MidnightBSD Developer Journal

I have the new server setup, but several services still need some TLC including Bugzilla and magus.  I probably wont' get to them until Saturday. 

I just wanted to point out that bsd magazine is now free and online. 

The most recent magus run looked much better.  We had 2150 packages pass.  Both KDE and Gnome have a few packages that need work.

We've been running the MidnightBSD website on a Dell Precision 650 workstation for several years.  It's a dual xeon 2.0Ghz with 3GB PC2700 ECC ram, intel nic (gigabit), 500GB IDE HDD + 2 x 160GB RAID1 IDE on 32bit MidnightBSD.

Today, we bought a new server.  It's a HP Proliant ML110 G6 with Intel Xeon X3430.   It should be a nice little upgrade.  

QT4 has been updated to qt 4.5.2 this weekend.  We've also begun the work to update KDE 4 to 4.3.1.  Work on Gnome 2.26 has been progressing as well.  We need to fix a few dependancies (gstreamer plugins and fuse). 

MidnightBSD now has support for posix_spawn(3) related functions in libc.  We've also made changes to kqueue(2) to support libdispatch (Apple's GCD).  libdispatch does not work yet as there are other change that must be made to support it.   

A vulnerability has been reported in Sendmail, which can be exploited
by malicious people to conduct spoofing attacks.

The vulnerability is caused due to an error when processing
certificate fields containing NULL characters. This can be
exploited to e.g. conduct Man-in-the-Middle (MitM) attacks via
specially crafted certificates.

Our latest magus run was significantly better than the previous run.  With the previous run, we had roughly 700 ports pass, mostly due to bugs with our Perl environment.  The new Magus run had 1904 ports pass.  Several of the failures were in Java ports and due to a problem with the chroot tarball used during the run.  It contained JAVA_HOME in the environment.   This is the first amd64 current run to use the system perl correctly.  

Yesterday, I updated the Python 2.6 port to 2.6.4.  This seems to work as expected on i386, but there are some issues on amd64 related to libffi and _ctypes.  I'm working on the problem.

src:

amdtemp(4) was added to current.  This allows you to monitor the temperature on AMD CPUs such as the Phenom and Phenom II.

openssl and other security fixes.  See UPDATING for more info

mports:

Several different categories of ports have been updated.  We're still working on the Gnome 2.26 update.  gstreamer and pidgin are particularly behind and need work.  

 MySQL 6.0 ports were dropped due to EOL upstream.  MySQL even deleted the manuals online for this release.  We made 5.1 default.  Python 2.6 is now the default version of Python.

There have been some reports of cyrus-sasl2-saslauthd not building.  Please send logs and details of your environment.  Both of the cyrus-sasl2 ports were updated for a security issue from some time back.  

lightttpd was updated for a security issue.

p5-Error was just updated.

mercurial, git, ogg, theora, and flac ports were updated tonight.   

Our last magus run showed a noticable improvement in package building on 0.2 amd64.  I'm quite pleased with the progress on the ports system.  It's not quite where I want it, but 1900 packages were built.

I've been so busy with work that I haven't had time for MidnightBSD this week.  I'm hoping thigs will go back to normal soon. On the upside, I've been reading up on some new security research with regard to kernel designs.  I'm considering some changes that could greatly reduce attack vectors of rootkits on the system. 

 I'm indexing for a new magus run right now.  It should start running on 0.2 amd64 soon.  I do miss the cluster setup at EMU sometimes.  It takes us at least two days to get results, often times do to fetching time.  I'd love to separate the fetch and build testing for magus. 

Last night, I committed a change to our TCP stack.  Anyone running current should report unusual problems.  It does seem stable so far.

