Installing Openbsd: a Beginner's Guide (Mac PPC) Freebsd 5.X And

Daemon News: December 2004 http://ezine.daemonnews.org/200412/

Mirrors Primary (US) Issues December 2004

December 2004 Get BSD Contact Us Search BSD FAQ New to BSD? DN Print Magazine BSD News BSD Mall BSD Support Join Us

T H I S M O N T H ’ S F E A T U R E S From the Editor Installing OpenBSD: A Beginner’s Guide (Mac PPC) by Brian Schonhorst Digium releases g.729 codec for FreeBSD The OpenBSD website is contains an extermely thorough FAQ and by Chris Coleman manual that should be any OpenBSD user’s primary resource. Below Digium makes the g.729 speech I will go through a basic installation of OpenBSD 3.5 to clarify some vocoder codec available for points that might be confusing to a new OpenBSD user. FreeBSD after bsdnews.com readers lobby for a FreeBSD There are many ways you can get OpenBSD up and running on your port machine. I will assume you are using the official OpenBSD CD set because if you aren’t, you should be. The official CD’s are one of the few ways to support the OpenBSD community financially. Get BSD Stuff A few things you should consider before beginning: Read More

FreeBSD 5.x and the Future by Scott Long The release of FreeBSD 5.3 signals the true kick-off of the 5-STABLE and 6-CURRENT series. We are very excited about this, both because 5.3 is a good release, and because 6.0 will give us a chance to, erm, redeem ourselves and our development process. 5.x was a tremendous undertaking. SMPng, KSE, UFS2, background fsck, ULE, ACPI, etc., etc., etc. were all incredible tasks. Given that Search many of these things were developed and managed by unpaid volunteers, the fact that we made it to 5-STABLE at all is quite impressive and says a lot about the quality and determination of all of our developers and users. However, four years was quite a long time Monthly Ezine to work on it. While 4.x remained a good workhorse, it suffered from Search not having needed features and hardware support. 5.x suffered at the same time from having too much ambition but not enough developers to efficiently carry it through. Read More BSD News

BSD Certification Group Interview with Hubert Feyrer press release by NetBSD-PT Group November and December Issues Online The NetBSD-PT Group did an interview via e-mail with a NetBSD cvs.openbsd.org needs an developer. You can find more information about him at upgrade http://www.feyrer.de. FreeBSD, dummynet and a nameserver Hubert lives in Regensburg, which is located in Bavaria, southern BSDCan 2005 Registration is Germany. He studied computer science at the University of Applied Open! Scienced (Fachhochschule) Regensburg, then continued working NetBSD pkgsrc now supports there, first in a project about electronic libraries, later on as system multiple checksums administrator maintaining a cluster of Sun workstations with some NetBSD enables PAM in additional work on machines running Irix, NetBSD and Windows. HEAD Besides doing system administration, he started giving lectures on OpenBSD’s "Out of the Box" "System Administration" and "Open Source". Read More Wireless Support

R E G U L A R C O L U M N S

Keeping FreeBSD Applications Up-To-Date BSDMall 1 of 2 16.03.2005 07:59 Daemon News: December 2004 http://ezine.daemonnews.org/200412/ by Richard Bejtlich Miscellaneous An important system administration task, and a principle of running a defensible network, is keeping operating systems and applications up-to-date. Running current software is critical when older services Credits are vulnerable to exploitation. Obtaining new features not found in The hard-working crew older applications is another reason to run current software. Tarball Fortunately, open source software offers a variety of means to give Download a tar.gz users a secure, capable computing environment. version of this issue PDF This article presents multiple ways to keep FreeBSD applications Download a PDF version up-to-date. I explain how to install and upgrade several applications of this issue on a FreeBSD 5.2.1 RELEASE system. In my previous article "Keeping FreeBSD Up-To-Date," I described how to patch and upgrade the FreeBSD operating system, beginning with FreeBSD 5.2.1 and ending with FreeBSD 5-STABLE. Taken as a pair, these two articles will help system administrators keep their FreeBSD OS and applications current and defensible. Read More

Daemon’s Advocate by Poul-Henning Kamp When I hear somebody like Robert Watson complain about not being able to find features and options in OpenOffice, I am reminded of my own introduction to UNIX: "I’m sure there is a way to do this, but I wonder what the program is called...". As the deadlines made me older I came to know the contents of /usr/bin by heart, and it now feels like my organised but cluttered workshop where I can almost always find a gadget and thingmajic which can be used to solve the problem at hand. Over time new things have appeared in /usr/bin but that has not been a problem for me, because it did not rename the old commands so all the tricks I learned on System III still work. Read More

2 of 2 16.03.2005 07:59 Daemon News ’200412’ : ’"Digium releases g.729 codec... http://ezine.daemonnews.org/200412/editorial.html

December 2004 Get BSD New to BSD? Search BSD Submit News FAQ Contact Us Join Us

Digium releases g.729 codec for FreeBSD Search By Chris Coleman Monthly Ezine I’ve been using Asterisk as our company PBX and doing consulting work on Asterisk to help pay the bills for quite some time. For the most part, I’ve been Search able to use BSD as the OS for it to run on. However, one of my bigger contracts required the use of the g.729 codec. A few weeks back, I approached Digium about making the g.729 codec Get BSD Stuff available for FreeBSD as well as Linux. The first response I got was that Linux was their only supported platform. Basically the same thing they said when we wanted to port the Digium hardware drivers to BSD. The problem this time is that g.729 was licensed code that we didn’t have, compared to the open source hardware drivers that we didn’t need their permission to port ourselves. So, I announced on bsdnews.com a call for people to contact Digium and request that they create a binary of g.729 for FreeBSD. Just recently I got an e-mail from my contacts at digium announcing that the g.729 port was ready, though officially "unsupported". So, thankyou to all who called and helped lobby for this. Me and my projects thank you. -Chris

1 of 1 16.03.2005 07:59 Daemon News ’200412’ : ’"Installing OpenBSD: A Beg... http://ezine.daemonnews.org/200412/openbsd.html

December 2004 Get BSD New to BSD? Search BSD Submit News FAQ Contact Us Join Us

Installing OpenBSD: A Beginner’s Guide Search by Brian Schonhorst Monthly Ezine The OpenBSD website is contains an extermely thorough FAQ and manual that should be any OpenBSD user’s primary resource. Below I will go through Search a basic installation of OpenBSD 3.5 to clarify some points that might be confusing to a new OpenBSD user. There are many ways you can get OpenBSD up and running on your machine. Get BSD Stuff I will assume you are using the official OpenBSD CD set because if you aren’t, you should be. The official CD’s are one of the few ways to support the OpenBSD community financially. A few things you should consider before beginning: 1. Which platform you will be using (e.g., i386, sparc, macppc, etc...). See http://openbsd.org/plat.html for a complete list. 2. Hardware information such as RAM, hard drive size, and ethernet. 3. Network settings (especially if you decide to install without the official CD set). Machine Name Domain Name IP address or DHCP Netmask DNS server Gateway IP 4. How you will lay out your OpenBSD file system. (You can set OpenBSD up as a partition on a multiboot machine. More on that later.) Now lets get to it... For this document I will be installing OpenBSD 3.5 onto a Mac with the following: 450 MHz G4 processor (old world PowerPC’s are not supported yet, so NetBSD is the answer for all those old beige G3 towers) 1024 MB RAM 10/100 Mbps Ethernet (built-in) 25 GB HD Matshita PD-2 LF-D110 CD-ROM/DVD-RAM For information on supported hardware see the OpenBSD platforms page. Make sure to back up anything on the drive that you need to keep. Don’t say I didn’t warn you! Insert the installation CD into the machine and boot from it. Make sure you put the correct CD in for the platform you’re installing on. For an i386 install, enter the BIOS and change the boot device to CD-ROM. For macppc just hold down the c key at boot, or boot into Open Firmware (by holding down Apple+Option+o+f) and type: boot cd:,ofwboot 3.5/macppc/bsd.rd

After the CD boots up and the device driver information scrolls past, the install program will start and ask you what to do. We’ll choose i for install.

erase ^?, werase ^W, kill ^U, intr ^C, status ^T (I)nstall, (U)pgrade or (S)hell? i

If you don’t know your terminal type, chances are the default is fine.

Specify terminal type: [vt220] {hit enter} Do you wish to select a keyboard encoding table? [n] {hit enter}

Now you’ll get a warning to back up your data before everything is overwritten: 1 of 6 16.03.2005 07:59 Daemon News ’200412’ : ’"Installing OpenBSD: A Beg... http://ezine.daemonnews.org/200412/openbsd.html Proceed with install? [n] y

First the installer runs fdisk(8) and defines the OpenBSD slice (partition). It will list any hard drives it finds and let you choose which one to install on. Usually IDE drive names start with ’wd’ such as wd0 and SCSI drives start with ’sd’ like sd0. In this example I have two IDE drives and will be installing onto the first. If your drive doesn’t show up it may not be supported.

Available disks are: wd0 wd1 Which one is the root disk? (or done) [done] wd0

For macppc only (skip if you are installing on a different platform)

Next your are asked how you want to set up the disk. Will it be shared with an installation of Mac OS or is this hard drive going to be devoted to OpenBSD? If you want to have a dual boot machine, the disk needs to be formatted first with an Apple tool in HFS (Disk Utility would work). Just make sure to leave a second empty partition for your OpenBSD install. For further information, see my dual boot instructions. For this exercise, I will be using MBR partition table rather than HFS and this will be an OpenBSD-only hard drive.

