We haven’t had a links post for a while. Not to be confused for a links post, which could be used to read a links post. About lynx.

• Do I need Kubernetes? The answer may surprise you.

• The ODROID-H4 PLUS looks like an amazing little x64 board to use as a home router. I’d be tempted to get one and use it as a NetBSD/npf or FreeBSD/pf box.

• I rediscovered VGMdb, the audio database that has way more anisong than sites like Discogs. The first album I found again was Ryo Takahashi’s music for Classroom of the Elite. I already miss Japanese Tower Records.

• We’ve been helping to price and architect some ELO Digital Office installations at work with earnest this year, and it’s been incredibly interesting. They’re also based out of Germany, which is an asset given our… geopolitical climate.

• These cactus leather wallets from the Vegan Leather Company look gorgeous. I’ve been reducing how much I use my smartphone to make payments, and have even started paying cash again for some transactions.

• Some of you on Mastodon recommended I try OpenSCAD after I talked about wanting to get started in 3D modelling. I like the idea of expressing shapes in a script, rather than 3D modelling.

• A colleague recommended 5D Chess With Multiverse Time Travel, and it looks incredible. Perhaps a bit too much!

• Qt for Python has a tutorial series that has been so much fun. I’ve learned more Python and Qt concepts from this than anything else I’ve tried.

By Ruben Schade in Sydney, 2025-08-28.

Hello. Wine, version 9.0, installed using the binary package straight off emulators/wine, does not correctly populate the prefix. Most notably, the syswow64 directory is empty, and so nothing runs! Can I do anything about this? If not, does anyone have a "healthy" fresh prefix that I could download and use instead? Outside of that, it just throws a few fixmes and complains about not being built with Vulkan support.

I was curious if anyone has experience using LFS on NetBSD? In particular, a lot of online information (including this page on the NetBSD wiki: https://wiki.netbsd.org/tutorials/how_to_install_a_server_with_a_root_lfs_partition/) refers to it as “experimental”, so I was wondering if anyone has experience with how reliable it is, or knows of anyone else who has shared such experience. (The most recent mention of LFS I have found online is from NetBSD 9.x release notes in 2020, and the most recent discussion dates to ~ 2009.)

I’ve been using ZFS (on FreeBSD) but the lack of filesystem repair utilities always leaves me feeling uncomfortable (a feeling amplified by spending several days copying data off of zpools which suddenly refused to mount read-write — but that is another story).

Thanks!

Earlier this year, I was trying to get actual daily work done on HP-UX 11.11 (11i v1) running on HP’s last and greatest PA-RISC workstation, the HP c8000. After weeks of frustration caused first by outdated software no longer working properly with the modern web, and then by modern software no longer compiling on HP-UX 11.11, I decided to play the ace up my sleeve: NetBSD’s pkgsrc has support for HP-UX. Sadly, HP-UX is obviously not a main platform or even a point of interest for pkgsrc developers – as it should be, nobody uses this combination – so various incompatibilities and more modern requirements had snuck into pkgsrc, and I couldn’t get it to bootstrap. I made some minor progress here and there with the help of people far smarter than I, but in the end I just lacked the skills to progress any further.

This story will make it to OSNews in a more complete form, I promise.

Anyway, in May of this year, it seems Brian Robert Callahan was working on a very similar problem: getting pkgsrc to work properly on IBM’s AIX.

The state of packages on AIX genuinely surprises me. IBM hosts a repository of open source software for AIX. But it seems pretty sparse compared to what you could get with pkgsrc. Another website offering AIX packages seems quite old. I think pkgsrc would be a great way to bring modern packages to AIX.

I am not the first to think this. There are AIX 7.2 pkgsrc packages available at this repository, however all the packages are compiled as 32-bit RISC System/6000 objects. I would greatly prefer to have everything be 64-bit XCOFF objects, as we could do more with 64-bit programs. There also aren’t too many packages in that repository, so I think starting fresh is in our best interest.

As we shall see, this was not as straightforward as I would have hoped.

↫ Brian Robert Callahan

Reading through his journey getting pkgsrc to work properly on AIX, I can’t help but feel a bit better about myself not being to get it to work on HP-UX 11.11. Callahan was working with AIX 7.2 TL4, which was released in November 2019 and still actively supported by IBM on a maintained architecture, while I was working with HP-UX 11.11 (or 11i v1), which last got some updates in and around 2005, running on an architecture that’s well dead and buried. Looking at what Callahan still had to figure out and do, it’s not surprising someone with my lack of skill in this area couldn’t get it working.

I’m still hoping someone far smarter than I stumbles upon a HP c8000 and dives into getting pkgsrc to work on HP-UX, because I feel pkgsrc could turn an otherwise incredibly powerful HP c8000 from a strictly retro machine into something borderline usable in the modern world. HP-UX is much harder to virtualise – if it’s even possible at all – so real hardware is probably going to be required. The NetBSD people on Mastodon suggested I could possibly give remote access to my machine so someone could dive into this, which is something I’ll keep under consideration.

I have this code:

NSData* data = [[pipe fileHandleForReading] readDataToEndOfFile];
NSString* s = [[NSString alloc] initWithData: data encoding: NSUTF8StringEncoding];

(For context, this is part of a function that executes system commands.)

And this last line produces a warning:

Calling [GSPlaceholderString -initWithData:encoding:] with incorrect signature. Method has @28@0:8@16i24 (@28@0:8@16i24), selector has @28@0:8@16I24

The command works fine, and gives me the output I want, whereby I don't want to see this warning, because I am working on a console application, and these warnings severely disrupt the experience.

Is there any way to disable those warning messages? I tried to "#define NSLog(...)", but it didn't work.

I am using the GCC compiler on a NetBSD 10.0.

This is the forth post in my A-Z Toolbox series, in which I’m listing tools I use down the alphabet for no logical reason. I also definitely didn’t forget I was doing this, which is why it’s been eight months since the last one (cough).

The letter D has some essential gems:

• drill is a better version of dig, the useful DNS network utility. It comes standard on FreeBSD, and carries Gurren Lagann connotations which I appreciate.

• dialog, which lets you create pseudo-graphical shell applications. It can be frustrating to develop against at times, but I love it for wrapping complicated scripts I’ve written for friends and family. It deserves its own post.

• dav1d is a fast av1 encoder/decoder I’ve used to learn about the format and compare it to H264 for new projects.

• Berkley db5 embedded database which, despite now being owned by The Big Database Company, still has its uses which I should write about at some point.

• colordiff which, while technically starting with C, adds colour to the ubiquitous diff utitliy used to compare files. Not everyone finds colour useful, but I do.

