In my article about running OpenBSD/loongson on the Lemote Yeeloong back in 2016, I mentioned looking for a Fuloong. All hope seemed lost until the Summer of 2017, when a fellow OpenBSD developer was contacted by a generous user (Thanks again, Lars!) offering to donate two Lemote Fuloong machines, and I was lucky enough to get one of those units.

In this presentation I start off asking the question โ€žHow come there are only a handful of BSD security kernel bugs advisories released every year?โ€œ and then proceed to try and look at some data from several sources.

I normally deal with Linux machines. Linux is what I know and it’s what I’ve been using since I was in college. A friend of mine has been coaxing me into trying out FreeBSD, and I decided to try it out and see what it’s like. Here’s some details about my experience and what I’ve learned.

hello (also known as helloSystem) is a desktop system for creators with focus on simplicity, elegance, and usability. Its design follows the โ€œLess, but betterโ€ philosophy. It is intended as a system for โ€œmere mortalsโ€, welcoming to switchers from the Mac.

For people who prefer FreeBSD over Linux like myself, we obviously canโ€™t run Docker, which is what Signalโ€™s instructions focus on.

Fortunately, the Docker image is just a fancy wrapper around nginx, and the configs can be ported to any OS. Here, Iโ€™ll show you how to set up a Signal Proxy on FreeBSD.

Recently, a critical vulnerability was discovered in sudo that allows any user to gain root-level access without root credentials using sudo. OpenBSD ships with doas instead of sudo and I think it’s a great example of OpenBSD’s simplicity-begets-security mindset. I remembered reading something about why doas was created and it mentioned that sudo was deemed to be too complex:

There were some concerns that sudo was too big, running too much code in a privileged process. And there was also pressure to enable even more options, because the feature set shipped in base wasnโ€™t big enough. (As shipped in OpenBSD, the compiled sudo was already five times larger than just about any other setuid program.)

I investigated a bit, and it turns out this was a massive understatement. sudo is an astoundingly large 223,957 lines of code* spanning 558 files, while doas is only 77 403 lines of code in a single file! Like many users, I mainly only use doas/sudo as a way to quickly run single commands as root, so I don’t need the more advanced features of sudo. This recent sudo vulnerability is a nice vindication of openbsd’s decision to replace sudo with a much simpler program, and openbsd’s “simpler is better” philosophy in general. Kudos to the developers who made that choice back in 2015!

Read More

Lenovo has finally made a smaller version of its X1 Carbon, something Iโ€™ve been looking forward to for years.

The X1 Nano is basically a 13โ€ version of the 14โ€ X1 Carbon, reducing its footprint, thickness, and weight. Availability in the US has been fairly limited (and expensive) at the moment, offering no WWAN or any customizable options, and Core i7 models are not shipping out for months. I purchased the Intel Core i5-1135G7 model with 16Gb of RAM and a 1Tb NVMe SSD. The only screen option currently available is a matte non-touch 2K display…

Read More

I love FreeBSD. I always have. I first started using it in the late 90s and quickly gained employment using it. I ran a web hosting service with FreeBSD for years. It was a daily driver for me for a long time (1999 to 2004 or so). I became one of the โ€œFreeBSD peopleโ€ at a developer job I had later. I have a deep history with it, but at some point, I abandoned the thought of using it as a daily driver faded. Last year, my interest was re-ignited.

OpenBSD uses the xenodm(1) display manager, which is a fork of xdm.

Xenodm looks quite ugly by default, and after reading a couple1 of2 articles3 on themeing xenodm I’ve come up with my own setup.

I’m sharing here some practices I’m following and some small tips/tools which facilitate my usage of OpenBSD in my day to day.

Some a really specific to my usage, others could be re-used.

The following document is an attempt to consolidate down a number of threads spanning separate discussions from around the ‘net I have been having on the subject of operating system development models and OpenBSD. I will break up this document into several sections each of which will handle separate pillars of my thinking in so far as I’ve formed some semi-articulate thoughts that I can share.

Dec 13, 2020

Nowadays container technologies like Docker are the first thing you here when the question on how to deploy and manage (micro) services. However, FreeBSD already has lots of features out of the box that can be used to implement lots of the wanted characteristics, but there is still a need for glue code to integrate it into a complete solution.

Dec 13, 2020

Jails are a lightweight, fast form of virtualisation and process isolation invented by the imitable Poul-Henning Kamp that, once you first use them, you miss them everywhere else. Each jail operates with its own chroot file system environment and network configuration, similar to a Solaris Zone.

Dec 4, 2020

I’m happy to announce that big-endian mode has been supported for Raspberry Pi [0-3] in -current. Bootable disk images are available in official daily snapshots. You can enjoy aarch64eb/armeb world on your Pi’s by just flashing these images to microSD!


A community for discussing the BSD operating systems.

Created on Oct 18, 2020
By @root
Administered by: @linuxgirl