NetBSD Planet


September 30, 2022

/r/NetBSD Announcing the pkgsrc 2022Q3 branch
submitted by /u/ptkrisada
[link] [comments]

September 29, 2022

Pullup 8 [pullup-8 #1768] mfii intr [[email protected]: CVS commit: src/sys/dev/pci]
Pullup 9 [pullup-9 #1534] mfii intr [[email protected]: CVS commit: src/sys/dev/pci]
Pullup 8 [pullup-8 #1767] interrupt patch for mpii

September 28, 2022

/r/NetBSD Need help mounting ext2 partition under NetBSD

Hi. My hard drive (using MBR) is partitioned into 4 partitions: (0, 1, 3) for Linux, and (2) for NetBSD:

0: Linux native (sysid 131) start 2048, size 262144 (128 MB, Cyls 0-17/113/33) PBR is not bootable: All bytes are identical (0x00) 1: Linux swap or Prime or Solaris (sysid 130) start 264192, size 6291456 (3072 MB, Cyls 17/113/34-433/137/57) PBR is not bootable: All bytes are identical (0x00) 2: NetBSD (sysid 169) bootmenu: NetBSD start 6557696, size 67106816 (32767 MB, Cyls 433/170/27-4871/237/61), Active 3: Linux native (sysid 131) start 73664512, size 903106543 (440970 MB, Cyls 4871/237/62-64601/62/29) PBR is not bootable: All bytes are identical (0x00) 

NetBSD detected the slices in (2), named wd0:

# size offset fstype [fsize bsize cpg/sgs] a: 60835840 6557696 4.2BSD 0 0 0 # (Cyl. 6505*- 66858*) b: 6270976 67393536 swap # (Cyl. 66858*- 73079*) 

I wanted to mount my Linux boot (ext2) partition, which was (0). But no Linux partitions were recognised by the kernel. So I did some research and then found out about dk(4). I rebuilt the kernel with options DKWEDGE_METHOD_MBR uncommented. The kernel did boot up, but it couldn't mount the root partition (wd0a). But it did recognise the Linux partitions on /dev/dk*:

[4.8364408] wd0 at atabus0 drive 0 [4.8364408] wd0: <ST500LT012-9WS142> [4.9467467] dk0 at wd0: "wd0e" [4.9467467] dk1 at wd0: "wd0f" [4.9467467] dk2 at wd0: "wd0h" [5.0676107] boot device: wd0 [5.0676107] root on wd0a dumps on wd0b [5.0676107] vfs_mountroot: can't open root device [5.0676107] cannot mount root, error = 16 [5.0676107] root device (default wd0a) 

Is there a workaround for both the NetBSD and the Linux partitions to be detected and mounted?

Thanks in advance.

submitted by /u/TCH69
[link] [comments]

September 27, 2022

/r/NetBSD "Best" way to share files from a NAS

So a few days back I made a post asking a few questions regarding a NAS I'm about to build. I liked the response I got so I figured I might as well ask something else that I have been pondering in preparation for my build.

My use case is as follows: I want to build a NAS to store backups of config files and 3D files from Windows, and I want to store backups of config files and read media files from a *nix pc. I don't want the systems to have access to the same files. Also, if possible, I like to try and run things securely even on my own LAN, just in case (so password/key files to access files etc.). I don't care much about speed, as long as I can play a video stored on the NAS on my *nix pc.

I have pretty much no experience setting something like this up and there seems to be a lot of alternatives, all with pros and cons.

From what I've gathered so far it seems like SMB might be the easiest choice (especially since Windows is involved), but there seems to be security issues there. Am I correct in this assumption? NFS sounds like it's either a pain to set up or there is no security. Could I use iSCSI? Right now I'm considering SFTP for Windows and SSHFS for *nix. I been doing some reading and I might do a test setup this weekend, but I would really appreciate your opinions. Maybe the choice really is much easier than I'm making it out to be, or maybe there are options I could disregard without doing further reading/testing?

Also, I'm sorry if this is a very basic question but for a fledgling BSD-enjoying hobbyist it feels like there are a lot of variables to take into consideration.

Thanks!

submitted by /u/LapsangWithMilk
[link] [comments]
Pullup pkgsrc [pullup-pkgsrc #6673] one-line fix of CBLAS with openblas_pthread in mk/blas.buildlink3.mk

September 25, 2022

/r/NetBSD Considering using NetBSD for a NAS

Hi!

I'm in the process of building a NAS and just until recently I had pretty much decided to go with FreeBSD (zfs seems pretty cool). But I've been kind of curious about NetBSD for quite some time, and when I stumbled upon the fact that NetBSD supports zfs now then I thought that this might just be the project where I start exploring NetBSD. The thing that is holding me back a little is that running root on zfs on NetBSD seems a little, well, involved (and kind of hacky, sry no offence), at least for now.

My use case is pretty simple, I just want a NAS to keep my data in one place and safe from corruption, I don't care much about performance.

So, if I go through with this my plan would be to go with root on FFS until the bootloader is changed in such a way that I can run root on zfs in a similar way to FreeBSD and then just transition to zfs when/if that becomes possible. (Or maybe you could convince me that FFS would be fine?) My primary reason for running root on zfs would be for snapshots and the self healing properties.

Now here is my main question: Let's say I run root on FFS on a separate drive and it goes totally bonkers, is there a risk to the data integrity of my zfs pools? Or could I just replace my drive, reinstall NetBSD and import the pools?

Thanks in advance!

submitted by /u/LapsangWithMilk
[link] [comments]
/r/NetBSD Need help installing NetBSD onto a USB drive

I'm trying to install netbsd onto a USB drive that is permanently attached to a laptop. I can get through the installer, but first boot fails. Following the guide in Chapter 5,, when I try to boot to the USB drive it is telling me that it's not configured properly.

Any tips?

submitted by /u/zzuum
[link] [comments]

September 24, 2022

NetBSD Blog The Geeks way of checking what the outside wheather is like

Prologue

When I bought my house in 2004 I went shopping for a outside thermometer - and ended up with a full weather-station instead (a WS2300). When I unpacked it I found a serial cable inside...

Long story short - I was still in the process of recabling the house (running ethernet to every room) and added a serial cable from the machine room to the WS2300, and then did some pkgsrc work and got misc/open2300 and misc/open2300-mysql. I used those to log the data from the weather-station to a mysql database, and later moved that (via misc/open2300-pgsql) to a postgres database.

Now sometime this year the machine running that database had to be replaced (should have done that earlier, it was power hungry and wasteful). The replacement was an aarch64 SoC (a Pine64 Quartz64 model A) - and it had no real com ports (of course) any more. I had experimented with USB serial adapters and the WS2300 before, but for unclear reasons this time I had no luck and couldn't get it to work. Since some of the outdoor sensors of the old weather-station had started failing, I decided to replace it.

New Weather-Station, new Sensors

I picked a WS3500 because it comes with a nice remote sensor arrangement:

I attached it to a satellite dish mount about 1.2m above my garage and ran a two wire cable through the mount to supply it with 3V and get rid of any batteries. It does not have a connector for that, but the battery compartment had enough space for a 330µF elco and soldering that and the cable directly to the battery contacts was easy.

The sensors report to the weather-station via a proprietary protocol in the 868 MHz band.

New Weather-Station, new Reporting

The weather-station can connect to a wifi network but does not offer any services itself. The app used to configure the station offers several predefined weather collection services.

I found the idea a bit strange to have my local weather data logged to some server somewhere else in the cloud and then get it back via my browser, but for others this is a good thing. I found this article that describes exactly the remote-only, no machines required on-site setup. I used that article as inspiration for the data collection (but that part turned out to be quite trivial, see below) and copied a lot of the presentation site from it (also more details below).

So in my setup I created web servers on two dedicated ports of my tiny machine running the postgres server. One is used by the weather-station for reporting the data, the other is used to query the database.

The configuration of the weather-station for a custom server was easy:

I tested the ecowitt protocol first. It uses a post to a fixed URL and the form data has nearly identical data as we get with the solution I ended up with - only a few names (of form fields) are slightly different.

The blacked items "StationID" and "StationKey" appear verbatim in the reported data, you can set them to whatever you want - the scripts below do not check them.

The weather underground protocol does a simple http GET and provides all data as query parameters (I had to add the trailing question mark in the configuration). This makes it very easy to extract the data in a script on the server side.

But lets get there step by step. NetBSD comes with a http/https server in base, originally called "bozohttpd". It is very lightweight, but it can run various types of scripts - I picked the plain old simple CGI and /bin/sh as language, using a bit of awk to convert units.

