I've been trying to install NetBSD on my HP ZBook, however on the installation boot menu, selecting '1. Install NetBSD' causes the whole laptop to crash.
I've tried this on several other systems too, including an Elitebook, another ZBook of a different model, and an HP mini-pc to be met with the same fate: the entire system shuts off. I've tried several USB utilities to create the bootable, including Rufus, Unetbootin, and I even tried a Linux terminal as a last resort using dd. I've tried several USB drives as well as NetBSD images but nothing seems to work. The drives boot fine on Dell machines, IBM ThinkPads, and my custom tower but just not on any HP machine I have (in fact iirc I even got it to boot on a MacBook as a sanity check). I've tried both UEFI and legacy boot.
Is there something I'm just missing on HP's side? Maybe missing support or either does the system have to be directly recognized by HP's bios to allow me to boot?
Here's all the machines I've tested on HP-wise:
ZBook Firefly 14 G8 (the one I'm actually trying to install on)
Elitebook 850 G8
ZBook Firefly 15 (tried on two separate ones of the same model)
Z2 Mini G8
They all shut off immediately after selecting boot.
Hi!
I'm using NetBSD 10.0 on a ThinkPad T480. This is a dual GPU version with intel + nvidia GPU.
I am disabling nvidia GPU completely by adding userconf=disable nouveau*
in /boot.cfg
and this works:
bash-5.2$ dmesg | grep nou
[ 1,000000] [ 385,000000] nouveau* disabled
i915drmkms
seems also to load properly:
bash-5.2$ modstat | grep i915
i915drmkms driver builtin - 0 - acpivga,drmkms,drmkms_pci
I do get /dev/dri/*
nodes created (not sure why that many, though):
bash-5.2$ ls -l /dev/dri
total 0
crw-rw---- 1 root wheel 180, 0 Jan 23 2024 card0
crw-rw---- 1 root wheel 180, 1 Jan 23 2024 card1
crw-rw---- 1 root wheel 180, 2 Jan 23 2024 card2
crw-rw---- 1 root wheel 180, 3 Jan 23 2024 card3
crw-rw---- 1 root wheel 180, 128 Jan 23 2024 renderD128
crw-rw---- 1 root wheel 180, 129 Jan 23 2024 renderD129
crw-rw---- 1 root wheel 180, 130 Jan 23 2024 renderD130
crw-rw---- 1 root wheel 180, 131 Jan 23 2024 renderD131
Permissions and ownership is what man drm
suggests. I've tried with changing the ownership to group users
but it didn't help. Neither did starting Xfce as root
.
However when I run Firefox from console I get:
bash-5.2$ firefox
Crash Annotation GraphicsCriticalError: |[0][GFX1-]: glxtest: DRM device has no render node (t=1.25719) [GFX1-]: glxtest: DRM device has no render node
Crash Annotation GraphicsCriticalError: |[0][GFX1-]: glxtest: DRM device has no render node (t=1.25719) |[1][GFX1-]: glxtest: Cannot find DRM device (t=1.25728) [GFX1-]: glxtest: Cannot find DRM device
Crash Annotation GraphicsCriticalError: |[0][GFX1-]: glxtest: DRM device has no render node (t=1.25719) |[1][GFX1-]: glxtest: Cannot find DRM device (t=1.25728) |[2][GFX1-]: vaapitest: ERROR (t=1.34748) [GFX1-]: vaapitest: ERROR
Crash Annotation GraphicsCriticalError: |[0][GFX1-]: glxtest: DRM device has no render node (t=1.25719) |[1][GFX1-]: glxtest: Cannot find DRM device (t=1.25728) |[2][GFX1-]: vaapitest: ERROR (t=1.34748) |[3][GFX1-]: vaapitest: VA-API test failed: failed to open renderDeviceFD.
(t=1.34753) [GFX1-]: vaapitest: VA-API test failed: failed to open renderDeviceFD.
ATTENTION: default value of option mesa_glthread overridden by environment.
Firefox's about:support
shows the same:
And in general Firefox seems to be slower. On https://chromium.github.io/octane/ I get around 15000 points. On the same machine on Debian Linux I get 25000 points.
The only X11 config I have is:
bash-5.2$ cat gpu.conf
Section "Device"
Identifier "intel"
Driver "intel"
## Option "AccelMethod" "UXA"
EndSection
But it's not required since by default X picks up the intel
driver. I also tried with modesetting
driver and the situation is the same.
Everything is compiled from source, using modular xorg.
mk.conf
:
bash-5.2$ cat /etc/mk.conf
.sinclude "/usr/pkg/share/mk/cpuflags.mk"
COPTS?= -pipe ${DEFCOPTS}
CFLAGS+= -pipe
MAKE_JOBS= 8
X11_TYPE= modular
FETCH_FAILOVER= yes
#FETCH_RESUME_ARGS= -c
#FETCH_OUTPUT_ARGS= -O
PKG_RESUME_TRANSFERS= yes
#.if exists(${LOCALBASE}/bin/wget2)
#FETCH_CMD= ${LOCALBASE}/bin/wget2
#.endif
#.if exists(${LOCALBASE}/bin/sudo)
#SU_CMD= ${LOCALBASE}/bin/sudo /bin/sh -c
#.endif
ACCEPTABLE_LICENSES+= mozilla-trademark-license
ACCEPTABLE_LICENSES+= mpl-1.1
ACCEPTABLE_LICENSES+= ms-ttf-license
ACCEPTABLE_LICENSES+= ubuntu-font-license
PKG_DEFAULT_OPTIONS+= dbus python pam
PKG_OPTIONS.firefox= official-mozilla-branding
PKG_OPTIONS.firefox115= official-mozilla-branding
PKG_OPTIONS.thunderbird= official-mozilla-branding
PKG_OPTIONS.mc+= slang x11 sftp ncurses
PKG_OPTIONS.ncspot+= dbus ncursesw
PKG_OPTIONS.sudo+= pam
Xorg.0.log
:
bash-5.2$ cat /var/log/Xorg.0.log
[ 46324.696]
X.Org X Server 1.21.1.13
X Protocol Version 11, Revision 0
[ 46324.697] Current Operating System: NetBSD troublemaker.sol 10.0 NetBSD 10.0 (GENERIC) #0: Thu Mar 28 08:33:33 UTC 2024 [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC amd64
[ 46324.697]
[ 46324.697] Current version of pixman: 0.43.4
[ 46324.697] Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
[ 46324.697] Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
[ 46324.697] (==) Log file: "/var/log/Xorg.0.log", Time: Sat Nov 16 11:16:43 2024
[ 46324.697] (==) Using config directory: "/etc/X11/xorg.conf.d"
[ 46324.697] (==) Using system config directory "/usr/pkg/share/X11/xorg.conf.d"
[ 46324.697] (==) No Layout section. Using the first Screen section.
[ 46324.697] (==) No screen section available. Using defaults.
[ 46324.697] (**) |-->Screen "Default Screen Section" (0)
[ 46324.697] (**) | |-->Monitor "<default monitor>"
[ 46324.697] (==) No device specified for screen "Default Screen Section".
Using the first device section listed.
[ 46324.697] (**) | |-->Device "intel"
[ 46324.697] (==) No monitor specified for screen "Default Screen Section".
Using a default monitor configuration.
[ 46324.697] (**) Allowing byte-swapped clients
[ 46324.697] (==) Not automatically adding devices
[ 46324.697] (==) Not automatically enabling devices
[ 46324.697] (==) Not automatically adding GPU devices
[ 46324.697] (==) Automatically binding GPU devices
[ 46324.697] (==) Max clients allowed: 256, resource mask: 0x1fffff
[ 46324.697] (WW) The directory "/usr/pkg/share/fonts/X11/OTF" does not exist.
[ 46324.697] Entry deleted from font path.
[ 46324.697] (WW) `fonts.dir' not found (or not valid) in "/usr/pkg/share/fonts/X11/cyrillic".
[ 46324.697] Entry deleted from font path.
[ 46324.697] (Run 'mkfontdir' on "/usr/pkg/share/fonts/X11/cyrillic").
[ 46324.697] (WW) The directory "/usr/pkg/lib/X11/fonts/misc" does not exist.
[ 46324.697] Entry deleted from font path.
[ 46324.697] (WW) The directory "/usr/pkg/lib/X11/fonts/TTF" does not exist.
[ 46324.697] Entry deleted from font path.
[ 46324.697] (WW) The directory "/usr/pkg/lib/X11/fonts/OTF" does not exist.
[ 46324.698] Entry deleted from font path.
[ 46324.698] (WW) The directory "/usr/pkg/lib/X11/fonts/Type1" does not exist.
[ 46324.698] Entry deleted from font path.
[ 46324.698] (WW) The directory "/usr/pkg/lib/X11/fonts/100dpi" does not exist.
[ 46324.698] Entry deleted from font path.
[ 46324.698] (WW) The directory "/usr/pkg/lib/X11/fonts/75dpi" does not exist.
[ 46324.698] Entry deleted from font path.
[ 46324.698] (WW) The directory "/usr/pkg/lib/X11/fonts/cyrillic" does not exist.
[ 46324.698] Entry deleted from font path.
[ 46324.698] (==) FontPath set to:
/usr/pkg/share/fonts/X11/misc,
/usr/pkg/share/fonts/X11/TTF,
/usr/pkg/share/fonts/X11/Type1,
/usr/pkg/share/fonts/X11/100dpi,
/usr/pkg/share/fonts/X11/75dpi
[ 46324.698] (==) ModulePath set to "/usr/pkg/lib/xorg/modules"
[ 46324.698] (==) |-->Input Device "<default pointer>"
[ 46324.698] (==) |-->Input Device "<default keyboard>"
[ 46324.698] (==) No Layout section. Using the default mouse configuration.
[ 46324.698] (==) No Layout section. Using the default keyboard configuration.
