I've seen that the m68k architecture is still supported by NetBSD. I have a few questions:
Thanks in advance for any answers.
Is there a problem to use NetBSD in my personal PC?
Hello,
I have a NetBSD 10 vm on which I recompiled the kernel to allow virtio-9p.
I'm trying to do some software development for NetBSD, but from my Linux editor and decided to use 9p develop on Linux but from a terminal build and run on NetBSD.
I was able to mount the 9p share with.
mount_9p -cu /dev/vio9p0 /mnt/9p
I had to use the pass-through access mode to be able to write files from the guest, it is not secure, but for pure dev environnement, I accept that.
So I have something working, however I mounted the share inside the guest as root and because 9p does not handle permission, I cannot access the share with a normal user.
I've seen that NetBSD allows users mounts as long as the user have read access, but
mount_9p: puffs_mount: cannot open `/dev/puffs'
mount_9p: puffs_mount: mount_9p: puffs_daemon: Permission denied
Permission denied
I read that user can mount with read access to devices.
How do I give myself access ?
Is chmod in /dev/puffs "OK".
My user is in the wheel group allowing me group access, put /dev/puffs has lrwx------
access rights.
Cheers.
Back by popular demand! Wait, don’t interrogate that.
NetBSD’s pkgsrc has more packages than my cupboard.
I’ve inexplicably lived in two Australian suburbs called $Foo
Lakes. But not in the lakes themselves.
My eyes are slightly green, but mostly brown. I’d look at them closely, but, you know, I’m looking through them.
Clara is amazing, and I feel very lucky. 🧀
Most of my personal OpenZFS datasets and FreeBSD jails are named for Hololive characters, which has made homelab sysadmin work needlessly difficult. Totally worth it.
I can’t stand jeans or shorts, unless I’m swimming. And even then, jeans just get waterlogged.
My three favourite coffee shops of all time no longer exist. But on the positive side, one of the worst ones I’ve ever been to is gone as well.
Bad coffee makes me sneeze.
By Ruben Schade in Sydney, 2024-09-07.
After covering setting up your own CDN with both FreeBSD and OpenBSD, it’s now time to learn how to set up your own CDN wit NetBSD.
This article is a spin-off from a previous post on how to create a self-hosted CDN, but this time we’ll focus on using NetBSD. NetBSD is a lightweight, stable, and secure operating system that supports a wide range of hardware, making it an excellent choice for a caching reverse proxy. Devices that other operating systems may soon abandon, such as early Raspberry Pi models or i386 architecture, are still fully supported by NetBSD and will continue to be so. Additionally, NetBSD is an outstanding platform for virtualization (using Xen or qemu/nvmm) and deserves more attention than it currently receives.
↫ Stefano Marinelli
All the same from my previous post still applies, and it’s a great thing that Marinelli covers all three of the major BSDs (so far). If you want to run your own CDN on BSD, you can now make a pretty informed decision on which BSD best suits your needs.
Could some users of the above BSDs post here what's the value for kern.argmax
on their system and the OS version they are running?
Thank you!
No need to post for NetBSD.
My primary portable machine is a first-generation M1 MacBook Air, as I’ve posted here a few times. I need to edit Microsoft Office documents for work, and I don’t want to deal with the hassle of Windows in a VM, or dedicated hardware. I’ve also been a Mac user (albeit not exclusively) for more than 20 years, and have all the usual tricks, scripts, and muscle memory one accumulates.
Apple’s software quality has famously nosedived in the last few years, with the die-hard fans its most vocal critics. UI regressions, dropped features, bad design, flaky performance, and abandonment of wonderful tools like Aperture don’t put macOS at the level of Windows, though it seems Cupertino are hell-bent at making this convergence happen.
I’m more conflicted on the hardware side. Apple’s kit is more sealed, locked down, and hostile to repair than it’s ever been; so much so that I use my 1985 Apple //e Platinum or 2001 Power Mac G4 and am shocked I’m using the same company’s kit! On notebooks we’ve gone from having user-serviceable batteries, memory, drives, and power inverters, to… none of those things. I’ve likened it to feeling like a guest in my own home, and completely at the mercy of limited warranty periods.
Which is shame, because the hardware is good. Every PC laptop I use/fix/test feels like a massive downgrade. They’re twice the weight, have half the screen resolution, get warm during extended use, have rubbish plastic construction, and aside from standouts like the ThinkPad, have mediocre keyboards. The fact PC manufacturers generally can’t match screens Apple released more than a decade ago used to be silly; now it’s just embarrassing.
This MacBook Air is three years old. Work keeps offering to upgrade it for me, but I see no need. Aside from maybe some more memory, there isn’t anything better or more compelling in the newer models for my use case. I’m not left wanting with anything I do on this machine, whether it’s firing up a few VMs, editing an unholy Excel or LibreOffice sheet, writing blog posts or code, or using Ansible to install or maintain deployments for myself or customers. This machine comes out of sleep instantly, and runs all I want without breaking a sweat. From a financial, ewaste, and logistical perspective, I’ll be happy using this thing until the day macOS is no longer supported… and maybe even then, there’s Asahi Linux.
I’ve kind of reached this happy point where I have a day-to-day MacBook Air, a FreeBSD/Fedora workstation/game machine at home, a tiny Japanese Let’s Note running NetBSD as my “on call” laptop, and a mini home server cluster for odd jobs, backups, and media delivery. I hold out hope that maybe one day the upgrade for the work machine will be something like the Framework, but for all its positives, I’m not sure it’d feel like an upgrade right now.
It does make me wonder what Apple would have to release for me to want to get something new. It’s a weird way of thinking for a guy who used to obsess over MacWorld and WWDC, dreaming about the PowerBook that would be so much more epic than my lowly iBook G3. I’d love a celluar modem to stop the need to constantly tether when I’m out on the (rail)road, but that’s honestly about it.
By Ruben Schade in Sydney, 2024-09-03.
Thanks to open source, no technology ever has to become obsolete, so long as a community remains to support it. You can sync Newtons and Palm Pilots with modern desktops, download web browsers for long-discontinued operating systems, or connect vintage computers like the Apple IIe to the modern internet via WiFi. Every year, new cartridges are released for old-school video game consoles like the Nintendo Entertainment System and Game Boy.
People keep old software and online platforms alive as well. The Dreamwidth team forked an old version of the early social network LiveJournal’s source code and built a community around it. The dial-up bulletin board system software WWIV is still maintained and there are plenty of BBSes still around. Teams are working to restore aspects of early online services like AOL and Prodigy. And you can still use Gopher, the hypertext protocol that was — for a brief period in the early 1990s — bigger than the web.
↫ Klint Finley
Retrocomputing is about a lot of things, and I feel like it differs per person. For me, it’s a little bit of nostalgia, but primarily it’s about learning, and experiencing hardware and software I was unable to experience when they were new, either due to high cost or just general unavailability. There’s a lot to learn from platforms that are no longer among us, and often it helps you improve your skills with the modern platforms you do still use.
The linked article is right: open source is playing such a massive role in the retrocomputing community. The number of open source projects allowing you to somehow use decades-old platforms in conjunction with modern technologies is massive, and it goes far beyond just software – projects like BlueSCSI or very niche things like usb3sun highlights there’s also hardware-based solutions for just about anything retro you want to accomplish.
And we really can’t forget NetBSD, which seems to be the go-to modern operating system for bringing new life to old and retro hardware, as it often runs on just about anything. When I got my PA-RISC workstation, the HP Visualize c3750, I couldn’t find working copies of HP-UX, so I, too, opted for NetBSD to at least be able to see if the computer was fully functional. NetBSD is now a tool in my toolbox when I’m dealing with older, unique hardware.
Retrocomputing is in a great place right now, with the exception of the ballooning prices we’re all suffering from, with even successful mainstay YouTubers like LGR lamenting the state of the market. Still, if you do get your hands on something retro – odds are there’s a whole bunch of tools ready for you to make the most of it, even today.