First I added two users, so I could separate file access rights. This is how they look like in vipw:

weatherupdate:*************:1004:1004::0:0:Weather Update Service:/weather/home:/sbin/nologin
weatherquery:*************:1005:1004::0:0:Weather Query Service:/weather/query:/sbin/nologin
and two httpd instances for them /etc/inetd entry to collect the incoming data:

88		stream	tcp	nowait:600	weatherupdate	/usr/libexec/httpd	httpd -q -c /weather/cgi /weather/files
89		stream	tcp	nowait:600	weatherquery	/usr/libexec/httpd	httpd -q -c /weather/cgi -M .js "text/javascript" - - /weather/files

The document root (/weather/files) would not be used for the instance on port 88, but httpd needs one. Note that these lines use the quiet flag ("-q") which is only available in netbsd-current. You can replace it with "-s" for older versions.

The home directories of both users are mostly empty, besides a .pgpass file that contains the password for this user connection to the postgres server. They look like this:

127.0.0.1:5432:weatherhistory:open2300:xxxxxxxxxxxxxx

where "weatherhistory" is the datebase and "open2300" is the name of the postgres user for the update script and the password is x-ed out. The other file looks very similar:

127.0.0.1:5432:weatherhistory:weatherquery:xxxxxxxxxxx

At the postgres level the user "weatherquery" needs to have SELECT privilege on the table "weather", and "open2300" needs to have INSERT privilege. The table schema (output of "pg_dump -s") looks like this:

--
-- Name: weather; Type: TABLE; Schema: public; Owner: weathermaster
--

CREATE TABLE public.weather (
    "timestamp" timestamp without time zone DEFAULT '1970-01-01 00:00:00'::timestamp without time zone NOT NULL,
    temp_in double precision DEFAULT '0'::double precision NOT NULL,
    temp_out double precision DEFAULT '0'::double precision NOT NULL,
    dewpoint double precision DEFAULT '0'::double precision NOT NULL,
    rel_hum_in integer DEFAULT 0 NOT NULL,
    rel_hum_out integer DEFAULT 0 NOT NULL,
    windspeed double precision DEFAULT '0'::double precision NOT NULL,
    wind_angle double precision DEFAULT '0'::double precision NOT NULL,
    wind_chill double precision DEFAULT '0'::double precision NOT NULL,
    rain_1h double precision DEFAULT '0'::double precision NOT NULL,
    rain_24h double precision DEFAULT '0'::double precision NOT NULL,
    rain_total double precision DEFAULT '0'::double precision NOT NULL,
    rel_pressure double precision DEFAULT '0'::double precision NOT NULL,
    wind_gust double precision DEFAULT 0 NOT NULL,
    light double precision DEFAULT 0 NOT NULL,
    uvi double precision DEFAULT 0 NOT NULL
);

ALTER TABLE public.weather OWNER TO weathermaster;

--
-- Name: weather weather_pkey; Type: CONSTRAINT; Schema: public; Owner: weathermaster
--
ALTER TABLE ONLY public.weather
    ADD CONSTRAINT weather_pkey PRIMARY KEY ("timestamp");

--
-- Name: TABLE weather; Type: ACL; Schema: public; Owner: weathermaster
--
GRANT INSERT ON TABLE public.weather TO open2300;
GRANT SELECT ON TABLE public.weather TO weatherquery;

As noted above, I carried this database over (with minor modifications) from previous instances of the whole setup - so it may not be optimal or elegant. One thing that needs special attention is the "timestamp" column - it carries date/time in UTC and has no timezone associated. This looked like a natural choice, but has some unexpected consequences. When querying data in JSON format, "timestamp" will not get the JavaScript marker for "UTC", a "Z" suffix. So in the JavaScript code in the web pages you will find quite a few places that cover up for this.

Now when the weather station sends data to the configured server, inetd(8) runs httpd(8) and that invokes a shell script /weather/cgi/update.cgi as the "weatherupdate" user. This script uses awk(1) to do a few unit conversions and output a SQL command to insert the data into the "weather" table. This SQL command is then piped to psql(1) with the connection string passed on the command line. The corresponding password is found in ~/.pgpass of the "weatherupdate" user.

The script looks like this:

#! /bin/sh

TZ=UTC; export TZ

awk -v $( echo "$QUERY_STRING" | sed 's/\&/ -v /g' ) 'BEGIN {

temp=(tempf-32)/1.8;
indoortemp=(indoortempf-32)/1.8;
dewpt=(dewptf-32)/1.8;
windchill=(windchillf-32)/1.8;
windspeed=windspeedmph*1.609344;
windgust=windgustmph*1.609344;
rain=rainin*25.4;
dailyrain=dailyrainin*25.4;
totalrain=totalrainin*25.4;
rel_preasure=baromin/0.029529980164712;

printf("INSERT INTO weather VALUES ('"'"'%s'"'"', %f, %f, %f, %d, %d, %f, %d, %f, %f, %f, %f, %f, %f, %f, %f);\n",
	strftime("%F %T"),
	indoortemp,
	temp,
	dewpt,
	indoorhumidity,
	humidity,
	windspeed,
	winddir,
	windchill,
	rain, dailyrain, totalrain,
	rel_preasure,
	windgust,
	solarradiation, UV);

}' | psql "hostaddr='127.0.0.1'dbname='weatherhistory'user='open2300'" > /dev/null 2>&1

Note that it explicitly sets the timezone to UTC. The input data comes (as defined by CGI) via the QUERY_STRING environment variable, as a set of "field=value" items, separated by &. They are converted to sets of "-v" args for the awk invocation via a simple sed script.

With this in place, the weather-station adds a record every five minutes to the database, and it was fun to check it via SQL, but for reasons not quite clear to me most of the rest of the family did not like that kind of access very much.

psql (14.5)
SSL connection (protocol: TLSv1.3, cipher: TLS_AES_256_GCM_SHA384, bits: 256, compression: off)
Type "help" for help.

weatherhistory=> select min(temp_out), max(temp_out) from weather;
  min  | max  
-------+------
 -18.1 | 80.9
(1 row)

I initially thought the 80.9°C were measured while I was soldering the power cable, but apparently they were fallout from the sometimes failing sensors of the old station. The database has 2840 rows with temp_out > 40°C and all of them are 80.something. I should replace them with an average of the neighbor records.

Presenting the data

So I needed an internal web site. Which needs access to the data. The above setup already paved the way for that, via the second port I set up. I wanted to show all the current data in one page, and variable history data on another - which meant two CGI scripts to query the data. The /weather/cgi/latest.cgi script just fetches the last record logged and creates a JSON from it, and also uses pom(6) and the sunwait(1) program from pkgsrc to supply some site and date specific data:

#! /bin/sh

PATH=/usr/games:/usr/pkg/bin:$PATH

GEOPOS="51.505554N 0.075278W"	# geographic position of this weather station
UPDATE=300			# seconds between updates

# This script uses psql(1) from pkgsrc/databases/postgresql14-client,
# pom(6) from the NetBSD games set and pkgsrc/misc/sunwait.

# collect global site data: sunrise and friends
eval $( sunwait report ${GEOPOS} | awk -F": " '
	/Sun directly north/	{
		printf("zenith=\"%s\"\n", $2);
	}
	/Daylight:/		{
		split($2,v," to ");
		printf("sunrise=\"%s\"\nsunset=\"%s\"\n", v[1], v[2]);
	}
	/with Civil twilight:/	{
		split($2,v," to ");
		printf("dawn=\"%s\"\ndusk=\"%s\"\n", v[1], v[2]);
	}
	/It is: Day/ {
		printf("day=true\n");
	}
	/It is: Night/ {
		printf("day=false\n");
	}
' )

# moon phase
eval $( pom | awk '-F('	'
	/The Moon is Full/	{ printf("moontrend=\"-\"\nmoon=100\n"); }
	/The Moon is New/	{ printf("moontrend=\"+\"\nmoon=0\n"); }
	/First Quarter/		{ printf("moontrend=\"+\"\nmoon=50\n"); }
	/Last Quarter/		{ printf("moontrend=\"-\"\nmoon=50\n"); }
	/Waxing/		{
		a=$0;
		sub(/^.*\(/, "", a);
		sub(/%.*$/, "", a);
		printf("moontrend=\"+\"\nmoon=%d\n", a+0);
	}
	/Waning/		{
		a=$0;
		sub(/^.*\(/, "", a);
		sub(/%.*$/, "", a);
		printf("moontrend=\"-\"\nmoon=%d\n", a+0);
	}
' )

# start the json output
printf "\n\n{ \"site\": { \"updates\": ${UPDATE},
	\"dawn\": \"${dawn}\", \"sunrise\": \"${sunrise}\",
	\"zenith\": \"${zenith}\", \"day\": ${day},
	\"sunset\": \"${sunset}\", \"dusk\": \"${dusk}\",
	\"moon\": { \"trend\": \"${moontrend}\", \"percent\": ${moon} }\n}, \"weather\":\n"

# fill database results
printf "WITH t AS ( SELECT * FROM weather ORDER BY timestamp DESC LIMIT 1 ) SELECT row_to_json(t) FROM t;\n" |
	psql --tuples-only --no-align "hostaddr='127.0.0.1'dbname='weatherhistory'user='weatherquery'"

# terminate json
printf "\n}\n"

As you can see, if you would restrict output to plain data from the database, the script would be only four or five lines long. But I like the additional spicing.