[ 46324.698] (II) Loader magic: 0xac62dc60
[ 46324.698] (II) Module ABI versions:
[ 46324.698] X.Org ANSI C Emulation: 0.4
[ 46324.698] X.Org Video Driver: 25.2
[ 46324.698] X.Org XInput driver : 24.4
[ 46324.698] X.Org Server Extension : 10.0
[ 46324.710] (--) PCI:*(0@0:2:0) 8086:5917:17aa:225e rev 7, Mem @ 0xdb000000/16777216, 0x60000000/536870912, I/O @ 0x0000e000/64
[ 46324.710] (II) LoadModule: "glx"
[ 46324.710] (II) Loading /usr/pkg/lib/xorg/modules/extensions/libglx.so
[ 46324.716] (II) Module glx: vendor="X.Org Foundation"
[ 46324.716] compiled for 1.21.1.13, module version = 1.0.0
[ 46324.716] ABI class: X.Org Server Extension, version 10.0
[ 46324.716] (II) LoadModule: "intel"
[ 46324.716] (II) Loading /usr/pkg/lib/xorg/modules/drivers/intel_drv.so
[ 46324.716] (II) Module intel: vendor="X.Org Foundation"
[ 46324.716] compiled for 1.21.1.13, module version = 2.99.917
[ 46324.716] Module class: X.Org Video Driver
[ 46324.716] ABI class: X.Org Video Driver, version 25.2
[ 46324.716] (II) LoadModule: "mouse"
[ 46324.717] (II) Loading /usr/pkg/lib/xorg/modules/input/mouse_drv.so
[ 46324.717] (II) Module mouse: vendor="X.Org Foundation"
[ 46324.717] compiled for 1.21.1.13, module version = 1.9.5
[ 46324.717] Module class: X.Org XInput Driver
[ 46324.717] ABI class: X.Org XInput driver, version 24.4
[ 46324.717] (II) LoadModule: "kbd"
[ 46324.717] (II) Loading /usr/pkg/lib/xorg/modules/input/kbd_drv.so
[ 46324.717] (II) Module kbd: vendor="X.Org Foundation"
[ 46324.717] compiled for 1.21.1.13, module version = 2.0.0
[ 46324.717] Module class: X.Org XInput Driver
[ 46324.717] ABI class: X.Org XInput driver, version 24.4
[ 46324.717] (II) intel: Driver for Intel(R) Integrated Graphics Chipsets:
i810, i810-dc100, i810e, i815, i830M, 845G, 854, 852GM/855GM, 865G,
915G, E7221 (i915), 915GM, 945G, 945GM, 945GME, Pineview GM,
Pineview G, 965G, G35, 965Q, 946GZ, 965GM, 965GME/GLE, G33, Q35, Q33,
GM45, 4 Series, G45/G43, Q45/Q43, G41, B43
[ 46324.717] (II) intel: Driver for Intel(R) HD Graphics
[ 46324.718] (II) intel: Driver for Intel(R) Iris(TM) Graphics
[ 46324.718] (II) intel: Driver for Intel(R) Iris(TM) Pro Graphics
[ 46324.718] (--) Using wscons driver on /dev/ttyE4 in pcvt compatibility mode (version 3.32)
[ 46324.787] (II) intel(0): Using Kernel Mode Setting driver: i915, version 1.6.0 20200114
[ 46324.787] (WW) VGA arbiter: cannot open kernel arbiter, no multi-card support
[ 46324.787] (--) intel(0): gen9 engineering sample
[ 46324.787] (--) intel(0): CPU: x86-64, sse2, sse3, ssse3, sse4.1, sse4.2, avx, avx2; using a maximum of 4 threads
[ 46324.787] (II) intel(0): Creating default Display subsection in Screen section
"Default Screen Section" for depth/fbbpp 24/32
[ 46324.787] (==) intel(0): Depth 24, (--) framebuffer bpp 32
[ 46324.788] (==) intel(0): RGB weight 888
[ 46324.788] (==) intel(0): Default visual is TrueColor
[ 46324.788] (II) intel(0): Output eDP1 has no monitor section
[ 46324.788] (II) intel(0): Enabled output eDP1
[ 46324.788] (II) intel(0): Output DP1 has no monitor section
[ 46324.788] (II) intel(0): Enabled output DP1
[ 46324.788] (II) intel(0): Output HDMI1 has no monitor section
[ 46324.788] (II) intel(0): Enabled output HDMI1
[ 46324.788] (II) intel(0): Output DP2 has no monitor section
[ 46324.788] (II) intel(0): Enabled output DP2
[ 46324.788] (II) intel(0): Output HDMI2 has no monitor section
[ 46324.788] (II) intel(0): Enabled output HDMI2
[ 46324.788] (--) intel(0): Using a maximum size of 256x256 for hardware cursors
[ 46324.788] (II) intel(0): Output VIRTUAL1 has no monitor section
[ 46324.788] (II) intel(0): Enabled output VIRTUAL1
[ 46324.788] (--) intel(0): Output eDP1 using initial mode 1920x1080 on pipe 0
[ 46324.788] (==) intel(0): TearFree enabled
[ 46324.788] (==) intel(0): Using gamma correction (1.0, 1.0, 1.0)
[ 46324.788] (==) intel(0): DPI set to (96, 96)
[ 46324.788] (II) Loading sub module "dri3"
[ 46324.788] (II) LoadModule: "dri3"
[ 46324.788] (II) Module "dri3" already built-in
[ 46324.788] (II) Loading sub module "dri2"
[ 46324.788] (II) LoadModule: "dri2"
[ 46324.788] (II) Module "dri2" already built-in
[ 46324.788] (II) Loading sub module "present"
[ 46324.788] (II) LoadModule: "present"
[ 46324.788] (II) Module "present" already built-in
[ 46324.789] (II) intel(0): SNA initialized with Kabylake (gen9) backend
[ 46324.789] (==) intel(0): Backing store enabled
[ 46324.789] (==) intel(0): Silken mouse enabled
[ 46324.789] (II) intel(0): HW Cursor enabled
[ 46324.789] (==) intel(0): DPMS enabled
[ 46324.789] (II) intel(0): [DRI2] Setup complete
[ 46324.789] (II) intel(0): [DRI2] DRI driver: i965
[ 46324.789] (II) intel(0): [DRI2] VDPAU driver: va_gl
[ 46324.789] (II) intel(0): direct rendering: DRI2 enabled
[ 46324.789] (II) intel(0): hardware support for Present enabled
[ 46324.789] (II) Initializing extension Generic Event Extension
[ 46324.789] (II) Initializing extension SHAPE
[ 46324.789] (II) Initializing extension MIT-SHM
[ 46324.789] (II) Initializing extension XInputExtension
[ 46324.789] (II) Initializing extension XTEST
[ 46324.789] (II) Initializing extension BIG-REQUESTS
[ 46324.789] (II) Initializing extension SYNC
[ 46324.789] (II) Initializing extension XKEYBOARD
[ 46324.789] (II) Initializing extension XC-MISC
[ 46324.789] (II) Initializing extension XFIXES
[ 46324.789] (II) Initializing extension RENDER
[ 46324.789] (II) Initializing extension RANDR
[ 46324.789] (II) Initializing extension COMPOSITE
[ 46324.789] (II) Initializing extension DAMAGE
[ 46324.789] (II) Initializing extension MIT-SCREEN-SAVER
[ 46324.789] (II) Initializing extension DOUBLE-BUFFER
[ 46324.789] (II) Initializing extension RECORD
[ 46324.789] (II) Initializing extension DPMS
[ 46324.789] (II) Initializing extension Present
[ 46324.789] (II) Initializing extension DRI3
[ 46324.789] (II) Initializing extension X-Resource
[ 46324.789] (II) Initializing extension XVideo
[ 46324.789] (II) Initializing extension XVideo-MotionCompensation
[ 46324.789] (II) Initializing extension GLX
[ 46324.795] (II) AIGLX: Loaded and initialized i965
[ 46324.795] (II) GLX: Initialized DRI2 GL provider for screen 0
[ 46324.795] (II) Initializing extension XFree86-VidModeExtension
[ 46324.795] (II) Initializing extension XFree86-DGA
[ 46324.795] (II) Initializing extension XFree86-DRI
[ 46324.795] (II) Initializing extension DRI2
[ 46324.801] (II) intel(0): switch to mode [email protected] on eDP1 using pipe 0, position (0, 0), rotation normal, reflection none
[ 46324.804] (II) intel(0): Setting screen physical size to 508 x 285
[ 46324.878] (II) Using input driver 'mouse' for '<default pointer>'
[ 46324.878] (**) Option "CorePointer" "on"
[ 46324.878] (**) <default pointer>: always reports core events
[ 46324.878] (WW) <default pointer>: No Device specified, looking for one...
[ 46325.333] (II) <default pointer>: found Device "/dev/wsmouse"
[ 46325.337] (--) <default pointer>: Device: "/dev/wsmouse"
[ 46325.337] (==) <default pointer>: Protocol: "WSMouse"
[ 46325.337] (**) <default pointer>: always reports core events
[ 46325.337] (**) Option "Device" "/dev/wsmouse"
[ 46325.801] (==) <default pointer>: Emulate3Buttons, Emulate3Timeout: 50
[ 46325.801] (**) <default pointer>: ZAxisMapping: buttons 4 and 5
[ 46325.801] (**) <default pointer>: Buttons: 9
[ 46325.801] (II) XINPUT: Adding extended input device "<default pointer>" (type: MOUSE, id 6)
[ 46325.801] (**) <default pointer>: (accel) keeping acceleration scheme 1
[ 46325.801] (**) <default pointer>: (accel) acceleration profile 0
[ 46325.801] (**) <default pointer>: (accel) acceleration factor: 2.000
[ 46325.801] (**) <default pointer>: (accel) acceleration threshold: 4
[ 46326.257] (II) Using input driver 'kbd' for '<default keyboard>'
[ 46326.257] (**) Option "CoreKeyboard" "on"
[ 46326.257] (**) <default keyboard>: always reports core events
[ 46326.257] (**) <default keyboard>: always reports core events
[ 46326.257] (**) Option "Protocol" "standard"
[ 46326.257] (**) Option "XkbRules" "base"
[ 46326.257] (**) Option "XkbModel" "pc105"
[ 46326.257] (**) Option "XkbLayout" "us"
[ 46326.257] (II) XINPUT: Adding extended input device "<default keyboard>" (type: KEYBOARD, id 7)
[ 46326.796] (II) intel(0): EDID vendor "AUO", prod id 4157
[ 46326.796] (II) intel(0): Printing DDC gathered Modelines:
[ 46326.796] (II) intel(0): Modeline "1920x1080"x0.0 141.00 1920 1968 2068 2098 1080 1083 1084 1120 -hsync -vsync (67.2 kHz eP)
I have installed intel-vaapi-driver-2.4.0
but that didn't change anything.
vainfo
shows:
bash-5.2$ vainfo
libva info: VA-API version 1.22.0
libva info: Trying to open /usr/pkg/lib/dri/iHD_drv_video.so
libva info: va_openDriver() returns -1
libva info: Trying to open /usr/pkg/lib/dri/i965_drv_video.so
libva info: Found init function __vaDriverInit_1_22
libva info: va_openDriver() returns 0
vainfo: VA-API version: 1.22 (libva 2.22.0)
vainfo: Driver version: Intel i965 driver for Intel(R) Kaby Lake - 2.4.0
vainfo: Supported profile and entrypoints
VAProfileMPEG2Simple : VAEntrypointVLD
VAProfileMPEG2Simple : VAEntrypointEncSlice
VAProfileMPEG2Main : VAEntrypointVLD
VAProfileMPEG2Main : VAEntrypointEncSlice
VAProfileH264ConstrainedBaseline: VAEntrypointVLD
VAProfileH264ConstrainedBaseline: VAEntrypointEncSlice
VAProfileH264ConstrainedBaseline: VAEntrypointEncSliceLP
VAProfileH264Main : VAEntrypointVLD
VAProfileH264Main : VAEntrypointEncSlice
VAProfileH264Main : VAEntrypointEncSliceLP
VAProfileH264High : VAEntrypointVLD
VAProfileH264High : VAEntrypointEncSlice
VAProfileH264High : VAEntrypointEncSliceLP
VAProfileH264MultiviewHigh : VAEntrypointVLD
VAProfileH264MultiviewHigh : VAEntrypointEncSlice
VAProfileH264StereoHigh : VAEntrypointVLD
VAProfileH264StereoHigh : VAEntrypointEncSlice
VAProfileVC1Simple : VAEntrypointVLD
VAProfileVC1Main : VAEntrypointVLD
VAProfileVC1Advanced : VAEntrypointVLD
VAProfileNone : VAEntrypointVideoProc
VAProfileJPEGBaseline : VAEntrypointVLD
VAProfileJPEGBaseline : VAEntrypointEncPicture
VAProfileVP8Version0_3 : VAEntrypointVLD
VAProfileVP8Version0_3 : VAEntrypointEncSlice
VAProfileHEVCMain : VAEntrypointVLD
VAProfileHEVCMain : VAEntrypointEncSlice
VAProfileHEVCMain10 : VAEntrypointVLD
VAProfileHEVCMain10 : VAEntrypointEncSlice
VAProfileVP9Profile0 : VAEntrypointVLD
VAProfileVP9Profile0 : VAEntrypointEncSlice
VAProfileVP9Profile2 : VAEntrypointVLD
Do you have any suggestions?