But my award for the best D utility goes to dcfldd, an extension to the ubiquiotus dd. It was developed at the American Department of Defence Computer Forensics Lab as a forensic tool, but it has a bunch of useful features including:

• Inline hashing and image verification

• Status/progress output, which is useful if you’re not using the GNU extended dd.

• Multiple, split, and piped outputs

• A more efficient default block size

Use of dcfldd looks similar to dd. For example, here I’m imaging an old Zip disk and logging:

# dcfldd if=/dev/gpt/zip-disk of=/tmp/zip-disk.img \
    conv=sync hash=sha1 sha1log=zip-disk.log

You can then use it to verify images:

# dcfldd if=/dev/gpt/zip-disk.img vf=/tmp/zip-disk.img

dcfldd is one of the first tools I install on any new machine. If you deal a lot with physical media and disk images, especially ones that haven’t been looked after with a proper file system like OpenZFS, I’d consider it essential.

By Ruben Schade in Sydney, 2025-08-23.

Hi Community,

I'd like to cross-compile NetBSD based on https://www.netbsd.org/docs/guide/en/chap-build.html instructions, but I encountered some issues.

1. It looks like ftp server doesn't have required resources
   $ ftp -i ftp://ftp.NetBSD.org/pub/NetBSD/NetBSD-10.1/source/sets/
   ftp: Name or service not known

Ultimately I could download required files from http server.

2. After starting compilation I got an error related to texinfo. After checking external/gpl2/texinfo/dist/ChangeLog I found a last entry 2004-12-3 !.

What is the status of cross-compilation? Is it maintain ?
Someone has an experience in cross-compilation on GNU/Linux?

Cheers

I'm trying to set up a VM running NetBSD 6.0 (very unfortunately I have to use this specific version). While I've managed to find the installer ISO very easily, I can't find a single working pkgin / pkgsrc mirror, seems that they've all been removed.

Is anyone aware of any remaining mirrors of that ancient versions, or some other method of installing software packages (mind that they need to be the same versions that shipped with NetBSD 6.0)?

I got great feedback from a bunch of you on Wednesday about which ThinkPad to get as a low-distraction writing tool. I’ll save writing details for when I actually get it, but I found someone in Australia selling a couple of X230 machines for less than AU $100 shipped.

I would have leaned towards getting one with the earlier-style keyboard, but for the purposes of this experiment—and the price!—I couldn’t complain. It also still has that nostalgic ThinkPad design which has imprinted on me from my earlier X61s and X40 which I love and miss dearly.

I’ve found separating mental domains onto their own machines has been helpful for distractions and anxiety. My FreeBSD/Linux tower dual boots into a workstation and games machine, the MacBook Air is for work, and the Panasonic Let’s Note is my on-call laptop for when I leave the house. My hope is this X230 will be the low distraction writing and personal project machine in this arrangement.

It’ll also be the first time in a while that I’ve run NetBSD on real hardware instead of VMs, so that’ll be cool. My plan is to kit it out with as little as feasible to get a text editor going. My favourite is Kate, but Qt software tends to integrate with other desktops pretty well, so hopefully I won’t need all of KDE. Maybe I’ll get away with a basic window manager this time.

Now the only question is whether the age of this machine constitutes “retro” for inclusion on my Retro Corner. I’m leaning towards… not? It’s not a Commodore 64 or an Apple II. Then again, is a phrase with two words.

By Ruben Schade in Sydney, 2025-08-16.

/var/log/Xorg.0.log keeps saying:
(==) Using config file: "/etc/X11/xorg.conf"
...
() /dev/wskbd: always reports core events
() Option "Protocol" "standard"
() Option "XkbRules" "base"
() Option "XkbModel" "pc105"
(**) Option "XkbLayout" "la"

but there is no /etc/X11/xorg.conf

If i create my own /etc/X11/xorg.conf that says:
Section "InputDevice"
Identifier "Keyboard0"
Driver "kbd"
Option "XkbRules" "xorg"
Option "XkbModel" "pc105"
Option "XkbLayout" "es"
Option "XkbOptions" "setxkbmap -layout es"
Option "Device" "/dev/wskbd"
EndSection

It just keep ignoring it and keeps the layout to "la" (lao, i belive)
In my xorg.conf, it has bin chaged the layout to "es" o even "us"
but the log keeps telling the layout option is "la", and i just get "garbage".

In /etc/X11/xdm/Xsetup_0 it was added "setxkbmap latam" and the keyboard can be used, but in the session, it returns to "la"

In kde, xfce4 and windowmaker, "setxkbmap latam" was added to .xinitrc an .xsession, but netbsd keeps ignoring it an keeps returning to "la"

No matters if there is an xorg.conf in /etc, or it doesn't exist.
No matters what xorg.conf says.
/var/log/Xorg.0.log keeps saying the layout is "la"

So the keyboard can't be used in any session.

any ideas?

We removed ads from OSNews. Donate to our fundraiser to ensure our future!

The Hurd, the collection of services that run atop the GNU Mach microkernel, has been in development for a very, very long time. The Hurd is intended to serve as the kernel for the GNU Project, but with the advent of Linux and its rapid rise in popularity, it’s the Linux kernel that became the defacto kernel for the GNU Project, a combination we’re supposed to refer to as GNU/Linux. Unless you run Alpine, of course. Or you run any other modern Linux distribution, which probably contains more non-GNU code than it does GNU code, but I digress.

The Hurd is still in development, however, and one of the more common ways to use The Hurd is by installing Debian GNU/Hurd, which combines the Debian package repositories with The Hurd. Debian GNU/Hurd 2025 was released yesterday, and brings quite a few large improvements and additions.

This is a snapshot of Debian “sid” at the time of the stable Debian “Trixie” release (August 2025), so it is mostly based on the same sources. It is not an official Debian release, but it is an official Debian GNU/Hurd port release.

↫ Samuel Thibault

About 72% of the Debian archive is available for Debian GNU/Hurd, for both i386 and amd64. This indeed means 64bit support is now available, which makes use of the userland disk drivers from NetBSD. Support for USB disks and CD-ROM was added, and the console now uses xkb for keyboard layout support. Bigger-ticket items are working SMP support and a port of the Rust programming language. Of course, there’s a ton more changes, fixes, improvements, and additions as well.

You can either install Debian GNU/Hurd using the Debian installer, or download a pre-installed disk image for use with, say, qemu.

I’ve held off long enough, but I think it has to happen.

I adore my old Japanese Let’s Note machines for on-call laptops, but I’d love an older ThinkPad for some distraction-free writing. Throw NetBSD on it, use that wonderful keyboard, and focus.

For some context, is a phrase with three words. I grew up on second-hand ThinkPads. I had a 600E inherited from my dad when I was a kid, and an X40 and X61e got me through my first and second stints at university. All of these were stolen/lost during a move never to be seen again, which still makes me angry thinking about now. I hope whomever ended up with that box of machines got what was coming to them. Specifically, some old ThinkPads.