The /weather/cgi/history.cgi script fetches rows between two timestamps passed to it (in JSON timestamp format) and answers with a JSON containing an array of all the data in the requested time window:

#! /bin/sh

COND=$( echo "${QUERY_STRING}" | tr '&' '\n'| sed -e 's/%22/\"/g' -e 's/%3A/:/g' | awk '
	/from=/	{ v=$0; sub(/^[^"]*\"/, "", v); sub(/\".*$/, "", v); arg_from=v; }
	/to=/	{ v=$0; sub(/^[^"]*\"/, "", v); sub(/\".*$/, "", v); arg_to=v; }
	END	{
		if (arg_from && arg_to) {
			printf("timestamp >= '"'"'%s'"'"' AND timestamp <= '"'"'%s'"'"'\n",
			    arg_from, arg_to);
		}
	}
' )

if [ -z "${COND}" ]; then
	# printf "could not parse: ${QUERY_STRING}\n" >> /tmp/sql.log
	exit 0;
fi

# start output
printf "\n\n"

# printf "${COND}\n" >> /tmp/sql.log

# fill database results
printf "WITH t AS ( SELECT * FROM weather WHERE ${COND} ORDER by timestamp ASC ) SELECT json_agg(t) FROM t;\n" |
	psql --tuples-only --no-align "hostaddr='127.0.0.1'dbname='weatherhistory'user='weatherquery'" # 2&>> /tmp/sql.err

Fetching this data now is easy in JavaScript.

We have a request URL defined as a const, like this:

const queryURL = 'http://weatherhost.duskware.de:89/cgi-bin/history.cgi?';

and then add (if needed) the paramaters for the query, like in this example function that gets passed a from-date and a to-date:

function showData(fromD, toD)
{
        var url = new URL(queryURL);
        url.searchParams.append("from", '"'+fromD.toJSON()+'"');
        url.searchParams.append("to", '"'+toD.toJSON()+'"');
        fetch(url).then(function(response) {
                return response.json();
        }).then(function(data) {
                makeGraphs(data);
                updateButtons();
        }).catch(function(error) {
                console.error(error)
        });   
}

When the answer from the server arrives, it is decoded as JSON and returned as input data to the next function that makes some graphs from the data array. Finally a few buttons are updated (in this example the time window is put into a start and a end date control.

Inspired by the post mentioned above I used canvas gauges for the display of the latest data and dygraphs for the display of historic data.

Here is an example of how the latest display looks:

And here is how the history display looks:

I have put an archive of the cgi scripts and web pages here, and also for the curious who just want to peek at the full glory of my web design skills the start page (showing the latest weather data) and the history page.

Besides those files, you will need

Then you should be ready to go - easy, isn't it? And no heavy weight dependencies or pkgs needed.

What about other weather stations?

There are quite a few similar weather stations out there now that seem to run "related" firmware and have similar capabilities. Most likely the update script (and details in the presentation pages) will need adjustements for other types.

If you start with a different device, just log all the data it sends and adjust the cgi scripts/database/JavaScript accordingly. For protocol analyzis there are several easy means:

Here is what a debug.cgi script could look like:

#! /bin/sh
env > /tmp/debug.env
printf "\n\nOK\n"
cat > /tmp/debug.input &

This allows you to see the form input in /tmp/debug.input and the CGI environment in /tmp/debug.env.

DragonFly BSD Digest In Other BSDs for 2022/09/24

Check the first link; it’s time-dependent.


September 23, 2022

Pullup 9 [pullup-9 #1533] sunxican fixes [[email protected]: CVS commit: src/sys/arch/arm/sunxi]
Frederic Cambus Toolchains adventures - Q3 2022
My continuous journey into toolchains, in the third quarter of 2022

This is the sixth post in my toolchains adventures series. Please check the previous posts in the toolchains category for more context about this journey.

In Pkgsrc land, I updated binutils to the 2.39 version, mold to the 1.3.1, 1.4.0, 1.4.1, and 1.4.2 versions, patchelf to the 0.15.0 one, and finally pax-utils to the 1.3.5 one.

Regarding OpenBSD, we imported llvm-profdata into the base system in early July, so I took the opportunity to propose importing llvm-cov as well. This was accepted and is now committed, which will allow producing reports from coverage data without having to install the devel/llvm port.

I also submitted a binutils port, with the stated goal to have up to date versions of the GNU binary utilities. As such it excludes as (for which we have the devel/gas port) and ld. This is intended to replace the aging versions we have in the base system (from binutils 2.17, released in 2006). All installed utilities have the ‘g’ prefix prepended to the binary name. After importing it, I noticed packages didn’t build on OpenBSD/arm64 and OpenBSD/armv7, so I got the chance to send patches upstream to add OpenBSD ARM and AArch64 Little Endian BFD support. While there, I also added the required entry for AArch64 GAS support in upstream binutils.

In September, I got the opportunity to attend the GNU Tools Cauldron 2022 conference which was held on September 16-18th 2022 in Prague, Czech Republic. Three days of talks and discussions about the GNU toolchain, in a friendly and relaxed atmosphere. There were a lot of interesting talks and people, and being able to discuss such topics in person was a nice change.

That’s all for now… Stay tuned!

binutils commits:

2022-09-02 d0a122d Add OpenBSD ARM Little Endian BFD support
2022-08-31 6472b23 Add OpenBSD AArch64 GAS support
2022-08-22 ba86e75 Add OpenBSD AArch64 Little Endian BFD support

LLVM commits:

2022-08-01 892e6e2 [clang] Update Clang version from 15 to 16 in scan-build.1
Pullup pkgsrc [pullup-pkgsrc #6672] Fwd: CVS commit: pkgsrc/textproc/expat
Pullup 9 [pullup-9 #1532] PR 57018

September 22, 2022

Ruben Schade Cartron asks what FreeBSD machines I use

In response to my Windows 11 game post where I mentioned dual-booting into FreeBSD most of the time, the imitable @Cartron asked what machines I use. It’s been a while since I’ve done a post like this.

These are my FreeBSD machines at the time of writing:

And the ones I have on the horizon:

I also have a few physical and virtual machines running NetBSD, but that’s for another post.

Details about these machines are also on my Omake outline under Gear.

By Ruben Schade in Sydney, 2022-09-23.


September 20, 2022

UnitedBSD How to Setup Apache/FCGID on NetBSD 9.3

Greetings! This is the first of many guides I am going to post about that discuss how to do various tasks on NetBSD. A lot of guides out there aren't the best due to age or whatnot so I wanted to take a crack at some guides.

This guide uses Apache 2.4, PHP 7.4, mod_fcgid, on NetBSD 9.3 with KASLR enabled, but that latter shouldn't matter for this.

Installing all dependencies

Firstly, edit the mk.conf. Here are the relevant flags this guide was tested with

PKG_OPTIONS.apache=-apache-mpm-prefork -apache-mpm-worker suexec

Do not use MPM Prefork or Worker. This guid isn't using DSO/mod_php due to it being insecure, inefficient and dealing with process overhead. MPM event will automatically install.

Install the following pkgs:
www/apache24
www/ap2-fcgid
lang/php74
meta-pkgs/php74-extensions

Once installed, enable apache in rc.conf and cp /usr/pkg/share/examples/rc.d/apache to /etc/rc.d/.

Setting up Apache

All files for apache are in /usr/pkg/etc/httpd

Webroot can be anywhere, but this guide will use the structure /srv/www/domain.com/public_html

SSL setup won't be part of this guide, but if there's demand I may followup.

php.ini is in /usr/pkg/etc

Edit the httpd.conf, add the following line to the end of the modules:

LoadModule fcgid_module lib/httpd/mod_fcgid.so

Double check to ensure mod_ssl and mpm_event are enabled.

Now httpd-vhost.conf, same directory. This is where the vhost will be setup.