We’ve all seen those multi-function devices people use in small offices and when working from home. They’ve been invaluable to me over the years, but they’ve always lacked a certain Je ne sais quoi.
This would be my dream device:
Monochrome laser printer, for expediency and legibility for things like tickets and reservation forms.
Colour inkjet printer, for when we want to print and frame photos on semi-gloss paper.
Label printer, for printing labels. Great work on that description Ruben, you’re really selling it. The first label printed would always be for the device itself.
Separate paper storage, for A4 (the standard) and Japanese B5 (the best paper size), in both plain and semi-gloss.
Document feeder scanner, with a built-in guillotine for slicing the spine off books.
Flatbed scanner, for those oddly-shaped scannables that won’t fit in the document feeder. “Scannables”?
Document copier, for scanning and printing in one step, with automatic monochrome laser or colour inkjet selection depending on the type of media being copied.
Fax machine, for sending and receiving important correspondence to government departments in 2024, which can also import/export from PDF.
Built-in VoIP handset, for use with the aforementioned fax machine, and for those forms that expect a different number to your mobile in 2024 for reasons nobody can explain to me.
Cross-cut document shredder, with support for automatic document shredding after scanning if one is feeling adventurous.
Conical steel burr coffee grinder, to deliver fresh grounds to the brewing chamber, and a timer for automatic morning brews. This could use the same motor as the aforementioned shredder if sufficient torque is available.
Coffee and tea brewing chamber, with large shower-head water dispersion for even extractions, compatibility with Hario V60 filter papers, and a chute for expired coffee and tea leaves. This could also talk HTCPCP, and implement CUPS.
Automatic clothing press, for those difficult mornings where you have to commute to the office in a collared shirt instead of working from home in an AsiaBSDCon 2019 shirt. Between this, the automatic coffee, and the document feeder for those papers you needed to present, your morning would be set.
Built-in toaster, that could also double as a CD/DVD/BD burner for exporting and sharing scanned documents and/or received faxes. Clara suggested this addition, so the machine could also operate NetBSD as its firmware. This is why Clara is the best.
By Ruben Schade in Sydney, 2024-11-16.
In no particular order:
The parameters for FORMAT
in DOS to prepare a 720 KiB double density floppy disk, instead of high density.
When Funan Centre in Singapore was The IT Mall.
How to answer a phone call that’s a fax. “Hello, Ruben speaking…” PSSSHHHHHHHHHH aaah hang up and press the button!
How to recover a PC bitten by the Chernobyl virus, which was a great gig for pocket money in school.
Downgrading Vista machines to XP, which was a great gig for money in university.
TransitLink cards, and those monthly CityRail passes.
pkg_add(8)
in FreeBSD and NetBSD.
Being interested, excited, and/or keen for new software and hardware releases, rather than being filled with dread, trepidation, and/or worry.
What it was like to go to school with Friendster, MySpace, and some PHP forum software we ran for our grade.
Winamp, QuickTime Player, and Real Player being installed by various things. I miss one of them.
When Borders Books was in the Hornsby Westfiend in Sydney, and Wheelock Place in Singapore.
Landlines.
By Ruben Schade in Sydney, 2024-11-14.
Hello I'm new to NetBSD and have been trying to install it on my Thinkpad T430. However, despite using `userconf` to disable i915drmkms and even the other drivers (radeon and nouveau) out of desperation I am still stuck at a black screen with a cursor. Would greatly appreciate any help.
Thank you
Hi,
I figured out that when you close the lid on NetBSD 10.0/amd64, the laptop doesn't go into sleep mode (ACPI sleep state 3), but instead just turns out the backlight by setting it to 0. To me there seems to be no downside to putting the computer to sleep instead, but I assume there is a good reason. I changed my the script on my machine to do that instead and it works perfectly fine.
Here is a diff if you want to try it out:
/etc/powerd/scripts/lid_switch
17c17
< wsconsctl -d -w backlight=0 >/dev/null
---
> /sbin/sysctl -w hw.acpi.sleep.state=3
22c22
< wsconsctl -d -w backlight=1 >/dev/null
---
> /sbin/sysctl -w hw.acpi.sleep.state=0
Do any of you know why this was done this way? What advantage does it have?
I was recently looking around to see if there was a BSD equivalent to the lsblk
command or perhaps even a port of blkutils
to BSD. I didn't find much, except for this nearly 10 year old post by vermaden.
I don't have a FreeBSD system so I'd be curious to know if this script still works on FreeBSD. Is surely doesn't work on NetBSD, but I wonder if anyone might be able to work with this as a starting point to getting a workable script on NetBSD?
I agree with vermaden, I just really like the lsblk
command. I know it's not a necessity, but it's neat nonetheless.
Unless there is some other tool that does the same job that I've missed? There is rsblk which is a rust rewrite of lsblk
but again, only for FreeBSD.
Hey, people!
I have recently set up a new machine, and decided to get sl
on it out of all things (yes, it's annoying but fun), and i noticed that the program was a little broken. Specifically, the whole graphic just stops and does nothing until i give it some input. Is there a list of differences between NBSD curses and ncurses so i can read some things and maybe like patch it myself or something
Thom Holwerda asked if we use NetBSD for anything. I answered!
🌲 🌲 🌲
NetBSD is wonderful! I first started using it back in the early 2000s when I was in school. My ageing iBook G3 refused to boot Yellow Dog Linux, but NetBSD/macppc installed without any issues. Starting from the ground up with networking, X11, and package management taught me more about *nix than a year of university.
I’ve since moved to FreeBSD for most personal workloads for its tooling, but I still hold a soft spot for it (I also use pkgsrc everywhere too, but that’s a separate discussion), and use it wherever I can:
First, NetBSD works great on laptops, even better than FreeBSD in my experience. I run NetBSD/amd64 on a tiny Japanese Panasonic Let’s Note laptop for a distraction-free writing machine, to the point where I just use tmux as a poor man’s window manager (though I can fire up Xorg when I need to return to the real world).
Second, as its reputation suggests, it runs everywhere. I’m a retrocomputing tragic, so I have it on everything from a Sun SPARCStation 5, to the Pentium 1 machine I built as a kid. It’s ludicrously fun swapping from BeOS, DOS, or OS/2 into NetBSD. Also really helps for transferring files, doing partition backups etc.
And finally, I also just run it for all the basic server tasks we all do. I’ve joked sometimes that NetBSD is “boring” after coming home from $DAYJOB running whatever Rube Goldberg stack the Linux world has dreamed up that week, but honestly it’s the highest praise I could imagine. I love tinkering with hypervisors, and NVMM has been a lot of fun. NPF is also a balm to a troubled soul.
I’ve also had the privilege of meeting many of the engineers behind NetBSD and pkgsrc at events like AsiaBSDCon and Linux.conf.au, and they were some of the kindest, most humble, intelligent people I’ve ever talked with. They’re the exact opposite of hype and bluster, which I suppose shows through in their OS.
Thanks Thom for asking, and giving us the opportunity to talk. NetBSD gets vanishingly little coverage even among the BSDs, let alone OSs in general, so it’s really appreciated :). I’ve also been a reader for years, but this finally convinced me to create an account here. Also thanks to @[email protected] for convincing me to comment.
By Ruben Schade in Sydney, 2024-11-06.
Hello,
When you build something from pkgsrc with custom options, you don't want it to be automatically replaced by the version from official package repositories when you perform a pkgin upgrade
. On FreeBSD, you can prevent this by locking the package with pkg lock
. I couldn't find a corresponding command in NetBSD's pkgin. Is there a way to lock packages, or is the only option in this case to add a local package repository that takes precedence over the main one?
NetBSD is an open-source, Unix-like operating system known for its portability, lightweight design, and robustness across a wide array of hardware platforms. Initially released in 1993, NetBSD was one of the first open-source operating systems based on the Berkeley Software Distribution (BSD) lineage, alongside FreeBSD and OpenBSD. NetBSD’s development has been led by a collaborative community and is particularly recognized for its “clean” and well-documented codebase, a factor that has made it a popular choice among users interested in systems programming and cross-platform compatibility.
↫ André Machado
I’m not really sure what to make of this article, since it mostly reads like an advertisement for NetBSD, but considering NetBSD is one of the lesser-talked about variants of an operating system family that already sadly plays second fiddle to the Linux behemoth, I don’t think giving it some additional attention is really hurting anybody. The article is still gives a solid overview of the history and strengths of NetBSD, which makes it a good introduction.
I have personally never tried NetBSD, but it’s on my list of systems to try out on my PA-RISC workstation since from what I’ve heard it’s the only BSD which can possibly load up X11 on the Visualize FX10pro graphics card it has (OpenBSD can only boot to a console on this GPU). While I could probably coax some cobbled-together Linux installation into booting X11 on it, where’s the fun in that?
Do any of you lovely readers use NetBSD for anything? FreeBSD and even OpenBSD are quite well represented as general purpose operating systems in the kinds of circles we all frequent, but I rarely hear about people using NetBSD other than explicitly because it supports some outdated, arcane architecture in 2024.
I can't understand what "-f" option to find command on NetBSD mean.
Manual: https://man.netbsd.org/find.1 says
-f Specifies a file hierarchy for find to traverse. File hierarchies may also be specified as the operands immediately following the options.