Which one to get though?

My first instinct is to get an X-series machine, or an X1 Carbon. These would be the closest to my daily carry MacBook, which means it’d fit my smaller backpack. But I’m also tempted to screw it and get a larger T-series that I briefly had at work back in the day. If this is to be a writing machine that might be taken to a coffee shop, but not necessarily carried around all day, the larger size might be nicer. Having a proper numpad for weekly reconciling/hobbyist accounting (yes, it’s a thing, shut up) would also be awesome, so I’ll keep my eye out for some T5-series machines.

While we’re on the subject of sizes, this leads to what display I’d want. I can’t stand 1.5× scaling, because it shimmers, causes eye strain, wastes GPU cycles, and looks terrible. 2× HiDPI/Retina class is probably too new and not yet widely available, so I’d probably be going for a 1× display instead, which I’m fine with for plain text. I do draw the line at IPS though, so I’ll need to make sure whatever I narrow down on has that. I was surprised how even the higher spec’d machines from the 2010s still had TFTs.

As for keyboards, I do love the pre-chiclet era, but my options open up much further if I’m not hung up about this. ThinkPad chiclet keyboards are also still better than any other modern machine I’ve used.

I guess I’ll go on Grays Online, eBay, Gumtree etc, sort by price, and see what comes up :).

By Ruben Schade in Sydney, 2025-08-13.

The long-planned next meeting of NYCBUG is tomorrow.  If you are going and have a Framework laptop, please bring it for testing HDMI.  I assume it’s related to ongoing support work.

Meeting is canceled cause no presenter available.

If you have been following source-changes, you may have noticed the creation of the netbsd-11 branch! It comes with a lot of changes that we have been working on:

Install changes

Compatibility support code, like 32bit on 64bit machines, has been separated into special sets, to allow easy installation of machines that do not need to be able to run 32bit code.

Install media for some architectures has been split in small ("CD/R") images (w/o debug and compat sets), and full ("DVD-R") sets. This is also useful on hardware that came with a CD drive (instead of a DVD drive) and can not boot from a USB stick.

Manual pages come in two flavors, html and mandoc. Both have now their own sets, so one or the other can easily be left out of an installation.

All mac68k and macppc ISO images are now bootable.

Kernel changes

• x86: PVH boot is now supported on non-XEN platforms (QEMU, Firecracker)
• various new drivers for temperature (and other environmental) sensors and fan control
• the heartbeat watchdog will detect locking errors that prevent softints from running or the timecounters from making progress on one of the CPUs
• lots of enhancements for Linux emulation
• new syscall: semtimedop(2)
• new riscv port primarily targeting StarFive JH71XX-based devices
• various bug fixes

Userland changes

• libc and libm enhancements for C23 and POSIX.1-2024 support
• userland support for manipulating/querying (U)EFI variables has been added
• jemalloc has been updated to version 5.3
• various bug fixes to libpthread and making functions signal safe
• lots of miscelaneous bug fixes
• the in-tree X.org components are all (well, nearly - there are a few minor/unimportant exceptions) up-to-date

3rd party software updates included

• gcc for all architectures is now at version 12.5
• gdb for all architectures is now at version 15.1
• binutils for all architectures is now at version 2.42
• OpenSSL got updated to the latest long term support version available: 3.5.1
• OpenSSH is at version 10.0
• many others updated, including dhcpcd, openresolv, unbound, nsd, ...

And a lot more...

... that we always forget to mention. The list of changes can be found in the beta build, split into changes upto the creation of the branch and changes pulled up to the branch before the 11.0 release.

Things that did not make it in-time for the branch

A few work-in-progress items unfortunately did not make it into this branch and will not be pulled up. The most missed ones are:

• the next round of DRM/KMS updates to enhance x86 and arm graphics support
• the big WiFi renewal project

These will happen in HEAD now carefully and after stabilization might be a good reason to create the next major branch earlier.

Please help us test this BETA!

We try to test NetBSD as best as we can, but your testing can help to make NetBSD 11.0 a great release. Please test it and let us know of any bugs you find.

Binaries are available on NetBSD daily builds and for various ARM based devices (with board dependent boot setup) on arm install images.

Please test NetBSD 11.0_BETA on your hardware and report any bugs you find!

Tentative schedule

No promises, but we will try to make this one of the shortest release cycles ever...

Ideally we will be in release candidate state at EuroBSDCon late in September, and cut the final release early in October.

pkg_admin audit said..

Package sqlite3-3.49.2 has a memory-corruption vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-6965
Package libxml2-2.14.4 has a use-after-free vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-49794
Package libxml2-2.14.4 has a denial-of-service vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-49795
Package libxml2-2.14.4 has a denial-of-service vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-49796
Package libxml2-2.14.4 has a integer-overflow vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-6021
Package libxml2-2.14.4 has a buffer-overflow vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-6170

I usually go to netbsd site, check errata and follow instruction but..

https://www.netbsd.org/support/security/patches-10.1.html

The page result empty. How to fix/patch those vulnerabilities?

I have also run

sysupgrade auto

and reboot, but messages still appear.

Saying goodbye

For several years our autobuild cluster at Columbia University has been providing our CI and produced many official release builds.

Over the years, with new compiler versions and more targets to build, the build times (and space requirements) grew. A lot. A few weeks ago the old cluster needed slightly more then nine and a half hours for a full build of -current.

So it was time to replace the hardware. At the same time we moved to another colocation with better network connectivity.

Preparing for the future

But not only did the hardware age, the CI system we use (a bunch of shell scripts) needed a serious overhaul.

As reported in the last AGM, riastradh@ did most of the work to make the scripts able to deal with mercurial instead of cvs.

This is a necessary step in the preparation of our upcoming move away from cvs, which is now completed. While the build cluster currently (again) runs from cvs, we completed a few full builds from mercurial in the last few weeks.

User visible changes

The cvs runs for builds were purely time driven. To deal with latency between cvs.NetBSD.org and anoncvs.NetBSD.org there was a 10-minute lag built into the system, so all timestamps (the names of the build directories) were exact to the minute only and had a trailing zero.

This does not fit well with modern distributed source control systems. For a hg or git build the cluster fetches the repository state from the master repository and updates the checkout directory to the latest state of a branch (or HEAD). So the repository state dictates the time stamp for the build, not vice versa as we did for cvs.

As a result there is a difference between the time a build is started (wall clock) and the time of the last change of the current branch in the repository (build time or reproducible ID). You can see both times in the status page. Just right now it displays:

Currently building tag HEAD-lint, build 2025-07-22 19:19:02 UTC (started at: 2025-07-22 19:26:40 UTC).
No results yet. 