Use HFS or MBR partition table? [HFS] mbr Are you *sure* you want to put a MBR disklabel on the disk? [n] y Have you initialized an MSDOS partition using OpenFirmware? [n] n

At this point you are asked if you want to set up a 1 MB MS-DOS partition. This will store our MBR:

Do you want to initialize the MBR and the MSDOS partition [y] y Do you wish to write new MBR and partition table [n] y

When the next warning comes up, just hit return. You will then see the current partition information. This will vary depending on what the hard drive had on it. At the top you should take note of the geometry in case you run into trouble. You should see a small partition called DOS which is our MBR partition. Hit enter twice again and the fdisk(8) utility will start up so we can make any changes to the disk layout. I have noticed with some Mac installs that the OpenBSD partition that gets created does not reflect the entire size of the hard drive. Make sure that the total number of sectors shown at the top is close to the sum of the sizes listed in the table. If things don’t add up you can take a look at my example.

fdisk: 1> quit

(End of the macppc-only instructions.)

Moving on

For an i386 install you are given the option to install OpenBSD on only part of the selected drive in case you want to boot other OS’s. In this case I’m using the whold drive for OpenBSD.

Do you want to use *all* of wd0 for OpenBSD [no] yes

Disk Labeling

Now your installation will proceed to disk labeling, depending on your hard drive and platform. (I seem to run into trouble with macppc.) Now the fun part. The install should run the disklabel(8) program so that you can start laying out the file system. The label will contain the OpenBSD partitions in an MBR partition which will take up a small amount of space at the beginning of the disk. Partitioning? When we talk about partitioning in OpenBSD, there are two different ideas being discussed. First, partitioning traditionally means the splitting up of a disk so that you can boot more than one OS from the same hard drive. The second meaning is the creation of slices within your OpenBSD partition. Technically you only need two: one for the root file system and one for swap. You can make a more secure system by adding a few more partitions. A good place to start would be with /, swap, /home, /tmp, /usr, and /var, but if you have some specific tasks in mind for the machine you will want to change your layout accordingly. For example, if you are setting up a Squid proxy or IDS you will want a large /var/log partition. This way if your logs run wild you will only fill up a single slice and not the entire hard drive. Also, by partitioning out /home, /var, /tmp, etc., you can set different security controls over your partitions using mount(8).

Warning: wd0 has no label Do you want to create one with the disklable editor? [y] {hit enter}

Next you are shown an example of what a partition label might look like. Just hit enter. Below are the commands you will definitely be using. If you need other options, use the ? key for help. 2 of 6 16.03.2005 07:59 Daemon News ’200412’ : ’"Installing OpenBSD: A Beg... http://ezine.daemonnews.org/200412/openbsd.html p: Prints the label as it is currently set up. a: Add a new partition d: Delete a partition q: Quit and save the new changes ?: Help

First lets print out our current label and see what’s there.

Initial label editor (enter ’?’ for help at any prompt) > p device: /dev/rwd0c type: ESDI disk: ESDI/IDE disk label: IBM-DPTA-372730 bytes/sector: 512 sectors/track: 63 tracks/cylinder: 16 sectors/cylinder: 1008 cylinders: 16383 total sectors: 53464320 free sectors: 53461296 rpm: 3600 16 partitions: # size offset fstype [fsize bsize cpg] a: 53461296 3024 unused 0 0 c: 53464320 0 unused 0 0 i: 2048 1 MSDOS

The ’c’ partition represents the entire OpenBSD partition or in this case the entire hard drive. The ’i’ partition (macppc only) is reserved for the MBR partition so don’t delete it! If you won’t be installing any other OS’s on this disk then you can safely delete the other partitions. Now we’ll delete the empty ’a’ partition so we can divide it up into our file system slices. I’ll enter d for delete and then a, which is the partition to delete.

> d a

Now if I print out the label I will be left with ’c’ and ’i’. For an i386 install you will just have ’c’. If you haven’t already figured out how you want to assign your space, do so now. I am setting up a desktop machine so I will assign the following:

/ 1G swap 1G /home 10G /tmp 3G /usr 6G /var 4G

First off, lets add the root (/) directory. You really just need to type a and the disklabel program will prompt you for the rest.

> a partition: [a] {hit enter} offset: [3024] {hit enter} size: [53461296] 1G Rounding to nearest cylinder: 2097648 FS type: [4.2BSD] {hit enter} mount point : [none] /

Now if I print out the current label I should see my new partition. Notice that the mount point for the partition is shown after the pound (#) symbol.

> p 16 partitions: # size offset fstype [fsize bsize cpg] a: 2097648 3024 4.2BSD 2048 16384 16 # / c: 53464320 0 unused 0 0 i: 2048 1 MSDOS

Now we can go through and add the other partitions. Usually swap is partition ’b’ so that will be next.

> a partition: [b] {hit enter} offset: [2100672] {hit enter} size: [51363648] 1G Rounding to nearest cylinder: 2097648 FS type: [swap] {hit enter}

From here you can add any the other partitions you want. When you are done, use the print (p) command to view them. 3 of 6 16.03.2005 07:59 Daemon News ’200412’ : ’"Installing OpenBSD: A Beg... http://ezine.daemonnews.org/200412/openbsd.html > p 16 partitions: # size offset fstype [fsize bsize cpg] a: 2097648 3024 4.2BSD 2048 16384 16 # / b: 2097648 2100672 swap c: 53464320 0 unused 0 0 d: 20971440 4198320 4.2BSD 2048 16384 16 # /home e: 6291936 25169760 4.2BSD 2048 16384 16 # /tmp f: 12582864 31461696 4.2BSD 2048 16384 16 # /usr g: 9419760 44044560 4.2BSD 2048 16384 16 # /var i: 2048 1 MSDOS

If it all looks good, you can move on. Type q to save changes and quit.

> q Write new label?: [y] {hit enter}

Now disklabel goes through each partition you created and verifies its size. You can hit return and cycle through them all. When you’re satisfied, type done.

The root file system will be mounted on wd0a. wd0b will be used for swap space. Mount pint for wd0d (size=10485720k)? (or ’none’ or ’done’) [/home] done

If you have any other disks you are asked if you want to initialize them next. Hit enter and you are asked once again if you really want to write the new label and erase your disk.

Are you really sure that you’re ready to proceed? [n] y

The partitions will now be set up on the disk. If you ran into the Mac hard drive size problem and had to use fdisk you may see some warnings about cylinder groups.

Network Settings

Now you will be asked several questions about the new machine’s network setup. This happens before installation in case you are doing a net install from a floppy or boot CD. You will want to put in your own hostname and domain name. You shouldn’t just pick any domain name unless its registered to you. If you’re not sure what to pick, just use the default for now. I will be using plumblossom.org in this example.

System hostname (short form, e.g. ’foo’): playground Configure the network? [y] {hit enter}

A list of your network cards will show up here. Their name will vary depending on the vender. I only have one to initialize.

Available interfaces are: gem0 Which one do you wish to initialize? (or ’done’) [gem0] {hit enter}

You can assign a separate hostname to the ethernet interface. Usually you will just want it to be the same as the hostname you entered previously.

Symbolic (host) name for gem0? [playground] {hit enter} The default media for gem0 is media: Ethernet autoselect (100baseTX full-duplex) Do you want to change the default media" [no] {hit enter}

Now you get to enter your IP address. You can just type dhcp if you plan to receive an IP address from your router or DHCP server. Also, be aware that things will break if you set up more than one interface with DHCP on the same OpenBSD machine.

IP address for gem0? (or ’dhcp’) 192.168.168.1

Put the netmask you are using here or hit return if you are on a /24 network:

Netmask? [255.255.255.0] 255.255.0.0 No more interfaces to initialize.

Now you can enter the domain name for your network. If you will receive an IP address from a DHCP server just hit enter and don’t put anything here.

DNS domain name? (e.g. ’bar.com’) [my.domain] plumblossom.org

Next enter the IP address of your name server. If you are using DHCP you may be able to leave it blank.

DNS name server? (IP address or ’none’) [none] 192.168.1.100 Use the nameserver now? [y] y

Next you are asked for the IP address of your gateway. If you’re using DHCP make sure to specify dhcp. 4 of 6 16.03.2005 07:59 Daemon News ’200412’ : ’"Installing OpenBSD: A Beg... http://ezine.daemonnews.org/200412/openbsd.html Default route? (IP address, ’dhcp’ or ’none’) 192.168.1.1 add net default: gateway 192.168.1.1 Edit hosts with ed? [n] {hit enter}

Finally you are given the opportunity to manually check and configure your network interface. If you type yes, you will be dropped into a shell prompt to work from.

Do you want to do any manual network configuration? [n] {hit enter}

Installation Options

Now you set the password for the root account.

Password for root account (will not echo): Password (again):

Installation media: You can now choose how you want to install OpenBSD. We will be using the official OpenBSD CD so just type c.

Sets can be located on a (m)ounted file system; a (c)drom, (d)isk or (t)ape device; or a (f)tp, (n)fs or (h)ttp server. Where are the install sets? (or ’done’) c

At this point the install program will list possible CD-ROM devices.

Available CD-ROMs are: cd0. Which one contains the install media? (or ’done’) [cd0] {hit enter}

Now you need to specify which platform’s install sets to use. We want to choose the sets for macppc in this example.

Pathname to the sets: (or ’done’) [3.5/macppc] {hit enter}

Next you get to choose which sets to install. If you want to run the X Window System you might as well choose them all. For a more secure firewall box you might leave out all but the following: bsd, base34.tgz, and etc34.tgz. This would be a very minimal system with no man pages or compilers! Leaving out the compilers (comp34.tgz) gives you an added measure of security (makes it quite hard to compile devious programs), but it also means that you will have to compile all upgrades on another machine running with the same hardware and then transfer the patched binaries over.

