All Jupiter Broadcasting Shows

In what turns out to be our final publication, we say goodbye.

NetBSD 8.2 is available, NextCloud on OpenBSD, X11 screen locking, NetBSD and RISC OS running parallel, community feedback about switching to BSD, and more. Headlines NetBSD 8.2 is available! The third release in the NetBSD-8 is now available. This release includes all the security fixes in NetBSD-8 up until this point, and other fixes deemed important for stability. Some highlights include: x86: fixed regression in booting old CPUs x86: Hyper-V Gen.2 VM framebuffer support httpd(8): fixed various security issues ixg(4): various fixes / improvements x86 efiboot: add tftp support, fix issues on machines with many memory segments, improve graphics mode logic to work on more machines. Various kernel memory info leaks fixes Update expat to 2.2.8 Fix ryzen USB issues and support xHCI version 3.10. Accept root device specification as NAME=label. Add multiboot 2 support to x86 bootloaders. Fix for CVE-2019-9506: 'Key Negotiation of Bluetooth' attack. nouveau: limit the supported devices and fix firmware loading. radeon: fix loading of the TAHITI VCE firmware. named(8): stop using obsolete dnssec-lookaside. NextCloud on OpenBSD NextCloud and OpenBSD are complementary to one another. NextCloud is an awesome, secure and private alternative for proprietary platforms, whereas OpenBSD forms the most secure and solid foundation to serve it on. Setting it up in the best way isn’t hard, especially using this step by step tutorial. Preface Back when this tutorial was initially written, things were different. The OpenBSD port relied on PHP 5.6 and there were no package updates. But the port improved (hats off, Gonzalo!) and package updates were introduced to the -stable branch (hats off, Solene!). A rewrite of this tutorial was long overdue. Right now, it is written for 6.6 -stable and will be updated once 6.7 is released. If you have any questions or desire some help, feel free to reach out. News Roundup X11 screen locking: a secure and modular approach For years I’ve been using XScreenSaver as a default, but I recently learned about xsecurelock and re-evaluated my screen-saving requirements NetBSD and RISC OS running parallel I have been experimenting with running two systems at the same time on the RK3399 SoC. It all begun when I figured out how to switch to the A72 cpu for RISC OS. When the switch was done, the A53 cpu just continued to execute code. OK I thought why not give it something to do! My first step was to run some small programs. It worked! Thanks to Tom Jones for the pointer to this article Several weeks ago we covered a story about switching from Linux to BSD. Benedict and JT asked for community feedback as to their thoughts on the matter. Allan was out that week, so this will give him an opportunity to chime in with his thoughts as well. Jamie - Dumping Linux for BSD Matt - BSD Packaging Brad - Linux vs BS MJ - Linux vs BSD Feedback Ben - Feedback for JT Henrik - Why you should migrate everything to BSD Beastie Bits ssh-copy-id now included OPNsense 20.1.3 released A Collection of prebuilt BSD Cloud Images Instant terminal sharing Feedback/Questions Ales - Manually verify signature files for pkg package Shody - Yubikey Mike - Site for hashes from old disks Answer: https://docs.google.com/spreadsheets/d/19FmLs0jXxLkxAr0zwgdrXQd1qhbwvNHH6NvolvXKWTM/edit?usp=sharing Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Your browser does not support the HTML5 video tag.

We share some WiFi tips and essential network ideas. And discuss one of our most significant compromises in the show so far.Links:Self-Hosted Discord ServerRationale for using Discord — Let's grow a community around being the best place to discuss Self-Hosting.Barcodebuddy — Barcode system for GrocyQuarantine-o-meter Home Assistant DashboardApple acquires popular weather app Dark Sky and will shut down the Android version — The Android and Wear OS apps will work until July 1stWyze firmware update lets you turn its security cameras into webcams — To solve webcam shortage issues if you’re stuck working from home