And, obviously, we can now easily skip builds when nothing has changed - which happens often on old branches, but also may happen when all HEAD builds are done before anything new has been committed. Hurry up, you lazy developers!

While we are still running from cvs, the process of checking if anything has changed is quite slow (in the order of five minutes). So you may notice a status display like:

Currently searching for source changes... 

The new hardware

The new cluster consists of four build machines, each equipped with a dual 16 core EPYC CPU and 256 GB of RAM. As a "brain" we have an additional controller node with 32 GB RAM and a (somewhat weaker) Intel CPU. The controller node creates all source sets, does repository operations, and distributes sources but does not perform any building itself.

On the build machines we run each 8 builds in parallel, and each build with low parallelism (-j 4). This tries to saturate all cpus during most of the time of the overall build. Individual builds have several phases with little/reduced possibility of parallelism, e.g., initially during configure runs, or while linking llvm components, or near the end when compressing artefacts. The goal is not to run a single (individual) build as fast as possible, but the whole set of them in as little time overall.

The build log summary

The head of the result page create for each build now tries to give all the details necessary to recreate this particular build, e.g.:

From source dated Tue Jul 22 04:45:13 UTC 2025
Reproducible builds timestamp: 1753159513
Repository: src@cvs:HEAD:20250722044513-xsrc@cvs:HEAD:20250720221743

The two timestamps are the same, one in seconds since the Unix epoch, the other human readable.

The repository ID is, for cvs, again based on timestamps. But for hg or git you will see the typical commit hash values here.

Why a custom CI system?

We considered using an off-the-shelf CI system and customizing it to our needs instead of moving the fully custom build system forward. We also talked to FreeBSD release engineering about it and asked for their experience. Overall the work for customizing an off-the-shelf solution looked roughly equivalent to the work needed now to modify the existing working solution, and we saw no huge benefit for the future picking either of them.

What does our build infrastructure provide?

First and foremost, we can quickly verify if all of our supported branches indeed compile. While developers are supposed to commit only tested changes, usually they build at most one branch and architecture. But sometimes changes have unforeseen consequences, for example an install image of an exotic architecture growing more in size than expected.

Then, in theory, no NetBSD user has to waste any CPU cycles in order to install (for example) NetBSD-current or the latest NetBSD 9 tree. Instead you can simply download an image and install from that — no matter if your architecture is amd64 or a slightly more exotic one (but you will of course always be able to download the source tree and build that if that suits you better).

Note that a supported architecture is not just supported at one point in time and then as time progresses might start collecting dust and not compile anymore, making it hard to merge all current changes back into that tree. Instead once an architecture is supported, our CI system will without rest build that architecture as one of the many we support. Take the rather new Wii port as an example. Now that it is supported, you can at least for the foreseeable future download the latest and greatest NetBSD release, populate an SD card with the image and boot it. Now, in half a year, and in 10 years (and even further down the line).

Acknowledgements

We are grateful to Two Sigma Investments, LP for providing the space and connectivity for the new build cluster.

I preassembled this list of links over time, so some of them have probably changed.  For the “I’m sorry…” link, that just means more material.

• Precision Clock Mk IV.  Not kidding about the precision part.  (via)
• Calibre News.  An excellent complement to RSS.
• TMG, or Transmogrifier, a compiler for PDP-7.  Not what I first thought.  (via)
• Mark V. Shaney, really an early LLM.  (via)  Plus, this followup.
• Single-function devices in the world of the everything machine.  I was in the same regional blizzard mentioned.
• I’m sorry I’ve written a joke.
• tmux cheat sheet.  (also via)
• The Webcomic List.  This re-acquainted me with some comics I haven’t seen in years.  (via I lost track, sorry)
• Why Some Satellites Use NetBSD?  (indirectly via)
• can an email go 500 miles in 2025?  A nice sequel of sorts to the 500-mile email.
• The A2DVI gives the Apple II DVI and HDMI output.
• Towards a Complete List of Excellent Medieval/Fantasy Combat Scenes.

In this blog post, I have described how I have been using Linux on my Amiga 4000. I hope this information can be of use to anyone who is planning to run Linux on their Amigas. Furthermore, I hope that the existing documentation on the Linux/m68k homepage gets updated at some point. May be the information in this blog post can help with that.

Debian 3.1 works decently for me, but everything is much slower compared to a PC. This is not really surprising if you run an operating system (last updated in 2008) on a CPU from the early 90s that still runs at a 25 MHz clock speed :).

↫ Sander van der Burg

The blog post in question is from January of this year, but as soon as I saw it I knew I had to post it here. It’s an incredibly intricate and detailed guide to running Linux on a 25Mhz Amiga 4000, including X11, networking, internet access, file sharing, and so, so much more – up to running Linux for Amiga inside FS-UAE. There’s so much love and dedication in this detailed guide, and I love it.

In fact, Van den Burg has a similar article about running NetBSD on the Amiga 4000, with the same level of detail, dedication, and information density. A fun note is that while X11 for Linux on the Amiga can’t seem to make use of the Amiga chipset, the X Window System on NetBSD does make us of it. I’m not surprised.

Articles like these are useful only for a very small number of people, but having this amount of knowledge concentrated like this will prove invaluable like five years from now when someone else finds an Amiga 4000 in their attic or at a yard sale, and choose to go down this same path. We need more of these kinds of write-ups.

RPG mini-theme this week.

• You’ll have to scroll a bit, but: Hal Foster images.  (via)
• A modern version of the 1968 game Hammurabi.  (via)
• I feel open source has turned into two worlds.
• Classic Computer Replicas.  (via)
• Deep Fishing, a Sinclair game.  (indirectly via)
• FIST, a paranormal A-Team RPG.  (via)
• XScreenSaver 6.11 out – for the Wayland experimenters.
• listfile: help your scripts process a list of things.
• Blink and you’ll miss it! 4096 colours and flashing text on the console!
• KDE Plasma 6.4 has landed in OpenBSD.
• pkgsrc-2025Q2 has been released.
• The Apple Johnathan, new to me.  (via)
• Microscope RPG, a GMless game for building a world.  (via, via)
• my official list of post-glitch.com hosting options.
• How to install FreeBSD on providers that don’t support it with mfsBSD.  I’ve linked to this sort of method before.
• Ghostty is available for FreeBSD, from a comment last week.

Your unrelated music link of the week: Beanbag metal.

Hi, good evening.

As mentioned in the title of this thread, I’m having trouble selecting the CPU frequency.

To start with, as shown in the video, the maximum frequency of my laptop’s processor is 3.4 GHz — or am I mistaken?