In this example I will choose everything except bsd.rd.

The following sets are available. Enter a filename, ’all’ to select all the sets, or done. You may deselect a set by prepending a ’-’ to its name. [X] bsd [ ] bsd.rd [X] base35.tgz [X] etc35.tgz [X] misc35.tgz [X] comp35.tgz [X] man35.tgz [X] game35.tgz [ ] xbase35.tgz [ ] xshare35.tgz [ ] xfont35.tgz [ ] xserv35.tgz

First I will select all the sets and then I will subtract the one I don’t want.

File Name? (or ’done’) [bsd.rd] all [X] bsd [X] bsd.rd [X] base35.tgz [X] etc35.tgz [X] misc35.tgz [X] comp35.tgz [X] man35.tgz [X] game35.tgz [X] xbase35.tgz [X] xshare35.tgz [X] xfont35.tgz [X] xserv35.tgz File Name? (or ’done’) [bsd.rd] -bsd.rd [X] bsd [ ] bsd.rd [X] base35.tgz [X] etc35.tgz [X] misc35.tgz [X] comp35.tgz 5 of 6 16.03.2005 07:59 Daemon News ’200412’ : ’"Installing OpenBSD: A Beg... http://ezine.daemonnews.org/200412/openbsd.html [X] man35.tgz [X] game35.tgz [X] xbase35.tgz [X] xshare35.tgz [X] xfont35.tgz [X] xserv35.tgz

Looks good! Lets go ahead and start the install.

File Name? (or ’done’) [bsd.rd] done Ready to install sets? [y] {hit enter}

Now the sets I have selected will be installed on my machine. When they are finished I will be asked if I want to add more distribution sets.

Where are the install sets? (or ’done’) done

You will be asked if you want sshd to start up by default. This question is new to OpenBSD 3.5.

Do you wish sshd(8) to be started by default? [yes] y

If you want to run X just hit enter (assuming you installed all the x-sets above).

Do you expect to run the X Window System? [y] {enter}

Now you are asked what time zone you live in. The installer script will set a symbolic link of /etc/localtime to the time zone you specify. If you are not sure of the correct syntax for your zone, enter ? (a question mark).

What timezone are you in? (’?’ for list) [Canada/Mountain] America/New_York

Now the computer sets up the /dev directory and boot blocks. When it’s finished you will see a congratulations banner and a prompt. Enter the command halt to gracefully shut down the computer.

CONGRATULATIONS! Your OpenBSD install has been successfully completed! To boot the new system, enter halt at the command prompt. Once the system has halted, reset the machine and boot from the disk. # halt syncing disks... done The operating system has halted.

On i386 you may press any key to reboot into OpenBSD:

Please press any key to reboot.

Final steps for macppc

If you installed on a Mac you will need to boot into Open Firmware and tell it to boot the BSD kernel from now on. To do so, restart the computer (probably using the reset or power button) and hold down Option+Apple+o+f to boot Open Firmware. Now we just need to set the boot device to the hard drive that containts OpenBSD and tell it to boot the kernel located at /bsd.

ok 0 > setenv boot-device ultra0:,ofwboot /bsd 0 > mac-boot

Now your new OS should start up! (End of macppc-only instructions.)

Final Notes

After you boot up for the first time, make sure to read the Afterboot(8) man page or check out my first boot list for some final configurations. For clarification or corrections: [email protected]

6 of 6 16.03.2005 07:59 Daemon News ’200412’ : ’"FreeBSD 5.x and the Future "’ http://ezine.daemonnews.org/200412/freebsd.html

December 2004 Get BSD New to BSD? Search BSD Submit News FAQ Contact Us Join Us

FreeBSD 5.x and the Future Search by Scott Long Monthly Ezine The release of FreeBSD 5.3 signals the true kick-off of the 5-STABLE and 6-CURRENT series. We are very excited about this, both because 5.3 is a Search good release, and because 6.0 will give us a chance to, erm, redeem ourselves and our development process. =-) 5.x was a tremendous undertaking. SMPng, KSE, UFS2, background fsck, Get BSD Stuff ULE, ACPI, etc., etc., etc. were all incredible tasks. Given that many of these things were developed and managed by unpaid volunteers, the fact that we made it to 5-STABLE at all is quite impressive and says a lot about the quality and determination of all of our developers and users. However, four years was quite a long time to work on it. While 4.x remained a good workhorse, it suffered from not having needed features and hardware support. 5.x suffered at the same time from having too much ambition but not enough developers to efficiently carry it through. By the middle of 2002 is was very apparent that we needed to start focusing on getting 5.0 released. Unfortunately, we fell into the trap of wanting to finish more features in order to feel good about 5.x. We kept on ignoring the fact that 5.x already had a lot of good and needed features, and that the number one goal needed to be to get it stabilized and turned into 5-STABLE. Instead we drew up a road map document that dictated releases based on features rather than on stability and, even more importantly, timeliness. There has been quite a bit of discussion about this over the past week by the developer community. The proposal that I and Poul-Henning have set forth is to stop gating releases, both major and minor, or features, and instead gate them on a schedule that is both reasonable and timely. New -STABLE branches will be made on a calendar-based timeline, and point releases on those branches will be made at regular intervals. We are still debating the exact timeline, but it looks now like we will do a new -STABLE branch every 12-18 months and new point releases every 4-6 months. While as engineers we all tend to hate timelines, this does have a lot of positive aspects. First, it increases the predictability of the development both for our users and for our developers. Users can plan effectively for upgrades and testing/validation knowing that there will be major and minor releases at fixed times of the year. Developers can judge when to start new projects and when to focus on bug-fixing because there will no longer be the temptation to delay a release by a month in order to slide ’one more thing’ in. This is not unlike most commercial OS vendors, and we’ve received a lot of feedback that this method of planning is desperately needed. Second, it means that development efforts for major features will continue to shift out of CVS and into Perforce. This already happens quite a bit, so it’s not as radical a change as it seems. CVS HEAD will remain the ’experimental’ development branch, but large items will not be brought into it until they are functionally complete and integrated. HEAD may still get unstable from time to time, but it hopefully won’t turn into the collision of lots of half-done experimental things like it has in the recent past. It also means that if a major feature isn’t done in time for a -STABLE branch-point that it can continue to be developed outside of the CVS tree and be made ready for the next scheduled branch point. Third, by having more frequent and scheduled branches and releases, we avoid the 5.x problem of having too much time to let too many things get into the tree and dilute developer resources to handle and debug them. As I said at the beginning, 5.x has an incredible number of big things. 6.0 will be more modest, as will 7.0 and on. We’ll know when to ’stop digging and start climbing’, as Robert aptly puts it. So the current plan is to branch RELENG_6 (aka 6-STABLE) sometime around May or June 2005. That will begin a 1-3 month freeze and stabilization process for the 6.0 release. After that is released, we will do 6.1, 6.2 and onwards at likely 4 month intervals. In May/June 2006 we’ll look at doing RELENG_7, or we might wait until Nov/Dec 2006 (12 months vs. 18 months). The 5.4 release will likely be in Feb/March 2005, with a 5.5 release possibly in June/July, depending on where 6.0 is. There may be 5.x releases after 6.0 if 6.0 turns out to not be as stable as needed (as is often the case with .0 releases). As far as promising features for releases, this new process means that we will be getting away from that. That’s not 1 of 2 16.03.2005 07:59 Daemon News ’200412’ : ’"FreeBSD 5.x and the Future "’ http://ezine.daemonnews.org/200412/freebsd.html to say that there aren’t many big features that need to be done, but whatever is not done in time for the 6-STABLE branch will have to wait until after 6.0. I expect (and hope!) for there to be a lot more discussion on this. However, it has already been discussed quite a bit at the developers’ summit and in the days since, so this is really more of an announcement. Again, thanks to all of the developers and all of the users that have worked so hard on bringing 5.x forward and keeping 4.x viable.

2 of 2 16.03.2005 07:59 Daemon News ’200412’ : ’"Interview with Hubert Feyrer "’ http://ezine.daemonnews.org/200412/hubert.html