<VirtualHost *:80>
DocumentRoot "/srv/www/testdomain.net/public_html"
ServerName testdomain.net
<IfModule mod_fcgid.c>
<Directory /srv/www/testdomain.net/public_html>
Options +ExecCGI
AddHandler fcgid-script .php
FCGIWrapper /srv/www/testdomain.net/public_html/startfcgi
DirectoryIndex index.php
AllowOverride all
Require all granted
</Directory>
FcgidMaxRequestLen 20000000
</IfModule>
ServerSignature Off
</VirtualHost>

The Virtualhost will need to look something like this. AllowOverride is necessary if the site needs a .htaccess, but it can also be put in the vhost instead for faster performance, and AllowOverride turned off. Next, the startfcgi script:

#!/bin/sh
PHPRC=/usr/pkg/etc
export PHPRC
export PHP_FCGI_MAX_REQUESTS=5000
export PHP_FCGI_CHILDREN=8
exec /usr/pkg/libexec/cgi-bin/php

Using SuExec is very similar -- this guide didn't need it because one domain only being served by it.

Set the +x executable to startfcgi, and chown -R www:www /srv/www -- put any PHP files in there.

At this point serving a PHP file should work. It's a good idea to deny access to the script in htaccess or vhost config.

That's basically it. I have similar docs in the works for PostgreSQL, and many others (including things like varnish, NGINX, MariaDB etc. I will also be sharing hacks and tricks for NetBSD as I can. )

UnitedBSD Battery draining and troubleshooting/optimization

Hello all, I wanted to understand what is draining my battery so quickly.

I know that netbsd should be less optimized as e.g., GNU/Linux when it comes to battery but still i guess it could be a good learning experience to understand what is draining my battery and what kind of optimizations i can do.

I guess one of the things would be to compile a custom kernel right?

Greetings

NetBSD Blog EuroBSDCon 2022

No videos are available yet to provide much-needed context to presentations, but we'll keep you posted.

Day -2 - Arrival in Vienna

After being thoroughly delayed by Deutsche Bahn, I hopped off an InterCity Express train to check out the hotel room for people speaking at EuroBSDCon, which was An Experience in itself. There was a mural of a shirtless man with a sword covered in snakes next to my bed, what else do you need in life? Lots of coffee, obviously.

Begin the march to the conference to listen to Marshall Kirk McKusick lecture on schedulers.

Day -1 - NetBSD Developer Summit

Around 16 NetBSD developers gathered in a room for the first time in two years. I was a little bit distracted and late due to Marshall Kirk McKusick's very detailed lecture on filesystems melting my brain somewhat, but we had the opportunity to present various informal presentations, after we'd finished showing off suspend/resume support on our ThinkPad laptops.

Benny Siegert opened with a presentation on the state of the Go programming language on NetBSD (and whether it is "in trouble"), covering various problems with instability being detected inside the Go test suite. Go is particularly interesting (and maybe error-prone) because it mostly bypasses NetBSD libc, which is unusual for software running on NetBSD, instead preferring to implement its own wrappers around the kernel's system calls.

A few problems had been narrowed down to being (likely) AMD CPU bugs, others weren't reproducible in production (outside of the test suite) at all, and others may have been fixed in NetBSD 9.1 - the NetBSD machines running tests for Go do need to be updated. If you're from AMD, please get in touch.

We've got a very impressive test suite for NetBSD itself, but outside tests are always useful for identifying problems that we can't catch... that said, they do require a lot of work to maintain, and a lack of patience is understandable. We'd love any help we can get with this.

I pointed out that we get occasional failures bootstrapping Go in pkgsrc, and better debug output would be nice -- Benny was able to arrange this within the day, and we should get nice detailed bootstrapping logs for Go now.

Pierre Pronchery ([email protected]) discussed cross-BSD collaboration on synchronizing our device driver code bases, including his recent NetBSD Foundation-supported work on the emuxki(4) sound card driver, where other BSDs have taken the same code base but improvements had not yet been universal. We all agreed that collaboration and keeping drivers in sync is important. We talked about the on-going project to synchronize NetBSD Wi-Fi drivers with FreeBSD.

Martin Kjellstrand then gave us a very nice demonstration of his NetBSD docker images, and how easy it is to spin up NetBSD on-demand to run a command (this also has wide potential for being useful for testing). In turn, I rambled a bit about my own experiments of dynamically creating NetBSD images. This would lead to a later discussion about whether we need to prioritize improving the resize_ffs(8) command's support for new filesystems.

The theme of creating NetBSD images "for the cloud" continued, with Benny Siegert presenting again about NetBSD on Google Compute Engine.

Stephen Borrill then stepped up to give us an incredibly detailed history of the British computer company Acorn Computers, complete with his personal experiences servicing Acorn machines in the early 90s. We discussed the history of the ARM CPU, and NetBSD/acorn32.

Nia Alarie (surprise) finished up with a very short unplanned demonstration of some of the projects she's been working on lately - using NetBSD as a professional digital audio workstation, improving the default graphical experience of NetBSD with dynamically generated menus, and (again) creating customized micro-images of NetBSD. We discussed support for MIDI devices (I'd later chat with some of the FreeBSD people about collaborating on JACK MIDI).

We then retired to Thomas Klausner ([email protected])'s favorite ramen restaurant and discussed, among other things, Studio Ghibli films, and trains. Trains would be a recurring theme.

Day 0 - start of talks

We began the day with two NetBSD presentations scheduled back-to-back. This mostly meant that I got to talk about some of NetBSD 10's upcoming features, and why it's taking so long to a small crowd of interested people who didn't have much prior experience with NetBSD, while in another room Taylor R. Campbell ([email protected]) discussed his very dedicated efforts to make suddenly disappearing devices more reliable and not crash the kernel (we're still waiting for a live demonstration).

Next, Pierre Pronchery ([email protected]) discussed the power of pkgsrc for creating consistent environments across platforms for software developers, serving as a nice portable, classic Unix alternative to technologies like Docker and Nix.

The final presentation of the day was [email protected] again, this time providing a live lecture (from Emacs!) about memory barriers in the kernel. We all learned to appreciate the nice abstractions technologies like mutexes provide to stop CPUs from re-ordering code on multi-processor machines in inexplicable ways.

Day 1 - final talks

The second day of EuroBSDCon presentations was mostly devoid of anything NetBSD-focused, so we had a nice opportunity for cross-pollination and to learn and collaborate with other BSD projects. I chatted a bit with an OpenBSD Ports developer about the challenge technologies like Rust pose to developing a cross-architecture packaging system, and with a FreeBSD person about the state of professional audio on our respective platforms. Michael Dexter finished the day of presentations with a very passionate speech about why we all need BSD in our lives, regardless of our preferred flavour.

More topics were discussed in the various break periods, including whether our newest update to the GPU drivers is stable enough to include in a release (verdict: works for me).

We then watched as various BSD t-shirts and boxes of chocolates were auctioned away to support a local refugee center. The organizing committee forgot to include the NetBSD Foundation on the list of sponsors, but we forgive them.

Other news from the Project

I've recently made sure the NetBSD 10 changelog is up to date with all the new goodness, so you should check that out.


September 19, 2022

Ruben Schade aria2 can download torrent files, then their files

In this installment of things you already know, unless you don’t, you can provide Tatsuhiro Tsujikawa’s aria2 with a URL to a torrent file, and it will also download the files from the torrent:

For example, I can download NetBSD 9.2 by giving it the torrent file, instead of having to download it first:

$ aria2 https://cdn.netbsd.org/pub/NetBSD/images/9.2/NetBSD-9.2-sparc.iso.torrent

I now have an ISO, not just a torrent file. Cool!

By Ruben Schade in Sydney, 2022-09-20.

OS News An X11 apologist tries Wayland

All in all, I’m very impressed with the work the wayland community has done since I last did a serious look at the state of things. I’m still waiting for a stacking window manager that scratches the same itch for me that icewm does, but I’m following labwc with great interest. At this point though, I’ve established that I can live my life on wayland, and for the time being I am. Not everyone can yet though, and there’s still work to be done. Part of why I’m feeling the urge to transition to wayland is performance benefits, but the other part is so that I’ll be able to help solve the unsolved problems to make it viable for more people.

I don’t think X is ever going to die. Even if it fades away on Linux, there’s a lot of old video hardware that will probably only ever be well supported with real Xorg, on Linux and other OSes such as NetBSD. That stuff is already seeing support dropped in more recent versions of Xorg, and preservationists will need to do digging to find versions that still take advantage of everything the hardware has to offer. But, I understand now why the wayland folks have been talking so highly of it, and how drastically it simplifies the userland stack, and I’m no longer concerned that I’ll wake up to find my netbook has become unusable for modern software.