It also shows that with Turbo Boost enabled, the maximum allowed frequency is 2701 MHz. However, in the list of available frequencies provided by sysctl, 2701 MHz doesn’t appear.

And when I try to select any of the available ones from the list, it doesn’t let me, as shown in the video.

I’m trying to understand what’s going on, since I’m currently tweaking the acadapter script in powerd for power management. This is how I have the script set up at the moment:

#!/bin/sh -
#
#       $NetBSD: acadapter,v 1.4 2010/12/31 09:29:43 jruoho Exp $
#

CURRENT_FREQ=$(sysctl -n machdep.cpu.frequency.current)
TARGET_HIGH=2701
TARGET_LOW=600

case "${2}" in
pressed)
    logger -p info "${0}: Conectado a corriente: evaluando frecuencia actual (${CURRENT_FREQ} MHz)..." >&1

    if [ "$CURRENT_FREQ" -le "$TARGET_LOW" ]; then
        logger -p info "${0}: Ajustando frecuencia a alto rendimiento ($TARGET_HIGH MHz)" >&1
        /sbin/sysctl -w machdep.cpu.frequency.target=$TARGET_HIGH
    else
        logger -p info "${0}: Frecuencia ya está optimizada ($CURRENT_FREQ MHz)" >&1
    fi

        for intf in $(/sbin/ifconfig -l); do
                /sbin/ifconfig $intf -powersave >/dev/null 2>&1
        done

        # Activar brillo máximo de la pantalla
        /sbin/sysctl -w hw.acpi.acpiout15.brightness=100

        # Iniciar cron (recoleccion de logs, mantenimiento)
        #
        /etc/rc.d/cron start

        /etc/rc.d/cupsd start
        /etc/rc.d/ntpd start

        # Iniciar syncthing si no está corriendo
        if ! pgrep -u skynet syncthing >/dev/null 2>&1; then
        su -l skynet -c "$HOME/.local/scripts/syncthing-wrapper.sh &"
        logger -p info "${0}: Syncthing iniciado (corriente conectada)"
    fi

        exit 0
        ;;

released)
    logger -p info "${0}: Desconectado de corriente: evaluando frecuencia actual (${CURRENT_FREQ} MHz)..." >&1

    if [ "$CURRENT_FREQ" -gt 400 ]; then
        logger -p info "${0}: Ajustando frecuencia a modo ahorro ($TARGET_LOW MHz)" >&1
        /sbin/sysctl -w machdep.cpu.frequency.target=$TARGET_LOW
    else
        logger -p info "${0}: Frecuencia ya está optimizada para batería ($CURRENT_FREQ MHz)" >&1
    fi

        for intf in $(/sbin/ifconfig -l); do
                /sbin/ifconfig $intf powersave >/dev/null 2>&1
        done

        # Ajustar brillo de pantalla bajo
        /sbin/sysctl -w hw.acpi.acpiout15.brightness=20

        # Detener servicios que escriben en el disco.
        #
        /etc/rc.d/cron stop
        /etc/rc.d/cupsd stop
        /etc/rc.d/ntpd stop

    # Detener syncthing si está en ejecución
    pkill -u skynet syncthing
    logger -p info "${0}: Syncthing detenido (uso de batería)"

     /usr/sbin/syslogd -s -f /etc/syslog.conf.battery

     exit 0
     ;;

*)
        logger -p warning "${0}: Evento no soportado ${2} en dispositivo ${1}" >&1
        exit 1
        ;;
esac

I got a new MacBook Air for work as part of a fleet refresh, which happened to coincide with Dan Langille getting a new one too. I like to imagine us sitting at a coffee shop setting our kit up together; that’d be fun.

Dan goes into detail explaining what he does with a new machine. I won’t go into as much detail, but these are my high-level steps.

In the past I had Ansible scripts I’d use to stand up new machines. But desktops thesedays change so much, they were rarely usable out of the box without tinkering. So now I configure things the old fashioned way; albeit with a few choice repositories.

Pre-configuration

1. Create a USB key with the latest macOS release, and booting from it

2. Wipe the new machine, configuring APFS with encryption, with some slack space at the end for dual-booting if needed.

3. Boot into macOS for the first time, force a software update, and restart.

Is this paranoid? Probably. Does it do much? Almost certainly not. Will I keep doing it until Apple decides they don’t want to grant us permission to install things on our own computers ourselves? Absolutely yes.

Making the Mac desktop more pleasant

1. Right-click the Dock, and choose Left under Position on Screen. This makes the best use of widescreens. I also click Dock Settings… and disable Show suggested and recent apps in Dock. I also choose Only in Stage Manager for Click wallpaper to reveal desktop. You can’t disable this annoying behavior entirely, but I don’t even know what a “Stage Manager” is, so this is fine.

2. Go to the Finder, and Settings:

   • Under General, I like to uncheck all desktop items to reduce visual clutter.

   • Under Sidebar, I add my home directory and hide things like AirDrop and iCloud that I don’t use.

   • Under Advanced, I enable Show all filename extensions, and I check everything under Keep folders on top. I also choose Search the Current Folder under When performing a search.

Fixing settings

The macOS System Settings is a hot mess now, and the Search bar is functionally useless most of the time. This is as much for me to remember where settings now are, as of Sonoma:

1. Launch System Settings. These next screens are in the order they appear on the sidebar.

2. Under Network, configure the wireless and wired networks, and set the appropriate DNS settings.

3. Under Accessibility, choose Display, and enable Reduce transparency, Reduce Motion, Show window title icons, and Show toolbar button shapes. These are less about accessibility and more about taste.

4. Under Appearance, change the Accent color and Highlight Color to green. I’d choose teal, the world’s best colour, but this isn’t an option. I find green calming. I also enable Show scroll bars always, and set Sidebar icon size to small.

5. Under Apple Intelligence & Siri, verify that all that guff is turned off. Alas, this is something we all need to do every time we do an update. Hey, at least it isn’t Recall.

6. Under Control Centre, enable Show Percentage under Battery. Under Clock options, I enable Show the day of the week and Display the time with seconds.

7. Under Keyboard, drag the Key repeat rate slider to the fastest it will, go and Delay until repeat to the shortest.

8. Under Trackpad, click Tap to click.

9. Under Displays, set the resolution required for 2× HiDPI/Retina, not the hideous 1.5× that Apple now defaults to. Such sharpness!

Configuring package managers

1. Go to brew.sh for the requisite install command for the Terminal. This is what I use for graphical applications and some Mac tools.

   • Install essentials like Firefox, LibreOffice, Microsoft Office, MacVim, Ferdium, Thunderbird, the GNU Image Manipulation Program, Mattermost, KeePassXC, Inkscape, Viscosity for VPN connections, QEMU, and UTM.