Today we make nice with a killer, an early out-of-memory daemon, and one of the new features in Fedora 32. We put EarlyOOM to the test in a real-world workload and are shocked by the results. Plus we debate if OpenWrt is still the best router solution, and chew on Microsoft's new SELinux competitor.Special Guests: Alex Kretzschmar and Neal Gompa.Links:Window Maker Version 0.95.9 Released Microsoft announces IPE, a new code integrity feature for Linux — Microsoft says that IPE is not intended for general-purpose computing. The IPE LSM was designed for very specific use cases where security is paramount, and administrators need to be in full control of what runs on their systems. Examples include embedded systems, such as network firewall devices running in a data center, or Linux servers running strict and immutable configurations and applications.OpenWrt - Opkg susceptible to MITM Brent sits down with Daniel Foré, founder of elementary OS Know when we're going to be live. Check out the calendar! Keep the conversation going join us on Telegram Fedora nightly compose finder Fedora 32 Looking At Using EarlyOOM By Default To Better Deal With Low Memory Situations — The oom-killer generally has a bad reputation among Linux users. This may be part of the reason Linux invokes it only when it has absolutely no other choice. It will swap out the desktop environment, drop the whole page cache and empty every buffer before it will ultimately kill a process. At least that's what I think that it will do. I have yet to be patient enough to wait for it, sitting in front of an unresponsive system. earlyoom - Early OOM Daemon for Linux — The oom-killer generally has a bad reputation among Linux users. This may be part of the reason Linux invokes it only when it has absolutely no other choice. It will swap out the desktop environment, drop the whole page cache and empty every buffer before it will ultimately kill a process. At least that's what I think that it will do. I have yet to be patient enough to wait for it, sitting in front of an unresponsive system. rfjakob/systembus-notify: systembus-notify - system bus notification daemon oomd — Out of memory killing has historically happened inside kernel space. On a memory overcommitted linux system, malloc(2) and friends usually never fail. However, if an application dereferences the returned pointer and the system has run out of physical memory, the linux kernel is forced to take extreme measures, up to and including killing processes. This is sometimes a slow and painful process because the kernel can spend an unbounded amount of time swapping in and out pages and evicting the page cache. Furthermore, configuring policy is not very flexible while being somewhat complicated.low-memory-monitor on GitLab low-memory-monitor — low-memory-monitor, as its name implies, monitors the amount of free physical memory on the system and will shoot off signals to interested user-space applications, usually session managers, or sandboxing helpers, when that memory runs low, making it possible for applications to shrink their memory footprints before it's too late either to recover a usable system, or avoid taking a performance hit. Nohang — Nohang is a highly configurable daemon for Linux which is able to correctly prevent out of memory (OOM) and keep system responsiveness in low memory conditions. Better interactivity in low-memory situations - devel - Fedora Mailing-Lists EnableEarlyoom - Fedora Project Wiki Nushell - The Unix philosophy of shells, where pipes connect simple commands together, and bring it to the modern style of development. Timekpr - simple and easy to use time managing software that helps optimizing time spent at computer.

Pagure, the free software GitLab alternative no one is talking about. Neal Gompa joins us to discuss what makes it unique, which projects are using it, and the significant adoption in progress.Special Guest: Neal Gompa.Links:Pagure.io — With pagure you can host your project with its documentation, let your users report issues or request enhancements using the ticketing system and build your community of contributors by allowing them to fork your projects and contribute to it via the now-popular pull-request mechanism.Pagure project on Pagure.io Pagure project documentation — The name Pagure is taken from the French word 'pagure'. Pagure in French is used as the common name for the crustaceans from the Paguroidea superfamily, which is basically the family of the Hermit crabs. Fedora Magazine article introducing Pagure (2016) Talk on Pagure at openSUSE Conference 2019 [Release] pagure: 5.9 - Pagure-announce - Fedora Mailing-Lists A new site for fully free collaboration - Free Software Foundation — As we said in an end-of-year post highlighting our work supporting free software development and infrastructure, the Free Software Foundation is planning to launch a public code hosting and collaboration platform to launch in 2020.

WireGuard officially lands in Linux. We cover a bunch of new features in Linux 5.6 and discuss the recent challenges facing LineageOS. Plus the PinePhone UBports edition goes up for pre-order, and our reaction to Huawei joining the Open Invention Network.Links:Linux kernel 5.6 release announcement — This has a bit more changes than I'd like, but they are mostly from davem's networking fixes pulls, and David feels comfy with them. And I looked over the diff, and none of it looks scary. It's just slightly more than I'd have preferred at this stage - not doesn't really seem worth delaying a release over. The Best Features Of The Linux 5.6 KernelWireGuard Christened As A Modern Secure VPN AlternativeWireGuard VPN makes it to 1.0.0 — It's a good day for WireGuard users—DKMS builds will soon be behind us.WireGuard VPN reviewPinePhone UBports Community Edition Pre-orders — Today we're pleased to announce the first PinePhone 'Community Edition', which will ship with Ubuntu Touch pre-installed.PINEPHONE – “Community Edition: UBports” - PINE StoreUbuntu Touch Q&A 72 — We are very pleased to announce that we are now working together with German phone startup Volla. They are joining us as a sponsor and will have a place on our Advisory Board. We expect that UT will be available as a pre-installed option with the new Volla phone.Linux phones running postmarketOS can now run (some) Android apps — “Android in a Box” solution that basically installs Android in a container in a way that lets you run Android apps as if they were native apps.LineageOS 17.1 based on Android 10 is now officially available — The team has also decided to jump up on the subversion, going from 17.0 to 17.1Huawei signs non-aggression patent pact with membership of Open Invention Network — Chinese giant plays nice with open sourcePress Release Details - Open Invention NetworkXbox co-creator Rob Wyatt sues Atari for failing to pay him for design of VCS console — Xbox co-creator Rob Wyatt has filed a lawsuit against Atari for failing to pay him for the design work he did in creating the Atari VCS console.Game over: Atari VCS architect quits project, claims he hasn’t been paid for six monthsAtari VCS: Managing the Unexpected — We believe it would be unfair to use the balance to fulfill only a small number of Indiegogo orders, so Atari’s plan is to ship to all backers at the same time when enough VCS units and peripherals are available.