About a week ago I noticed someone selling a working Power Mac G4 in Sydney, for local pickup only. We chatted about its condition and how best to get it from his house, and he agreed to drive to the nearest station for me. He was so nice, and it was in such great condition, I hit the Buy Now button (cough).
It turned out to be a really pleasant way to spend a Sunday. The train to his suburb took about an hour, during which time I sketched out some plans for where I’d put it, how I’d cable it into the KVM, and to reacquaint myself with the history of the machine.
The QuickSilver was the second of the three generations of G4 towers Apple released, between 2001 and 2002. I fell in love from the moment I saw one at the EpiCentre in Wheelock Place in Singapore. I spent hours playing with their display units, and spreadsheeting out whether I could ever justify or afford one. Eventually I got a Power Mac G5 to replace my aging DIY Athlon XP machine, but it wasn’t the same.
The earlier Graphite and later Mirrored Drive Door models have their charms, but I think the QuickSilver is the most beautiful desktop Apple has ever made; in both form and function. The front bezel is understated and clean, and the rear didn’t need that array of awkward ventilation holes of the more powerful MDD unit. You can also see where the legendary G4 Cube got many of its design elements.
My machine is the entry-level 733 MHz G4 model, with 128 MiB of memory and a 40 GB hard drive. The GPU is a blazing GeForce2 MX with 32 MiB of video memory, attached via AGP alongside five full-length, 64-bit PCI slots. The CPU is mounted to a daughterboard, so Apple could also release dual-CPU versions. It has a DVD-R/CD-RW SuperDrive which flips down a tidy door on the front of the case, and has a bracket for an optional Zip drive.
I previously owned a Blue and White Power Macintosh G3 which used the same logic-board-on-door design, and I remember them being such a joy to work in. This era of Apple wanted you to tinker, upgrade, and grow into your computer. It’s why I love using the Apple //e Platinum as well.
My plan is to use this machine as the ultimate Mac OS 9 box. It was the last computer line Apple sold that supported their original Macintosh OS, so it seems fitting. I’m also going to try booting NetBSD on it, in part because the PowerPC port was my first experience with BSD back in the day.
Upgrades and expansion aren’t currently on the cards, on account of buying and moving house again. But I’ll keep an eye out. In the meantime, I’m fleshing out details on the Retro Corner.
By Ruben Schade in Sydney, 2024-09-02.
#include <math.h>
int main() {
long double r;
long a = 4, b = 6;
r = atan2l(a, b);
printf("%.20Lf\n", r);
r = atan2(4, 6);
printf("%.20Lf\n", r);
r = atan2l(4, 6);
printf("%.20Lf\n", r);
}
Above code compiled with cc -lm results on NetBSD with:
0.58800260354756750392
0.58800260354756750392
0.58800260354756755124
It is not expected behaviour.
linux gives:
0.58800260354756755124
0.58800260354756750392
0.58800260354756755124
which should be normal.
Is there any siwtch to avoid NetBSD loss of precision?
Machine is Lenovo x260 with i5.
I've decided to give emwm
a try, not that I am using NetBSD predominantly on a desktop machine and using a mouse is more feasible. However, I cannot figure out where the default mwmrc
is located. I've checked the usual spots but cant seem to find it.
I've found an example mwmrc
on github and added some customisations then copied it to ~/.mwmrc
but it does not seem to be reading that file. There must be another file somewhere that it's loading.
I even tried starting emwm
with exec emwm -xrm "mwm*configFile: ~/.mwmrc"
in my ~/.xinitrc
but it still loaded up a default config.
Can someone give me some directions here?
Cheers
Recently I’ve been looking more seriously at cases like the SilverStone CS382 for Clara’s and my homelab boxes. Currently our FreeBSD Supermicro board lives in an old Antec 300, which is great for airflow, but replacing drives is a pain. Our NetBSD install still lives in an HP MicroServer Gen 8, which is starting to show its age. And the less said about my poor Debian Xen cluster, and our smattering of single-board computers, the better.
This lead me down the rabbithole of thinking… what about rackmount server cases for them? And then… what about a rack to put them in? Before long, I had a rack diagram created in LibreOffice Calc, and was planning everything from the patch panels, to how much space a smaller UPS would take, to whether Token Ring MAUs can be mounted backwards or whether I’d need a brush panel.
But I’m getting ahead of myself. Why would someone want to bring a noisy, big box from work back home?
There are many reasons, most of which boil down to it looking cool and generally being awesome. Yes, despite all the negative things going on in the tech space right now, I still ultimately love all the engineering and hardware that powers this stuff. A server rack at home the size of a bar fridge isn’t a necessary rite of passage, but it sure makes you feel more like a nerd, which is important. Well okay, it isn’t, but it should be.
There are practical considerations too. Homelab server racks consolidate all your comms, cables, and computers into one box. When you’ve got wires going all over a house, it’s so much nicer having them all terminate in the one place; especially if you can also locate your cable modem and services there too.
A full 42 RU data centre rack might be ridiculous (… or, would it be?), but various “half racks” exist with sizes ranging from 18 to 27 RU. A brand new rack can go for silly money, but they pop up on the second-hand market fairly frequently for peanuts, usually during office cleanouts. Install one of these at home, put all your stuff into them, done.
But this leads us to the elephant in the room, if it spent the entire time trumpeting. Rack mount server hardware, as delivered by the big OEMs and vendors, are extremely loud. They’re designed for high static pressure to keep the internals cool in a dense data centre setting, with little to no concern for the hapless engineers like me who had to service them. This might be fine if you can locate your homelab rack in a basement, or another room away from living areas, but apartment dwellers might not have that luxury.
The key here seems to be to go big. Larger 3 and 4 U rackable server chassis (chasii?) have physically larger fans which can draw through more air with less noise. I’ve been giving SilverStone a lot of free advertising here lately, but even some of their 2U boxes have support for 80 mm fans that you could source from the likes of Noctua or Arctic. Use PWM on these fans and control their power curves, and you’ll negate much of the issue.
I’m a while away from entertaining having one of these things; we haven’t even got the move sorted out yet! But a nerd can dream. Specifically about homelab server racks.
By Ruben Schade in Sydney, 2024-08-27.
I am trying to make this happend.
That i can have a LAN <> WiFI <> WiFi <> LAN connection using my old RasberryPI running NetBSD
Hardware side iam very satified, got som excellent pointers on the chat.
But the software side and funkonality is not making any sence for me
So how do i aproach this?
As long as computer 1 and computer 2 can freely comunicate and both can reach internet through the router i am happy
I haven’t done a post series in a long time! This is the first in one I’m dubbing my A-Z Toolbox, in which I list tools I use down the alphabet for no logical reason.
The letter A has a lot of great options, from the ubiquitous awk text processor, to the ack search tool, and Thomas Habets’ arping which helps diagnose which MAC address has been assigned what IP.
But aria2 by Tatsuhiro Tsujikawa is the clear winner for me. This download tool supports HTTP, SFTP, Metalink, BitTorrent, and even classic FTP. It can also resume broken or incomplete downloads, making it indispensable when you’re on bad connections or spotty servers.
As an example of its versatility, torrents can be downloaded with a magnet link, or a torrent file:
$ aria2c https://cdn.netbsd.org/pub/NetBSD/images/10.0/NetBSD-10.0-sparc.iso.torrent
I use fetch
if I’m starting out on a fresh BSD box, and wget
on Linux. But I very quickly install aria2. It’s just that useful.
By Ruben Schade in Sydney, 2024-08-24.
This is a new installation for a wordpress site that hasn't launched yet.