2. Go to pkgsrc on SmartOS—thank you MNX!—for the pkgsrc installation tarball. I install this into /opt/pkgsrc.

   • Installing essentials like Perl, Python, LaTeX packages, my preferred shell oksh, and all my tooling.

3. Open the Mac App Store and installing a few tools like Wireguard and other chat software.

Post-install configuration

1. Connect to our home FreeBSD server and git clone my configuration, SSH, VPN, and work repos into ~/repos, then alias my dotfiles from that into my home directory.

2. Generate new keys/keypairs for SSH and Wireguard for this machine.

3. Go to Konachan.net, Wikimedia Commons, and/or our server photos folders for an appropriate wallpaper.

I think that’s it? Now back to work.

By Ruben Schade in Sydney, 2025-06-30.

So to set the stage (and it's a strange stage...) this is on NetBSD, using pkgsrc, and on hppa architecture. I build this the same way on sparc without issue.

On hppa, I get:

`_ZL17__gthread_triggerv' referenced in section `.rodata._ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev.cst4' of cmBinUtilsMacOSMachOOToolGetRuntimeDependenciesTool.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev]' of cmBinUtilsMacOSMachOOToolGetRuntimeDependenciesTool.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev.cst4' of cmBinUtilsWindowsPEDumpbinGetRuntimeDependenciesTool.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev]' of cmBinUtilsWindowsPEDumpbinGetRuntimeDependenciesTool.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev.cst4' of cmBinUtilsWindowsPEObjdumpGetRuntimeDependenciesTool.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev]' of cmBinUtilsWindowsPEObjdumpGetRuntimeDependenciesTool.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv.cst4' of cmConditionEvaluator.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv]' of cmConditionEvaluator.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv.cst4' of cmExecuteProcessCommand.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv]' of cmExecuteProcessCommand.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv.cst4' of cmFindPackageCommand.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv]' of cmFindPackageCommand.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZN17cmFunctionBlockerD2Ev.cst4' of cmForEachCommand.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZN17cmFunctionBlockerD5Ev]' of cmForEachCommand.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv.cst4' of cmGeneratorExpressionDAGChecker.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv]' of cmGeneratorExpressionDAGChecker.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev.cst4' of cmLDConfigLDConfigTool.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev]' of cmLDConfigLDConfigTool.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev.cst4' of cmPlistParser.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev]' of cmPlistParser.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv.cst4' of cmake.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZNSt16_Sp_counted_baseILN9__gnu_cxx12_Lock_policyE1EE10_M_releaseEv]' of cmake.o
`_ZL17__gthread_triggerv' referenced in section `.rodata._ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev.cst4' of cmcmd.o: defined in discarded section `.text._ZL17__gthread_triggerv[_ZN20cmBasicUVPipeIStreamIcSt11char_traitsIcEED1Ev]' of cmcmd.o
make: *** [Makefile:2: cmake] Error 1

It actually compiles everything just fine, it seems like right when it gets to creating "cmake" the binary it fails like this.

I see some other posts on here talking about changing the order in the linker section ?

I've posted to NetBSD mailing lists, as well as the CMake Discourse forum and no replies yet.

Any ideas would be greatly appreciated.

I’m on the road as I type this – though I’ll be back by the time it’s posted – and so the links are without much comment.

• The Best Interfaces We Never Built.
• The 80s were shit.   (via)
• Memory Banks.
• Malleable Software.  (via)
• Lightweight C compilers.
• Exterminate all rational AI scrapers, redux.
• A year of funded FreeBSD.
• Bill Atkinson Dies From Cancer at 74.  Few people realize how much of the modern software world came right from what he did.  (via)
• So you should read Memories of Lisa for the details.  (via)
• Unveiling the EndBOX: A NetBSD-based embedded box for EndBASIC.
• BoxyBSD.  (via)
• Look for the UNIX license plate.

Your unrelated comics link of the week: What’s the best comic I’ve ever read?  Lynda Barry is a master of the form.  (via)

NetBSD is an OS that I installed only a couple of times over the years, so I’m not very familiar with its installer, sysinst. This fact was actually what led to this article (or the whole series rather): Talking to a NetBSD developer at EuroBSDcon 2023, I mentioned my impression that NetBSD was harder to install than it needed to be. He was interested in my perspective as a relative newcomer, and so I promised to take a closer look and write about it. While it certainly took me long enough, I finally get to do this. So let’s take a look at NetBSD’s installer, shall we? The version explored here is NetBSD 10.1 on amd64.

↫ Eerie Linux

An excellent deep, deep dive into the NetBSD installer. The two earlier installments cover FreeBSD’s and OpenBSD’s installers.

Of course you can run Doom on a $10,000+ Apple server running IBM AIX. Of course you can. Well, you can now.

Now, let’s go ahead and get the grumbling out of the way. No, the ANS is not running Linux or NetBSD. No, this is not a backport of NCommander’s AIX Doom, because that runs on AIX 4.3. The Apple Network Server could run no version of AIX later than 4.1.5 and there are substantial technical differences. (As it happens, the very fact it won’t run on an ANS was what prompted me to embark on this port in the first place.) And no, this is not merely an exercise in flogging a geriatric compiler into building Doom Generic, though we’ll necessarily do that as part of the conversion. There’s no AIX sound driver for ANS audio, so this port is mute, but at the end we’ll have a Doom executable that runs well on the ANS console under CDE and has no other system prerequisites. We’ll even test it on one of IBM’s PowerPC AIX laptops as well. Because we should.

↫ Cameron Kaiser

Excellent reading, as always, from Cameron Kaiser.

On May 17, 21:00 UTC we had The NetBSD Foundation Annual General Meeting on #netbsd-agm IRC channel on Libera.Chat.

We had presentations from:

• board (billc)
• secteam (billc)
• releng (martin)
• core (riastradh)
• finance-exec (riastradh)
• membership-exec (martin, christos)
• pkgsrc-pmc (wiz)
• pkgsrc-security (tm, leot)
• gnats (dh)

At the end we also had a Q&A session open to anyone.

If you have missed it you can find the IRC logs here.

[I got redirected here from StackOverflow as this is not a programming question (oops).]

For about the last three years or so, under X11, Alt+KP_[n] has yielded a different keycode/keysym (set?) than Alt+[n]. I have been using this difference to change fonts on the fly on urxvt. Checking the version of urxvt shows that the version has not changed since 2021...

rxvt-unicode (urxvt) v9.26 - released: 2021-05-14

...so, what has changed in X11 to cause this, and why has this (been) changed? Or, conversely, is there anything I can do in any of my configurations (xmodmap, etc) to re-enable this behaviour? I can't really switch to having Alt+[n] accomplish this, as I use Alt+[n] as digit-argument in bash (via .inputrc).