Brent sits down with Daniel Foré, founder of elementary OS and co-host of User Error. We explore his early years in design and software, formative aspects of Ubuntu and Gentoo, the philosophies and history of elementary OS, and more.Special Guest: Daniel Fore.Links:elementary OSUser ErrorBrunch with Brent: Joe RessingtonBrunch with Brent: Alan Pope (popey)Canonical — The company behind UbuntuLinux App SummitGUADEC — The GNOME ConferenceLinuxFest NorthwestGNOME Do & Docky - WikipediaKorora - WikipediaGentoo LinuxGNOME Files (formerly Nautilus) - WikipediaOMG! Ubuntu! — Ubuntu Linux News, Apps and ReviewsAppCenter - elementary OSSay Hello to the New Greeter - elementary BlogFlatpakDesire path - WikipediaLeast Resistance: How Desire Paths Can Lead to Better Design - 99% InvisibleDaniel Foré - @DanielFore on TwitterBrent Gervais - @brentgervais on Twitter

We take a look at Cloudflare's impressive Linux disk encryption speed-ups, and explore how zoned storage tools like dm-zoned and zonefs might help mitigate the downsides of Shingled Magnetic Recording. Plus we celebrate WireGuard's inclusion in the Linux 5.6 kernel, and fight some exFAT FUD.Links:WireGuard VPN makes it to 1.0.0—and into the next Linux kernel — It's a good day for WireGuard users—DKMS builds will soon be behind us. Linux 5.6 Is The Most Exciting Kernel In Years With So Many New Featuresfs: New zonefs file system — zonefs is a very simple file system exposing each zone of a zoned block device as a file. This is intended to simplify implementation of application zoned block device raw access support by allowing switching to the well known POSIX file API rather than relying on direct block device file ioctls and read/write.Ama-ZNS! Zonefs File-System Will Land with Linux® 5.6What is Zoned Storage and the Zoned Storage Initiative? — Zoned Storage is a new paradigm in storage motivated by the incredible explosion of data. Our data-driven society is increasingly dependent on data for every-day life and extreme scale data management is becoming a necessity. Linux Kernel Support - ZonedStorage.iodm-zoned — The dm-zoned device mapper target exposes a zoned block device as a regular block device.Device Mapper - ZonedStorage.io What are PMR and SMR hard disk drives?Beware of SMR drives in PMR clothing — WD and Seagate are both submarining Drive-managed SMR (DM-SMR) drives into channels, disguised as "normal" drives.Beware of SMR drives in PMR clothing [Reddit]The exFAT filesystem is coming to Linux—Paragon software’s not happy about it — When software and operating system giant Microsoft announced its support for inclusion of the exFAT filesystem directly into the Linux kernel back in August, it didn't get a ton of press coverage. But filesystem vendor Paragon Software clearly noticed this month's merge of the Microsoft-approved, largely Samsung-authored version of exFAT into the VFS for-next repository, which will in turn merge into Linux 5.7—and Paragon doesn't seem happy about it.The New Microsoft exFAT File-System Driver Is Set To Land With Linux 5.7Speeding up Linux disk encryption - The Cloudflare Blog — Encrypting data at rest is vital for Cloudflare with more than 200 data centres across the world. In this post, we will investigate the performance of disk encryption on Linux and explain how we made it at least two times faster for ourselves and our customers.Add inline dm-crypt patch and xtsproxy Crypto API patch