I’ve been on Wayland on both my laptop and workstation for a long time now, and there’s no way I’m ever going back with just how much better it performs than X.org. Only my main PC (used mostly for gaming) is still on X.org (Linux Mint), but that’s out of a combination of NVIDIA hardware and my satisfaction with Mint. I agree with the author that X.org won’t die, but the arrow of time is pointing in a very clear direction.


September 18, 2022

UnitedBSD How to troubleshoot webcam on NetBSD

Hello all,

I wanted to understand if my webcam was working under NetBSD.
I am on a Thinkpad 450s.
Few info on my systems here.
The output of uname -a is:

NetBSD T450s 9.3 NetBSD 9.3 (GENERIC) #0: Thu Aug  4 15:30:37 UTC 2022  [email protected]:/usr/src/sys/arch/amd64/compile/GENERIC amd64

The output of dmesg is here: https://bpa.st/LBVQ

If I do ls /dev/video* I see four devices:

crw-rw-rw-  1 root  wheel  193, 0 Sep  9 02:09 /dev/video0
crw-rw-rw-  1 root  wheel  193, 1 Sep  9 02:09 /dev/video1
crw-rw-rw-  1 root  wheel  193, 2 Sep  9 02:09 /dev/video2
crw-rw-rw-  1 root  wheel  193, 3 Sep  9 02:09 /dev/video3

I even tried this:

mplayer tv:// -tv driver=v4l2:device=/dev/video0 -fps 30 -vo x11

with all 4 devices (video0,1,2,3) and the only one actually opening a screen is video0, but it just opens a green window and that's all.

The messages shown for video0 are here https://bpa.st/2OOQ.

NOTE: Nothing changes if I remove the -vo x11 option, I just have a bigger green box.

Any idea?

UnitedBSD Creating a driver for WIFI AR9485

Hi, I would like to get my pci wireless card running.

#pcictl pci0 list -N
002:00:0: Atheros Communications AR9485 Wireless LAN (miscellaneous network, revision 0x01)

I was going to use modload(8) for testing the driver. What do you believe would be the best template in the examples to use as a base and start from there.

Main reason for using modload is that compiling the kernal takes a long time and using modload(8) will help speed up compiling and testing.

$ uname -a
NetBSD 9.3 NetBSD 9.3 (GENERIC) #0: Thu Aug 4 14:30:37 UTC 2022 [email protected]:/usr/src/sys/arch/amd64/compile/GERNERIC amd64

Any hints by NetBSD driver writers most appreciated

FreeBSD Atheros 9485 Driver
Thanks


September 17, 2022

Pullup 9 [pullup-9 #1531] [[email protected]: CVS commit: src/libexec/ld.elf_so/arch/powerpc]
Pullup 9 [pullup-9 #1530] nist_hasd_drbg kUBSan

September 16, 2022

Pullup 8 [pullup-8 #1766] x86 procfs update
Pullup 8 [pullup-8 #1765] accept USB 3.2
Pullup 8 [pullup-8 #1764] mfii(4) update

September 15, 2022

UnitedBSD netbsd as a daily driver and issues

Hello all,
I have setup NetBSD on my VMs and on an old laptop.
Now my question is: is anybody using it as a daily driver?
Because nowadays when working in IT tools like slack, zoom, teams and others seem to be at the base of remote working, unfortunately.

How do you solve these issues?

Can you share some ideas?


September 14, 2022

Pullup pkgsrc [pullup-pkgsrc #6671] Security fix for textproc/libxslt

September 07, 2022

Pullup pkgsrc [pullup-pkgsrc #6670] [[email protected]: CVS commit: pkgsrc/www]

August 30, 2022

Super User FreeBSD kernel image with built-in application

I have experienced creating a FreeBSD kernel image but is there a way to include an application, for example an SQlite database in the image? What I want to achieve is to package the application in the image build as one.


August 29, 2022

Ruben Schade Running Unix commands in real life

This was a fun mental experiment, via nixCraft.

By Ruben Schade in Sydney, 2022-08-30.


August 28, 2022

Pullup pkgsrc [pullup-pkgsrc #6669] pullup-request: databases/ldb

August 27, 2022

DragonFly BSD Digest In Other BSDs for 2022/08/27

Catchup since I was on the road last week.

 

 


August 20, 2022

DragonFly BSD Digest In Other BSDs for 2022/08/20

Done while on the road.


August 18, 2022

Ruben Schade Setting up Minecraft, for absolute beginners

There’s a David Bowie reference in there somewhere. I’ve received more feedback about Minecraft than any other post over the last few months, mostly asking the same questions about how to get started. I hope this post is useful!

The different versions

Minecraft comes in two broad versions, the names of which have changed over time to make life confusing!

Buying the game

Since Microsoft purchased Minecraft’s developer Mojang, you need a Microsoft account to buy and play it. I’ll admit, this is the most frustrating part of configuration.

To buy the game:

  1. Create a Microsoft account. Even if you make a disposable one just to play Minecraft, keep the details handy. Microsoft do not care if you lose access. Ask me how I know this!

  2. Buy the game from Minecraft.net. Click Get Minecraft, choose Computer, sign in with your Microsoft account, then buy.

  3. Download the Java version. It should auto-detect your OS and provide the correct launcher.

Running the game

Once you’ve bought, downloaded, and installed the game on each device you want to play on, the launcher will prompt you for your Microsoft account details. After this, you don’t need to interact with Microsoft anymore.

This lets you run a world on your local machine, and is a great introduction to the game mechanics. If you only intend to run a world for yourself, you’re basically set from here.

Let me know if you’re interested in a basic introduction about how to play Minecraft, but honestly half the fun is learning how to craft and survive yourself!

Running a server

When you’re ready to share a world between players, you can run your own server. It can be on the same machine as one of your players, or a dedicated box. I prefer the latter, because it doesn’t chew up local resources, and is easier to backup.

I’ve written how to do this on FreeBSD, NetBSD, and OpenBSD, but the broad steps that are applicable to all platforms are:

  1. Download an OpenJDK. As of writing, you need Java 1.17 or above. The server will inform you if this has changed when you try to launch.

  2. Download the Java Minecraft server. It’s free, and available from the Minecraft site.

  3. Launch the server as per the instructions on the above site.

  4. From the Minecraft launcher on your local machines, choose Multiplayer and enter the IP address of your server.

The server is self-contained in a folder, so it’s easy to backup or transfer to another machine, even one running a different OS. I run Minecraft on FreeBSD, but I copied across to my Mac when Clara and I travel so we can play on the go. The alternative could be running on a cloud instance or a VPS with a VPN.

Where to go from here

Minecraft is one of those games that can be as simple or complicated as you want. I really encourage new players to get used to the game before going wild with mods and addons, as I did. Confusion isn’t fun.

I detailed the extensions and tooling we use in an earlier post, but here are some in brief:

You should also support the plugin developers with donations if you find their stuff useful.

That’s it for now, happy Minecrafting! Just be warned, this is the most addictive and fun game I’ve ever played.

By Ruben Schade in Sydney, 2022-08-18.


August 17, 2022

Server Fault Linux IP command convert to BSD

What is below IP command to BSD replication?

ip -6 route add local 2a00:f10:500::/48 dev lo
Ruben Schade NetBSD 9.3 and whimsy

This was my favourite addition to the release notes:

luna68k - make kernel messages green to match other ports and show off color support.

NetBSD is a professional operating system, but I also love a bit of whimsy. Same goes for OpenBSD’s songs and art for each release.

NetBSD have also long had an RSS feed available for their release announcements. I tend to read mailing lists for this sort of information, but I welcome anything to make these more accessible.

By Ruben Schade in Sydney, 2022-08-17.


August 13, 2022

DragonFly BSD Digest In Other BSDs for 2022/08/13

The last link has some interesting applications to try.


August 11, 2022

DragonFly BSD Digest BSD Now 467: Minecraft on NetBSD

This week’s BSD Now has a bunch of how-to-do-this links, as you might guess from the headline.


August 06, 2022

OS News NetBSD 9.3 released

NetBSD 9.3 has made it into the wild.

Aside from many bug fixes, 9.3 includes backported improvements to suspend and resume support, various minor additions of new hardware to existing device drivers, compatibility with UDF file systems created on Windows 10, enhanced support for newer Intel Gigabit Ethernet chipsets, better support for new Intel and AMD Zen 3 chipsets, support for configuring connections to Wi-Fi networks using sysinst(8), support for wsfb-based X11 servers on the Commodore Amiga, and minor performance improvements for the Xen hypervisor.

A solid set of improvements for a point release.

NetBSD Blog NetBSD 9.3 released

The NetBSD Project is pleased to announce NetBSD 9.3, the third release from the NetBSD 9 stable branch.