I just updated the egroupware and unzip ports.  The former update is a major version jump 1.4 to 1.6 and includes many security updates.  Optional components for mail and ldap must be installed separately if you choose to use those modules.  The latter contains updates for handling symbolic links as well as fixes for fetching the source distribution.

crash@ and I have been working on getting gnome ports updated to 2.26.  He's done most of the work so far, but I did get Mk extensions updated and a few ports last night.  Assume the gnome system is broken until we get this done.  Also, note that KDE 3.5.10 should build on midnightbsd 0.2.x but several ports are broken on current.  You can work around this by installing many things manually without using the meta package.  The sysadmin related tools are broken and possibly some of the multimedia stuff.  While, I was going to fix this, I think my time might be better spent getting KDE 4.x working instead.  Gnome will come first, however. 

I finally got around to requesting a new SSL certificate for MidnightBSD.org.  

I've updated the Perl port to 5.10.1.  However, I noticed later in the day there is a known security issue with Perl 5.10.1 in relation to utf-8 characters.  I'll look into a patch tomorrow.

http://rt.perl.org/rt3//Public/Bug/Display.html?id=69973

http://perl5.git.perl.org/perl.git/commitdiff/0abd0d78a73da1c4d13b1c700526b7e5d03b32d4

MidnightBSD current contains Perl 5.10 which is not vulnerable. 

I started the day with a little development work on MidnightBSD.  Many people think I'm wasting my time working on an open source project, particularly when it hasn't taken off like they think it must to "beat" ubuntu.  The reason I keep working on this project is two fold.   First, I enjoy the experience.  It's fun to work on a long term project with many different aspects to it.  I can work on anything from an installer to a device driver to a port of an application that I like to use.  Sometimes, I find it quite relaxing.  it's different from the Java based web development that I do at work.  Second, I am convinced that a UNIX desktop environment is the best approach.  Sure some things have to be changed to make it fit that environment.  Some days I just look at Mac OS and see what is possible.  Apple didn't make all the right choices in my mind, but it certainly proves that it's possible.  BSD on the desktop is a good idea.

Many of us in the open source community have been arguing and duplicating effort over the years.  Sometimes there are good reasons for it, but many times it's just a big terrible twos style tantrum.  Many people were angry at me when I started this project.  How dare I fork a server OS for a desktop?  The FreeBSD community at that time did not care about the desktop.  Sure, there were ports for this or that  but it was not even on their radar.  Today, they've been pulled into embedded systems and some desktop exposure due to PC-BSD and DesktopBSD.  There were improvements in their ports infrastructure, list of applications, utilities and updating tools for the OS, and even a little improvement in the attitude their developers have toward the desktop.  Some people within the project have passion about the desktop.  Still, you mostly hear excitement about embedded systems where they can get corporate assistance and funding (freebsd foundation, etc.)  There's nothing wrong with that, but embedded systems is a completely different direction from what I see as a good desktop OS.  Embedded space is huge but traditional systems are very small.  Any electrical engineer will tell you that.  I intentionally chose a subset of the full x86 market because I feel users need special attention to their daily computing habits.  They need a stable, secure, virus free environment with structure and consistency.  The linux community can't  offer this consistency due to the adhoc nature of development between the kernel and various components.  We're also limited by the X.org development and the fuss around various components, but at least the base system is under our control.

I was sent an e-mail this even asking for assistance with another project.  Many other developers from this and other BSD communities received the same e-mail.  I thought about the best way to respond for some time.  I believe in BSD on the desktop, but for the reasons found in that projects forums, I know that this can only be accomplished with greater control.  I did not make a distro of freebsd because I don't feel we could maintain a stable system with enough stability.  It is not possible to keep throwing bandaids on an OS that differ as it targets routers and cell phones for your desktop.  It just doesn't make sense.  FreeBSD is a damn good server OS.   It may turn out to be an ok embedded system, but frankly I think NetBSD has that market.  

Since we appear to be near the last man standing (like highlander?), it appears I can't give up on my dream.  

 graphics/cairo: 1415

• untested: 587 
• pass: 1741 
• skip: 61 
• fail: 57 
• warn: 60 
• ready: 0
•  
•  
•