the latest version (r5605).

Warner writes:

“iXsystems is pleased to announced FreeNAS 8.0 Beta. FreeNAS 8.0 has undergone a complete rewrite. We’ve redesigned the GUI to be easier to use and extend. We’ve upgraded many technologies in the system for improved hardware support, faster I/O, better modularity, and easier upgrades. We trust that you’ll find the system easier to use and, in time, much more feature rich than the current FreeNAS offering.

The base system has migrated from FreeBSD 7.x and the m0m0wall build system to FreeBSD 8.1-RELEASE and NanoBSD. The system startup has migrated from the older php scripts to the standard FreeBSD rc.d boot system. We’ve pushed many of the bug fixes and system improvements back into FreeBSD.

We’ve rewritten the GUI using Python and Django. We’ve completely removed the old php system. In addition to Django, we’re using Dojango and Dojo to implement AJAX features. The new system is much more modular than the old system. We will use this modularity in a future version for easy integration of custom features into your FreeNAS box.

The installer has been rewritten using pc-sysinstall, the future FreeBSD installation technology. The scripts have a similar feel to the old PHP scripts for users of the current system. The ISO now is only an installer. You can no longer run in live mode from a CDROM.

The installation types have changed; there’s no longer an embedded or full install, nor can the image be installed on a data disk. You must now install FreeNAS onto a dedicated device. FreeNAS supports USB flash, CompactFlash, hard drives, ssd or any other mass storage device supported by FreeBSD.”

Full announcement: FreeNAS 8 Beta released

The Beta can be downloaded from Source Forge and the release notes can be found on the FreeNAS wiki.

FreeNAS is an embedded open source NAS (Network-Attached Storage) distribution based on FreeBSD, supporting the following protocols: CIFS (samba), FTP, NFS, TFTP, AFP, RSYNC, Unison, iSCSI (initiator and target) and UPnP.

It supports Software RAID (0,1,5), ZFS, disk encryption, S.M.A.R.T/email monitoring with a WEB configuration interface

FreeBSD Security Advisory (pseudofs)

The FreeBSD Security Team has identified a little bug in FreeBSD with speudofs:

I. Background

pseudofs offers an abstract API for pseudo file systems which is utilized by procfs(5) and linprocfs(5). It provides generic file system services such as ACLs, extended attributes which interface with VFS and which are otherwise onerous to implement. This enables pseudo file system authors to add this functionality to their file systems with minimal effort.

II. Problem Description

The pfs_getextattr(9) function, used by pseudofs for handling extended attributes, attempts to unlock a mutex which was not previously locked.

To find out more about the impact, a work-around and solution, check out the advisory page:

FreeBSD Security Advisory (pseudofs)

New theme

Since I’m having a few issues with the current theme and I’m in favour of something lighter, I’m going to update the theme based on your suggestions and feedback next week.

Apart from being lighter, the new theme will have more integration with social networks and link sharing websites.

freebsdnews.net will soon be accessible through another (yet to be announced) URL too. I’ll let you know.