Episode 126

Illuminating the future on PC-BSD

Download Subscribe
00:00:00
/
01:48:31
RSS Feed Download (74.5 MB) Link with Timestamp

January 27th, 2016

1 hr 48 mins 31 secs

Link with Timestamp

Download MP3 (74.5 MB)

Your Hosts
Tags
... interview bsd guide howto tutorial pcbsd dragonflybsd netbsd openbsd freebsd

About this Episode

This week on BSDNow, we are going to be talking to Ken Moore about the Lumina desktop environment, where it stands now & looking ahead. Then Allan turns the tables & interviews both Kris & Ken about new ongoings in PC-BSD land. Stay tuned, lots of exciting show is coming your way right now on BSDNow, the place to B...SD!

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid

Headlines

Linuxvoice reviews six NAS designed OSes and states that FreeNAS has the largest amount of features

  • The review compares the features of: FreeNAS, NAS4Free, Open Media Vault, Openfiler Community Edition, EasyNAS, and Turnkey Linux File Server
  • “Many NAS solutions can do a lot more than just back up and restore files – you can extend them with plugins to do a variety of tasks. Some enable you to stream media to computers and others devices. Others can hook up with apps and services and allow them to use the NAS for storing and retrieving data”
  • Open Media Vault: 4/5, “A feature-rich NAS distro that’s easy to deploy and manage”. Many plugins, good UI
  • Turnkey Linux File Server: 2/5, “A no-fuss distro that’ll set up a fully functional file sharing server in no time”. No RAID, LVM must be down manually
  • Openfiler Community Edition: 1/5, “There is a target segment for Openfiler, but we can’t spot it”. In the middle of rebasing on CentOS, lacking documentation, confusing UI
  • EasyNAS: 3/5, “A simple NAS distro that balances the availability of features with reasonable assumptions”. Major updates require reinstall, lacks advanced features and advanced protocols
  • FreeNAS: 3/5, “FreeNAS The most feature-rich NAS distribution requires some getting used to”. Best documentation, best snapshot management, most plugins, jailed plugins, most enterprise features
  • NAS4Free: 3/5, “NAS4Free An advanced NAS distro that’s designed for advanced users”, additional flexibility with disk layout (partition the first disk to install the OS there, use remaining space for data storage)
  • “If we had to award this group test to the distro with the biggest number of features then the top two challengers would have been FreeNAS and its protegée NAS4Free. While both of these solutions pitch themselves to users outside the corporate environment, they’d simply be overkill for most home users. Furthermore, their FreeBSD base and the ZFS filesystem, while a boon to enterprise users, virtually makes them alien technology to the average Linux household.”
  • It is not clear why they gave NAS4Free and FreeNAS the same score when they wrote a list of reasons why FreeNAS was better.
  • It seems the goal of their rundown was to find the best Linux NAS, not the best NAS. ***

FreeBSD based Snort IPS

  • UnixMen.com provides a new tutorial on setting up Snort, the IPS (Intrusion Prevention system) on FreeBSD
  • Install Apache, PHP, and MySQL, then Snort
  • Download the latest Snort rules from the official website
  • Disable the Packet Filter on the USB interfaces to avoid issues with Snort
  • Install oinkmaster and barnyard2, and configure them
  • Then install the Snorby WEB interface, which will give you a nice overview of the data generated by the IPS
  • Then install SnortSAM, and connect it to ipfw
  • Now when Snort detects a potential intrusion, it will be displayed in Snorby, and automatically blocked with IPFW ***

Opensource.com features two BSD developers as examples of how open source can help your career

  • “When contributing to open source projects and communities, one of the many benefits is that you can improve your tech skills. In this article, hear from three contributors on how their open source helped them get a job or improved their career.”
  • Alexander Yurchenko, an OpenBSD developer who now works at Yandex says: “Participating in such a project yields colossal experience. A good, large open source project has everything that is typically required from a developer at job interviews: good planning, good coding, use of versioning systems and bug trackers, peer reviews, teamwork, and such. So, after stewing in such an environment for a year or two, you have a good opportunity to grow to a senior developer level.”
  • “That is, in fact, what happened to me. I was hired as a senior developer without having any formal work experience on my service record. After the first week, my probation period was reduced from three months to zero.”
  • While you may not have “formal work experience”, you do have a body of work, a (code/documentation/etc) portfolio, you can point to
  • Having spent a year working somewhere may say something about you, but showing some code you wrote that other people use every day, is usually more valuable
  • Alexander Polyakov, a DragonFly contributor, worked on updating support for other languages and on ACPI.
  • “I even made some money in the process—a customer found me via git log. He wanted to use DragonFlyBSD in production and needed better ACPI support and some RAID driver or something.”
  • “In a nutshell, contributing to various open source projects is how you gain great experience. Don't be afraid to send in bad code (happens to the best of us), keep calm (while being scolded for sending in that bad code), and choose projects you are really interested in. Then you'll both gain experience and have fun while you doing it.”
  • Kirill Gorkunov talks about his experience with turning open source into a career: “For a few years, I've been fixing the code, sending patches, getting scolded for bad code and complimented for good code. That experience was priceless. And you can be sure that as soon as you get good at it, job offers will follow. This is, in fact, how I met the kernel developers working on OpenVZ. Together, we decided to continue working on the OpenVZ kernel and related stuff as well”
  • When you contribute to open source, you end up being the person who wrote “Foo”, and this can often turn into work, when someone wants to build something with “Foo”, or like “Foo”
  • This same point was focus of a panel the FreeBSD Foundation organized at the womENcourage conference in Sweden last year: Open Source as a Career Path ***

FreeBSD, LibreSSL and LetsEncrypt oh my!

