Bastille Day, NetBSD Security Advisories plus all the latest news and tutorials from BSD world.

Releases

BastilleBSD celebrates Bastille Day by releasing 0.9.20210714: This release includes six months of development and bug-fixing. New features include support for Ubuntu based containers, improved import/export options, support for MidnightBSD and a much improved "bastille list -a" output format.

BSDSec

NetBSD Security Advisory 2021-002: Incorrect permissions in kernfs: The /kern file system contains references to the device the root volume was mounted from. It was discovered that the permissions were incorrect and allow any local user to read the device, thus allowing any local user to read any file on the root volume.

NetBSD Security Advisory 2021-001: Predictable ID disclosures in IPv4 and IPv6: IP ID randomization was not enabled by default and the randomization algorithms were not strong enough. For all NetBSD versions, you need to obtain fixed kernel sources, rebuild and install the new kernel, and reboot the system.

As always, it's worth following BSDSec. RSS feed and Twitter account available.

News

FreeBSD KGDB support in LLDB: The Moritz Systems team has started a new contract on FreeBSD KGDB support in LLDB. It is expected that once the work is complete, the new features in LLDB will become part of the FreeBSD base system after the next update.

dhcpleased(8) and resolvd(8) enabled in OpenBSD base, replacing dhclient(8) : OpenBSD is moving from a model where dhclient on 1 interface believes it is MASTER of /etc/resolv.conf and a bunch of system aspects, and the userbase is familiar with dhclient.conf towards a model where multiple interfaces + unwind can advertise their DNS resolution abilities to resolvd, which then sorts the offers and maintains a configuration. dhclient will remain available for people who want that old model, but they will likely encounter increasing difficulty sticking to it because the default configuration is changing.

What init system would you prefer to use under GhostBSD?: As much as GhostBSD devs like OpenRC, it comes at a price. All FreeBSD OS services and ports/packages services must be maintained and new ones to be added. So on that note, they would like your vote on which one you prefer before making a drastic decision.

A Look at Profiling: FreeBSD Sort: The FreeBSD sort program reads lines from input or from a file and produces the same lines in sorted order. NetBSD has an equivalent program, as does the GNU Project. Recently, FreeBSD received a bug report that described how FreeBSD sort was much slower than NetBSD sort and GNU sort.

How DragonFly BSD handles filesystem errors: Modern operating systems include a lot of components and a lot of variables. We tend not to notice when the thousands of pieces are working together in harmony, but if something goes wrong it's possible for the whole house of cards to fall. Matthew Dillon recently shared opinions on how systems fail and how they can attempt to fail in more positive ways, using DragonFly BSD's HAMMER2 filesystem as an example.

ndis removed from DragonFly: ndis(4) is removed from DragonFly; it’s probably been years since it was applicable to any hardware: for a while it was possible to use Windows XP drivers to create a BSD network driver, effectively.

Tutorials

FreeBSD TCP Performance System Controls : While new protocols are constantly being developed, the venerable Transmission Control Protocol (TCP) still accounts for most global traffic. The FreeBSD kernel TCP stack offers a lot of opportunities to tweak different performance features. The options it includes allow a lot of flexibility in the configuration of machines without having to do custom kernel builds. Find out how to make use of the Initial Window, what the TCP Segment OffLoad is, and how to use TCP Buffer Tuning to your advantage.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Take a vaccine and stay safe!