December 2004 Get BSD New to BSD? Search BSD Submit News FAQ Contact Us Join Us

Interview with Hubert Feyrer Search by the NetBSD-PT Group Monthly Ezine The NetBSD-PT Group did an interview via e-mail with a NetBSD developer. You can find more information about him at http://www.feyrer.de. Search Portuguese version here. NetBSD-PT Get BSD Stuff Tell us a little about yourself: where do you live, what have you studied, what your hobbies are and what do you hate most? Hubert Feyrer Heh... I live in Regensburg, which is located in Bavaria, southern Germany. I’ve studied computer science at the University of Applied Scienced (Fachhochschule) Regensburg, then continued working there, first in a project about electronic libraries, later on as system administrator maintaining a cluster of Sun workstations with some additional work on machines running Irix, NetBSD and Windows. Besides doing system administration, I started giving lectures on "System Administration" and "Open Source". At the end of 2003, they ran out of money and my sysadmin-contract was not continued, which gave me time to work on my doctoral thesis, which is what I’m working on mostly full time now, besides giving lectures and doing occasional NetBSD preaching. Hobbies: hm... NetBSD, work, NetBSD, NetBSD, cinema, comics, music, partying, bicycling and badminton. What I hate most... I think it’s stubborn people that aren’t used to think on their own and just do what others tell them. And how the german government kills education by not handing out enough money. NetBSD-PT When did you first start to get interested in NetBSD and why? Hubert Feyrer That was in the summer of 1993, when I was doing an internship at the computing center of the University of Regensburg. Back then, I owned an Amiga 2000, and some guys tried to port the Mach microkernel to the Amiga, with mediocre results. One day, Markus Wild from Switzerland popped into the Amiga chat and announced that he had ported NetBSD to the Amiga. I knew about Ultrix and SunOS then, and had a lot of fun getting NetBSD on my Amiga - carrying dozends of floppies, getting a new SCSI controller etc., and I put a lot of time into it, and i grew with it. BTW, traces of these ancient days can be found at these URLs: http://www.feyrer.de/NetBSD/messages http://www.feyrer.de/NetBSD/jm-postcard.html Back then, I started compiling software for NetBSD (on the slooow Amiga), and made a framework to allow installing and deleting precompiled binary pkgs, which I put up on ftp.uni-regensburg.de (which I administrated then, and which doesn’t exist any longer), and which was the master site for many NetBSD/amiga specific packages. Later on, that archive got a lots of mirrors, some of which are still around. After finishing my studies, I made a trip to the United States and met Bill Coldwell there, who asked me to setup a mirror of my FTP site while visiting BEST computing in San Francisco. I got an account for that, and as the machine used to be ftp.netbsd.org at that time, I later kept that account name when I became a NetBSD developer. (I would have preferred a different login name, but someone was too lazy 1 of 5 16.03.2005 08:00 Daemon News ’200412’ : ’"Interview with Hubert Feyrer "’ http://ezine.daemonnews.org/200412/hubert.html to rename my account then ;). NetBSD-PT For how long have you been a NetBSD developer? Hubert Feyrer After running the FTP site which provided binary pkgs for NetBSD/amiga and twiddling with my own packaging system, I met some NetBSD developers at the 1997 IETF meeting in Munich, shortly after which I was invited as an official NetBSD developer to work on a packages system for NetBSD. The guiding decision made by core back then was to start with the FreeBSD ports system, and bring that to NetBSD. Well, and that was what I did with Al Crooks. The pkgsrc team has grewn to some 50 developers by now, has more than 5.000 packages and was ported to many non-NetBSD operating systems as well. I’ve worked on a lot of the infrastructure, with wildcard probably being the most important one. My special emphasis back then was to have wildcards not only work for building from source, but also for precompiled binaries, allowing selection of the "best" (most recent/biggest number) dependencies even when installing via FTP, as I wouldn’t users running NetBSD on slow platforms like the Amiga to need compiling things unneeded. Since starting pkgsrc, a lot has happened, and I’ve sort of retracted from active pkgsrc development, as there are enough people who have better understanding and more time to do the job these days. Another piece of work I started back then was writing documentation about pkgsrc, and I’ve recently returned to that, giving documentation that a lot of people had worked on some whip-up. In general, I’ve always tried to provide documentation for things I was working on, which made me the maintainer of the Networking FAQ for NetBSD/amiga, and which got me partly responsible for the NetBSD Guide as well. What I’m spending a lot of time on these days is (trying to) advertizing NetBSD. I go to conferences and roadshows, do booths and tell people what NetBSD is, how it relates to Linux, what the differences between the various BSDs are, and why NetBSD is still the best choice IMHO. When I was invited to attend a Linux roadshow the first time, I wondered what I - a NetBSD person - would do there. Well, after seeing that Linux people actually ARE interested in NetBSD and what it can offer, I was happy to tell them all about NetBSD I could, giving more talks and doing more booths. Unfortunately, this costs a lot of time and even more money for preparing, which right now collides a bit with my real work, which is to work on my doctoral thesis. NetBSD-PT What do you work on in the NetBSD project? Hubert Feyrer See above - pkgsrc, documentation, advocacy. Besides that, I’ve tried to play with every facility and subsystem that NetBSD got, and also to run it on various machines I got hold of, which made me quite familiar with all of the system, from both inside (kernel) and esp. outside (using, administrating). I occasionally fix things here and there, pull up some driver from the development to the stable branch, but I don’t consider that my area of work in the NetBSD project. Last, I’m co-chief of the Communications Exec group, which is intended to do Public Relations for the NetBSD Foundation and all their belongings (NetBSD, pkgsrc). NetBSD-PT How is g4u (Ghost for Unix) evolving? Hubert Feyrer g4u is a single floppy that contains a NetBSD kernel with a RAM disk, which contains a bunch of drivers to access harddisks and network, and which can upload the whole harddisk (or only partitions) to a FTP server, and restore it later on. I developed it for my sysadmin job. After I lost that job, I’m still maintaining g4u, and it’s evolving. Problems right now are that a single floppy is just too small for everything that NetBSD offers, and I had to remove many drivers that I’d love to stay. Future plans for g4u are to really move to a CDROM-based 2.88MB-version which will also be available as a split floppy set, offering the same (full) functionality for both CDROM and floppy users. Features I’d like to add are passing in commands to run via DHCP and also a way to do restores from CDROM/DVD - things that weren’t possible until now due to the size limits.

2 of 5 16.03.2005 08:00 Daemon News ’200412’ : ’"Interview with Hubert Feyrer "’ http://ezine.daemonnews.org/200412/hubert.html Besides all these nice things (that I lack time to do as much as I like), I had an unpleasant encounter with some people from the "g4l" project recently, which copied my (g4u) code, removed both my name and the license (BSD) I put g4u under, and re-distributed it under their own license (GPL). They were very ignorant about admitting things, but after making things public they at least pretended to do a rewrite, with not a lot of success, as I’ve been told - I just don’t have time to run after these things, but would like to invite everyone to have a close look at the code, and decide for themselves. A comparison I’ve made from their versions is available here, letting everyone judge on their own: http://www.feyrer.de/g4u/g4l.html NetBSD-PT Do you have other projects? Hubert Feyrer Well, my thesis. ;) It’s about a system for system administrator training: I cannot hand out the root password to our lab machines to my students of the "System Administration" lecture, so I made that system which allows students to sign up on some webpage, and book exercises. For each exercise, some machines get reinstalled from scratch (using harddisk image cloning :), and students get exclusive access to the lab machines for the time of the exercise. At the end of the exercise, the system checks if the students solved the exercise properly, and gives details on what parts were good and which need improving. Check out http://www.feyrer.de/vulab/ for more information! Oh, and if you want to count it, I sure considere my two lectures on System Administration and on Open Source ongoing projects, at least as long as they’re not running out of money for hiring me to tell our future computer scientists about these topics. Check out the (german language) lecture notes at http://www.feyrer.de/SA/ (System Administration) and http://www.feyrer.de/OS/ (Open Source). NetBSD-PT What do you think about the new logo? Hubert Feyrer Um... could be worse, could be better. As I’m in the communications exec team, I’m partly to blame for it too, even if it’s not my personal choice (which wasn’t selected, obviously). I still think that it gives a distinct look for NetBSD, and most important it still leaves room for our beloved BSD-mascot, the daemon. NetBSD-PT NetBSD 2.0 is comming up. What do you expect it to bring to the NetBSD community? More users? Hubert Feyrer Yes. We gain new users each day, with each Windows system getting infected by some worm, and with each Linux system getting hacked. NetBSD 2.0 is a major step with a lot of features that we’ve waited for a long time, and now it’s finally there not only for the NetBSD users, but also for the many systems and vendors that use NetBSD as a source of technology for their own systems. E.g. the NetBSD SMP system was used by some other operating system, and one big company uses the NetBSD network stack for their closed-source operating system. As a release, NetBSD 2.0 will also be a sign of life to people who do not use or run NetBSD, and it will be a sign for them that NetBSD is very much alive and even while we are "only" at 2.0, it shows that there is enough happening to justify a major jump in version numbering. NetBSD-PT Which architectures have you ran NetBSD on, which do you run at the moment and which do you liked most? Hubert Feyrer I’ve ran NetBSD on (in historical order) amiga, i386, sparc, shark, sparc64, cobalt, sgimips. I still use i386 and sparc on a regular base, and for liking best... well, I think it’s these two: i386 can’t be beaten in compiling stuff, but systems like the Sun SparcStation 10 and 20 are just fine systems with not too much hardware options available to be difficult to support. One platform that I’d definitely would love to try is an Apple IBook or PowerBook - anyone got a spare one they want to donate? I promise to use it to show it on roadshows! :) NetBSD-PT 3 of 5 16.03.2005 08:00 Daemon News ’200412’ : ’"Interview with Hubert Feyrer "’ http://ezine.daemonnews.org/200412/hubert.html Which is the best next step NetBSD should take, in your opinion? Hubert Feyrer Going public. A lot. More! NetBSD is technically very good (compared to what’s available today), but very little people know about it. Other systems brag about features that are a matter of course to us NetBSD users and developers, and we should learn to emphasize our strengths in various regions, including our fine packages system, pkgsrc, security, networking, portability and interoperability. NetBSD-PT Despite the fact that POSIX 1003.1e is not defined as a standard, don’t you think NetBSD should have ACL and MAC support sooner than NetBSD 4.0 as you say on your own personal roadmap? Hubert Feyrer Heh... remember to take that roadmap with a big grain of salt. I definitely wouldn’t mind seeing ACLs deployed rather sooner than later, but the real problem is that there is no standard, and many different solutions exist to that problem, which are all incompatible. Having ACLs on disk is one thing, but for me and the environments I work in, having them in some networked filesystem is a necessity, and I’ll leave it to you to judge the likeliness of this happening. (And no, I have no idea if NFSv4 contains a solution for the problem; but NFSv4 is not on the radar either, anywhere). NetBSD-PT What is your opinion on the upcoming Wedges subsystem being developed by Jason Thorpe? Hubert Feyrer The idea is quite old and was proposed by Charles Hannum several years ago IIRC. To the extent I’ve understood wedges (which is not 100%!), I think it’s very useful, allowing easier moving of disks (harddisks as well as portable media like USB sticks, Firewire disks, ...) between systems running NetBSD, esp. if they are not of the same system architecture. So far, PCs, Suns, Apples, SGIs etc. all use different methods to store things like partition tables, and to my understanding, Wedges aims at unifying these. Sure a good thing! NetBSD-PT Do you use other operating systems? If so, which and why? Hubert Feyrer In my previous job, I earned my money administrating Solaris, which I still like a lot. It’s a rather small system that leaves the administrator a lot of freedom without having a lot of bloat installed, but rather works very well for the things it’s intended to do. It has very good SMP capabilities, fine memory management, and conforms to many standards. And with latest versions, Sun even hands out a good bunch of free software that make it even more usable, having gcc and KDE readily available. (Yes, at times I like using KDE, as it doesn’t need the amount of tweaking a freshly installed fvwm needs! At home I still prefer fvwmw.) For the other operating system i’m running (and which i’m typing this mail from, into a ssh client) is Windows, which allows me to distract myself a bit playing Counter Strike. NetBSD-PT Do you have anything to say to the Portuguese NetBSD community? Hubert Feyrer ‘‘Spread the word!’’ We have no NetBSD developers from Portugal (yet :), but as a user, you can do a lot about telling other people, your friends, boss and family about NetBSD and if you’re satisfied with it. If you want to meet with some other NetBSD developers, the following events may be of interest to you:

next year’s EuroBSDCon which will take place towards the end of the year in Basel, Switzerland next year’s pkgsrcCon which will probably happen around May in Prague, Czechia Finally, the NetBSD project will have a booth at the 21st Chaos Communications Congress in Berlin, Germany at the end of the year

The NetBSD-pt Group is very thankful to Hubert Feyrer for answering our questions in the clear and pricise way he 4 of 5 16.03.2005 08:00 Daemon News ’200412’ : ’"Interview with Hubert Feyrer "’ http://ezine.daemonnews.org/200412/hubert.html did. :-) Long live NetBSD!

5 of 5 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html

December 2004 Get BSD New to BSD? Search BSD Submit News FAQ Contact Us Join Us

Keeping FreeBSD Applications Up-To-Date Search by Richard Bejtlich Monthly Ezine This is a sequel to my previous work Keeping FreeBSD Up-To-Date. Search This article presents multiple ways to keep FreeBSD applications up-to-date. I explain how to install and upgrade several applications on a FreeBSD 5.2.1 RELEASE system. In my previous article "Keeping FreeBSD Up-To-Date," I described how to patch and upgrade the FreeBSD operating system, beginning Get BSD Stuff with FreeBSD 5.2.1 and ending with FreeBSD 5-STABLE. Taken as a pair, these two articles will help system administrators keep their FreeBSD OS and applications current and defensible. I chose FreeBSD 5.2.1, released in February 2004, as my reference platform because the applications bundled with it have been updated several times in the past ten months. These updates provide good material for the case-based approach used in this article. All of the techniques explained here work on the most recent FreeBSD version, 5.3. All of the work done in this article was done remotely via OpenSSH. One danger of performing remote upgrades is losing connection during a critical phase of the process. One software-based way to deal with this issue is to conduct all remote upgrades within a screen(1) session. [1] Should you lose connectivity during the upgrade while running screen, your session will continue uninterrupted. The screen(1) program has suffered security problems in the past, so balance its features against the possible risks. My advice on upgrading these applications is based on deploying FreeBSD on servers, workstations, and laptops since 2000. The article represents a mix of my interpretations of official FreeBSD documentation, inputs from mentors, and the result of my own experimentation and deployment strategies. This guide cannot be anywhere near a complete reference on keeping FreeBSD applications up-to-date or maintaining secure software. I strongly recommend reading the excellent FreeBSD Handbook as well as the multiple helpful published books on FreeBSD. Third party applications may be installed using source code, the FreeBSD ports tree, or precompiled packages. Each will be described in detail, but not exhaustively. The tips here are enough to get the novice to intermediate system administrator managing applications on FreeBSD.

Installation Using Source Code

Source code is typically packaged as an archive processed by the tar(1) and gzip(1) programs, with the .tar.gz or .tgz suffixes. In the following example, we install the Snort output reader Barnyard from source code. Until further notified, we take these actions as a user and not as root. As a good system administration practice, one might want to create a specific directory to hold source code for third party applications. Creating /usr/local/src is the method used here.

freebsd521$ mkdir /usr/local/src

Next we download the Barnyard tarball with fetch(1), after visiting the Barnyard project page and locating a suitable distribution site. [2]

freebsd521$ fetch http://kent.dl.sourceforge.net/sourceforge/barnyard/barnyard-0.2.0.tar.gz Receiving barnyard-0.2.0.tar.gz (161543 bytes): 100% 161543 bytes transferred in 6.6 seconds (23.78 kBps)

Now extract the contents of the archive:

freebsd521$ tar -xzvf barnyard-0.2.0.tar.gz barnyard-0.2.0/ barnyard-0.2.0/docs/ barnyard-0.2.0/docs/BUGS ...edited... barnyard-0.2.0/src/input-plugins/dp_stream_stat.h barnyard-0.2.0/src/input-plugins/dp_stream_stat.c 1 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html Once the source code is extracted, we change into the new directory and look for a configure script:

freebsd521$ cd barnyard-0.2.0 freebsd521$ ls AUTHORS README config.guess docs src COPYING acconfig.h config.h.in etc stamp-h.in LICENSE.QPL aclocal.m4 config.sub install-sh Makefile.am autoclean.sh configure missing Makefile.in autojunk.sh configure.in mkinstalldirs

We execute the configure script and pass an optional parameter to enable MySQL output.

freebsd521$ ./configure --enable-mysql creating cache ./config.cache checking for a BSD compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking whether make sets ${MAKE}... yes checking for working aclocal-1.4... missing ...edited... checking for strerror... yes checking for /mysql.h... no ********************************************** ERROR: unable to find mysql headers (mysql.h) checked in the following places /mysql.h **********************************************

The configure script abruptly stops because it cannot find mysql.h. This demonstrates the major weakness of installing software from source code. Administrators must be aware of any dependencies required by the application, and address them prior to installing the new software. Assume we take care of the dependency (using a method to be demonstrated shortly). We re-run the configure script:

freebsd521$ ./configure --enable-mysql creating cache ./config.cache checking for a BSD compatible install... /usr/bin/install -c ...edited... checking for strerror... yes checking for /usr/local/include/mysql/mysql.h... yes checking for mysql_real_connect in -lmysqlclient... no ********************************************** ERROR: unable to find mysqlclient library checked in the following places /usr/local/lib/mysql **********************************************

Now we see a new error. Although the mysql.h file was found, the configure script is not finding the MySQL client library where it expects to find it. A look in /usr/local/lib/mysql shows the following:

freebsd521$ ls /usr/local/lib/mysql/ libmysqlclient.a libmysqlclient.so libmysqlclient.so.10

It appears the files needed are in place. This error demonstrates the second weakness of installing software from source. Sometimes it does not work as expected, and administrators must tweak installation files to accommodate their systems. The resolution to this problem surfaces by doing a Google search. If we modify the configure script as shown, it fixes the problem: original configure script:

LIBS="${LIBS} -lz -lssl -lmysqlclient"

modified configure script:

LIBS="${LIBS} -lz -lssl -lcrypto -lmysqlclient"

Rerun the configure script:

freebsd521$ ./configure --enable-mysql creating cache ./config.cache checking for a BSD compatible install... /usr/bin/install -c ...edited... checking for strerror... (cached) yes checking for /usr/local/include/mysql/mysql.h... yes checking for mysql_real_connect in -lmysqlclient... yes ...edited... creating config.h config.h is unchanged

Because the configure script completed, we can now execute make(1) and begin compiling Barnyard: 2 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html freebsd521$ make make all-recursive Making all in src Making all in output-plugins gcc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I../../src -I/usr/local/include/mysql -DENABLE_MYSQL -g -O2 -Wall -c op_decode.c gcc -DHAVE_CONFIG_H -I. -I. -I../.. -I../.. -I../../src -I/usr/local/include/mysql -DENABLE_MYSQL -g -O2 -Wall -c op_fast.c ...edited... gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I/usr/local/include/mysql -DENABLE_MYSQL -g -O2 -Wall -c barnyard.c gcc -DHAVE_CONFIG_H -I. -I. -I.. -I.. -I/usr/local/include/mysql -DENABLE_MYSQL -g -O2 -Wall -c mstring.c ...edited... ProgVars.c:672: warning: long unsigned int format, time_t arg (arg 3) gcc -g -O2 -Wall -L/usr/local/lib/mysql -o barnyard barnyard.o mstring.o strlcatu.o strlcpyu.o util.o spool.o sid.o debug.o classification.o CommandLineArgs.o ConfigFile.o ProgVars.o output-plugins/libop.a input-plugins/libdp.a -lz -lssl -lcrypto -lmysqlclient

At this point we assume root privileges and execute ’make install’ to copy the Barnyard executable to /usr/local/bin:

freebsd521# make install Making install in src Making install in output-plugins Making install in input-plugins /bin/sh ../mkinstalldirs /usr/local/bin /usr/bin/install -c barnyard /usr/local/bin/barnyard

On FreeBSD systems where the root shell is tcsh or csh, administrators must run rehash(1) to recompute the hash table for the PATH variable. If one does not do this, the system will not find barnyard(1). For example:

freebsd521# barnyard -h barnyard: Command not found. freebsd521# ls /usr/local/bin/barnyard /usr/local/bin/barnyard freebsd521# rehash freebsd521# barnyard -h Barnyard Version 0.2.0 (Build 32) Usage: barnyard [OPTIONS]... (continual mode) or: barnyard -o [OPTIONS]... FILES... (batch mode) ...truncated...