Usage:
find [-H | -L | -P] [-dEhsXx] -f file [file ...] [expression]
find [-H | -L | -P] [-dEhsXx] file [file ...] [expression]
I would expect the two following calls to be equivalent:
home# find ./ -name "*c"
./1.c
home# find -f ./ -name "*c"
find: unknown option -- n
find: unknown option -- a
find: unknown option -- m
find: unknown option -- e
./
./1.c
find: *c: No such file or directory
Instead to make second equivalent I have to run
home# find -f ./ -- -name "*c"
./1.c
Am I missing something?
wsconsctl: WSKBDIO_SETENCODING: Invalid argument
encoding -> pl
You know that bell curve meme where the amateaur starts with something simple, the genius does something complicated, and the wise sage returns to something simple? It’s an oversimplication for most situations to which its applied, but it tracks perfectly with my desktop environment and window manager experience.
As I’m sure many of us did, we started on whatever desktop our *nix of choice shipped. That meant Gnome on the first Red Hat Linux I ran, then KDE with Mandrake, and Xfce with my beloved Cobind Desktop. I probably would have started on CDE had my first *nix been something commercial, or maybe OPENSTEP if I’d even heard of NeXT as a kid. But I digress.
For these desktops, it was less about making a deliberate choice, and thinking “well, that’s what Red Hat looks like”. While classic Mac OS and Windows 95 had customisable skins and themes—back when computing was personal—the idea of swapping out the entire GUI for something else was a foreign concept; beyond the likes of Norton Desktop or Calmira of course.
Over time, I figured out these Linux distros had chosen a desktop, much as my family had chosen Brown Bag Software PowerMenu, then Windows 3.x for our 486SX running DOS. But this raised the question about what other desktops are available. What do they look like? How do they work? Are they cool? Naturally you’d want to try them all.
I think it’s a rite of passage to have built your own graphical environment when you’re entering the world of *nix; it’s why Linux distros like Arch remain popular in spite of the existence of Mint and Fedora. There’s a sense of accomplishment having cobbled together something cohesive and usable from disparate components that fit your exact requirements. Do you prefer overlapping or tiled window managers? What about Finder-style or orthodox file managers? Or menus or keyboard launchers?
I tended towards minimalistic window managers like Fluxbox and Xmonad, before trending back towards Xfce and eventually KDE Plasma. I realised how much work it was maintaing my own set of desktop applications, especially when I’d hit an edge case, and in the end I had better things I wanted to do.
Or at least… so I thought! Something that has persisted since is my desire to use applications written with the same graphical toolkit as the active desktop. That means Qt for KDE, and GTK for Gnome and Xfce. Back when I was using something like Openbox, I’d still prefer to be consistent and use all Qt or all GTK. What toolkit something was written in would often be the deciding factor in choosing certain software.
It’s not a completely silly thing to do. The entire founding premise of KDE back in the day was bringing consistency and predictability to the desktop, after years of programs doing their own thing. KDE and KDE-adjacent applications written in Qt have similar menu layouts, and their settings screens look and work the same. Xfce tools all have a similar minimal yet functional design that I still think is a high-water mark.
Certain technical people would critique being worried about such fluffy stuff, but I use these machines every day, and I’d like the experience to be seamless and pleasant (it’s honestly the main reason I lament the state of current macOS, but that’s a separate discussion).
In the end though, is a phrase with four words. Despite one’s best efforts to run what looks like a cohesive desktop, you’ll always have exceptions. I daily drive LibreOffice, Firefox, and Inkscape in KDE, and I do prefer running Kwrite/Kate and Krita even in Xfce. Turns out, you should use the right tool for the job, not the one that happens to be written in a specific toolkit (I’m also running Ranger as my “file manager” as well, which warrants its own post).
It does make me wonder if we’ll ever get a unifying toolkit and appearance. Red Hat tried years ago with Bluecurve, but the result wasn’t great. That’s the problem with open source people, it’s like herding a field of intelligent cats with specific opinions.
By Ruben Schade in Sydney, 2024-11-02.
Anyone have a hint on what might cause this or how to debug it?
[ 26.594186] uvm_fault(0xffffaee6a0a826f8, 0xffffaee710f17000, 1) -> e [ 26.594186] fatal page fault in supervisor mode [ 26.594186] trap type 6 code 0 rip 0xffffffff80dab10a cs 0x8 rflags 0x10246 cr2 0xffffaee710f17978 ilevel 0 rsp 0xffffc5013874d680 [ 26.605602] curlwp 0xffffaee69fb900c0 pid 1020.1020 lowest kstack 0xffffc501387492c0 [ 26.605602] panic: trap [ 26.605602] cpu0: Begin traceback... [ 26.605602] vpanic() at netbsd:vpanic+0x183 [ 26.605602] panic() at netbsd:panic+0x3c [ 26.605602] trap() at netbsd:trap+0xbaf [ 26.605602] --- trap (number 6) --- [ 26.614173] ifunit() at netbsd:ifunit+0x19 [ 26.614173] ipf_resolvedest() at ipl:ipf_resolvedest+0x24 [ 26.614173] ipf_state_putent() at ipl:ipf_state_putent+0x2e5 [ 26.614173] ipfioctl() at ipl:ipfioctl+0x9a [ 26.614173] cdev_ioctl() at netbsd:cdev_ioctl+0x99 [ 26.614173] spec_ioctl() at netbsd:spec_ioctl+0x54 [ 26.614173] VOP_IOCTL() at netbsd:VOP_IOCTL+0x47 [ 26.624174] vn_ioctl() at netbsd:vn_ioctl+0xb1 [ 26.624174] sys_ioctl() at netbsd:sys_ioctl+0x56e [ 26.624174] syscall() at netbsd:syscall+0x1fc [ 26.624174] --- syscall (number 54) --- [ 26.624174] netbsd:syscall+0x1fc: [ 26.624174] cpu0: End traceback...
Seeing as I'm compiling a custom kernel on NetBSD to enable amdgpu
anyway, I was wondering what I might be able to comment out to reduce the cruft.
I read:
You'll probably have to experiment a bit before achieving a minimal configuration but on a desktop system without SCSI and PCMCIA you can halve the kernel size.
I'm not exactly sure what SCSI
and PCMCIA
are exactly, but I am on a desktop system so if these relate to laptop hardware then we're probably safe.
I just wondered if there was a fool proof method to downsizing the kernel, seeing as I'm here building it anyway.
I have a very old AirPort Extreme, the A1408. Is it possible to install Linux on it, using the AirPort functionally as a hard disk, and then boot from that? I have also heard that AirPorts run NetBSD. Can you boot into that and run commands?
Michael Larabel reported in Phoronix:
GCC 15 had planned to remove Itanium IA-64 support to close the book on that Intel architecture. That GCC move followed the Linux kernel removing Itanium support last year and more distributions ending Itanium support although many did so years ago. But open-source developer René Rebe stepped up and wants to maintain Itanium’s IA-64 support in the GNU Compiler Collection.
I don’t use GCC, but this sort of thing makes me happy in the way all of NetBSD’s ports do. Good on you, René! It’s one thing to run contemporaneous software and period-correct hardware on legacy machines, but it’s another to introduce them into the future. (It’s also a bit of a commentary about how wasteful modern tech is with resources, but that’s a separate discussion).
Weirdly enough, I did actually mess with Itanium briefly when I was in high school. I remember being hamgstrung by actually being able to boot things, and being frustrated at the limited software support. Little did I know how accurate those (albeit unremarkable) observations were to become.
Part of me does wonder how different the industry would look if everyone followed Itanium instead of amd64. Maybe we would have at least had some more architectural diversity.
By Ruben Schade in Sydney, 2024-10-12.
I have not been at EuroBSDCon for a while, unfortunately! My last EuroBSDCon was EuroBSDcon 2017 in Paris, France (and I have also blogged about it)!
I was very excited to come back to EuroBSDCon. Meet again in person with people. Talk in the "hall track"... and, why not!, have some fun and do some shenanigans in the nights! :)
And... definitely it was very nice, instructive and fun!
I have not fully unpacked the bag but it's time to share some notes!
I arrived in Dublin on Friday afternoon. After some sightseeing on foot I got lost in the paintings of the National Gallery of Ireland.
I then spent the rest of the evening and night in Porterhouse Temple Bar. I had a tasty soup and garlic bread and several delicious craft beers!
My hotel was a 40 minutes walk from University College Dublin (UCD). I arrived a bit early for the registration. I then met some other NetBSD folks that I had missed in person since 2018 and met new ones.
View from O'Reilly Hall, University College Dublin.
After the Opening Session that welcomed us, the conference started with the opening keynote Evidence based Policy formation in the EU what Evidence are we Presenting to the EU? by Tom Smyth. Tom Smyth shared his experience on evidence based policy formation in the European Union from a point of a relatively small ISP. EU is open to feedback and as a BSD community we can shape and influence policies.
Taylor talked about bit flips, the memory errors in the machine.
Memory errors caught in the act: corruption of a filename in Riastradh's local machine.
He started sharing a catch of bit flip in a filename corruption on his local
machine in NetBSD src
repository. A bit flipped and that
resulted from
external/gpl3/gdb/dist/gdb/testsuite/gdb.linespec/cpls.cc
to
e\370ternal/gpl3/gdb/dist/gdb/testsuite/gdb.linespec/cpls.cc
(In ASCII lower case
x
is \170
that is
01111000 in binary, while
\370
is 11111000, the most
significant bit got flipped!).
He also opened several PRs - due to several experienced kernel panics mostly in ZFS - before he realized that it was bad RAM.
As part of the talk a lot of fundamentals concepts and theory behind Error Detection And Correction (EDAC), causes of memory errors, where memory errors can happen, error severity and error persistence were shared.
Taylor then talked and digged in ACPI Platform Error Interface (APEI) that is the standard interface in ACPI that abstract EDAC device registers.
In NetBSD APEI is supported by the apei(4) driver.
The apei(4) driver also exposes a sysctl interface to APEI EINJ (Error INJection) that permit to also inject errors. Using such interface Riastradh live demoed that and trigger a memory error that was corrected and reported by apei(4)!
Riastradh live demoing a memory error using APEI EINJ via apei(4).
The talk was great and super-interesting. Memory errors are also pretty common. Taylor also shared a lot of anecdotes and that make his talk even more fun and interesting!
Dr. Nicola Mingotti talk was a great introduction (and more) to Generalized Pin Input Output (GPIO)!
He started really from the start by populating a uSD card and installing and configuring NetBSD on a Raspberry Pi 3 Model B+.
He then introduced GPIO, how the RPi3B+ pin maps to the GPIO number and then we were ready to get our hands on GPIO!
As first exercises he showed how to set a PIN state (on/off) and read a PIN state via gpioctl(8). This can be used respectively to turn a LED on/off and to read the state of a switch.
The second series of exercises looked on how fast gpioctl
can be. This is limited for several applications and so Nicola
introduced how to write and read pin states in C via ioctl(2). This is much faster
and with that we can go from switches to square waves!
To avoid bit-banging and polling respectively gpiopwm(4) and gpioirq(4) can be used. Nicola shared several applications of them, like blinking LED and loopback. (Another possible application, left as an exercise to the reader is the "daemon toggler". The "daemon toggler" starts/stops a daemon (e.g. ntpd(8)) based on the state of a physical switch!)