It represents a selected subset of fixes deemed important for security or stability reasons since the release of NetBSD 9.2 in May 2021, as well some enhancements backported from the development branch. It is fully compatible with NetBSD 9.0. Users running 9.2 or an earlier release are strongly recommended to upgrade.

Aside from many bug fixes, 9.3 includes backported improvements to suspend and resume support, various minor additions of new hardware to existing device drivers, compatibility with UDF file systems created on Windows 10, enhanced support for newer Intel Gigabit Ethernet chipsets, better support for new Intel and AMD Zen 3 chipsets, support for configuring connections to Wi-Fi networks using sysinst(8), support for wsfb-based X11 servers on the Commodore Amiga, and minor performance improvements for the Xen hypervisor.

The general NetBSD community is very excited about NetBSD 10.0, but it was deemed necessary to make this bug fix release available while we wait for the resolution of some compatibility problems in NetBSD-current concerning FFS Access Control Lists preventing the netbsd-10 release.

Full release notes, including download links


August 04, 2022

The NetBSD Foundation NetBSD 9.3 release

August 03, 2022

Server Fault ssh tunnel refusing connections with "channel 2: open failed"

All of a sudden (read: without changing any parameters) my netbsd virtualmachine started acting oddly. The symptoms concern ssh tunneling.

From my laptop I launch:

$ ssh -L 7000:localhost:7000 [email protected] -N -v

Then, in another shell:

$ irssi -c localhost -p 7000

The ssh debug says:

debug1: Connection to port 7000 forwarding to localhost port 7000 requested.
debug1: channel 2: new [direct-tcpip]
channel 2: open failed: connect failed: Connection refused
debug1: channel 2: free: direct-tcpip: listening port 7000 for localhost port 7000, connect from 127.0.0.1 port 53954, nchannels 3

I tried also with localhost:80 to connect to the (remote) web server, with identical results.

The remote host runs NetBSD:

bash-4.2# uname -a
NetBSD host 5.1_STABLE NetBSD 5.1_STABLE (XEN3PAE_DOMU) #6: Fri Nov  4 16:56:31 MET 2011  root[email protected]-thank-me-later:/m/obj/m/src/sys/arch/i386/compile/XEN3PAE_DOMU i386

I am a bit lost. I tried running tcpdump on the remote host, and I spotted these 'bad chksum':

09:25:55.823849 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 67, bad cksum 0 (->3cb3)!) 127.0.0.1.54381 > 127.0.0.1.7000: P, cksum 0xfe37 (incorrect (-> 0xa801), 1622402406:1622402421(15) ack 1635127887 win 4096 <nop,nop,timestamp 5002727 5002603>

I tried restarting the ssh daemon to no avail. I haven't rebooted yet - perhaps somebody here can suggest other diagnostics. I think it might either be the virtual network card driver, or somebody rooted our ssh.

Ideas..?


July 13, 2022

Unix Stack Exchange How to use gphoto2 to access emulated mtp on QEMU NetBSD guest

I was able to emulate a usb-mtp device in How to emulate usb-mtp device with virt-manager? but when I try to access the folder share/device with gphoto2 in debug mode it hangs and I get:

gp_port_set_error [gphoto2-port.c:1190](0): Could not query kernel driver of device

I don't know if this has to do with libvirt sandboxing or permissions issue on the shared directory. I get the same behavior and error when the shared directory and files within are owned by me or libvirt-qemu. The command line I'm using is (usb id changes each boot so command line changes to fit):

sudo env LANG=C gphoto2 --camera "QEMU Virtual MTP" --port usb:003,002 --list-files --debug --debug-logfile=mtplog2

Here is the full log output: https://pastebin.com/hA94Zm4N

GVFS and glib2 (provides gio) is uninstalled. I gathered that GVFS could interfere with mtp if it's in use at the same time and I uninstalled glib2 for good measure as I'm not sure if gio interferes too. sudo fstat didn't show either one, but I don't know what to look for since the usb-mtp device is ugen0 which is part of a hub which is then /dev/usb3 and all don't show up in fstat.

Stack Overflow How to build netbsd based mobile os [closed]

I'm searching for way to start my own project I wanna build a mobile os based on netbsd I will use netbsd ARM kernel to make my own SoC Os could you give a resources and tools to get started


June 30, 2022

Frederic Cambus Toolchains adventures - Q2 2022
My continuous journey into toolchains, in the second quarter of 2022

This is the fifth post in my toolchains adventures series. Please check the previous posts in the toolchains category for more context about this journey.

In Pkgsrc land, I updated mold to the 1.2, 1.2.1, and 1.3 versions, and pax-utils to the 1.3.4 one. I also added a z3 option to our llvm and clang packages to allow building them against the Z3 theorem prover. When both lang/llvm and lang/clang are built with the z3 option enabled, the Z3 constraint solver is activated for the Clang static analyzer. This option is not enabled by default. I wrote a blog post showing how to use Z3 as an external solver and to do refutation to filter out false positives.

While I mention static analysis, I’ve been extremely impressed with the progress of the GCC’s static analysis framework. It was introduced in GCC 10, and a major rewrite occurred in GCC 11. It now generates significantly less false positives, and found some valid memory leaks on error paths in libansilove 1.30, which the Clang static analyzer didn’t catch.

Regarding the NetBSD base system, I started evaluating what it would take to upstream our local binutils patches. The version we have in NetBSD’s src repository is binutils 2.34 (released in February 2020), and diffing our tree with the release tarball results in a 4310 lines diff, touching 163 files with 1404 insertions and 186 deletions.

For each of these changes, we need to dig into version control history to find why they were needed in the first place, verify if they are still needed, and if so potentially rework them to meet upstream coding standards. This requires an understanding of the problem domain to be able to explain the rationale behind the changes while submitting patches and writing relevant commit messages.

While some of those patches are NetBSD specific, we still need to ensure we are not breaking other operating systems. Ultimately, vanilla binutils should be able to produce working binaries on NetBSD without requiring any local patches. Once this goal is reached, we need to ensure it keeps building, investigate test suite failures, and setup buildbots for continuous builds on key architectures.

On the LLVM side, I managed to do a couple of commits as well to add libclang_rt.profile{{.*}}.a tests for both OpenBSD and NetBSD in the Clang driver test suite.

Lastly, I also wrote a couple of blog posts about various topics:

That’s all for now, happy Summer 2022 everyone!

LLVM commits:

2022-06-27 aa89bb3 [Driver][test] Add libclang_rt.profile{{.*}}.a tests for NetBSD
2022-06-26 2ff4fb6 [Driver][test] Add libclang_rt.profile{{.*}}.a tests for OpenBSD
2022-06-24 a129a37 [clang] Update Clang version from 14 to 15 in scan-build.1

June 27, 2022

Unix Stack Exchange Issues starting headless installation of NetBSD in VirtualBox

On a headless Ubuntu 22.04 machine, I'd like to start a headless installation of NetBSD 9.2 in VirtualBox.

I have a prepared virtual machine with a set of blank disk images attached, as well as with the bootable NetBSD installation CD attached to the CDROM drive.

My idea was to perform the installation over the serial port, using minicom, but I'm unable to get the installation to switch over to use the serial console.

I'm starting the machine with

VBoxManage startvm netbsd --type=headless

Then I try to get it to switch over the console to the serial port:

VBoxManage controlvm netbsd keyboardputfile boot.conf

... where boot.conf is a file containing a line of text saying consdev com0, which is what you would type on the NetBSD boot prompt to switch to the serial console.

I know NetBSD's serial console is set up to use 9600 8N1, which is what I have minicom configured to use, and I have set up the serial port on the virtual machine like so:

UART 1:                      I/O base: 0x03f8, IRQ: 4, attached to pipe (server) '/tmp/netbsd.pipe', 16550A

I start minicom using

minicom -D 'unix#/tmp/netbsd.pipe'

I successfully use the serial console on another virtual machine in an identical way, and I can see the status in minicom switch from "Offline" to "Online" as soon as the NetBSD machine turns on, but there is no output in minicom.

Can anyone see what the issue is and how I would go about fixing it? I know the alternative would be to PXE boot the machine, but I was hoping to be able to avoid doing that (as I don't netboot anything else at the moment).


June 24, 2022

Unix Stack Exchange What is the most native way to generate desktop notification in BSD unixes

macOS has its "osascript" with "display notification", Linux has its "notify-send". Both are the most native way to generate DE notifications. What is the most native way to generate desktop notification in BSD unixes?


June 21, 2022

Frederic Cambus Clang Static Analyzer and the Z3 constraint solver
Notes on using the Z3 constraint solver with the Clang Static Analyzer

As far as static analyzers are concerned, one of the most important point to consider is filtering out false positives as much as possible, in order for the reports to be actionable.