I would really like to get the old behaviour of Alt+KP_[n] back. KP_7 shows as a different keystroke under xev than does 7, even though it shows the same output value

This is happening on X11 under both cygwin and NetBSD.

Excerpt of xev(X11) output:

    root 0x36f, subw 0x0, time 2440468, (174,166), root:(2818,273),
    state 0x10, keycode 64 (keysym 0xffe9, Alt_L), same_screen YES,
    XLookupString gives 0 bytes:
    XmbLookupString gives 0 bytes:
    XFilterEvent returns: False

KeyPress event, serial 33, synthetic NO, window 0xc00001,
    root 0x36f, subw 0x0, time 2441828, (174,166), root:(2818,273),
    state 0x18, keycode 79 (keysym 0xffb7, KP_7), same_screen YES,
    XLookupString gives 1 bytes: (37) "7"
    XmbLookupString gives 1 bytes: (37) "7"
    XFilterEvent returns: False

KeyRelease event, serial 33, synthetic NO, window 0xc00001,
    root 0x36f, subw 0x0, time 2441906, (174,166), root:(2818,273),
    state 0x18, keycode 79 (keysym 0xffb7, KP_7), same_screen YES,
    XLookupString gives 1 bytes: (37) "7"
    XFilterEvent returns: False

KeyRelease event, serial 33, synthetic NO, window 0xc00001,
    root 0x36f, subw 0x0, time 2442734, (174,166), root:(2818,273),
    state 0x18, keycode 64 (keysym 0xffe9, Alt_L), same_screen YES,
    XLookupString gives 0 bytes:
    XFilterEvent returns: False

KeyPress event, serial 33, synthetic NO, window 0xc00001,
    root 0x36f, subw 0x0, time 2445171, (174,166), root:(2818,273),
    state 0x10, keycode 64 (keysym 0xffe9, Alt_L), same_screen YES,
    XLookupString gives 0 bytes:
    XmbLookupString gives 0 bytes:
    XFilterEvent returns: False

KeyPress event, serial 33, synthetic NO, window 0xc00001,
    root 0x36f, subw 0x0, time 2445390, (174,166), root:(2818,273),
    state 0x18, keycode 16 (keysym 0x37, 7), same_screen YES,
    XLookupString gives 1 bytes: (37) "7"
    XmbLookupString gives 1 bytes: (37) "7"
    XFilterEvent returns: False

KeyRelease event, serial 33, synthetic NO, window 0xc00001,
    root 0x36f, subw 0x0, time 2445468, (174,166), root:(2818,273),
    state 0x18, keycode 16 (keysym 0x37, 7), same_screen YES,
    XLookupString gives 1 bytes: (37) "7"
    XFilterEvent returns: False

KeyRelease event, serial 33, synthetic NO, window 0xc00001,
    root 0x36f, subw 0x0, time 2445984, (174,166), root:(2818,273),
    state 0x18, keycode 64 (keysym 0xffe9, Alt_L), same_screen YES,
    XLookupString gives 0 bytes:
    XFilterEvent returns: False

TRIED: In a urxvt, I pressed Alt+KP_7 (sub any KP_ for 7, it makes no difference).

EXPECTED: I expected, as had happened before, the font to change, by virtue of Alt+KP_7 not being interpreted as the same keystroke as Alt+7.

ACTUAL RESULT: bash prompted (arg: 7), as though I had pressed Alt+7.

Dumbness or perhaps stupidity, today’s mini theme.

• WebSysctl is Now Live!  I like the idea of this, though it would be nicer to have it accessible on the machine where you need it.  (via)
• The GAFA Stack.  Read section 3.
• 8 Bits & Still Brewin’.
• Mute when Locked.  (via)
• Web Archives and Web Archiving – Introduction for Scholars and Students.  You will need this, or at least wish you knew it better at some point.  (PDF, via)
• At one point, “..” did not exist.
• Setting Up Anubis on FreeBSD via Implement Anubis to give the bots a harder time.
• The amount of bot traffic has increased significantly, I assume to find content for AI, and ignoring robots.txt – and copyright.  I don’t think people realize the scale of this.  It’s causing a denial of service attack in server resources and developer time.
• Related, see comments here for some mod_security blocking alternatives.
• Post-Quantum Cryptography on NetBSD.
• Make Stupid Things.  (via)
• The Wadsworth Constant, learned about in #5 here.
• Dumbware, self-hosted solutions.  I like this except for the dockering.  (via)

Your unrelated audio of the week: Squarepusher’s Ultravisitor, remastered.

We are happy to announce that The NetBSD Foundation will participate in Google Summer of Code 2025 with 3 projects!

Here the list of the projects and contributors:

• Enhancing Support for NAT64 Protocol Translation in NetBSD - Dennis O.I
• Asynchronous I/O Framework - Ethan Miller
• Using bubblewrap to add sandboxing to NetBSD - Vasyl Lanko

For the next 3 weeks mentors and contributors will get in touch for the community bonding period. Mentors will help contributors to get started with the project, introduce them to the community and get more familiar with the codebase and adjusting deliverables for the the project.

Welcome Dennis, Ethan and Vasyl!

One of the few things I know about Minecraft is, some players I know and love could be playing together if someone were to run a server for them. That’s the sort of thing I’d gladly do, provided I could approximately never again pay attention to it.

Here’s what I came up with. Let’s see how it pans out.

Prerequisites

My Virtual Private Server at Panix is NetBSD/amd64 with plenty of RAM, disk, and network headroom. Marginal additional usage is therefore free.

System- and pkgsrc-provided services are controlled by the usual NetBSD-style rc.d scripts.

Site-specific services are supervised, including supervision trees controlled by each user. In the following excerpt from my running system:

• root starts sniproxy
• notqmail runs a web site and its Let’s Encrypt autorenewal,
• schmonz runs a few of each
• all these services were bounced yesterday after a regular package update

/service/sniproxy: up (pid 11133) 81141 seconds

/service/svscan-notqmail: up (pid 325) 846389 seconds
  /home/notqmail/service/renewssl.www.notqmail.org: up (pid 20951) 81141 seconds
  /home/notqmail/service/www.notqmail.org: up (pid 24539) 81141 seconds

/service/svscan-schmonz: up (pid 394) 846389 seconds
  /home/schmonz/service/agilein3minut.es: up (pid 26325) 81141 seconds
  /home/schmonz/service/latentagility.com: up (pid 24554) 81141 seconds
  /home/schmonz/service/renewssl.agilein3minut.es: up (pid 18299) 81141 seconds
  /home/schmonz/service/renewssl.latentagility.com: up (pid 14394) 81141 seconds
  /home/schmonz/service/renewssl.schmonz.com: up (pid 12424) 81140 seconds
  /home/schmonz/service/schmonz.com: up (pid 21449) 81141 seconds

These packages were already installed:

• djbdns-run
• s6-portable-utils
• unzip
• curl
• py-html2text
• jq

I’ve added these:

• openjdk21
• execline

I’m installing Minecraft’s server software manually, so it’ll be my job to notice when to update. Gotta automate the noticing, at least.