The memcached process is always at near 100% of cpu usage:
load averages: 1.93, 1.78, 1.83; up 3+22:29:29 21:49:18
31 processes: 28 sleeping, 3 on CPU
CPU states: 59.1% user, 0.0% nice, 4.0% system, 0.0% interrupt, 36.8% idle
Memory: 2069M Act, 1014M Inact, 44K Wired, 175M Exec, 2447M File, 54M Free
Swap: 512M Total, 512M Free / Pools: 279M Used / Network: 23K In, 1K Out
PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND
5770 memcache 25 0 70M 3112K CPU/0 19:11 94.58% 94.58% memcached
And memcached-tool /var/run/memcached/memcached_0.sock stats
reports
#/var/run/memcached/memcached_0.sock Field Value
accepting_conns 1
auth_cmds 0
auth_errors 0
bytes 0
bytes_read 21
bytes_written 4435
cas_badval 0
cas_hits 0
cas_misses 0
cmd_flush 0
cmd_get 0
cmd_meta 0
cmd_set 0
cmd_touch 0
conn_yields 0
connection_structures 2
crawler_items_checked 0
crawler_reclaimed 0
curr_connections 1
curr_items 0
decr_hits 0
decr_misses 0
delete_hits 0
delete_misses 0
direct_reclaims 0
evicted_active 0
evicted_unfetched 0
evictions 0
expired_unfetched 0
get_expired 0
get_flushed 0
get_hits 0
get_misses 0
hash_bytes 524288
hash_is_expanding 0
hash_power_level 16
incr_hits 0
incr_misses 0
libevent 2.1.12-stable
limit_maxbytes 67108864
listen_disabled_num 0
log_watcher_sent 0
log_watcher_skipped 0
log_watchers 0
log_worker_dropped 0
log_worker_written 0
lru_bumps_dropped 0
lru_crawler_running 0
lru_crawler_starts 6
lru_maintainer_juggles 103444004
lrutail_reflocked 0
malloc_fails 0
max_connections 1024
moves_to_cold 0
moves_to_warm 0
moves_within_lru 0
pid 5770
pointer_size 64
read_buf_bytes 98304
read_buf_bytes_free 32768
read_buf_count 6
read_buf_oom 0
reclaimed 0
rejected_connections 0
reserved_fds 20
response_obj_bytes 49152
response_obj_count 1
response_obj_oom 0
round_robin_fallback 0
rusage_system 1.053032
rusage_user 1136.463840
slab_global_page_pool 0
slab_reassign_busy_deletes 0
slab_reassign_busy_items 0
slab_reassign_chunk_rescues 0
slab_reassign_evictions_nomem 0
slab_reassign_inline_reclaim 0
slab_reassign_rescues 0
slab_reassign_running 0
slabs_moved 0
store_no_memory 0
store_too_large 0
threads 4
time 1724186947
time_in_listen_disabled_us 0
total_connections 4
total_items 0
touch_hits 0
touch_misses 0
unexpected_napi_ids 0
uptime 1177
version 1.6.23
Memcached is configure to start with:
# grep memcach /etc/rc.conf
memcached=YES
memcached_jobs="job0"
memcached_job0_args="-a 660 -s /var/run/memcached/memcached_0.sock -m 64 -c 1024"
What might be wrong?
After years of inactivity, the Kyua project has graduated as an open source citizen and has a new home under the FreeBSD umbrella!
But uh… wait, what is Kyua and why is this exciting? To resolve confusion and celebrate this milestone, I’d like to revisit what Kyua is, how it came to be, why I stopped working on it for a while, why that was a problem for FreeBSD—and, indirectly, NetBSD—and how Kyua being free software has helped keep it alive.
As usual, partway through a couple weeks in Mallorca, we’re just getting the hang of it. After a few days of only the pool, it’s been pool mornings and beach afternoons. Every day, each kid gets more bold in both. I’ve managed to avoid getting sunburnt so far, though it’s getting harder to stay ahead of the situation. For mealtimes it’s kind of fun to be stuck in a tiny kitchen trying to cook my way out; bedtimes, down a sleepable room due to a broken air conditioner, were less so. My carcass got taken over by mosquitoes, who then rented most of it back to me. In a few days I might be ready to buy them out.
Usually here I’d consider taking a nap when the littles do. Definitely tired enough. But a little solo computer time feels more like what I’m needing: Refactoring some code, backing up some photos, updating pkgsrc stuff, writing posts on my website, that sort of thing.
For this summer vacation we’re hopping around more, which happens to simplify our transatlantic travel days. (Traditionally we’d have connecting flights before arriving anywhere.) One flight into Munich, where we stayed in the area for a few days visiting in-laws. From there a quick hop to Mallorca, the meat in our vacation sandwich. From here a quick-ish hop to Hannover for a week back in the little north-central German village where we lived out the first two years of COVID. Then we’ll drive to Frankfurt to see friends before our return flight to New York. Hopping around like this means we get to see more people and places, in exchange for which we get to find out what happens when kids try to sleep in a wider variety of environments and configurations. So far, sokay.
I wanted to clear all the newsletters items I’ve saved, so you are getting links until my inbox no longer paginates.
All that to say, I find that NetBSDs philosophy aligns with mine. The OS is small and cozy, and compared to many minimal Linux distributions, I found it faster to setup. Supported hardware is automatically picked up, for my Thinkpad T480s almost everything (except the trackpad issue I solved above) worked out of the box, and it comes with a minimal window manager and display manager to get you started. It is simple and minimal but with sane defaults. It is a hackable system that teaches you a ton. What more could you want?
↫ Marc Coquand
I spent quite some time using OpenBSD earlier this year, and I absolutely, positively loved it. I can’t quite put into words just how nice OpenBSD felt, how graspable the configuration files and commands were, how good and detailed the documentation, and how welcoming and warm the community was over on Mastodon, with even well-known OpenBSD developers taking time out of their day to help me out with dumb newbie questions.
The only reason I eventually went back to Fedora on my workstation was performance. OpenBSD as a desktop operating system has some performance issues, from a slow file system to user interface stutter to problematic Firefox performance, that really started to grind my gears while trying to get work done. Some of these issues stem from OpenBSD not being primarily focused on desktop use, and some of them simply stem from lack of manpower or popularity. Regardless, nobody in the OpenBSD community was at all surprised or offended by me going back to Fedora.
NetBSD seems to share a lot of the same qualities as OpenBSD, but, as the linked article notes, with a focus on different things. Like I said yesterday, I’m looking to building and testing a system entirely focused on tiled terminal emulators and TUI applications, and I’ve been pondering if OpenBSD or NetBSD would be a perfect starting point for that experiment.
I was not able to get this done early like the last few posts, but there’s still a good range here.
NetBSD 10 was released recently, so a lot of people are experimenting with it and writing down their thoughts. I’ve got two of those for you today, to help you in case you, too, want to install NetBSD 10 and play around with, or just use, it.
First, what if you want to install NetBSD 10 on a UEFI system, but with full disk encryption in case your device gets stolen? It turns out there are countless guides for installing with full-disk encryption on MBR-based systems, but once you use UEFI – as you should be – things get a lot more complicated. The NetBSD installer is apparently rather basic, and a better solution is to drop to a shell and install NetBSD that way instead, and even then, full disk encryption with UEFI is actually not possible, as it seems the root file system – where the operating system itself resides – cannot be encrypted.
The restriction is in the root file-system. It needs to be in plain-text and in a regular partition. It seems to me that rootfs in CGD or LVM is not well supported.
↫ vsis.online
This seems like something the NetBSD team may need to take a look at, since full disk encryption should be an easy option to choose, even, or especially in 2024, on UEFI systems. Such encryption is easily achieved on Linux or Windows systems, and it seems odd to me that NetBSD is lagging behind a bit here. In the meantime, the linked guide will be a good jumping-off point for those of you interested in going a similar route.