  • Over on the FreeBSD Wiki, Bernard Spil (whom we’ve interviewed before) has started a walkthrough talking about how he uses LibreSSL and LetsEncrypt, without using the heavy python client
  • The article provides detailed instructions on prepping the system and automating the process of updating the SSL certificates
  • If you’ve used the “official” letsencrypt client in the past, you’ll note some differences in his method, which keeps all the ‘acme-challenge’ files in a single-directory, which is aliased into domains.
  • Using this method also drops the requirement to run the letsencrypt auth as root, and allows you to run it as the unprivileged “letsencrypt” user instead.
  • He mentions that the bash/zsh scripts used may be added to ports at some point as well ***

Interview - Ken Moore & Kris Moore - ken@pcbsd.org / @pcbsdkris

  • PC-BSD’s new SysAdm Project and Lumina Update ***

News Roundup

DragonFly Intel i915 support to match what’s in the Linux 4.1 kernel

  • In DragonFly’s ongoing quest for DRM awesomeness, they have now merged changes to bring them up to Linux 4.1 kernel features.
  • Some of the notables include that “Valleyview” support is greatly improved, and not considered preliminary anymore
  • Skylake got some support improvements as well, including runtime power management, and that turbo and sleep states should be functional.
  • Some great improvements to power usage have been added, such as setting GPU frequencies to hardware minimum and enabling of DRRS (Dynamic Refresh Rate Switching) being enabled by default
  • They’ve even begun importing some of the prelim work for Broxton, the upcoming Atom SOC ***

FreeNAS Home Server Build

  • We have a nice article to share with you this week by John Ramsden, which walks us through his home-brew FreeNAS server setup.
  • As is typical with most home users, he will be using the system to both serve media, and as a backup target for other systems.
  • His hardware setup is pretty impressive for a home-brew, made up of the following:
    • Fractal Design Node 804 Chassis
    • Supermicro X10SL7-F Motherboard
    • Xeon E3-1231 v3 CPU
    • 4x Samsung DDR3 1.35v-1600 M391B1G73QH0 RAM
    • 2x 32GB SATA III SMC DOM Boot Drive
    • SeaSonic G-550 Power Supply
    • Cyberpower CP1500PFCLCD 1500VA 900W PFC UPS
    • 6x Western Digital 6TB Red HDD
    • 2 x ENERMAX T.B. Silence UCTB12P Case Fan
    • 3x Noctua NF-P14s redux-1200 Case Fan
  • The SATA DOM was neat to see in use, in his case in a mirror
  • He then walks us through his burn-in process, which involved memory testing for 46 hours, and then disk testing with the smartctl long tests.

  • There is even details on how the fan thresholds were set up, which may be of use to other DiY’ers out there.

  • The SATA DOM was neat to see in use, in his case in a mirror

  • He then walks us through his burn-in process, which involved memory testing for 46 hours, and then disk testing with the smartctl long tests.

  • There is even details on how the fan thresholds were set up, which may be of use to other DiY’ers out there.

claviger manages your SSH authorized_keys files for you

  • An application to manage your SSH authorized_keys files for you
  • Make a list of your keys (laptop, desktop, work)
  • Then a list of your ssh accounts
  • List which keys should be present, and which should be absent
  • Optional setting to keep all “other” keys, such as those added by other users
  • Optional list of specific “other” keys to allow (does not add them, but does not remove them if they are present)
  • You say say ‘server2 like server1’, and it will inherit all of the settings from that server
  • There is a “default” server, that all others inherit ***

FreeBSD 9.2 x64 OpenVPN AD authentication with crypt

  • A few days back unixmen.com posted a nice tutorial walkthrough of a OpenVPN setup on FreeBSD 9.2 using Active Directory for auth
  • In this particular setup, FreeBSD is running the gateway / OpenVPN server, the client desktops are running Windows 7 and domain controller on Windows 2008
  • The setup on FreeBSD pretty straightforward, thanks to the openvpn-auth-ldap port. (Unknown why they didn’t use the package)
  • In addition to showing the details on how configuration was done on BSD, what makes this walkthrough nice is the addition of so many screenshots of how the windows configuration was done.
  • Part of the walkthrough will also detail how they created their .ovpn files for importing on the OpenVPN clients. ***

Beastie Bits

dtrace included by default in NetBSD

FOSDEM16 is approaching, get ready to follow the BSD devroom

Call for testing: Concurrent: malloc(3) calls (to speed up Firefox)

"With the PV drivers in -CURRENT, it is now possible to run OpenBSD within AWS."

PC-BSD Handbook in Spanish

Feedback/Questions