Barnyard is now installed. Installation from source code has four main weaknesses: Administrators must resolve dependencies manually. Administrators may have to tweak configuration scripts to accommodate their systems. Administrators may have to take additional actions to install code without configure scripts or Makefiles. Software installed from source can not usually be managed by the native FreeBSD package management tools. Installation from source code has two main advantages: Developers publish their code in source archive form. Therefore, it is typically the freshest version available. Administrators have maximum flexibility when working with source code. My personal preference is to avoid installing source code in this manner if at all possible. I prefer one of the two methods that follow.

Installation Using the FreeBSD Ports Tree

FreeBSD offers an extremely powerful means of installing software. This system is known as the ports tree. Administrators have the option of adding this structure to their system during installation. Alternatively, a recent copy of the source tree archive can be downloaded from www.freebsd.org/ports/ and extracted to the /usr/ports directory. The FreeBSD ports tree is a system to facilitate the installation of third party applications. The FreeBSD Handbook and other references already comprehensively explain this resource, so I will restrict this text to demonstrating the installation of a tool, FreeBSD Update, using the ports tree. In the previous article we used FreeBSD Update to keep the OS up-to-date. As such it may be considered a "security tool." A quick look at /usr/ports shows multiple files and directories, corresponding to categories of tools:

freebsd521# cd /usr/ports freebsd521# ls .cvsignore audio finance math shells INDEX benchmarks french mbone sysutils INDEX-5 biology ftp misc textproc LEGAL cad games multimedia ukrainian MOVED chinese german net vietnamese 3 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html Makefile comms graphics news www Mk converters hebrew palm x11 README databases hungarian picobsd x11-clocks README.html deskutils irc polish x11-fm Templates devel japanese portuguese x11-fonts Tools distfiles java print x11-servers arabic dns korean russian x11-toolkits archivers editors lang science x11-wm astro emulators mail security

A quick look inside the security directory shows tools which provide security functions:

freebsd521# ls security | head ADMsmb ADMsnmp IMHear Makefile README.html aafid2 acid aescrypt aide altivore

In fact, we see ’freebsd-update’ listed, if we use grep(1) to narrow down the directory listing:

freebsd521# ls security | grep -i update freebsd-update

If we were not able to guess at the location of our tool of interest, we could turn to other resources. Two Web-based options exist. Search functions at www.freshports.org or www.freebsd.org/ports reveal that the FreeBSD Update program is found in the security/freebsd-update portion of the tree. The ports tree itself offers two other methods to find tools of interest. From the /usr/ports directory, use make(1) to find ports with the "update" keyword:

freebsd521# make search key=update | more ...edited... Port: freebsd-update-1.4 Path: /usr/ports/security/freebsd-update Info: Fetches and installs binary updates to FreeBSD Maint: [email protected] Index: security B-deps: R-deps: bsdiff-4.1 ...truncated...

If we were sure of the tool’s name (i.e., "freebsd-update"), we could leverage that knowledge directly to check if the tool is in the ports tree:

freebsd521# make search name=freebsd-update Port: freebsd-update-1.4 Path: /usr/ports/security/freebsd-update Info: Fetches and installs binary updates to FreeBSD Maint: [email protected] Index: security B-deps: R-deps: bsdiff-4.1

At this point we’ve used several means to locate freebsd-update(1). Now we install it as user root by running make(1) inside the /usr/ports/security/freebsd-update directory. Assume you are taking this action just after FreeBSD 5.2.1 was released, so the freebsd-update(1) version shown (1.4) is the newest available:

freebsd521# cd security/freebsd-update/ freebsd521# make >> freebsd-update-1.4.tar.gz doesn’t seem to exist in /usr/ports/distfiles/. >> Attempting to fetch from http://www.daemonology.net/freebsd-update/. Receiving freebsd-update-1.4.tar.gz (29567 bytes): 100% 29567 bytes transferred in 0.1 seconds (236.29 kBps) ===> Extracting for freebsd-update-1.4 >> Checksum OK for freebsd-update-1.4.tar.gz. /usr/bin/sed -e "s#PREFIX=/usr/local#PREFIX=/usr/local#g" /usr/ports/security/freebsd-update/work/freebsd-update-1.4/freebsd-update > /usr/ports/security/freebsd-update/work/freebsd-update-1.4/freebsd-update.new /bin/mv /usr/ports/security/freebsd-update/work/freebsd-update-1.4/freebsd-update.new /usr/ports/security/freebsd-update/work/freebsd-update-1.4/freebsd-update ===> Patching for freebsd-update-1.4 ===> Configuring for freebsd-update-1.4 ===> Building for freebsd-update-1.4 cc -O -pipe -mcpu=pentiumpro -mcpu=pentiumpro -O3 -I lib -o freebsd-update-verify verify.c lib/hashtab.c lib/hash.c lib/fftlut.c lib/fft.c lib/smpa.c lib/numt.c lib/rsa.c

We see the freebsd-update-1.4.tar.gz source code archive is retrieved from www.daemonology.net/freebsd-update. The archive is extracted, patched, configured, and compiled. Next we run ’make install’ to install the program:

4 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html freebsd521# make install ===> Installing for freebsd-update-1.4 ===> freebsd-update-1.4 depends on executable: bspatch - not found ===> Verifying install for bspatch in /usr/ports/misc/bsdiff >> bsdiff-4.1.tar.gz doesn’t seem to exist in /usr/ports/distfiles/. >> Attempting to fetch from http://www.daemonology.net/bsdiff/. Receiving bsdiff-4.1.tar.gz (7721 bytes): 100% 7721 bytes transferred in 0.0 seconds (156.32 kBps) ===> Extracting for bsdiff-4.1 >> Checksum OK for bsdiff-4.1.tar.gz. ===> Patching for bsdiff-4.1 ===> Configuring for bsdiff-4.1 ===> Building for bsdiff-4.1 cc -O -pipe -mcpu=pentiumpro -mcpu=pentiumpro -O3 bsdiff.c -o bsdiff cc -O -pipe -mcpu=pentiumpro -mcpu=pentiumpro -O3 bspatch.c -o bspatch ===> Installing for bsdiff-4.1 ===> Generating temporary packing list ===> Checking if misc/bsdiff already installed install -c -s -m 555 bsdiff bspatch /usr/local/bin install -c -m 444 bsdiff.1 bspatch.1 /usr/local/man/man1 ===> Compressing manual pages for bsdiff-4.1 ===> Registering installation for bsdiff-4.1 ===> Returning to build of freebsd-update-1.4 ===> Generating temporary packing list ===> Checking if security/freebsd-update already installed install -s -o root -g wheel -m 555 freebsd-update-verify /usr/local/sbin install -o root -g wheel -m 555 freebsd-update /usr/local/sbin install -o root -g wheel -m 444 freebsd-update.conf.5 /usr/local/man/man5 install -o root -g wheel -m 444 freebsd-update.8 /usr/local/man/man8 mkdir /usr/local/freebsd-update install -o root -g wheel -m 444 freebsd-update.conf /usr/local/etc/freebsd-update.conf.sample mkdir /usr/local/share/doc/freebsd-update install -o root -g wheel -m 444 LICENSE README VERSION /usr/local/share/doc/freebsd-update ...edited... ===> Compressing manual pages for freebsd-update-1.4 ===> Registering installation for freebsd-update-1.4

During this process, something interested happened. The installation process recognized that freebsd-update(1) had an unresolved dependency. Freebsd-update(1) requires the bsdiff(1) program, but bsdiff(1) was not installed. Thanks to the power of the ports tree, the installation process first installed bsdiff(1) and then continued with the installation of freebsd-update(1). If bsdiff(1) had any unresolved dependencies, the installation process would have taken care of those before declaring bsdiff(1) ready. This incredible ports tree feature makes installing software much simpler than compiling source code manually. When done, the new applications are installed as packages. This is a crucial point to understand. Any application installed through the ports tree, or as a precompiled package (shown next), ends up as a package on the system. For example, the native pkg_info(1) tool reveals the packages installed on our test system:

Installation using the ports tree has three main weaknesses: If a tool you want (like Barnyard) is not in the ports tree, you can’t install it using the ports tree. The versions of applications in the ports tree may lag their source code counterparts. The ports tree must be kept up-to-date in order to install the latest applications. (This process is explained later.) Although the ports tree resolves dependencies, the dependencies are specified by the ports maintainer. For example, a port may say it needs Tcl 8.3, but you may want it to use Tcl 8.4. Usually these problems can be resolved manually, but at the cost of "breaking" the tree with your own modifications. Installation using the ports tree has five main strengths: Dependencies are resolved efficiently and with little or no manual intervention. Little or no manual tweaking is required, unlike source code installations. The patching process incorporates tweaks done by the port maintainers. An application found in the ports tree has some level of guarantee of working on FreeBSD, thanks to the testing and work of the port maintainers. Browsing the ports tree is a great way to find tools to accomplish many tasks. Applications deployed using the ports tree can be maintained using native package tools or other third-party applications. When possible, I install applications using the ports tree. I find this aspect of FreeBSD to be one of its most compelling features.