The second article I want to highlight concerns NetBSD 10 on the Pinebook Pro, the inexpensive ARM laptop that normally ships with Linux. It turns out there’s a NetBSD 10 image for this device, so installation is quite a bit more straightforward than the more exotic setup I mentioned earlier. It seems most of the hardware works quite well out of the box, with the inly exception being the on-board Wi-Fi, which the author addressed with a USB W-Fi dongle.
Other than that, NetBSD is running well on the Pinebook Pro for the author, which is great to read since that makes this cheap device a great starting point for people interested in running NetBSD.
On my home network, some important jobs are performed by little ARM computers.
The house came with a decent sound system wired in. The receiver can take 1/8” stereo input — from AirPlay, with help from a decade-old Raspberry Pi 1 Model B Rev 2.
With a 4GB SD card, from macOS:
$ diskutil list # inspect output
$ SDCARD=disk6
$ diskutil unmountDisk ${SDCARD}
$ links https://raspi.debian.net/tested-images/
$ DISKIMAGE=20231109_raspi_1_bookworm.img.xz
$ fetch https://raspi.debian.net/tested/${DISKIMAGE}
$ xzcat ${DISKIMAGE} \
| sudo dd of=/dev/r${SDCARD} bs=64k oflag=sync status=progress
$ diskutil eject ${SDCARD}
Place the RPi somewhere convenient.
Connect SD card, keyboard, HDMI, Ethernet, and power.
Log in as root
, no password:
# apt update
# apt -y install etckeeper
# cd /etc
# git branch -M main
# apt -y install sudo
# visudo # for the sudo group, insert NOPASSWD: before the final ALL
# useradd -m -G sudo -s /bin/bash schmonz
# passwd schmonz
# exit
Log in as schmonz
:
$ sudo passwd root
$ sudo sh -c 'echo 127.0.1.1 schleierplay >> /etc/hosts'
$ sudo hostnamectl hostname schleierplay
$ sudo ln -sf /usr/share/zoneinfo/US/Eastern /etc/localtime
$ sudo etckeeper commit -m 'Set root password, hostname, and timezone.'
$ sudo apt -y install shairport-sync
$ sudo vi /etc/shairport-sync.conf
$ sudo etckeeper commit -m 'Set AirPlay name.'
$ sudo shutdown -h now
Place the RPi where it’ll live. Connect audio cable, Ethernet, and power.
$ ssh-copy-id schleierplay.local
Make sure receiver is set to AUX input. Use AirPlay.
As with any Debian:
$ ssh schleierplay.local -t 'sudo apt update && sudo apt -y upgrade && sudo apt -y autoremove'
To back up /etc
, git push
it someplace trustworthy and private.
I’d rather run NetBSD, but on 10.0 with shairport-sync
, I saw a lot of AirPlay Speaker Not Available: 'House' is being used by someone else
(even when it wasn’t).
My ancient USB-only HP LaserJet P1006 remains reliable for our basic needs and we’ve still got a pile of toner cartridges. A friend recently sent me a comparatively beefy Pine A64 board.
With a 4GB SD card, from macOS:
$ diskutil list # inspect output
$ SDCARD=disk6
$ diskutil unmountDisk ${SDCARD}
$ links https://www.armbian.com/pine64/
$ DISKIMAGE=Armbian_24.5.1_Pine64_bookworm_current_6.6.31_minimal.img.xz
$ fetch https://dl.armbian.com/pine64/archive/${DISKIMAGE}
$ xzcat ${DISKIMAGE} \
| sudo dd of=/dev/r${SDCARD} bs=64k oflag=sync status=progress
$ diskutil eject ${SDCARD}
Place the A64 somewhere convenient.
Connect SD card, keyboard, HDMI, Ethernet, and power.
Follow the prompts to set the root
password, create a user account, and select a locale.
Then continue:
# apt update
# apt -y install etckeeper
# cd /etc
# git branch -M main
# visudo # for the sudo group, insert NOPASSWD: before the final ALL
# exit
Log in as schmonz
:
$ sudo sh -c 'echo 127.0.1.1 schleierprint >> /etc/hosts'
$ sudo hostnamectl hostname schleierprint
$ sudo ln -sf /usr/share/zoneinfo/US/Eastern /etc/localtime
$ sudo etckeeper commit -m 'Set root password, hostname, and timezone.'
$ sudo apt -y install hplip avahi-daemon
$ sudo usermod -a -G lpadmin schmonz
$ sudo etckeeper commit -m 'Make myself a printer admin.'
$ sudo shutdown -h now
Place the A64 where it’ll live. Connect printer, Ethernet, and power.
$ ssh-copy-id schleierprint.local
$ ssh schleierprint.local
$ sudo hp-setup -i # follow prompts, mostly defaults; name the queue 'hpljp1006'
$ sudo etckeeper commit -m 'Add initial hplip config for P1006.'
$ sudo sed -i \
-e '/^\*ColorDevice: True$/s|True|False|' \
-e '/^\*OpenUI \*Duplex\/Double-Sided Printing: PickOne$/,/^\*CloseUI: \*Duplex$/s|^|*% |' \
-e '/^\*OpenUI \*ColorModel\/Output Mode: PickOne$/,/^\*CloseUI: \*ColorModel$/s|^|*% |' \
/etc/cups/ppd/hpljp1006.ppd
$ sudo etckeeper commit -m 'Correct advertised printer capabilities.'
$ sudo sed -i \
-e 's|^Info $|Info HP LaserJet P1006|' \
/etc/cups/printers.conf
$ sudo lpadmin -d hpljp1006
$ sudo etckeeper commit -m 'Name printer and set it as default.'
$ sudo cupsctl --remote-any
$ sudo etckeeper commit -m 'Let local network talk to CUPS.'
$ sudo sed -i \
-e '/^WebInterface /a PreserveJobFiles No' \
/etc/cups/cupsd.conf
$ sudo etckeeper commit -m 'Maybe avoid some disk writes.'
$ sudo systemctl restart cups
On macOS, do not override the generic driver with “HP LaserJet P1006”.
You won’t be able to print (with filter failed
in the server logs), except that every “Supply Levels” check —
including the ones that happen as part of every print job —
will produce a piece of paper containing the single line @PJL INFO SUPPLIES
.
As I understand it, some versions of CUPS have a server bug where it can’t discern whether incoming data has already been filtered for the target queue:
filters converted the data (via application/vnd.cups-raster
) to the printer’s native command set (whatever that might be)… but when the job got sent to the CUPS server it was tagged as application/vnd.cups-raster
rather than, say, application/octet-stream
.
While that discussion is over a decade old, its advice — leave the filtering to the server, and make sure clients don’t do any — has me printing from macOS, iOS, and Windows.
On macOS, add the printer. When it autoselects “Generic PostScript Printer”, leave it (details in sidebar). Print.
On iOS, print.
On Windows, add the printer. Print.
As with any Debian:
$ ssh schleierprint.local -t 'sudo apt update && sudo apt -y upgrade && sudo apt -y autoremove'
To back up /etc
, git push
it someplace trustworthy and private.
I’d rather run NetBSD, but neither 10.0 nor -current brought up HDMI.
I could try writing NetBSD to an SD card, mounting it from another NetBSD system, setting hostname
in rc.conf
, adding a non-root user, and then booting the A64 from it in order to do the rest over ssh
.
(Other systems that also didn’t bring up HDMI, wherefore I landed by trial and error on Armbian: FreeBSD 14, OpenBSD 7.5, Debian 12.)
Since one of my old Sonos speakers can’t be upgraded to AirPlay-compatible firmware, I’m not eager to upgrade the other. Instead, I’ve added AirConnect on the Pine A64 as an AirPlay relay.