He then shared a much bigger application a Wind-Speed Logger (AKA WSL). This was used by Nicola in order to evaluate if wind turbines could be installed or not. He also shared how he adjusted an RPi case and built housing for it (the RPi will be outside, needs to cool off so needs some ventilation but at the same time the housing should block rain!)
Nicola showing the sensor used to build the Wind-Speed Logger (WSL).
He concluded the talk on why he used NetBSD.
The talk was really educational. Nicola did a great job in summarizing and providing a lot of references. If you are more interested I suggest to catch up with the video recordings, slides and try to do the exercises in it!
After Nicola's talk I have spent some time in the "hall track" talking with other people and missed a couple of talks (recording should be available so I will hopefully catch up!).
I have then attended Stefano Marinelli's talk Why (and how) we're migrating many of our servers from Linux to the BSDs.
Stefano shared his more than 2 decades old experience with BSD systems and how he made his passion his profession.
He shared his philosophy, experience with clients and why it is important to focus on solving problems.
During the talk he shared also several interesting stories with clients. In one of them to avoid possible bias on BSD systems he migrated client hosts without informing them. A client called alarmed because he noticed a massive performance boost!
His talk was inspiring and you can find more in his I Solve Problems blog post.
After Stefano's talk we gathered to join the social event and took a DART train (Dublin Area Rapid Transit).
The social event was in BrewDog Dublin Outpost.
We were in an area dedicated to EuroBSDCon participants so that we can eat, drink and talk. There was a buffet and we received tickets to grab beers.
Several folks gifted me an handful and I have definitely had a pretty ample beer tasting experience too! :)
I also had a Vegan Spicy Meaty pizza: a pizza with seitan, mushrooms, chilli flakes, fresh red chilli, tomatoes and vegan mozzarella. My italian-pizza-side is usally pretty orthodox and I usually go for a pizza marinara! :) But overall that was actually pretty nice and I really appreciated the topping!
I have staid with a couple of folks until the closure.
With Christoph Badura (<bad@>
) we walked in the
desperate search of grabbing some more food. However, at the end we
ended up in The Temple Bar Pub for "only another beer"! We met with
some friendly Swedish and Swiss tourists and we started talking about
BSD systems at 2:00 AM! The weather was pretty nice (it was always
pretty cloudy but there was no rain for the entire conference)
and we decided to continue walking back to our hotels.
At the end we have walked for a bit less than 9 kilometers from Temple Bar
to nearly Booterstown!
That was a great walk though and definitely we had no traces of
hangovers in the morning! :)
I wake up a bit late on Sunday and arrived in UCD at around 12:00 and staid until lunch in the "hall track".
For lunch the vegetarian dish was a vegetarian curry, pretty tasty!
On Sunday we had a longer lunch break also to take a family photo.
EuroBSDCon 2024 family picture. You can find more EuroBSDCon
photographs taken by Ollivier Robert at EuroBSDCon 2024 -
Dublin, Ireland album.
After lunch I have attended FreeBSD at 30 Years: Its Secrets to Success by Kirk McKusick. In this talk Kirk looked back at 30 years of FreeBSD history (and also more for BSD years!) and what made its success. He talked about a lot of different topics, including leadership, development, importance of adopting ideas and codes from NetBSD and OpenBSD, communication, documentation and project culture. He also shared several interesting statistics and demographic about FreeBSD.
I have then attended Confidential Computing with OpenBSD by Hans-Jörg Höxer. Hans-Jörg introduced concepts about confidential computing, the threat model that it cover and then digged in AMD Secure Encrypted Virtualization (SEV) and how he is using that in OpenBSD vmm(4).
Then I have attended Building an open native FreeBSD CI system from scratch with lua, C, jails & zfs by Dave Cottlehuber. In this talk Dave shared the design and implementation of a Continuous Integration (CI) system focused on FreeBSD technologies but that can be ported also to other BSDs.
The final talk I have attended was SIMD-enhanced libc string functions: how it's done by Robert Clausecker and Getz Mikalsen. In this talk Robert shared how several libc string functions were reimplemented in other to use SIMD techniques on amd64 and arm64. Getz worked on porting such work on arm64 as part of Google Summer of Code 2024 and he shared his work and challenges in porting that. The talk was interesting and micro-benchmarking showed performance increase by factor of 5 on average!
Then I have joined the Closing Session.
There was a wrap up of the conference and some stats about it.
And *drumrolls* the next EuroBSDCon location was announced! EuroBSDCon 2025 will be in Zagreb, Croatia!
After the Closing Session with other NetBSD folks we met again for one
last dinner. We met with Andy Doran (<ad@>
) and we
had some junk food and several beers.
I had not traveled a lot in the last years and I have missed several EuroBSDCon-s and I really regret that! EuroBSDCon 2024 was great: very interesting talks, friendly folks and it was some time that I did not had so much fun!
Dublin was also really nice. All the locals were also very friendly. I hope to come back to both Dublin and Ireland to do some much more sightseeing in a more relaxed pace. Enjoy food, beers, drinks and more. Talk with locals.
I would like to thanks a lot to all the EuroBSDCon organizers for the amazing conference!
I also would like to thanks The NetBSD Foundation that funded my EuroBSDCon registration.
If you have never been to EuroBSDCon and you are curious about BSDs... I strongly suggest to attend either as participant or speaker! Folks are super-friendly, there are a lot of interesting tutorials and talks and I'm pretty sure you will have fun too!
And... if you are still reading until here... thank you too! :)
This report was written by Emmanuel Nyarko as part of Google Summer of Code 2024.
Alternate Queuing has been of great need in the high Performance Computing space since the continuous records of unfair disruption in network quality due to the buffer bloat problem. The buffer bloat problem still persists and not completely gone but modern active queue managements have been introduced to improve the performance of networks.
ALTQ was refactored to basically improve maintainability. Duplicates were handled, some compile time errors were fixed and also performance has been improved too.
This improves the quality of developer experience on maintaining the ALTQ codebase.
The Controlled Delay (CoDel) active queue management has also been integrated into the netbsd codebase. This introduces improvements made in the area of quality of service in the netbsd operating system. CoDel was a research led collaborative work by Van Jacobness and Kathleen Nichols which was developed to manage queues under control of the minimum delay experienced by packets in the running buffer window.
As it stands now, ALTQ in NetBSD is integrated in PF packet filter. I am currently working to integrate it in the NPF packet filter. The code in NetBSD is on the constant pursuit to produce clean and maintainable code.
I'll also be working to improve quality of service in NetBSD through quality and collaborative research driven by randomness in results. As a research computer scientist, I will be working to propose new active queue managements for the NetBSD operating system to completely defeat the long lasting buffer bloat problem.
More details of the work can be found in my Google Summer of Code 2024 work submission.
I am trying to install, for the first time, NetBSD-10.0-amd64 on HP EliteBook 8570w. After choosing "Install BSD" option installer goes to the booting mode and gets interrupted with an error:
502c0
Stopped in pid 294.294 (init) at netbsd:breakpoint+0x5: leave
breakpoint() at netbsd:breakpoint+0x5
vpanic() at netbsd:vpanic+0x183
panic() at netbsd:panic+0x3c
cnopen() at netbsd:cnopen+0x104
cdev_open() at netbsd:cdev_open+0x12a
spec_open() at netbsd:spec_open+0x1e0
VOP_OPEN() at netbsd:VOP_OPEN+0x3e
vn_open() at netbsd:vn_open+0x2ec
do_open() at netbsd:do_open+0xc3
do_sys_openat() at netbsd:do_sys_openat+0x74
sys_open() at netbsd:sys_open+0x24
syscall() at netbsd:syscall+0x1fc
--- syscall (number 5) ---
netbsd:syscall+0x1fc
ds 8
es 2
fs 180
gs 4a80
rdi 0
rsi ffffffff81d88000
rsi ffffbe8345a54ad0
rbx 0
rdx 1
rcx ffffffffffffff
rax 800000000000000
r8 0
r9 0
r10 ffffffff818450e0 x86_mem
r11 fffffffe
r12 ffffffff8139af6f ostype+0x13aa
r13 ffffbe8345a54b18
r14 104
r15 ffff8046d2cbdbc0
rip ffffffff80235385 breakpoint+0x5
cs 8
rflags 202
rsp ffffbe8345a54ad0
ss 10
netbsd:breakpoint +0x5: leave
If I continue the system precedes to reboot.
I'm not familiar with bsd tools so please tell me if I left important information.
I installed FreeBSD and Arch Linux on the same machine and it worked fine.
After several sessions with intense Google searching and trying several angles with ChatGPT, I seem to be at a dead-end, my problem arises when I try to build OpenSSL from source, it seems that the build process wants to link with libcrypto.so located in /lib, but the system supplied version of OpenSSL is ancient, so this fails miserably, since OpenSSL now includes functionality not present in my version of libcrypto.so, specifically QUIC, its failing on safe_muldiv_uint64_t. It seems like a catch-22, and I have absolutely no idea how to break out of this.
Some of the suggestions I have found involved building OpenSSL in a chroot jail, but I think it seems a little excessive?
So I guess my question is: How do I build OpenSSL without linking with /lib/libcrypto.so, but linking with the version of libcrypto from the source package?
Output:
${LDCMD:-cc} -pthread -Wa,--noexecstack -O2 -O3 -pipe -I/usr/include -I/usr/pkg/include -L/usr/local/lib -L/usr/pkg/gcc7/lib/gcc/x86_64--netbsd/7.5.0 -Wl,-R/usr/pkg/gcc7/lib/gcc/x86_64--netbsd/7.5.0 -Wl,-zrelro -L/usr/lib -Wl,-R/usr/lib -L/usr/pkg/lib -Wl,-R/usr/pkg/lib \
-o fuzz/quic-srtm-test \
fuzz/quic-srtm-test-bin-fuzz_rand.o \
fuzz/quic-srtm-test-bin-quic-srtm.o \
fuzz/quic-srtm-test-bin-test-corpus.o \
libssl.a libcrypto.a -pthread
...
apps/libapps.a -lssl -lcrypto -pthread
./libssl.so: undefined reference to safe_muldiv_uint64_t
./libssl.so: undefined reference to safe_mul_uint64_t
-L/usr/lib is specified in the above command executed by the Makefile, and that folder contains libcrypto.o and libssl.o from the system supplied version of OpenSSL,
For certain use cases, it’s advisable to set up a read-only root file system, which ensures better reliability in case of system issues. Think of scenarios like a router (critical for network access) or a caching reverse-proxy, such as the one described in my series “Make your own CDN“.
While FreeBSD natively supports this configuration and some Linux distributions offer custom solutions (e.g., Alpine Linux), NetBSD stands out as an excellent choice for such devices. It supports nearly all embedded devices, is lightweight, and its stability minimizes the need for frequent updates.
↫ Stefano Marinelli
Exactly what it says on the tin. Friend of the website (a new term I just made up and will use from here on out for some people) Stefano Marinelli, fresh from his series about making your own CDN using the various BSDs, explains how to set up a NetBSD system with a read-only root filesystem for the special use cases where this makes sense.