This is an area on which Coverity did an excellent job, and likely a major reason why they got so popular within the open source community, despite being a closed-source product.

LLVM has the LLVM_ENABLE_Z3_SOLVER build option, which allows building LLVM against the Z3 constraint solver.

It is documented as follow:

LLVM_ENABLE_Z3_SOLVER:BOOL
    If enabled, the Z3 constraint solver is activated for the Clang static analyzer.
    A recent version of the z3 library needs to be available on the system.

The option is enabled in the Debian 11 package (clang-tools-11), but not in Fedora 36 or Ubuntu 22.04 ones. I added a build option (not enabled by default) to the llvm and clang packages in Pkgsrc, and successfully built Z3 enabled packages on NetBSD.

For Pkgsrc users, add the following in mk.conf, and build lang/clang:

PKG_OPTIONS.llvm=	z3
PKG_OPTIONS.clang=	z3

There are two ways of using Z3 with the Clang Static Analyzer, and to demonstrate them, let’s reuse the small demo snippet from the SMT-Based Refutation of Spurious Bug Reports in the Clang Static Analyzer paper.

unsigned int func(unsigned int a) {
	unsigned int *z = 0;

	if ((a & 1) && ((a & 1) ^1))
		return *z; // unreachable

	return 0;
}

For each method, we can use Clang directly on a given translation unit or use scan-build.

The first way is using Z3 as an external constraint solver:

$ clang --analyze -Xanalyzer -analyzer-constraints=z3 main.c

$ scan-build -constraints z3 clang -c main.c
scan-build: Using '/usr/lib/llvm-11/bin/clang' for static analysis
scan-build: Analysis run complete.
scan-build: Removing directory '/tmp/scan-build-2022-06-21-171854-18215-1' because it contains no reports.
scan-build: No bugs found.

This is a lot slower than the default, and the commit which documented the feature mentions a ~15x slowdown over the built-in constraint solver.

The second way is using the default range based solver but having Z3 do refutation to filter out false positives, which is a lot faster:

$ clang --analyze -Xanalyzer -analyzer-config -Xanalyzer crosscheck-with-z3=true main.c

$ scan-build -analyzer-config crosscheck-with-z3=true clang -c main.c
scan-build: Using '/usr/lib/llvm-11/bin/clang' for static analysis
scan-build: Analysis run complete.
scan-build: Removing directory '/tmp/scan-build-2022-06-21-171924-18226-1' because it contains no reports.
scan-build: No bugs found.

Again, no bugs found. How boring.

We can verify what happens if we run the analyzer without involving Z3 at all:

$ clang --analyze main.c
main.c:5:9: warning: Dereference of null pointer (loaded from variable 'z') [core.NullDereference]
        return *z; // unreachable
               ^~
1 warning generated.

We get a false positive, because the default constraint solver cannot reason about bitwise operations (among other things), and report an unreachable NULL pointer dereference.


June 09, 2022

Super User How to use "mount_smbfs" on NetBSD to connect to a samba file server on a non-root Samba server

I have a RHEL 8.6 machine, and I'm setting up a samba file server using port 1445 so I can start the server as a non-root user. The server is working locally, as I can run smbclient -p 1445 //localhost/share to connect to it. I am also running a QEMU NetBSD 8.2 VM, and I'm attempting to connect to the samba share using the following:

mount_smbfs -I <machine IP> //[email protected]<machine IP>:1445 mount_dir/

However, I get a "connection refused" error when I try to access it.

If I remove smb ports = 1445 from the configuration file and start the Samba daemon as root, I can connect to it from NetBSD, but I'd like to be able to host a working Samba server as non-root.

I thought perhaps if I mapped port 139 on NetBSD to 1445 on RHEL with QEMU, that would solve things (using the -net user,hostfwd=tcp::1445-:139 to QEMU), but I haven't had any luck there.

I do notice that if I do an nmap localhost when starting the Samba server as non-root, port 1445 doesn't show up as being open.

What might be going on here?


May 22, 2022

NetBSD Blog Announcing Google Summer of Code 2022 projects

Google Summer of Code logo The NetBSD Foundation has finalized the list of projects for this year’s Google Summer of Code. The contributors and projects are the following:

The community bonding period has already started (from May 20) and it will last until June 12. During this time, the contributors are expected to coordinate with their mentors and community.

This will be immediately followed by the coding period from June 13 to September 4. After which, the contributors are expected to submit their final work, evaluate their mentors, and get evaluated by their mentors as well. Results will be announced on September 20.

For more information about the Google Summer of Code 2022 kindly refer to the official GSoC website.

We would like to express our gratitude to Google for organizing the yearly GSoC, and to The NetBSD Foundation mentors and administrators for their efforts and hardwork!

Let us welcome all the contributors to our growing NetBSD community!


May 19, 2022

Super User Solaris 8 X11 binaries generate segmentation violations on NetBSD

All,

Recently, I've been trying to get the Solaris 8 versions of xterm and xauth working on NetBSD from an ssh client with X11 forwarding, but both binaries seem to generate segmentation violations immediately. I ran a ktrace on both programs to try to figure out what happened, and the last few lines of output for both programs look like this:

...
   571      1 xclock   compat_20_getfsstat(0xedefa018, 0xefffede4) Err#2 ENOENT
   571      1 xclock   compat_50_getrusage(0xedefa000, 0x1000) = 0
   571      1 xclock   #115 (obsolete vtrace)(0, 0x1000, 0x7, 0x80000102, 0xffffffff, 0) = -303063040
   571      1 xclock   compat_50_getrusage(0xedee4000, 0x1000) = 0
   571      1 xclock   break(0x25850)              = 0
   571      1 xclock   break(0x27850)              = 0
   571      1 xclock   break(0x27850)              = 0
   571      1 xclock   break(0x29850)              = 0
   571      1 xclock   break(0x29850)              = 0
   571      1 xclock   break(0x2b850)              = 0
   571      1 xclock   compat_43_otruncate(0x5, 0xeffff3a0) = 0
   571      1 xclock   shmdt(0x2, 0x2, 0)          = 3
   571      1 xclock   modctl(0x3, 0x6, 0x1, 0xeffff39c, 0x4) = 0
   571      1 xclock   modctl(0x3, 0xffff, 0x8, 0xeffff398, 0x4) = 0
   571      1 xclock   break(0x2b850)              = 0
   571      1 xclock   break(0x2d850)              = 0
   571      1 xclock   open("/emul/svr4/etc/netconfig", 0, 0x1b6) = 4
   571      1 xclock   #217 (unimplemented)(0x4, 0xefffebb0) = 0
   571      1 xclock   ioctl(0x4, _IO('T',0x1,0), 0xefffeb3c) Err#-4
   571      1 xclock   read(0x4, 0x2b9a4, 0x400)   = 1024
       "#pragma ident\t"@(#)netconfig\t1.16\t99/10/25 SMI"\n#\n# The "Network Configuration" File.\n#\n# Each entry is of the form:\n#\n#       <network_id> <semantics> <fl"
   571      1 xclock   SIGSEGV SIG_DFL

I noticed that the ioctl call is failing; could this be a reason for failure here?

I also ran ktrace on the NetBSD versions of xclock and xterm to see if there were any similarities, and the most similar samples of output I could find were the following:

...
   604      1 xclock   __stat50("/etc/nsswitch.conf", 0xefffeed8) = 0
   604      1 xclock   open("/etc/nsswitch.conf", 0x400000, 0x1b6) = 3
   604      1 xclock   __fstat50(0x3, 0xefffeb70)  = 0
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 621
       "#\t$NetBSD: nsswitch.conf,v 1.6 2009/10/25 00:17:06 tsarna Exp $\n#\n# nsswitch.conf(5) -\n#\tname service switch configuration file\n#\n\n\n# These are the default"
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 0
...
   604      1 xclock   open("/etc/hosts", 0x400000, 0x1b6) = 3
   604      1 xclock   __fstat50(0x3, 0xefffcc38)  = 0
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 831
       "#\t$NetBSD: hosts,v 1.9 2013/11/24 07:20:01 dholland Exp $\n#\n# Host name database.\n#\n# This file contains addresses and aliases for local hosts whose names\n# n"
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 0
       ""
   604      1 xclock   close(0x3)                  = 0

Because of this, I suspect the reason might lie in some of the Solaris 8 files that I copied over to the NetBSD virtual machine (e.g. /etc/netconfig), but I'm unsure. Could these files be the reason why none of the Solaris 8 X11 binaries function correctly on NetBSD?