Contents of /etc/systemd/system/airupnp.service
:
[Unit]
Description=AirUPnP bridge
After=network-online.target
Wants=network-online.target
[Service]
ExecStart=/home/schmonz/bin/airupnp-linux-aarch64-static -l 1000:2000 -N '%%s' -x /home/schmonz/etc/airupnp.xml -Z
Restart=on-failure
RestartSec=30
[Install]
WantedBy=multi-user.target
Contents of /home/schmonz/etc/airupnp.xml
(to omit my UPnP router from the AirPlay list):
<?xml version="1.0"?>
<airupnp>
<device>
<udn>uuid:1e38fc78-51f5-5f5d-9268-50c6b1dc59f8</udn>
<name>Verizon FiOS-G1100 ManageableDevice+</name>
<mac>bb:bb:bb:bb:bb:bb</mac>
<enabled>0</enabled>
</device>
</airupnp>
I’d rather install AirConnect from a system-provided package, but there isn’t one for Debian. Maybe I can puzzle out the AirConnect build system and add it to pkgsrc.
Over on the GNU config-patches mailing list, Zack Weinberg is looking for help identifying a number of ancient operating systems and vendors.
These are probably all either vendor or OS names from the late 1980s or early 1990s. Can anyone help me fill out the following list of things that ought to appear in testsuite/config-sub.data, if I knew what to put in place of the question marks?
???-pc533 ???-pc533-???
↫ Zack Weinberg
???-sim ???-sim-???
???-ultra ???-ultra-???
???-unicom ???-unicom-???
???-acis ???-???-aos
???-triton ???-???-sysv3
???-oss ???-???-sysv3
???-storm-chaos ???-???-???
One of them has already been identified – “storm-chaos” turns out to have been added to binutils and/or maybe GCC in 2000, and after some digging around, John Marshall found what it’s referring to: chaos, a hobby operating system for x86 written in C. It has a long history, and after a period of inactivity came back in 2015 with a new website. Some new releases followed, with the last one being version 0.3.0 in 2019. It’s been silence since then.
The others are still up for grabs to be discovered. There is some talk that the pc533 one might be a misspelling of pc532, which would refer to the “NS32K-based PC532 board running NetBSD”. This is an incredibly obscure complete system built around the NS32532, of which only around 150 were built in the early ’90s. However, Weinberg is hesitant to accept this theory without more information, since there is already code to handle the pc532, and he wants to be sure before making any changes.
If there is one place on the internet outside of the GNU mailing lists that might be able to help Weinberg, it’s the OSNews audience. We have so many older people reading OSNews who have been working or otherwise active in this field for many decades, and I wouldn’t be surprised if these cryptic names make some bells ring for some of you. If one of you does e-mail a reply, be sure to mention this article – organic marketing to help keep us going!
The NetBSD Project is pleased to announce NetBSD 8.3, the third and final release from the NetBSD 8 stable branch.
It represents a selected subset of fixes deemed important for security or stability reasons since the release of NetBSD 8.2 in March 2020, as well as some enhancements backported from the development branch. It is fully compatible with NetBSD 8.0.
This also represents the end-of-life for the netbsd-8 release branch. No further security updates will happen. Users running 8.2 or an earlier release are strongly recommended to upgrade to a newer branch, preferably the recent NetBSD 10.0 release.
Pkgsrc has already desupported the netbsd-8 branch.
See the full release announcement (including download links).
My early imaginings of a collaborative Open Source successor to qmail, let me assure you, did not include going nearly four years between releases. Well, at least it hasn’t been more than four. notqmail 1.09 is here:
For decades, due to each administrator needing to patch in their particular missing bits of functionality, the qmail source code itself has effectively been a public API. Some future release of notqmail will include everything most everyone needs. On that day, we’ll freely make desirable code changes without worrying about breaking people’s patches. On that day, notqmail will have become a relatively normal software project operating under relatively normal constraints.
This is not that day. notqmail remains a uniquely challenging legacy-code rehabilitation project, and 1.09 is merely a solid, long-overdue release that includes the work of a couple dozen new contributors.
Since this release took too long, our next development cycle will be
In legacy code, every time we can turn a vicious cycle virtuous, it’s a big win. By making the code easier and safer to change, we’ll have more fun; by having more fun, we’ll make more progress; by making more progress, we’ll get more feedback; by getting more feedback, we’ll have more fun; and so on.
Have fun with notqmail 1.09! Let us know how the upgrade goes for you. (I’ll be updating the pkgsrc package soon.) And if getting involved is your kind of thing, please feel welcome to join us.
I am trying to use OpenVPN as a client under NetBSD using this command:
openvpn --client --config /etc/openvpn/config.ovpn
I am getting the following output and errors:
localhost# openvpn --client --config /etc/openvpn/openvpn.ovpn
2024-04-26 10:29:35 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-04-26 10:29:35 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305). OpenVPN ignores --cipher for cipher negotiations.
2024-04-26 10:29:35 OpenVPN 2.6.10 x86_64--netbsd [SSL (OpenSSL)] [LZO] [LZ4] [MH/PKTINFO] [AEAD]
2024-04-26 10:29:35 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
Enter Auth Username:********
Enter Auth Password:********
2024-04-26 10:32:48 TCP/UDP: Preserving recently used remote address: [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 Socket Buffers: R=[32768->32768] S=[32768->32768]
2024-04-26 10:32:48 Attempting to establish TCP connection with [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 TCP connection established with [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 TCPv4_CLIENT link local: (not bound)
2024-04-26 10:32:48 TCPv4_CLIENT link remote: [AF_INET]**.191.33.**:1701
2024-04-26 10:32:48 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
2024-04-26 10:32:48 TLS: Initial packet from [AF_INET]**.191.33.**:1701, sid=0006909e 9b0d208f
2024-04-26 10:32:48 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2024-04-26 10:32:48 VERIFY OK: depth=1, C=US, ST=New York, L=New York, O=Ubiquiti Inc., OU=UniFi_OpenVPN_CA, CN=UniFi_OpenVPN_CA
2024-04-26 10:32:48 VERIFY KU OK
2024-04-26 10:32:48 Validating certificate extended key usage
2024-04-26 10:32:48 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-04-26 10:32:48 VERIFY EKU OK
2024-04-26 10:32:48 VERIFY OK: depth=0, C=US, ST=New York, L=New York, O=Ubiquiti Inc., OU=UniFi_OpenVPN_Server, CN=UniFi_OpenVPN_Server
2024-04-26 10:33:53 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2024-04-26 10:33:53 [UniFi_OpenVPN_Server] Peer Connection Initiated with [AF_INET]**.191.33.**:1701
2024-04-26 10:33:53 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-04-26 10:33:53 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-04-26 10:33:53 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 192.168.7.1,route 192.168.4.0 255.255.255.0,route 192.168.2.0 255.255.255.0,route 192.168.1.0 255.255.255.0,route 192.168.3.0 255.255.255.0,route-gateway 192.168.7.1,topology subnet,ping 10,ping-restart 60,ifconfig 192.168.7.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
2024-04-26 10:33:53 OPTIONS IMPORT: --ifconfig/up options modified
2024-04-26 10:33:53 OPTIONS IMPORT: route options modified
2024-04-26 10:33:53 OPTIONS IMPORT: route-related options modified
2024-04-26 10:33:53 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2024-04-26 10:33:53 TUN/TAP device /dev/tun0 opened
2024-04-26 10:33:53 /sbin/ifconfig tun0 192.168.7.2 192.168.7.1 mtu 1500 netmask 255.255.255.0 up
2024-04-26 10:33:53 /sbin/route add -net 192.168.7.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.7.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net **.191.33.** 192.168.1.254 -netmask 255.255.255.255
route: writing to routing socket: File exists
add net **.191.33.**: gateway 192.168.1.254: File exists
2024-04-26 10:33:53 ERROR: OpenBSD/NetBSD route add command failed: external program exited with error status: 1
2024-04-26 10:33:53 /sbin/route add -net 0.0.0.0 192.168.7.1 -netmask 128.0.0.0
add net 0.0.0.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 128.0.0.0 192.168.7.1 -netmask 128.0.0.0