After covering setting up your own CDN with both FreeBSD and OpenBSD, it’s now time to learn how to set up your own CDN wit NetBSD.
This article is a spin-off from a previous post on how to create a self-hosted CDN, but this time we’ll focus on using NetBSD. NetBSD is a lightweight, stable, and secure operating system that supports a wide range of hardware, making it an excellent choice for a caching reverse proxy. Devices that other operating systems may soon abandon, such as early Raspberry Pi models or i386 architecture, are still fully supported by NetBSD and will continue to be so. Additionally, NetBSD is an outstanding platform for virtualization (using Xen or qemu/nvmm) and deserves more attention than it currently receives.
↫ Stefano Marinelli
All the same from my previous post still applies, and it’s a great thing that Marinelli covers all three of the major BSDs (so far). If you want to run your own CDN on BSD, you can now make a pretty informed decision on which BSD best suits your needs.
Thanks to open source, no technology ever has to become obsolete, so long as a community remains to support it. You can sync Newtons and Palm Pilots with modern desktops, download web browsers for long-discontinued operating systems, or connect vintage computers like the Apple IIe to the modern internet via WiFi. Every year, new cartridges are released for old-school video game consoles like the Nintendo Entertainment System and Game Boy.
People keep old software and online platforms alive as well. The Dreamwidth team forked an old version of the early social network LiveJournal’s source code and built a community around it. The dial-up bulletin board system software WWIV is still maintained and there are plenty of BBSes still around. Teams are working to restore aspects of early online services like AOL and Prodigy. And you can still use Gopher, the hypertext protocol that was — for a brief period in the early 1990s — bigger than the web.
↫ Klint Finley
Retrocomputing is about a lot of things, and I feel like it differs per person. For me, it’s a little bit of nostalgia, but primarily it’s about learning, and experiencing hardware and software I was unable to experience when they were new, either due to high cost or just general unavailability. There’s a lot to learn from platforms that are no longer among us, and often it helps you improve your skills with the modern platforms you do still use.
The linked article is right: open source is playing such a massive role in the retrocomputing community. The number of open source projects allowing you to somehow use decades-old platforms in conjunction with modern technologies is massive, and it goes far beyond just software – projects like BlueSCSI or very niche things like usb3sun highlights there’s also hardware-based solutions for just about anything retro you want to accomplish.
And we really can’t forget NetBSD, which seems to be the go-to modern operating system for bringing new life to old and retro hardware, as it often runs on just about anything. When I got my PA-RISC workstation, the HP Visualize c3750, I couldn’t find working copies of HP-UX, so I, too, opted for NetBSD to at least be able to see if the computer was fully functional. NetBSD is now a tool in my toolbox when I’m dealing with older, unique hardware.
Retrocomputing is in a great place right now, with the exception of the ballooning prices we’re all suffering from, with even successful mainstay YouTubers like LGR lamenting the state of the market. Still, if you do get your hands on something retro – odds are there’s a whole bunch of tools ready for you to make the most of it, even today.
This is a new installation for a wordpress site that hasn't launched yet.
The memcached process is always at near 100% of cpu usage:
load averages: 1.93, 1.78, 1.83; up 3+22:29:29 21:49:18
31 processes: 28 sleeping, 3 on CPU
CPU states: 59.1% user, 0.0% nice, 4.0% system, 0.0% interrupt, 36.8% idle
Memory: 2069M Act, 1014M Inact, 44K Wired, 175M Exec, 2447M File, 54M Free
Swap: 512M Total, 512M Free / Pools: 279M Used / Network: 23K In, 1K Out
PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND
5770 memcache 25 0 70M 3112K CPU/0 19:11 94.58% 94.58% memcached
And memcached-tool /var/run/memcached/memcached_0.sock stats
reports
#/var/run/memcached/memcached_0.sock Field Value
accepting_conns 1
auth_cmds 0
auth_errors 0
bytes 0
bytes_read 21
bytes_written 4435
cas_badval 0
cas_hits 0
cas_misses 0
cmd_flush 0
cmd_get 0
cmd_meta 0
cmd_set 0
cmd_touch 0
conn_yields 0
connection_structures 2
crawler_items_checked 0
crawler_reclaimed 0
curr_connections 1
curr_items 0
decr_hits 0
decr_misses 0
delete_hits 0
delete_misses 0
direct_reclaims 0
evicted_active 0
evicted_unfetched 0
evictions 0
expired_unfetched 0
get_expired 0
get_flushed 0
get_hits 0
get_misses 0
hash_bytes 524288
hash_is_expanding 0
hash_power_level 16
incr_hits 0
incr_misses 0
libevent 2.1.12-stable
limit_maxbytes 67108864
listen_disabled_num 0
log_watcher_sent 0
log_watcher_skipped 0
log_watchers 0
log_worker_dropped 0
log_worker_written 0
lru_bumps_dropped 0
lru_crawler_running 0
lru_crawler_starts 6
lru_maintainer_juggles 103444004
lrutail_reflocked 0
malloc_fails 0
max_connections 1024
moves_to_cold 0
moves_to_warm 0
moves_within_lru 0
pid 5770
pointer_size 64
read_buf_bytes 98304
read_buf_bytes_free 32768
read_buf_count 6
read_buf_oom 0
reclaimed 0
rejected_connections 0
reserved_fds 20
response_obj_bytes 49152
response_obj_count 1
response_obj_oom 0
round_robin_fallback 0
rusage_system 1.053032
rusage_user 1136.463840
slab_global_page_pool 0
slab_reassign_busy_deletes 0
slab_reassign_busy_items 0
slab_reassign_chunk_rescues 0
slab_reassign_evictions_nomem 0
slab_reassign_inline_reclaim 0
slab_reassign_rescues 0
slab_reassign_running 0
slabs_moved 0
store_no_memory 0
store_too_large 0
threads 4
time 1724186947
time_in_listen_disabled_us 0
total_connections 4
total_items 0
touch_hits 0
touch_misses 0
unexpected_napi_ids 0
uptime 1177
version 1.6.23
Memcached is configure to start with:
# grep memcach /etc/rc.conf
memcached=YES
memcached_jobs="job0"
memcached_job0_args="-a 660 -s /var/run/memcached/memcached_0.sock -m 64 -c 1024"
What might be wrong?
After years of inactivity, the Kyua project has graduated as an open source citizen and has a new home under the FreeBSD umbrella!
But uh… wait, what is Kyua and why is this exciting? To resolve confusion and celebrate this milestone, I’d like to revisit what Kyua is, how it came to be, why I stopped working on it for a while, why that was a problem for FreeBSD—and, indirectly, NetBSD—and how Kyua being free software has helped keep it alive.
As usual, partway through a couple weeks in Mallorca, we’re just getting the hang of it. After a few days of only the pool, it’s been pool mornings and beach afternoons. Every day, each kid gets more bold in both. I’ve managed to avoid getting sunburnt so far, though it’s getting harder to stay ahead of the situation. For mealtimes it’s kind of fun to be stuck in a tiny kitchen trying to cook my way out; bedtimes, down a sleepable room due to a broken air conditioner, were less so. My carcass got taken over by mosquitoes, who then rented most of it back to me. In a few days I might be ready to buy them out.
Usually here I’d consider taking a nap when the littles do. Definitely tired enough. But a little solo computer time feels more like what I’m needing: Refactoring some code, backing up some photos, updating pkgsrc stuff, writing posts on my website, that sort of thing.
For this summer vacation we’re hopping around more, which happens to simplify our transatlantic travel days. (Traditionally we’d have connecting flights before arriving anywhere.) One flight into Munich, where we stayed in the area for a few days visiting in-laws. From there a quick hop to Mallorca, the meat in our vacation sandwich. From here a quick-ish hop to Hannover for a week back in the little north-central German village where we lived out the first two years of COVID. Then we’ll drive to Frankfurt to see friends before our return flight to New York. Hopping around like this means we get to see more people and places, in exchange for which we get to find out what happens when kids try to sleep in a wider variety of environments and configurations. So far, sokay.
I wanted to clear all the newsletters items I’ve saved, so you are getting links until my inbox no longer paginates.
All that to say, I find that NetBSDs philosophy aligns with mine. The OS is small and cozy, and compared to many minimal Linux distributions, I found it faster to setup. Supported hardware is automatically picked up, for my Thinkpad T480s almost everything (except the trackpad issue I solved above) worked out of the box, and it comes with a minimal window manager and display manager to get you started. It is simple and minimal but with sane defaults. It is a hackable system that teaches you a ton. What more could you want?
↫ Marc Coquand
I spent quite some time using OpenBSD earlier this year, and I absolutely, positively loved it. I can’t quite put into words just how nice OpenBSD felt, how graspable the configuration files and commands were, how good and detailed the documentation, and how welcoming and warm the community was over on Mastodon, with even well-known OpenBSD developers taking time out of their day to help me out with dumb newbie questions.
The only reason I eventually went back to Fedora on my workstation was performance. OpenBSD as a desktop operating system has some performance issues, from a slow file system to user interface stutter to problematic Firefox performance, that really started to grind my gears while trying to get work done. Some of these issues stem from OpenBSD not being primarily focused on desktop use, and some of them simply stem from lack of manpower or popularity. Regardless, nobody in the OpenBSD community was at all surprised or offended by me going back to Fedora.
NetBSD seems to share a lot of the same qualities as OpenBSD, but, as the linked article notes, with a focus on different things. Like I said yesterday, I’m looking to building and testing a system entirely focused on tiled terminal emulators and TUI applications, and I’ve been pondering if OpenBSD or NetBSD would be a perfect starting point for that experiment.
I was not able to get this done early like the last few posts, but there’s still a good range here.
Blog System/5 hasn’t always been called this way and it hasn’t been my first experience with blogging either. In fact, today marks the 20th anniversary of this publication in its various incarnations so it’s time for a bit of reflection.
Just to set context for when 20 years ago was: Windows XP was almost 3 years old, Ubuntu had just debuted, Apple computers were still PowerPC-based, Half Life 2 was about to launch, and Slashdot was the place to be instead of the yet-to-be-created Hacker News. As for myself, I was still in college, had copious amounts of free time, and was a really active contributor to NetBSD.
On my home network, some important jobs are performed by little ARM computers.
The house came with a decent sound system wired in. The receiver can take 1/8” stereo input — from AirPlay, with help from a decade-old Raspberry Pi 1 Model B Rev 2.
With a 4GB SD card, from macOS:
$ diskutil list # inspect output
$ SDCARD=disk6
$ diskutil unmountDisk ${SDCARD}
$ links https://raspi.debian.net/tested-images/
$ DISKIMAGE=20231109_raspi_1_bookworm.img.xz
$ fetch https://raspi.debian.net/tested/${DISKIMAGE}
$ xzcat ${DISKIMAGE} \
| sudo dd of=/dev/r${SDCARD} bs=64k oflag=sync status=progress
$ diskutil eject ${SDCARD}
Place the RPi somewhere convenient.