Shell text processing, data rebalancing on ZFS mirrors, Add Security Headers with OpenBSD relayd, ZFS filesystem hierarchy in ZFS pools, speeding up ZSH, How Unix pipes work, grow ZFS pools over time, the real reason ifconfig on Linux is deprecated, clear your terminal in style, and more. Headlines Text processing in the shell This article is part of a self-published book project by Balthazar Rouberol and Etienne Brodu, ex-roommates, friends and colleagues, aiming at empowering the up and coming generation of developers. We currently are hard at work on it! One of the things that makes the shell an invaluable tool is the amount of available text processing commands, and the ability to easily pipe them into each other to build complex text processing workflows. These commands can make it trivial to perform text and data analysis, convert data between different formats, filter lines, etc. When working with text data, the philosophy is to break any complex problem you have into a set of smaller ones, and to solve each of them with a specialized tool. Rebalancing data on ZFS mirrors One of the questions that comes up time and time again about ZFS is “how can I migrate my data to a pool on a few of my disks, then add the rest of the disks afterward?” If you just want to get the data moved and don’t care about balance, you can just copy the data over, then add the new disks and be done with it. But, it won’t be distributed evenly over the vdevs in your pool. Don’t fret, though, it’s actually pretty easy to rebalance mirrors. In the following example, we’ll assume you’ve got four disks in a RAID array on an old machine, and two disks available to copy the data to in the short term. News Roundup Using OpenBSD relayd to Add Security Headers I am a huge fan of OpenBSD’s built-in httpd server as it is simple, secure, and quite performant. With the modern push of the large search providers pushing secure websites, it is now important to add security headers to your website or risk having the search results for your website downgraded. Fortunately, it is very easy to do this when you combine httpd with relayd. While relayd is principally designed for layer 3 redirections and layer 7 relays, it just so happens that it makes a handy tool for adding the recommended security headers. My website automatically redirects users from http to https and this gets achieved using a simple redirection in /etc/httpd.conf So if you have a configuration similar to mine, then you will still want to have httpd listen on the egress interface on port 80. The key thing to change here is to have httpd listen on 127.0.0.1 on port 443. How we set up our ZFS filesystem hierarchy in our ZFS pools Our long standing practice here, predating even the first generation of our ZFS fileservers, is that we have two main sorts of filesystems, home directories (homedir filesystems) and what we call 'work directory' (workdir) filesystems. Homedir filesystems are called /h/NNN (for some NNN) and workdir filesystems are called /w/NNN; the NNN is unique across all of the different sorts of filesystems. Users are encouraged to put as much stuff as possible in workdirs and can have as many of them as they want, which mattered a lot more in the days when we used Solaris DiskSuite and had fixed-sized filesystems. Speeding up ZSH https://web.archive.org/web/20200315184849/https://blog.jonlu.ca/posts/speeding-up-zsh I was opening multiple shells for an unrelated project today and noticed how abysmal my shell load speed was. After the initial load it was relatively fast, but the actual shell start up was noticeably slow. I timed it with time and these were the results. In the future I hope to actually recompile zsh with additional profiling techniques and debug information - keeping an internal timer and having a flag output current time for each command in a tree fashion would make building heat maps really easy. How do Unix Pipes work Pipes are cool! We saw how handy they are in a previous blog post. Let’s look at a typical way to use the pipe operator. We have some output, and we want to look at the first lines of the output. Let’s download The Brothers Karamazov by Fyodor Dostoevsky, a fairly long novel. What we do to enable us to grow our ZFS pools over time In my entry on why ZFS isn't good at growing and reshaping pools, I mentioned that we go to quite some lengths in our ZFS environment to be able to incrementally expand our pools. Today I want to put together all of the pieces of that in one place to discuss what those lengths are. Our big constraint is that not only do we need to add space to pools over time, but we have a fairly large number of pools and which pools will have space added to them is unpredictable. We need a solution to pool expansion that leaves us with as much flexibility as possible for as long as possible. This pretty much requires being able to expand pools in relatively small increments of space. Linux maintains bugs: The real reason ifconfig on Linux is deprecated In my third installment of FreeBSD vs Linux, I will discuss underlying reasons for why Linux moved away from ifconfig(8) to ip(8). In the past, when people said, “Linux is a kernel, not an operating system”, I knew that was true but I always thought it was a rather pedantic criticism. Of course no one runs just the Linux kernel, you run a distribution of Linux. But after reviewing userland code, I understand the significant drawbacks to developing “just a kernel” in isolation from the rest of the system. Clear Your Terminal in Style if you’re someone like me who habitually clears their terminal, sometimes you want a little excitement in your life. Here is a way to do just that. This post revolves around the idea of giving a command a percent chance of running. While the topic at hand is not serious, this simple technique has potential in your scripts. Feedback/Questions Guy - AMD GPU Help MLShroyer13 - VLANs and Jails Master One - ZFS Suspend/resume Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv Your browser does not support the HTML5 video tag.

Ell tells us about her first ever experience with Windows 10 and how it compares with Linux. Plus Drew has been using a Wayland-based i3-like tiling window manager called Sway.Links:Windows 10Linux Unplugged 344: Our Week with WindowsSway — Sway is a tiling Wayland compositor and a drop-in replacement for the i3 window manager for X11.Choose Linux 12: Regolith