add net 128.0.0.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 192.168.4.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.4.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 192.168.2.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.2.0: gateway 192.168.7.1
2024-04-26 10:33:53 /sbin/route add -net 192.168.1.0 192.168.7.1 -netmask 255.255.255.0
route: writing to routing socket: File exists
add net 192.168.1.0: gateway 192.168.7.1: File exists
2024-04-26 10:33:53 ERROR: OpenBSD/NetBSD route add command failed: external program exited with error status: 1
2024-04-26 10:33:53 /sbin/route add -net 192.168.3.0 192.168.7.1 -netmask 255.255.255.0
add net 192.168.3.0: gateway 192.168.7.1
2024-04-26 10:33:53 GID set to nogroup
2024-04-26 10:33:53 UID set to nobody
2024-04-26 10:33:53 Initialization Sequence Completed
2024-04-26 10:33:53 Data Channel: cipher 'AES-256-GCM', peer-id: 0, compression: 'lzo'
2024-04-26 10:33:53 Timers: ping 10, ping-restart 60
I have a working internet connection when running OpenVPN as a client, but I can't access any of the machines on the network **.191.33.**
, I know I should be able to SSH into 192.168.1.114, but I can't reach that machine through OpenVPN, there are firewall rules in the Ubuiquity box allowing traffic from 192.168.7.* to 192.168.1.* I know this is working, its testet from Mac and PC using the OpenVPN Client, I just can't get it to work on NetBSD
This is my routing table before running OpenVPN:
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
This is my routing table when running OpenVPN:
Internet:
Destination Gateway Flags Refs Use Mtu Interface
0/1 192.168.7.1 UGS - - - tun0
default 192.168.1.254 UGS - - - iwn0
**.191.33.**/32 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
128/1 192.168.7.1 UGS - - - tun0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.2/24 192.168.7.1 UGS - - - tun0
192.168.3/24 192.168.7.1 UGS - - - tun0
192.168.4/24 192.168.7.1 UGS - - - tun0
192.168.7/24 192.168.7.1 UGS - - - tun0
192.168.7.1 192.168.7.2 UH - - - tun0
192.168.7.2 tun0 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
This is my routing table after stopping OpenVPN:
Internet:
Destination Gateway Flags Refs Use Mtu Interface
0/1 192.168.7.1 UGS - - - tun0
default 192.168.1.254 UGS - - - iwn0
**.191.33.**/32 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
128/1 192.168.7.1 UGS - - - tun0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.2/24 192.168.7.1 UGS - - - tun0
192.168.3/24 192.168.7.1 UGS - - - tun0
192.168.4/24 192.168.7.1 UGS - - - tun0
192.168.7/24 192.168.7.1 UGS - - - tun0
192.168.7.2 tun0 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
This is my routing table when i have destroyed tun0:
ifconfig tun0 destroy
Internet:
Destination Gateway Flags Refs Use Mtu Interface
default 192.168.1.254 UGS - - - iwn0
**.191.33.**/32 192.168.1.254 UGS - - - iwn0
127/8 127.0.0.1 UGRS - - 33624 lo0
127.0.0.1 lo0 UHl - - 33624 lo0
192.168.1/24 link#2 UC - - - iwn0
192.168.1.68 link#2 UHl - - - lo0
192.168.1.254 00:1e:80:a2:2e:ff UHL - - - iwn0
The route to **.191.33.**
is still there when stopping OpenVPN and destroying the tunnel tun0, I don't know if this is expected behaviour.
Update I have checked several computers now, and none of them have the 192.168.1/24 route, its only on the PC running NetBSD, I have tried to delete it, with no success. I have also read a lot of man pages and various other documentation, but I have not come up with anything usefull yet.
OpenVPN Config
client
dev tun
proto tcp
remote **.191.33.** 1701
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
persist-key
persist-tun
auth-user-pass
remote-cert-tls server
cipher AES-256-CBC
comp-lzo
verb 3
auth SHA1
key-direction 1
reneg-sec 0
redirect-gateway def1
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-auth>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
...
-----END PRIVATE KEY-----
</key>
Intent
I am trying to connect to a VPN at a remote location, from home. The remote network is protected by a firewall facing the internet, all computers on the network behind the router is accessible, the 192.168.7.* network is standard Ubuiquity and used for VPN clients, I have added a firewall rule to allow traffic from 192.168.7.* to the 192.168.1.* network, this works fine from all computers I have tried it with, Mac, PC, Windows, Linux, MacOS. etc. except a PC running NetBSD.
The network configuration on the PC running NetBSD was performed during installation, and I used the auto-configuration feature, so I have not specified any networks, routes or rules at all. I am able to access the internet when using OpenVPN client, I just cannot access any of the machines on the remote network. So I guess the part I am missing is the routing from 192.168.7.* to 192.168.1.* so I will be able to access computers attached to that network
A few years ago, I wrote a "state of things" blog post about Wayland on NetBSD. It's only natural that I should do one about X11, which is used by far more people to get a graphical environment on NetBSD.
There are a lot of differences from how NetBSD and the typical distributor ship X.Org. For one, we ship it as an optional monolithic package rather than separate individual packages. This means every driver is included on every system, rather than as an optional module. Sometimes, this means we need to fine-tune driver selection to ensure the correct drivers are loaded on the correct hardware, since multiple conflicting drivers can claim a video output. We also want sensible fallbacks, since if you're using a GPU from the future with an old OS version, you probably want X to seamlessly fall back to a regular framebuffer.
Secondly, the way our "xsrc" repository is set up, it's effectively functioning as a fork of X.Org that regularly pulls from upstream freedesktop.org (but does not push back). This allows X development to happen as part of NetBSD.
Thirdly, we use our own build system based purely on BSD makefiles, not X.Org's based on GNU autotools. This fits well with our build.sh cross-compilation system.
We have a number of drivers which have not made their way upstream. Perhaps the most ubiquitous of these is xf86-input-ws, a driver which came from OpenBSD, targets an API from NetBSD, and continues to be developed in both. This is a generic input driver that can support any pointing device that the kernel supports. Unlike xf86-input-mouse, it doesn't assume the device is a mouse, and can support advanced touchpad and touchscreen features. Other NetBSD exclusives include xf86-video-pnozz, xf86-video-mgx, and xf86-video-crime. While these all share the "xf86" name inherited from the historical XFree86 distribution, none of them are exclusively for x86.
There are a number of drivers that are accelerated when used in NetBSD, but the acceleration support is missing upstream. This is mostly due to the work of macallan@, who has diligently worked on drivers for accelerators found on SPARC and PowerPC hardware.
X.Org has historically supported two 2D acceleration modes, XAA and EXA. XAA seems complicated - according to the X.Org Foundation it supports accelerating "patterned fills and Bresenham lines" (eh?). XAA was removed from the X.Org server in 2012, and many old drivers were not updated to support the newer and simpler EXA model, except in NetBSD, over a time period of several years.
Did you know that Nvidia used to have an open source graphics driver? It supported 2D acceleration for a range of cards. In NetBSD, it's retained for platforms that included embedded Nvidia chips and aren't capable of (or predate, or don't want) the modern novueau driver. Six years ago, it was updated in NetBSD to support EXA acceleration.
There are a few ways our X integration could be improved. While lots of attention has been paid to the server, less has been paid to clients (programs). Did you know that X includes a text editor, and that text editor supports syntax highlighting and spell checking?
NetBSD includes its own command-line spell checker and associated dictionaries, spell(1), inherited from the BSD UNIX of yore. It's pretty basic, and only supports variations of English. To get spell checking to work in xedit, you need to install ispell (another command-line spell checker) from pkgsrc, install a dictionary, then set some Xresources (or create symlinks) to make sure xedit finds ispell. This could surely be streamlined by teaching xedit about spell.