Connect SD card, keyboard, HDMI, Ethernet, and power.
Log in as root
, no password:
# apt update
# apt -y install etckeeper
# cd /etc
# git branch -M main
# apt -y install sudo
# visudo # for the sudo group, insert NOPASSWD: before the final ALL
# useradd -m -G sudo -s /bin/bash schmonz
# passwd schmonz
# exit
Log in as schmonz
:
$ sudo passwd root
$ sudo sh -c 'echo 127.0.1.1 schleierplay >> /etc/hosts'
$ sudo hostnamectl hostname schleierplay
$ sudo ln -sf /usr/share/zoneinfo/US/Eastern /etc/localtime
$ sudo etckeeper commit -m 'Set root password, hostname, and timezone.'
$ sudo apt -y install shairport-sync
$ sudo vi /etc/shairport-sync.conf
$ sudo etckeeper commit -m 'Set AirPlay name.'
$ sudo shutdown -h now
Place the RPi where it’ll live. Connect audio cable, Ethernet, and power.
$ ssh-copy-id schleierplay.local
Make sure receiver is set to AUX input. Use AirPlay.
As with any Debian:
$ ssh schleierplay.local -t 'sudo apt update && sudo apt -y upgrade && sudo apt -y autoremove'
To back up /etc
, git push
it someplace trustworthy and private.
I’d rather run NetBSD, but on 10.0 with shairport-sync
, I saw a lot of AirPlay Speaker Not Available: 'House' is being used by someone else
(even when it wasn’t).
My ancient USB-only HP LaserJet P1006 remains reliable for our basic needs and we’ve still got a pile of toner cartridges. A friend recently sent me a comparatively beefy Pine A64 board.
With a 4GB SD card, from macOS:
$ diskutil list # inspect output
$ SDCARD=disk6
$ diskutil unmountDisk ${SDCARD}
$ links https://www.armbian.com/pine64/
$ DISKIMAGE=Armbian_24.5.1_Pine64_bookworm_current_6.6.31_minimal.img.xz
$ fetch https://dl.armbian.com/pine64/archive/${DISKIMAGE}
$ xzcat ${DISKIMAGE} \
| sudo dd of=/dev/r${SDCARD} bs=64k oflag=sync status=progress
$ diskutil eject ${SDCARD}
Place the A64 somewhere convenient.
Connect SD card, keyboard, HDMI, Ethernet, and power.
Follow the prompts to set the root
password, create a user account, and select a locale.
Then continue:
# apt update
# apt -y install etckeeper
# cd /etc
# git branch -M main
# visudo # for the sudo group, insert NOPASSWD: before the final ALL
# exit
Log in as schmonz
:
$ sudo sh -c 'echo 127.0.1.1 schleierprint >> /etc/hosts'
$ sudo hostnamectl hostname schleierprint
$ sudo ln -sf /usr/share/zoneinfo/US/Eastern /etc/localtime
$ sudo etckeeper commit -m 'Set root password, hostname, and timezone.'
$ sudo apt -y install hplip avahi-daemon
$ sudo usermod -a -G lpadmin schmonz
$ sudo etckeeper commit -m 'Make myself a printer admin.'
$ sudo shutdown -h now
Place the A64 where it’ll live. Connect printer, Ethernet, and power.
$ ssh-copy-id schleierprint.local
$ ssh schleierprint.local
$ sudo hp-setup -i # follow prompts, mostly defaults; name the queue 'hpljp1006'
$ sudo etckeeper commit -m 'Add initial hplip config for P1006.'
$ sudo sed -i \
-e '/^\*ColorDevice: True$/s|True|False|' \
-e '/^\*OpenUI \*Duplex\/Double-Sided Printing: PickOne$/,/^\*CloseUI: \*Duplex$/s|^|*% |' \
-e '/^\*OpenUI \*ColorModel\/Output Mode: PickOne$/,/^\*CloseUI: \*ColorModel$/s|^|*% |' \
/etc/cups/ppd/hpljp1006.ppd
$ sudo etckeeper commit -m 'Correct advertised printer capabilities.'
$ sudo sed -i \
-e 's|^Info $|Info HP LaserJet P1006|' \
/etc/cups/printers.conf
$ sudo lpadmin -d hpljp1006
$ sudo etckeeper commit -m 'Name printer and set it as default.'
$ sudo cupsctl --remote-any
$ sudo etckeeper commit -m 'Let local network talk to CUPS.'
$ sudo sed -i \
-e '/^WebInterface /a PreserveJobFiles No' \
/etc/cups/cupsd.conf
$ sudo etckeeper commit -m 'Maybe avoid some disk writes.'
$ sudo systemctl restart cups
On macOS, do not override the generic driver with “HP LaserJet P1006”.
You won’t be able to print (with filter failed
in the server logs), except that every “Supply Levels” check —
including the ones that happen as part of every print job —
will produce a piece of paper containing the single line @PJL INFO SUPPLIES
.
As I understand it, some versions of CUPS have a server bug where it can’t discern whether incoming data has already been filtered for the target queue:
filters converted the data (via application/vnd.cups-raster
) to the printer’s native command set (whatever that might be)… but when the job got sent to the CUPS server it was tagged as application/vnd.cups-raster
rather than, say, application/octet-stream
.
While that discussion is over a decade old, its advice — leave the filtering to the server, and make sure clients don’t do any — has me printing from macOS, iOS, and Windows.
On macOS, add the printer. When it autoselects “Generic PostScript Printer”, leave it (details in sidebar). Print.
On iOS, print.
On Windows, add the printer. Print.
As with any Debian:
$ ssh schleierprint.local -t 'sudo apt update && sudo apt -y upgrade && sudo apt -y autoremove'
To back up /etc
, git push
it someplace trustworthy and private.
I’d rather run NetBSD, but neither 10.0 nor -current brought up HDMI.
I could try writing NetBSD to an SD card, mounting it from another NetBSD system, setting hostname
in rc.conf
, adding a non-root user, and then booting the A64 from it in order to do the rest over ssh
.
(Other systems that also didn’t bring up HDMI, wherefore I landed by trial and error on Armbian: FreeBSD 14, OpenBSD 7.5, Debian 12.)
Since one of my old Sonos speakers can’t be upgraded to AirPlay-compatible firmware, I’m not eager to upgrade the other. Instead, I’ve added AirConnect on the Pine A64 as an AirPlay relay.
Contents of /etc/systemd/system/airupnp.service
:
[Unit]
Description=AirUPnP bridge
After=network-online.target
Wants=network-online.target
[Service]
ExecStart=/home/schmonz/bin/airupnp-linux-aarch64-static -l 1000:2000 -N '%%s' -x /home/schmonz/etc/airupnp.xml -Z
Restart=on-failure
RestartSec=30
[Install]
WantedBy=multi-user.target
Contents of /home/schmonz/etc/airupnp.xml
(to omit my UPnP router from the AirPlay list):
<?xml version="1.0"?>
<airupnp>
<device>
<udn>uuid:1e38fc78-51f5-5f5d-9268-50c6b1dc59f8</udn>
<name>Verizon FiOS-G1100 ManageableDevice+</name>
<mac>bb:bb:bb:bb:bb:bb</mac>
<enabled>0</enabled>
</device>
</airupnp>
I’d rather install AirConnect from a system-provided package, but there isn’t one for Debian. Maybe I can puzzle out the AirConnect build system and add it to pkgsrc.
The NetBSD Project is pleased to announce NetBSD 8.3, the third and final release from the NetBSD 8 stable branch.
It represents a selected subset of fixes deemed important for security or stability reasons since the release of NetBSD 8.2 in March 2020, as well as some enhancements backported from the development branch. It is fully compatible with NetBSD 8.0.
This also represents the end-of-life for the netbsd-8 release branch. No further security updates will happen. Users running 8.2 or an earlier release are strongly recommended to upgrade to a newer branch, preferably the recent NetBSD 10.0 release.
Pkgsrc has already desupported the netbsd-8 branch.
See the full release announcement (including download links).
My early imaginings of a collaborative Open Source successor to qmail, let me assure you, did not include going nearly four years between releases. Well, at least it hasn’t been more than four. notqmail 1.09 is here:
For decades, due to each administrator needing to patch in their particular missing bits of functionality, the qmail source code itself has effectively been a public API. Some future release of notqmail will include everything most everyone needs. On that day, we’ll freely make desirable code changes without worrying about breaking people’s patches. On that day, notqmail will have become a relatively normal software project operating under relatively normal constraints.
This is not that day. notqmail remains a uniquely challenging legacy-code rehabilitation project, and 1.09 is merely a solid, long-overdue release that includes the work of a couple dozen new contributors.
Since this release took too long, our next development cycle will be
In legacy code, every time we can turn a vicious cycle virtuous, it’s a big win. By making the code easier and safer to change, we’ll have more fun; by having more fun, we’ll make more progress; by making more progress, we’ll get more feedback; by getting more feedback, we’ll have more fun; and so on.
Have fun with notqmail 1.09! Let us know how the upgrade goes for you. (I’ll be updating the pkgsrc package soon.) And if getting involved is your kind of thing, please feel welcome to join us.