Installation Using Precompiled Packages

While installing Barnyard from source code, we came across a dependency for the MySQL client. This section 5 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html shows how I quickly resolved this dependency by installing the MySQL client as a precompiled package. Each FreeBSD release (at least for i386) is shipped with a set of packages. These are found on CD-ROMs shipped by vendors like FreeBSDMall.com or on the FreeBSD FTP mirrors. For example, the following FTP directory on FTP mirror nine contains packages for the i386 platform:

ftp://ftp9.freebsd.org/pub/FreeBSD/ports/i386/packages-5.2.1-release

Within that directory, the ’All’ directory shows the actual packages:

ftp> cd All 250 "/pub/FreeBSD/ports/i386/packages-5.2-release/All" is new cwd. ftp> ls freebsd-update* 227 Entering Passive Mode (128,10,252,13,223,67) 150 Data connection accepted from 69.243.15.208:49163; transfer starting. -rw-r--r-- 1 ftpuser ftpusers 28927 Dec 9 2003 freebsd-update-1.4.tbz 226 Listing completed.

The ’Latest’ directory is a collection of symbolic links using the base name for each package. Here we see that Latest/freebsd-update.tbz is a link to the real package, which bears a version number of 1.4. This is the same version we installed using the ports tree.

ftp> cd .. 250 "/pub/FreeBSD/ports/i386/packages-5.2-release" is new cwd. ftp> cd Latest 250 "/pub/FreeBSD/ports/i386/packages-5.2-release/Latest" is new cwd. ftp> ls freebsd-update* 227 Entering Passive Mode (128,10,252,13,223,69) 150 Data connection accepted from 69.243.15.208:49164; transfer starting. lrwxrwxrwx 1 ftpuser ftpusers 29 Aug 26 20:58 freebsd-update.tbz -> ../All/freebsd-update-1.4.tbz 226 Listing completed.

Returning to our problem of resolving Barnyard’s dependency on the MySQL client, we can install the program using the pkg_add(1) command. The -v switch enables verbose output and the -r switch denotes fetching the package from a remote location. If we had already downloaded the package locally, -r is not needed. I prefer to install all packages using -r, because the installation process will also download any dependencies:

freebsd521# pkg_add -vr mysql-client looking up ftp.freebsd.org connecting to ftp.freebsd.org:21 setting passive mode opening data connection initiating transfer Fetching ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-5.2.1-release/Latest/mysql-client.tbz...+CONTENTS +COMMENT +DESC +MTREE_DIRS man/man1/isamchk.1.gz man/man1/isamlog.1.gz man/man1/mysql.1.gz ...edited... lib/mysql/libmysqlclient.so.10 tar command returns 0 status Done. Package ’mysql-client-3.23.58’ depends on ’perl-5.6.1_15’ with ’lang/perl5’ origin. - already installed. extract: Package name is mysql-client-3.23.58 extract: CWD to /usr/local extract: /usr/local/man/man1/isamchk.1.gz extract: /usr/local/man/man1/isamlog.1.gz ...edited... extract: /usr/local/lib/mysql/libmysqlclient.so.10 extract: execute ’/sbin/ldconfig -m /usr/local/lib/mysql’ extract: CWD to . Running mtree for mysql-client-3.23.58.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/mysql-client-3.23.58.. Trying to record dependency on package ’perl-5.6.1_15’ with ’lang/perl5’ origin. Package mysql-client-3.23.58 registered in /var/db/pkg/mysql-client-3.23.58

First the pkg_add(1) process retrieves the mysql-client.tbz package from the "All" directory. This package name is really a symlink to the mysql-client-3.23.58.tbz package. The package installation process also resolves dependencies automatically. The mysql-client-3.23.58 package depends on perl-5.6.1_15. Since Perl is already installed, the package deployment continues. When done, we have our MySQL client and Barnyard can be installed from source code. Installation using precompiled packages has five main weaknesses: Because the software is precompiled, it uses a "least common denominator" approach. Some customizations used by your system will not be applied to the software installation process. Packages tend to lag the ports tree and source code by several weeks. Some applications are not available as packages. Programs like OpenOffice.org take such a long time to compile that they put an unwanted strain on the FreeBSD package generation cluster. Others like the Java 6 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html JDK can not be redistributed in package form. For some architectures, packages may not be available. Package dependencies can be more onerous than port dependencies. In other words, packages tend to be stricter about the dependencies they require. While you can tweak the dependencies needed by the ports tree manually, there is no similar capability when using precompiled packages. When you install a package, you trust that the package source to not provide trojaned code. Installation using precompiled packages has four main strengths: Package installation is much faster than compiling from source, using normal archives or the ports tree. Code than may not compile in the ports tree due to problems with your system or the tree may be available as a package. Slow systems that could spend hours or days compiling software can be maintained fairly inexpensively by using precompiled packages. Like tools installed with the ports tree, precompiled packages can be administered with native or third-party package management tools. For initial system setup I tend to install what I need using precompiled packages. Once the system is running, I tend to use the ports tree for most situations.

Updating Applications Installed from Source Code

The most direct way to update an application installed from source code is to uninstall the old version and install the new version. First, execute ’make uninstall’ in the directory from which you executed ’make install’. For example:

freebsd521# cd /usr/local/src/barnyard-0.2.0 freebsd521# make uninstall Making uninstall in src Making uninstall in output-plugins Making uninstall in input-plugins list=’barnyard’; for p in $list; do rm -f /usr/local/bin/‘echo $p|sed ’s/$//’|sed ’s,x,x,’|sed ’s/$//’‘; done freebsd521# ls /usr/local/bin/barnyard ls: /usr/local/bin/barnyard: No such file or directory

Now, download the new version of Barnyard, extract it, and follow the installation instructions already posted.

Updating Packages by Deletion and Addition

Now we turn to keeping packages up-to-date. There is no section on keeping "ports" up-to-date or "packages" up-to-date. To reiterate, applications installed using the ports tree or precompiled packages all end up as packages on the system. While we will see tools with "port" or "pkg" in their names, all tend to act on packages installed on FreeBSD. The most direct way to "update" a package is to remove it and install a new version. Earlier we used pkg_info to show installed packages. A check in /var/db/pkg also shows the packages installed.

freebsd521# cd /var/db/pkg freebsd521# ls bash-2.05b.007 freebsd-update-1.4 perl-5.6.1_15 bsdiff-4.1 mysql-client-3.23.58

I prefer to use pkg_delete(1) from this directory, because I can use tab-completion to specify the entire package name:

freebsd521# pkg_delete -v mysql-client-3.23.58 Change working directory to /usr/local Delete file /usr/local/man/man1/isamchk.1.gz Delete file /usr/local/man/man1/isamlog.1.gz ...edited... Delete file /usr/local/man/man1/safe_mysqld.1.gz Execute ’rm -f /usr/local/man/cat1/isamchk.1 /usr/local/man/cat1/isamchk.1.gz’ Execute ’rm -f /usr/local/man/cat1/isamlog.1 /usr/local/man/cat1/isamlog.1.gz’ ...edited... Execute ’rm -f /usr/local/man/cat1/safe_mysqld.1 /usr/local/man/cat1/safe_mysqld.1.gz’ Delete file /usr/local/bin/mysql Delete file /usr/local/bin/mysqladmin ...edited... Delete file /usr/local/lib/mysql/libmysqlclient.so.10 Delete directory /usr/local/include/mysql Delete directory /usr/local/lib/mysql Execute ’if [ -f /usr/local/info/dir ]; then if sed -e ’1,/Menu:/d’ /usr/local/info/dir | grep -q ’^[*] ’; then true; else rm /usr/local/info/dir; fi; fi’ Execute ’/sbin/ldconfig -R’ Change working directory to . Trying to remove dependency on package ’perl-5.6.1_15’ with ’lang/perl5’ origin.

The package is gone, according to pkg_info(1) and a listing of /var/db/pkg:

freebsd521# pkg_info bash-2.05b.007 The GNU Bourne Again Shell bsdiff-4.1 Generates and applies patches to binary files freebsd-update-1.4 Fetches and installs binary updates to FreeBSD 7 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html perl-5.6.1_15 Practical Extraction and Report Language freebsd521# ls bash-2.05b.007 freebsd-update-1.4 bsdiff-4.1 perl-5.6.1_15

Now that the package is gone, we must look for a newer version. The package we deleted, mysql-client-3.23.58, was the version shipped with FreeBSD 5.2.1 RELEASE. It was found in the following FTP directory. We show the contents of FTP mirror 9, but you are free to use whatever mirror you like;

ftp://ftp9.freebsd.org/pub/FreeBSD/ports/i386/packages-5.2.1-release/All

Packages compiled from the latest source code on the most recent version of FreeBSD, 5-STABLE, are found here:

ftp://ftp9.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/Latest

In this directory we find a new version of the MySQL client, namely mysql-client-3.23.58_3.tbz. We can install this version using pkg_add(1) if we change our PACKAGESITE environment variable:

freebsd521# setenv PACKAGESITE ftp://ftp9.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/Latest/

We check to see what package are available there:

ftp> pwd 257 "/pub/FreeBSD/ports/i386/packages-5-stable/Latest" is cwd. ftp> ls mysql*client* 227 Entering Passive Mode (128,10,252,13,224,196) 150 Data connection accepted from 69.243.15.208:49184; transfer starting. lrwxrwxrwx 1 ftpuser ftpusers 33 Nov 17 21:01 mysql323-client.tbz -> ../All/mysql-client-3.23.58_3.tbz lrwxrwxrwx 1 ftpuser ftpusers 30 Nov 17 21:01 mysql40-client.tbz -> ../All/mysql-client-4.0.22.tbz lrwxrwxrwx 1 ftpuser ftpusers 29 Nov 17 21:01 mysql41-client.tbz -> ../All/mysql-client-4.1.7.tbz lrwxrwxrwx 1 ftpuser ftpusers 29 Nov 17 21:01 mysql50-client.tbz -> ../All/mysql-client-5.0.1.tbz 226 Listing completed.