We also ship every program that has been included with historical X.Org distributions. This includes well-known things like xterm, slightly less well-known things like xbiff(1), and obscurities like bitmap(1) (apparently a 1-bit-per-pixel alternative to MS Paint). A while ago, we removed some libraries which are no longer used by the modern X server, and maybe we should evaluate whether we need all of these programs too. xmh(1) is a frontend for a mail system that isn't included in base. Together, bitmap and xmh are around 300 kilobytes.
We include fonts, bitmaps and scalable, for a wide range of computing devices. In the latest versions of NetBSD, the font size will automatically scale with the screen size to support HiDPI displays as well as small mobile devices. However, we don't ship a scalable cursor theme at the moment. We're also missing high-resolution fonts for Japanese, a shame considering the popularity of NetBSD in Japan. Koruri looks interesting and is suitably small, maybe we should import it.
While we have many useful simple programs by default (a clock, a calculator, an editor, a window manager, a compositor, a terminal emulator...), we're notably missing a screen locking program for X in the default install, although we have lock(1) for the tty.
The big question - does all this have a future? The good news is that all new hardware has generic support in X. Someone writes either a modesetting kernel driver or a classical wsdisplay kernel driver and they will be automatically supported by the associated drivers in X. The bad news is that to have applications running we require access to a larger open source ecosystem, and that ecosystem has a lot of churn and is easily distracted by shiny new squirrels. The process of upstreaming stuff to X.Org is an ongoing process, but it's likely we'll run into things that will never be suitable for upstream.
Of course, on NetBSD, you also have the option of trying vanilla modular X.Org from pkgsrc, or using something else entirely.
The NetBSD Project is pleased to announce NetBSD 9.4, the fourth release from the NetBSD 9 stable branch.
It represents a selected subset of fixes deemed important for security or stability reasons since the release of NetBSD 9.3 in August 2022, as well as some enhancements backported from the development branch. It is fully compatible with NetBSD 9.0. Users running 9.3 or an earlier release are strongly recommended to upgrade.
The general NetBSD community is very excited about NetBSD 10.0, the latest NetBSD release, but if for some reason you can not (or do not want to) update to 10.0, it is strongly recommended to update to 9.4. This is especially true for users still using a NetBSD 8.x release as that old release branch will be desupported by the end of April 2024.
If you sorta squint and tilt your head, it’s a games theme this week.
Your unrelated music for the week: New Strategies for Modern Crime Vol 1. (via)
I am trying to write a driver for NetBSD that will reserve 10 pages of virtual memory, then provide the first 5 pages with physical addresses. At the end, I output the page number, its physical address, and flags such as Valid, User and Modified. However, it seems to me that the flags are not working correctly, since for all pages, all flags have the same value, which is 1 (true). Please help me figure out what I'm doing wrong.
#include <sys/cdefs.h>
#include <sys/module.h>
#include <sys/param.h>
#include <sys/sysctl.h>
#include <uvm/uvm.h>
MODULE(MODULE_CLASS_MISC, driver, NULL);
#define PAGESIZE 0x1000
extern paddr_t avail_end;
vaddr_t va;
struct pglist plist;
static int lab4_modcmd(modcmd_t cmd, void* arg) {
va = uvm_km_alloc(kernel_map, PAGESIZE*10, 0, UVM_KMF_VAONLY);
if (va == 0) {
return 0;
}
int error = uvm_pglistalloc(PAGESIZE*5, 0, avail_end, 0, 0, &plist, 5, 0);
if (!error) printf ("LAB4 loaded\n");
struct vm_page *page = TAILQ_FIRST(&plist);
for(int i = 0; page; i++) {
pd_entry_t *ppte;
ppte = L2_BASE+pl2_i(va+PAGESIZE*i);
paddr_t pa = VM_PAGE_TO_PHYS(page);
printf("Page - %d\n", i+1);
printf("Valid - %d\n", ((*ppte & PG_V) ? 1 : 0));
printf("Used - %d\n", ((*ppte & PG_U) ? 1 : 0));
printf("Modified - %d\n", ((*ppte & PG_M) ? 1 : 0));
printf("Physical address - 0x%lx\n", pa);
printf("\n");
page = TAILQ_NEXT(page, pageq.queue);
}
uvm_pglistfree(&plist);
uvm_km_free(kernel_map, va, PAGESIZE*10, UVM_KMF_VAONLY);
return 0;
}
I tried to look for other examples where these flags are used.
I have the following code that produces a window with a QTableView visible. I add a QTextEdit to the right but hide it. When I run the code it looks as though space has been reserved on the right for the TextEdit even though the TableView has a setSizePolicy of Expanding. What do I need to set so that the TableView initially takes up all the space in the window, then shrinks to accommodate the TextEdit and then expands fully when the TextEdit is hidden? Thank you in advance.
import sys
from PyQt5.QtWidgets import QApplication, QGridLayout, QMainWindow, QPushButton
from PyQt5.QtWidgets import QSizePolicy, QTableView, QTextEdit, QWidget
class MainWindow(QMainWindow):
# https://www.pythonguis.com/faq/file-image-browser-app-with-thumbnails/
def runBtn(self):
#https://www.youtube.com/watch?v=LCJEyuCZlAY
if self.hdn == True:
self.text.show()
self.hdn = False
else:
self.text.hide()
self.hdn=True
def __init__(self):
super().__init__()
widget = QWidget()
self.setCentralWidget(widget)
self.layout = QGridLayout(widget)
self.hdn = True
self.Btn = QPushButton('Hide/Show',self)
self.Btn.clicked.connect(self.runBtn)
self.layout.addWidget(self.Btn, 0, 0, 1, 1)
self.view = QTableView()
self.layout.addWidget(self.view, 1, 0, 48, 50)
self.view.setSizePolicy(QSizePolicy.Expanding, QSizePolicy.Expanding) # /73522221/
self.text = QTextEdit()
self.text.hide()
self.layout.addWidget(self.text, 1, 50, 48, 2)
app = QApplication(sys.argv)
window = MainWindow()
window.show()
app.exec_()
A few weeks ago, Apple released new versions of Xcode and Command Line Tools. Not thinking too hard about how my pkgsrc developer environment often gets broken by OS or tool updates, I updated promptly. For one thing, I’m kinda used to it. For another, it doesn’t usually break. For a third thing, managing dependencies — anything not my code that can break my code — means responsibility for dealing with the inevitable trouble, and therefore the sooner I find it the better. (More on my approach to life with dependencies.)
A vendor-provided toolchain is a significant dependency.
So I accepted the Command Line Tools update, and it commandeered my spare time for two weeks as I hurried carefully to repair
one of the world’s biggest continuous-integration cauldrons
on
one of its most popular platforms.
When I ran my usual pkg_rolling-replace -suv
to rebuild anything outdated, it did not go well at all.
This article uses “we” because the continued smooth operation of pkgsrc on macOS reflects the contributions of many developers on many occasions, including this one: I happened to be first on the scene, but several of us of were discussing the problems and potential workarounds and all of “my” commits were adjusted accordingly.
Did I mention that a few weeks ago we were aiming to stabilize for yesterday’s quarterly release? Suddenly, if we didn’t scramble to straighten things out for macOS users, we’d have to manage a complicated situation for a while. But if we created a mess on other platforms by moving rashly, that’d be even worse.
The usual feedback mechanism for proposed infrastructure changes is to compare full bulk builds before and after. There was no time for that.
Happily, the conclusion of the story is boring: as always, the pkgsrc 2024Q1 stable branch supports macOS and its developer tools, including the latest releases of each. (So does -current pkgsrc, of course, if that’s your thing.)
Curious what we had to do to keep it boring? Read on.
clang
defaultsUpstream Clang 16 and GCC 14 have promoted several warnings to errors by default, and Apple’s Clang 15 has followed suit. (Gentoo has very helpfully documented this for packagers.) These changes are intentional and well-intentioned, pushing maintainers to ship more reliable code. But pkgsrc’s job is to build nearly 30,000 codebases we don’t maintain. And stricter compiler defaults break a lot of builds.