I am trying to use OpenVPN as a client under NetBSD using this command:
openvpn --client --config /etc/openvpn/config.ovpn
I am getting the following output and errors:
localhost# openvpn --client --config /etc/openvpn/openvpn.ovpn
2024-04-26 10:29:35 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-04-26 10:29:35 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2024-04-26 10:29:35 OpenVPN 2.6.10 x86_64--netbsd [SSL (OpenSSL)] [LZO] [LZ4] [MH/PKTINFO] [AEAD]
2024-04-26 10:29:35 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Enter Auth Username:********
Enter Auth Password:********
2024-04-26 10:32:48 TCP/UDP: Preserving recently used remote address: [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 Socket Buffers: R=[32768->32768] S=[32768->32768]
2024-04-26 10:32:48 Attempting to establish TCP connection with [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 TCP connection established with [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 TCPv4_CLIENT link local: (not bound)
2024-04-26 10:32:48 TCPv4_CLIENT link remote: [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
2024-04-26 10:32:48 TLS: Initial packet from [AF_INET]**.191.33.**:1701, sid=0006909e 9b0d208f
2024-04-26 10:32:48 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2024-04-26 10:32:48 VERIFY OK: depth=1, C=US, ST=New York, L=New York, O=Ubiquiti Inc., OU=UniFi_OpenVPN_CA, CN=UniFi_OpenVPN_CA
2024-04-26 10:32:48 VERIFY KU OK
2024-04-26 10:32:48 Validating certificate extended key usage
2024-04-26 10:32:48 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-04-26 10:32:48 VERIFY EKU OK
2024-04-26 10:32:48 VERIFY OK: depth=0, C=US, ST=New York, L=New York, O=Ubiquiti Inc., OU=UniFi_OpenVPN_Server, CN=UniFi_OpenVPN_Server
2024-04-26 10:33:53 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2024-04-26 10:33:53 [UniFi_OpenVPN_Server] Peer Connection Initiated with [AF_INET]**.191.33.**:1701
2024-04-26 10:33:53 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-04-26 10:33:53 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-04-26 10:33:53 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 192.168.7.1,route 192.168.4.0 255.255.255.0,route 192.168.2.0 255.255.255.0,route 192.168.1.0 255.255.255.0,route 192.168.3.0 255.255.255.0,route-gateway 192.168.7.1,topology subnet,ping 10,ping-restart 60,ifconfig 192.168.7.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
2024-04-26 10:33:53 OPTIONS IMPORT: --ifconfig/up options modified
2024-04-26 10:33:53 OPTIONS IMPORT: route options modified
2024-04-26 10:33:53 OPTIONS IMPORT: route-related options modified
2024-04-26 10:33:53 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2024-04-26 10:33:53 TUN/TAP device /dev/tun0 opened
2024-04-26 10:33:53 /sbin/ifconfig tun0 192.168.7.2 192.168.7.1 mtu 1500 netmask 255.255.255.0 up
2024-04-26 10:33:53 /sbin/route add -net 192.168.7.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.7.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net **.191.33.** 192.168.1.254 -netmask 255.255.255.255
route: writing to routing socket: File exists
add net **.191.33.**: gateway 192.168.1.254: File exists
2024-04-26 10:33:53 ERROR: OpenBSD/NetBSD route add command failed: external program exited with error status: 1
2024-04-26 10:33:53 /sbin/route add -net 0.0.0.0 192.168.7.1 -netmask 128.0.0.0
add net 0.0.0.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 128.0.0.0 192.168.7.1 -netmask 128.0.0.0
add net 128.0.0.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 192.168.4.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.4.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 192.168.2.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.2.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 192.168.1.0 192.168.7.1 -netmask 255.255.255.0
route: writing to routing socket: File exists
add net 192.168.1.0: gateway 192.168.7.1: File exists
2024-04-26 10:33:53 ERROR: OpenBSD/NetBSD route add command failed: external program exited with error status: 1
2024-04-26 10:33:53 /sbin/route add -net 192.168.3.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.3.0: gateway 192.168.7.1
2024-04-26 10:33:53 GID set to nogroup
2024-04-26 10:33:53 UID set to nobody
2024-04-26 10:33:53 Initialization Sequence Completed
2024-04-26 10:33:53 Data Channel: cipher 'AES-256-GCM', peer-id: 0, compression: 'lzo'
2024-04-26 10:33:53 Timers: ping 10, ping-restart 60
I have a working internet connection when running OpenVPN as a client, but I can't access any of the machines on the network **.191.33.**
, I know I should be able to SSH into 192.168.1.114, but I can't reach that machine through OpenVPN, there are firewall rules in the Ubuiquity box allowing traffic from 192.168.7.* to 192.168.1.* I know this is working, its testet from Mac and PC using the OpenVPN Client, I just can't get it to work on NetBSD
This is my routing table before running OpenVPN:
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
This is my routing table when running OpenVPN:
Internet:
Destination Gateway Flags Refs Use Mtu Interface
0/1 192.168.7.1 UGS - - - tun0
default 192.168.1.254 UGS - - - iwn0
**.191.33.**/32 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
128/1 192.168.7.1 UGS - - - tun0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.2/24 192.168.7.1 UGS - - - tun0
192.168.3/24 192.168.7.1 UGS - - - tun0
192.168.4/24 192.168.7.1 UGS - - - tun0
192.168.7/24 192.168.7.1 UGS - - - tun0
192.168.7.1 192.168.7.2 UH - - - tun0
192.168.7.2 tun0 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
This is my routing table after stopping OpenVPN:
Internet:
Destination Gateway Flags Refs Use Mtu Interface
0/1 192.168.7.1 UGS - - - tun0
default 192.168.1.254 UGS - - - iwn0
**.191.33.**/32 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
128/1 192.168.7.1 UGS - - - tun0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.2/24 192.168.7.1 UGS - - - tun0
192.168.3/24 192.168.7.1 UGS - - - tun0
192.168.4/24 192.168.7.1 UGS - - - tun0
192.168.7/24 192.168.7.1 UGS - - - tun0
192.168.7.2 tun0 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
This is my routing table when i have destroyed tun0:
ifconfig tun0 destroy
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default 192.168.1.254 UGS - - - iwn0
**.191.33.**/32 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
The route to **.191.33.**
is still there when stopping OpenVPN and destroying the tunnel tun0, I don't know if this is expected behaviour.
Update I have checked several computers now, and none of them have the 192.168.1/24 route, its only on the PC running NetBSD, I have tried to delete it, with no success. I have also read a lot of man pages and various other documentation, but I have not come up with anything usefull yet.
OpenVPN Config
client
dev tun
proto tcp
remote **.191.33.** 1701
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
persist-key
persist-tun
auth-user-pass
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
verb 3
auth SHA1
key-direction 1
reneg-sec 0
redirect-gateway def1
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-auth>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
Intent
I am trying to connect to a VPN at a remote location, from home. The remote network is protected by a firewall facing the internet, all computers on the network behind the router is accessible, the 192.168.7.* network is standard Ubuiquity and used for VPN clients, I have added a firewall rule to allow traffic from 192.168.7.* to the 192.168.1.* network, this works fine from all computers I have tried it with, Mac, PC, Windows, Linux, MacOS. etc. except a PC running NetBSD.
The network configuration on the PC running NetBSD was performed during installation, and I used the auto-configuration feature, so I have not specified any networks, routes or rules at all. I am able to access the internet when using OpenVPN client, I just cannot access any of the machines on the remote network. So I guess the part I am missing is the routing from 192.168.7.* to 192.168.1.* so I will be able to access computers attached to that network
A few years ago, I wrote a "state of things" blog post about Wayland on NetBSD. It's only natural that I should do one about X11, which is used by far more people to get a graphical environment on NetBSD.
There are a lot of differences from how NetBSD and the typical distributor ship X.Org. For one, we ship it as an optional monolithic package rather than separate individual packages. This means every driver is included on every system, rather than as an optional module. Sometimes, this means we need to fine-tune driver selection to ensure the correct drivers are loaded on the correct hardware, since multiple conflicting drivers can claim a video output. We also want sensible fallbacks, since if you're using a GPU from the future with an old OS version, you probably want X to seamlessly fall back to a regular framebuffer.
Secondly, the way our "xsrc" repository is set up, it's effectively functioning as a fork of X.Org that regularly pulls from upstream freedesktop.org (but does not push back). This allows X development to happen as part of NetBSD.
Thirdly, we use our own build system based purely on BSD makefiles, not X.Org's based on GNU autotools. This fits well with our build.sh cross-compilation system.
We have a number of drivers which have not made their way upstream. Perhaps the most ubiquitous of these is xf86-input-ws, a driver which came from OpenBSD, targets an API from NetBSD, and continues to be developed in both. This is a generic input driver that can support any pointing device that the kernel supports. Unlike xf86-input-mouse, it doesn't assume the device is a mouse, and can support advanced touchpad and touchscreen features. Other NetBSD exclusives include xf86-video-pnozz, xf86-video-mgx, and xf86-video-crime. While these all share the "xf86" name inherited from the historical XFree86 distribution, none of them are exclusively for x86.
There are a number of drivers that are accelerated when used in NetBSD, but the acceleration support is missing upstream. This is mostly due to the work of macallan@, who has diligently worked on drivers for accelerators found on SPARC and PowerPC hardware.
X.Org has historically supported two 2D acceleration modes, XAA and EXA. XAA seems complicated - according to the X.Org Foundation it supports accelerating "patterned fills and Bresenham lines" (eh?). XAA was removed from the X.Org server in 2012, and many old drivers were not updated to support the newer and simpler EXA model, except in NetBSD, over a time period of several years.
Did you know that Nvidia used to have an open source graphics driver? It supported 2D acceleration for a range of cards. In NetBSD, it's retained for platforms that included embedded Nvidia chips and aren't capable of (or predate, or don't want) the modern novueau driver. Six years ago, it was updated in NetBSD to support EXA acceleration.
There are a few ways our X integration could be improved. While lots of attention has been paid to the server, less has been paid to clients (programs). Did you know that X includes a text editor, and that text editor supports syntax highlighting and spell checking?
NetBSD includes its own command-line spell checker and associated dictionaries, spell(1), inherited from the BSD UNIX of yore. It's pretty basic, and only supports variations of English. To get spell checking to work in xedit, you need to install ispell (another command-line spell checker) from pkgsrc, install a dictionary, then set some Xresources (or create symlinks) to make sure xedit finds ispell. This could surely be streamlined by teaching xedit about spell.
We also ship every program that has been included with historical X.Org distributions. This includes well-known things like xterm, slightly less well-known things like xbiff(1), and obscurities like bitmap(1) (apparently a 1-bit-per-pixel alternative to MS Paint). A while ago, we removed some libraries which are no longer used by the modern X server, and maybe we should evaluate whether we need all of these programs too. xmh(1) is a frontend for a mail system that isn't included in base. Together, bitmap and xmh are around 300 kilobytes.
We include fonts, bitmaps and scalable, for a wide range of computing devices. In the latest versions of NetBSD, the font size will automatically scale with the screen size to support HiDPI displays as well as small mobile devices. However, we don't ship a scalable cursor theme at the moment. We're also missing high-resolution fonts for Japanese, a shame considering the popularity of NetBSD in Japan. Koruri looks interesting and is suitably small, maybe we should import it.
While we have many useful simple programs by default (a clock, a calculator, an editor, a window manager, a compositor, a terminal emulator...), we're notably missing a screen locking program for X in the default install, although we have lock(1) for the tty.
The big question - does all this have a future? The good news is that all new hardware has generic support in X. Someone writes either a modesetting kernel driver or a classical wsdisplay kernel driver and they will be automatically supported by the associated drivers in X. The bad news is that to have applications running we require access to a larger open source ecosystem, and that ecosystem has a lot of churn and is easily distracted by shiny new squirrels. The process of upstreaming stuff to X.Org is an ongoing process, but it's likely we'll run into things that will never be suitable for upstream.
Of course, on NetBSD, you also have the option of trying vanilla modular X.Org from pkgsrc, or using something else entirely.
The NetBSD Project is pleased to announce NetBSD 9.4, the fourth release from the NetBSD 9 stable branch.
It represents a selected subset of fixes deemed important for security or stability reasons since the release of NetBSD 9.3 in August 2022, as well as some enhancements backported from the development branch. It is fully compatible with NetBSD 9.0. Users running 9.3 or an earlier release are strongly recommended to upgrade.
The general NetBSD community is very excited about NetBSD 10.0, the latest NetBSD release, but if for some reason you can not (or do not want to) update to 10.0, it is strongly recommended to update to 9.4. This is especially true for users still using a NetBSD 8.x release as that old release branch will be desupported by the end of April 2024.