Notice that the various MySQL clients now all have version numbers. We are interested in using mysql323-client.tbz with Barnyard. Now we use pkg_add(1) to install the newest MySQL 3.x client listed in the STABLE package directory:

freebsd521# pkg_add -vr mysql323-client looking up ftp9.freebsd.org connecting to ftp9.freebsd.org:21 setting passive mode opening data connection initiating transfer Fetching ftp://ftp9.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/Latest/mysql323-client.tbz...... edited... extract: /usr/local/lib/mysql/libmysqlclient_r.so.10 extract: execute ’/sbin/ldconfig -m /usr/local/lib/mysql’ extract: CWD to . Running mtree for mysql-client-3.23.58_3.. mtree -U -f +MTREE_DIRS -d -e -p /usr/local >/dev/null Attempting to record package into /var/db/pkg/mysql-client-3.23.58_3.. Package mysql-client-3.23.58_3 registered in /var/db/pkg/mysql-client-3.23.58_3

When pkg_add is done, the new version is installed:

freebsd521# pkg_info | grep mysql mysql-client-3.23.58_3 Multithreaded SQL database (client)

This process seems fairly simple, but there are problems. First, we had to manually verify that a new version of the MySQL client was available. Then we deleted it and reinstalled it. If any other packages (not source code like Barnyard) required mysql-client as a dependency, pkg_delete(1) would have complained and not let us delete mysql-client. We could have forced deinstallation, but that’s a sloppy system administration practice. Should other applications have required the MySQL client, we could have deleted them, then deleted mysql-client, and reinstalled everything. Again, that is a lot of work. Fortunately, alternatives (described next) exist. Incidentally, you can use sysutils/pkg_tree to see package dependencies. Here we see what dependencies freebsd-update has:

freebsd521# pkg_tree freebsd-update freebsd-update-1.4 \__ bsdiff-4.1

We now know that if we tried to pkg_delete(1) the bsdiff package, the system would complain because freebsd-update(1) depends on bsdiff(1):

freebsd521# cd /var/db/pkg freebsd521# pkg_delete bsdiff-4.1/ pkg_delete: package ’bsdiff-4.1’ is required by these other packages and may not be deinstalled: freebsd-update-1.4 8 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Keeping FreeBSD Applicat... http://ezine.daemonnews.org/200412/freebsd_apps.html A tool one can use to trim installed packages is sysutils/pkg_cutleaves. This tool begins with "leaf" packages, asking if you want to remove them, followed by the packages upon which they depend. In the following example, we hit [return] whenever we see a package we want to keep. When we come to nmap(1), we decide to remove it with ’d’:

drury:/root# pkg_cutleaves Package 1 of 42: XFree86-4.3.0,1 - X11/XFree86 core distribution (complete, using mini/meta-ports) XFree86-4.3.0,1 - [keep]/(d)elete/(f)lush marked pkgs/(a)bort? ** Keeping XFree86-4.3.0,1. ...edited... Package 21 of 42: nmap-3.77 - Port scanning utility for large networks nmap-3.77 - [keep]/(d)elete/(f)lush marked pkgs/(a)bort? d ** Marking nmap-3.77 for removal. ...edited... Deleting nmap-3.77 (package 1 of 1). ---> Deinstalling ’nmap-3.77’ [Updating the pkgdb in /var/db/pkg ... - 104 packages found (-1 +0) (...) done]

At this point, pkg_cutleaves(1) asks if we want to continue. If we do, we have the option of deleting a nmap(1) dependency, pcre:

Go on with new leaf packages ((y)es/[no])? y Package 1 of 1: pcre-5.0 - Perl Compatible Regular Expressions library pcre-5.0 - [keep]/(d)elete/(f)lush marked pkgs/(a)bort? d ** Marking pcre-5.0 for removal. Deleting pcre-5.0 (package 1 of 1). ---> Deinstalling ’pcre-5.0’ [Updating the pkgdb in /var/db/pkg ... - 103 packages found (-1 +0) (...) done] ** Didn’t find any new leaves to work with, exiting. ** Deinstalled packages: nmap-3.77 pcre-5.0 ** Number of deinstalled packages: 2

Since there are no longer any dependencies for nmap(1), the process ends. Using a tool like pkg_cutleaves(1) allows us to trim down unnecessary packages very easily. We will continue the package upgrading in part 2 of this article.

9 of 9 16.03.2005 08:00 Daemon News ’200412’ : ’"Quo Vadis Beastie ? "’ http://ezine.daemonnews.org/200412/dadvocate.html

December 2004 Get BSD New to BSD? Search BSD Submit News FAQ Contact Us Join Us

Quo Vadis Beastie ? Search By Poul-Henning Kamp Monthly Ezine It is the night after LinuxForum 2005, an increasingly successful conference for the OSS crowd here in Denmark. In the BSD crowd we sort of live with the Search name, because it is well known that around 70% of the governing board in the local LUG are BSD converts and the event is largely run by the crew from the BSD user-group. Get BSD Stuff My co-columnist here, Robert Watson, came over from UK to give a talk about SMPng status and despite the concerted efforts of weather and a malevolent God of Public Transportation we managed to find a couple of hours to talk about stuff. When I hear somebody like Robert Watson complain about not being able to find features and options in OpenOffice, I am reminded of my own introduction to UNIX: "I’m sure there is a way to do this, but I wonder what the program is called...". As the deadlines made me older I came to know the contents of /usr/bin by heart, and it now feels like my organised but cluttered workshop where I can almost always find a gadget and thingmajic which can be used to solve the problem at hand. Over time new things have appeared in /usr/bin but that has not been a problem for me, because it did not rename the old commands so all the tricks I learned on System III still work. But whenever I get a new version of OpenOffice, Opera or Firefox, the menus are different from the old version. Overnight somebody came in and redecorated my workshop. I hate that, and so does everybody else as far as I can tell. If you don’t know why one would hate such a thing, imagine "Word, the Martha Stewart edition," and you get the idea. Right now all the BSDs have projects they are busy carrying through, and we all have sort of 1-2 year horizons at this point. But have we thought about where go after that ? Isn’t it time that we reclaimed the "blessed +1 staff of innovation" and started doing something about computers ? When I say "do something about computers" I don’t mean deliver on the 1980 dream of the perfect UNIX, I mean doing something about how computers will be used by people in the future. In 1970 Ken Thompson was playing with interactive computer graphics when the rest of us used teletypes. In the 1980’s Peter Langston was doing advanced audiovisual stuff at a time where the only sound our computers made was a very loud roar of fans. And then, somehow, innovation in the UNIX environment stopped. Rob Pike said five years ago that "Systems Software Research is Irrelevant" and I really have to say that I agree more and more with him. We work hard to perfect and optimise the UNIX operating system model we inherited from the giants in front of us, but that model never did contain wearable computers or information appliances. The fact that UNIX can be used for these sorts of things is just another testimony to the quality of thinking that has gone into it, but we can’t rest on those laurels forever. Some concepts have proven their worth over and over and many UNIX principles have become de-rigor in the IT world: "files are arrays of bytes" and hierarchal filesystems are just two of the most well known. On the other hand, a concept like "the console", a relic from the days where computers often needed serious 1 of 2 16.03.2005 08:00 Daemon News ’200412’ : ’"Quo Vadis Beastie ? "’ http://ezine.daemonnews.org/200412/dadvocate.html counselling in machine code format, seem quaint and anachronistic these days. The jury is still out on the principle of "small programs you hook together". From Microsoft Word to the Linux ls(1) command we in the traditionally more restrained BSD world can see how options and features grow without any sign of limitation or restraint. And that brings me back to the GUI programs which are being remodelled all the time. I’m writing this article and all the code I produce with vi(1) into plain text-files. If I compare to the conceptual level at which information is being handled in modern GUI programs to the level at which we in the UNIX world treat our source code, I feel a bit left behind. In the UNIX world, we have not really gone graphical, we have just transplanted our text tools into graphics. When I want to visualise something, I use tools like gnuplot(1) or dot(1), but once the data is in the graphical domain it is dead. I can convert it to TIFF or JPG, I can scale it up and down a bit, but I can not rearrange things a bit in the graphical domain and then skip back to the text domain and continue. It is a one-way street. Dijkstra wrote in 1965 "I am aware [...] that I have only a small head, and must live with it." because he realized that program complexity would increase and keep increasing. Considering that my "home turf" is a UNIX system which has 10+ million lines of source code, and considering that we have been working on this for 30+ years, any sensible person would expect that we had developed tools which work at much higher levels than environmentally correct virtual punched cards ? I have tried various "Integrated Development Environments", and found an editor which had ’!make test’ aliased to F7 and obnoxious syntax highlighting in colours which showed little awareness of eyestrain and that was about it. Nothing to help visualise structure or architecture. What I am looking for is a metamorphosis of the "software tools" concept which works so well on the command-line to be extended into the graphical and maybe even audiovisual domain. It’s not much better in the programming language area. Since yacc(1) and lex(1) we have hardly seen any new tools for writing programs. Considering how common the basic "state engine" concept is, isn’t it amazing that we do not have a turing(1) program to help us write them ? And when so many things in the kernel use linked lists of all sorts and types, isn’t it amazing that we have to resort to cpp(1) macros to implement them quasi-safely ? We all know the old saying about cobblers’ kids wearing no shoes, but this is getting ridiculous. Are there any inventors (left) in the audience ? Poul-Henning

2 of 2 16.03.2005 08:00