As you might hope, we can make the breakage go away in one place.
In pkgsrc, packages declare which programming languages are required for their build. The compiler framework then selects package-and-platform-appropriate compilers, places them preferentially in the package’s build environment, and — crucially — intercepts compiler invocations and rewrites them for a variety of purposes.
When we look into pkgsrc’s clang
logic, we find prior art for this specific class of problem.
In September 2020, Xcode 12 (and its associated Command Line Tools) arrived even later in our quarterly schedule and promoted -Wimplicit-function-declaration
to an error.
The surgical fix: on macOS only, if invoking clang
reveals the new stricter default, we
pass -Wno-error=implicit-function-declaration
to demote the error back to a warning.
Apple Clang 15’s new strictures aren’t observable in the same way, so we adjust our workaround:
if clang
doesn’t complain when we try demoting the new errors back to warnings, we
pass those arguments too,
via the same compiler-framework mechanism.
m4
and yacc
This messy regression found only in the Command Line Tools 15.3.0.0.1.1708646388 update — not in the corresponding full Xcode 15.3 (build 15E204a) update — must have been unintended.
On macOS, some of the familiar Unix tools in /usr/bin
are in fact stubs.
When invoked, they either execute into the corresponding installed program (living somewhere under /Library/Developer
) or prompt the user to install the Command Line Tools.
This Command Line Tools update uninstalls m4
and yacc
from /Library/Developer
.
But since the OS-provided /usr/bin/m4
and /usr/bin/yacc
stubs still exist, running m4
or yacc
still does something:
it pops up a window prompting you to reinstall the CLT.
Unfortunately, as the latest available version doesn’t provide those tools, reinstalling is a waste of time.
As you might once again hope, we can hide the problem without personally visiting 29,000+ packages.
In pkgsrc, we also have a framework to control which non-compiler tools are invoked during builds. Packages declare which tools are required for their build. The tools framework then selects package-and-platform-appropriate incarnations of the declared tools and places them preferentially in the package’s build environment.
We just got handed a few new twists to handle in the framework, is all.
First, because this clever new CLT failure mode outfoxes our usual tool-detection mechanism, we special-case m4
and yacc
detection on macOS, performing an
existence check for the stubs’ targets.
Then the selection mechanism’s usual fallback logic can provide them some other way.
This prevents the primary source of needless CLT install popups.
For non-macOS platforms, no change.
Second, because some packages might not yet be declaring all their tool dependencies, we special-case m4
and yacc
handling on macOS:
when they’re not declared, we
place them in the build environment anyway,
as no-ops.
If the package build happens to invoke them, nothing happens.
This prevents the secondary source of needless CLT install popups, at the risk of breaking macOS builds for packages that are missing these tool declarations and have heretofore gotten lucky;
in such cases, the breakage will be obvious and the fix easy.
For non-macOS platforms, no change.
(At leisure, we might like to broaden this approach to help find and fix all undeclared tools on all platforms.)
Third, because the flex
tool expects to invoke a GNU-compatible m4
, we adjust the tools framework to
infer gm4
from a flex
declaration
so that the framework controls which m4
gets found.
This more correctly expresses our intent on all platforms, and in the macOS package build environment it restores /usr/bin/flex
to a working state.
xcrun
searchWe were already relying on xcrun
for a couple of things, so when our new tool-detection special cases were sometimes getting surprising results from it, that was concerning.
Turns out xcrun
no longer looks solely in Apple-controlled locations, but also consults the environment’s $PATH
.
By
invoking xcrun
with an empty PATH
and --no-cache
,
we obtain controlled, predictable tool detection.
Under the constraints, we changed as little as possible, as safely as possible, as similarly as possible to previous proven changes, avoiding novel constructs or any whiff of unforeseen consequences. We could not have done nearly as safe or thorough a job without good abstractions already in place. Total lines of pkgsrc infrastructure code changed: less than 100. Now that 2024Q1 is out, we have room to refactor.
These 15.3 updates also include a brand new linker. So far it hasn’t given us any trouble. If that changes, wanna guess whether we have one place to take care of it?
This is the ninth post in my toolchains adventures series. Please check the previous posts in the toolchains category for more context about this journey. There was no Q4 2023 report as there wasn't really anything worthwhile to write about.
I've been taking a break from Pkgsrc to only focus on OpenBSD at this point, for which I updated binutils to version 2.42 in the ports tree.
During this OpenBSD release cycle, the remaining parts required to get pinsyscalls(2) working have been committed, and I added support upstream for the PT_OPENBSD_SYSCALLS segment type to readelf in GNU Binutils, as well as in LLVM versions of objdump and readobj.
Lastly, I also wrote a blog post about Speedbuilding LLVM/Clang in 3 minutes on Power10.
As usual, I’ve also been busy reading different material, and adding new resources to toolchains.net.
binutils commits:
2024-02-12 | d86205c | Add support to readelf for the PT_OPENBSD_SYSCALLS segment type |
LLVM commits
2024-02-20 | a8d7511 | [llvm-readobj] Add support for the PT_OPENBSD_SYSCALLS segment type |
2024-02-20 | 1b89486 | [llvm-objdump] Add support for the PT_OPENBSD_SYSCALLS segment type |
2024-02-17 | 97eff26 | [Support/ELF] Add OpenBSD PT_OPENBSD_SYSCALLS constant |
2024-02-10 | d2e4a72 | [clang] Update Clang version from 18 to 19 in scan-build.1 |
The NetBSD project is pleased to announce the eighteenth major release of the NetBSD operating system
NetBSD 10.0!
See the release announcement for details.
The netbsd-10 release branch is more than a year old now, so it is high time the 10.0 release makes it to the front stage. This matches the long time it took for the development branch to get ready for branching, a lot of development went into this new release.
This also caused the release announcement to be one of the longest we ever did.
If you want to try NetBSD 10.0 please check the installation notes for your architecture and download the preferred install image from the CDN or if you are using an ARM based device from the netbsd-10 builds from the bootable ARM images page.
If you have any issues with installation or run into issues with the system during use, please contact us on one of the mailing lists or file a problem report.
Recently, a backdoor was discovered in the xz compression library. xz/liblzma are included as a part of NetBSD and used by the project for distribution of new releases and packages.
The version of xz shipped in all stable (and unstable) versions of NetBSD predates any code changes by the author of the backdoor. NetBSD is therefore safe and unaffected by the recent discoveries. It is believed that the attack only targets Linux/glibc, but checking this allowed us to rule out any other attempts at compromising the library by the author.
The version of xz shipped in pkgsrc, however, is affected. Using xz from pkgsrc is a non-default setting on NetBSD, and requires explicit opt-in. Most users of NetBSD will not install xz from pkgsrc because the version from the base system is preferred. However, users of pkgsrc on other platforms will need to take precautions.
Regardless of NetBSD being affected or not, the discovery of the backdoor is a wake-up call and further discussion will be happening internally over how to proceed.
I'm debugging the NetBSD kernel with gdb
, but I would like to be able to display information about the memory region an address is in. I'm mainly interested in finding out the permissions of a page of memory, along with the size of the region it is enclosed in (if the latter part of that question makes sense).
Does the kernel have a concept of memory regions in kernel space? i.e. a contiguous block of pages (virtual addresses) reserved for a specific purpose (which is kept track of somewhere)? Or is it down to each specific module to keep track of which blocks of memory belong to a logical group?
Here's an example of what I'm looking for:
(gdb) addressinfo 0xffffffff80e1000
Start End Offset Perm Size
0xffffffff80e0000 0xffffffff80e2000 0x1000 r--p 0x2000
I don't mind adding a hook to the kernel for a GDB script to output this information, if this functionality does not exist. At the minimum it would be useful to add a hook for GDB scripts to view the page permissions.