Oh, and I need a sensible process-supervision run script for the Minecraft server. The script needs to solve two application-specific system-integration problems:

1. The usual supervision signals cause the server to terminate without saving the state of the world, which seems… rude
2. The usual way to configure a running server is to get on the console and type commands into it, which implies having started it inside a tmux session (which, I love tmux, but not for this)

We solve for (1) by running the server as a child process and translating supervision signals into Minecraft commands.

We solve for (2) by connecting a named pipe to the server’s standard input. Then commands can be sent to the server using nothing but echo and ordinary output redirection.

Without even really being asked, my brain instantly produced the mechanisms for (1) in Perl. Then someone on #s6 shared a run script that additionally solved (2) while being more than twice as short as mine. How? By writing it in execline, a language expressly designed to be this kind of glue.

Step by step: Supervising Minecraft service

1. Create dedicated Unix user with its own process supervisor

useradd -m minecraft
mkdir -p /etc/service/svscan-minecraft/log
cd /etc/service/svscan-minecraft
cat > log/run <<'EOF'
#!/bin/sh
exec setuidgid minecraft logger -t svscan-minecraft -p daemon.info
EOF
chmod +x log/run
cat > run <<'EOF'
#!/bin/sh
exec 2>&1
exec setuidgid minecraft argv0 svscan svscan-minecraft /home/minecraft/service
EOF
chmod +x run
ln -s /etc/service/svscan-minecraft /var/service/

2. Globally, map hostname to IP

echo '+minecraft.schmonz.com:my.server.ip.here' >> /etc/tinydns/data
service tinydns reload

3. Locally, map port number to service name

echo 'minecraft 25565/tcp # minecraft.schmonz.com' >> /etc/services
service sysdb services

4. Allow incoming connections

$EDITOR /etc/npf.conf # add minecraft to $services_tcp
service npf reload

5. Download software

su minecraft
cd
mkdir -p sites/schmonz.com/minecraft/service
cd sites/schmonz.com/minecraft
mkdir bin
curl -o bin/server.jar https://piston-data.mojang.com/v1/objects/e6ec2f64e6080b9b5d9b471b291c33cc7f509733/server.jar

6. Accept EULA

mkdir data
echo 'eula=true' > data/eula.txt

7. Create control socket

mkfifo -m 0600 data/control

8. Symlink service logs where I usually look

ln -s data/logs logs

9. Create run script

cat > service/run <<'EOF'
#!/opt/pkg/bin/execlineb -P
fdmove -c 2 1
cd /home/minecraft/sites/schmonz.com/minecraft/data
redirfd -w -nb 3 control
trap -x
{
    SIGINT  { fdmove 1 3 s6-echo stop }
    SIGHUP  { fdmove 1 3 s6-echo stop }
    SIGTERM { fdmove 1 3 s6-echo stop }
    SIGPIPE { fdmove 1 3 s6-echo stop }
}
fdclose 3
redirfd -r 0 control
java -Xmx1024M -Xms1024M -jar ../bin/server.jar --nogui
EOF
chmod +x service/run

10. Enable service

ln -s /home/minecraft/sites/schmonz.com/minecraft/service ~/service/minecraft.schmonz.com

11. Send initial configuration

cat > data/control <<'EOF'
whitelist on
whitelist add so-and-so
save-on
EOF

Be notified of updates

As the minecraft user:

1. Create service and run script

cd ~/sites/schmonz.com/minecraft
mkdir -p update/service/log
cd update/service

cat > log/run <<'EOF'
#!/bin/sh

exec multilog t ./main
EOF
chmod +x log/run

cat > run <<'EOF'
#!/bin/sh

set -e
set -x

exec 2>&1

MINECRAFT_VERSIONS_ENDPOINT='https://piston-meta.mojang.com/mc/game/version_manifest.json'

running_version() {
   unzip -p ../bin/server.jar version.json \
       | jq -r .name
}

available_version() {
   curl \
       --silent \
       --user-agent "Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/81.0" \
       "${MINECRAFT_VERSIONS_ENDPOINT}" \
   | jq -r .latest.release
}

main() {
   cd /home/minecraft/sites/schmonz.com/minecraft/data

   while true; do
       running="$(running_version)"
       available="$(available_version)"
       if [ "${running}" != "${available}" ]; then
           echo "MINECRAFT SERVER UPDATE NEEDED: ${running} -> ${available}"
           echo "" | mail -s "Please update Minecraft server: ${running} -> ${available}" [email protected]
       fi
       sleep 250000
   done
}

main "$@"
exit $?
EOF
chmod +x run

2. Enable service

ln -s /home/minecraft/sites/schmonz.com/minecraft/update/service ~/service/update.minecraft.schmonz.com

Further improvements

If it’s desirable to have the server periodically auto-save, I’ll add one more service that writes save-all to data/control.

If pkgsrc had a minecraft-server package (FreeBSD Ports does), I could delete my ad hoc update-notification service. Maybe I’ll make it so. I do like packaging things as part of my area-under-the-curve strategy.

My host-specific supervision trees and pkgsrc’s djbware rc.d scripts (qmailsmtpd, for instance) are still using daemontools. I’ve had the intention to switch to s6 for a long time. When it happens, I’ll be happy about it.

I haven’t tried to understand why there are “Java” and “Bedrock” editions of Minecraft, but it seems like they don’t interoperate. I’m sure there are reasons for this product segmentation and that I’ll come to better understand them in the fullness of time. Meanwhile, if and when I need to add Bedrock client interop, Geyser looks like an easy option — once I’m running something other than the vanilla upstream Minecraft Java server. I’ll need to try to understand that whole situation, too.

Are you an experienced Minecraft server administrator? Please share tips and advice!

On Linux, this command

fstrim -av

I will remove all unused blocks (particularly interesting on VM disks and necessary on SSD to preserve/get a longer duration). NetBSD has a similar command called blkdiscard

This command wipes the entire disk, so it becomes unusable (correct me if I am wrong)

blkdiscard -v /dev/rwd...

I see there is a flag which starts to discard after some bytes (or MB)

blkdiscard -v -f 256m -m 128m /dev/rwd0c

Suppose my partition uses 6GB of data, to make a safe discard (my data still remains), is this the correct command?

blkdiscard -v -f 6000m -m 128m /dev/rwd0c