May 17, 2022

OS News My unholy battle with a Rock64

I’ve got this rock64, which is an aarch64 board comparable to a Raspberry Pi 3 B+ with 4 gigs of ram. For years I’ve wanted to put a distribution on here that doesn’t have a premade image available, mainly because out of all the options on that page I don’t actually like any of them. Well, except NetBSD, but NetBSD doesn’t have GPU drivers for it. Problem is, everything I do want to use provides rootfs tarballs and tells you to figure it out. To do that I’ve got to get a Linux kernel, track down the device trees so it knows what hardware it has, and then wrangle u-boot into actually booting the whole thing. I figured that would be the hard part; little did I know the depths that Single Board Computer Hell would reach.

Unlike x86, ARM is far, far from a standardised platform. The end result of this is that unless you can find tailor-made images specific for your particular ARM board, you’re gonna have to do a lot of manual labour to install an operating system that should work.


May 16, 2022

Stack Overflow Solaris 8 X11 binaries generate segmentation violation on startup on NetBSD 8.2 [closed]

Edit: This question has also been posted on SuperUser.

All,

Recently, I've been trying to get the Solaris 8 versions of xterm and xauth working on NetBSD from an ssh client with X11 forwarding, but both binaries seem to generate segmentation violations immediately. I ran a ktrace on both programs to try to figure out what happened, and the last few lines of output for both programs look like this:

...
   571      1 xclock   compat_20_getfsstat(0xedefa018, 0xefffede4) Err#2 ENOENT
   571      1 xclock   compat_50_getrusage(0xedefa000, 0x1000) = 0
   571      1 xclock   #115 (obsolete vtrace)(0, 0x1000, 0x7, 0x80000102, 0xffffffff, 0) = -303063040
   571      1 xclock   compat_50_getrusage(0xedee4000, 0x1000) = 0
   571      1 xclock   break(0x25850)              = 0
   571      1 xclock   break(0x27850)              = 0
   571      1 xclock   break(0x27850)              = 0
   571      1 xclock   break(0x29850)              = 0
   571      1 xclock   break(0x29850)              = 0
   571      1 xclock   break(0x2b850)              = 0
   571      1 xclock   compat_43_otruncate(0x5, 0xeffff3a0) = 0
   571      1 xclock   shmdt(0x2, 0x2, 0)          = 3
   571      1 xclock   modctl(0x3, 0x6, 0x1, 0xeffff39c, 0x4) = 0
   571      1 xclock   modctl(0x3, 0xffff, 0x8, 0xeffff398, 0x4) = 0
   571      1 xclock   break(0x2b850)              = 0
   571      1 xclock   break(0x2d850)              = 0
   571      1 xclock   open("/emul/svr4/etc/netconfig", 0, 0x1b6) = 4
   571      1 xclock   #217 (unimplemented)(0x4, 0xefffebb0) = 0
   571      1 xclock   ioctl(0x4, _IO('T',0x1,0), 0xefffeb3c) Err#-4
   571      1 xclock   read(0x4, 0x2b9a4, 0x400)   = 1024
       "#pragma ident\t"@(#)netconfig\t1.16\t99/10/25 SMI"\n#\n# The "Network Configuration" File.\n#\n# Each entry is of the form:\n#\n#       <network_id> <semantics> <fl"
   571      1 xclock   SIGSEGV SIG_DFL

I noticed that the ioctl call is failing; could this be a reason for failure here?

I also ran ktrace on the NetBSD versions of xclock and xterm to see if there were any similarities, and the most similar samples of output I could find were the following:

...
   604      1 xclock   __stat50("/etc/nsswitch.conf", 0xefffeed8) = 0
   604      1 xclock   open("/etc/nsswitch.conf", 0x400000, 0x1b6) = 3
   604      1 xclock   __fstat50(0x3, 0xefffeb70)  = 0
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 621
       "#\t$NetBSD: nsswitch.conf,v 1.6 2009/10/25 00:17:06 tsarna Exp $\n#\n# nsswitch.conf(5) -\n#\tname service switch configuration file\n#\n\n\n# These are the default"
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 0
...
   604      1 xclock   open("/etc/hosts", 0x400000, 0x1b6) = 3
   604      1 xclock   __fstat50(0x3, 0xefffcc38)  = 0
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 831
       "#\t$NetBSD: hosts,v 1.9 2013/11/24 07:20:01 dholland Exp $\n#\n# Host name database.\n#\n# This file contains addresses and aliases for local hosts whose names\n# n"
   604      1 xclock   read(0x3, 0xed61d000, 0x4000) = 0
       ""
   604      1 xclock   close(0x3)                  = 0

Because of this, I suspect the reason might lie in some of the Solaris 8 files that I copied over to the NetBSD virtual machine (e.g. /etc/netconfig), but I'm unsure. Could these files be the reason why none of the Solaris 8 X11 binaries function correctly on NetBSD?


May 13, 2022

Julio Merino Remembering Buildtool
Build systems are one of my favorite topics in software engineering. If I recall correctly, my interest in this area started when I got into NetBSD in 2002—20 years ago—and became a pkgsrc contributor. Packaging software for NetBSD made me fight various build systems and, in particular, experience the pains of debugging the GNU Autotools. Around that same time, I was also writing small tools here and there. Out of inertia, I used the GNU Autotools for these and, the more I used them, the more I saw an opportunity for improvement.

May 12, 2022

Frederic Cambus Customizing NetBSD boot banners

I recently discovered that it’s surprisingly easy to customize the NetBSD boot loader banner, simply by adding some directives in the boot.cfg configuration file.

Here is the relevant part of the boot.cfg(5) manual page:

     banner   The text from banner lines is displayed instead of the standard
              welcome text by the boot loader.  Up to 12 lines can be defined.
              No special character sequences are recognised, so to specify a
              blank line, a banner line with no value should be given.

Back in 2014, I published some NetBSD ASCII logos to be used as motd or as /etc/issue, but they are higher than 12 lines so using them would either require raising the allowed lines limit (likely not a good idea), or resizing them. I then remembered I had requested some Amiga style logos for Linux and *BSD, which were released by h7 in Break’s second artpack in 2013.

So we can simply append this in /boot.cfg:

banner=         _______ ______       ___      _________  ____       __________
banner=__ _____/      //    _/___ __/   \_____\__     /_/  _//______\___     /\_______
banner=--/   _ \     //    _/    \\      _/    |/_   /\______    /    |/    /  \- -- -
banner=_/     \      \     \     //      \     |_/    /    |/    \    /     \  /
banner=\______/      /\_____\_____\______/\____      //    : ____/____      /\/
banner= \     \_____/  \     \     \     \ \  \_____/ \______/\  \   \_____/  \
banner=h7\_____\    \  /\___________\_____\/\__\    \  \     \ \______\    \dS!
banner=------ - \____\/ - --( n e t b s d )-- - \____\/ \_____\/ - --- \____\/ -------

And enjoy some stylish Amiga ASCII art after the next reboot:

         _______ ______       ___      _________  ____       __________
__ _____/      //    _/___ __/   \_____\__     /_/  _//______\___     /\_______
--/   _ \     //    _/    \\      _/    |/_   /\______    /    |/    /  \- -- -
_/     \      \     \     //      \     |_/    /    |/    \    /     \  /
\______/      /\_____\_____\______/\____      //    : ____/____      /\/
 \     \_____/  \     \     \     \ \  \_____/ \______/\  \   \_____/  \
h7\_____\    \  /\___________\_____\/\__\    \  \     \ \______\    \dS!
------ - \____\/ - --( n e t b s d )-- - \____\/ \_____\/ - --- \____\/ -------

     1. Boot normally
     2. Boot single user
     3. Drop to boot prompt

Choose an option; RETURN for default; SPACE to stop countdown.
Option 1 will be chosen in 2 seconds.

Lastly, here is the PNG version converted with Ansilove, in full Topaz glory:

NetBSD ASCII Logo


May 10, 2022

Stack Overflow SSH to NetBSD 8.2 guest with X11 gives "X11 forwarding request failed on channel 0" [closed]

All,

I'm trying to set up SSH X11 forwarding from a NetBSD 8.2 VM (running via QEMU) to a Ubuntu 20.04 host. When I attempt to ssh -X into the machine, the $DISPLAY variable is not set and I get an error message: "X11 forwarding request failed on channel 0". The following are pertinent environment details:

If I run ssh -v, then the relevant X11 output I get is the following:

Authenticated to localhost ([127.0.0.1]:10022).
debug1: channel 0: new [client-session]
debug1: Requesting [email protected]
debug1: Entering interactive session.
debug1: pledge: exec
debug1: client_input_global_request: rtype [email protected] want_reply 0
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
X11 forwarding request failed on channel 0

what could be possible reasons for this?

The NetBSD Foundation New Security Advisory: NetBSD-SA2022-001