#illumos #omnios is absolutely incredible. The system is very well designed IMO, I had already experienced the more cohesively designed #BSD but here it feels a bit *more* (although quite similar in some aspects to #freebsd of course).

Linux feels like a duct-taped amalgamation of random ideas, don't get me wrong I love Linux and all it represents, but it's a system that has been grown in any direction.

With Illumos instead it feels like you have orthogonal powerful building blocks you can compose into something greater than the sum of its parts. #zfs #dtrace #zones #crossbow it all works beautifully, both on their own and together.

After seeing how virtualized networking can be done in solaris, the docker networking stack feels so sad in comparison.

So far I'm very impressed.

In #FreeBSD you can modularize your config with separate files in /etc/rc.conf.d/ except... for networking? The ifconfig / dhclient settings don't work unless they're in the regular /etc/rc.conf

I need to file a bug about this I guess

First steps in the BSD world!

1) OpenBSD on VPS (Amsterdam)
2) FreeBSD on Raspberry Pi 4 (home)

I'm running a Wireguard connection between the two.

Next step is setting up relayd on the VPS to point at services on the Raspberry Pi server.

#OpenBSD #FreeBSD #selfhosted

#FreeBSD mac_do(4) as a method of privilege escalation in an unprivileged chroot: pastebin.com/4fXx6K8D

#infosec

Anyone using net-mgmt/net-snmp on #FreeBSD with AES-256-C support? Or indeed, anything more than plain AES?

How can I confirm support is compiled in?

I ask because I can use these on snmpwalk

-x AES
-x AES128

but not

-x AES193
-x AES256
-x AES256C

They give an error such as:

Invalid privacy protocol specified after -3x flag: AES193

I ask because some newer gear uses AES-256 by default.

This is a vuxml node from #FreeBSD security/vuxml port.

<vuln vid="44101b31-8ffd-11e7-b5af-a4badb2f4699">
<cancelled/>
</vuln>

I'm trying to detect cancelled vid.

I'm using perl's XML::DOM::PARSER

I tried:

my $cancelled = $node->getAttributeNode('cancelled');

and

my $cancelled = $node->setNodeValue('cancelled');

But that comes back as: Use of uninitialized value $cancelled

I don't know what functions to call to detect a cancelled node.

#FreeBSD recommendations for #monitoring #alerting #observability sought. I have a much loved collectd + riemann that needs an upgrade.

Target is about 10 servers and 200 jails.

No apache2 /php, nagios or clones thereof please. I don’t have these in my stack today, and my expertise in managing them is about 20 years out of date. I prefer to avoid JVM stuff but I’m not violently against it.

Doesn’t have to be in ports yet ( like sensu.io/ server) if it’s in a friendly language.

in theory, code review is a great idea because it means at least two people have seen code before it lands, which prevents silly errors and mistake that anyone can make.

in practice, code review in #FreeBSD means that you can't commit anything until your code has been reviewed by someone who works for Klara, Netgate, or Netflix.

because code review is unrewarding and time consuming, only people who are paid to do it will do it, which means all code is gated through a corporate representitive.

this is not really an ideal situation.

I don't know if anybody noticed #ZeroFS yet, but it seems there is a completely user space-implementation of #NFS and #blockstorage on top of #S3 #objectstorage: github.com/Barre/zerofs

Including a demo running #ZFS on top of it which essentially allows geo-redundant ZFS volumes: asciinema.org/a/728234 & github.com/Barre/zerofs?tab=re…

I don't see no #FreeBSD port yet, but if that really works it would be absolutely awesome.

#OpenZFS

ZFS on S3 (ZeroFS)

Recorded by PierreBarre

^{asciinema.org}

On FreeBSD if you want to list only the packages you explicitly specified to install (excluding packages that were pulled in as dependencies), run:

$ pkg prime-list

This can be useful for duplicating the list of packages installed on another machine.

Source: docs.freebsd.org/en/books/hand…

#FreeBSD #RunBSD

🎥 Looking to self-host your own video conferencing platform?

Check out our latest blog on how to install and configure Galene, a lightweight video meeting server that runs seamlessly on FreeBSD.

This step-by-step guide walks you through:

Setting up a FreeBSD 14.3 environment
Configuring Galene for your use case
Tips for using ZFS to enhance performance and reliability

📖 Read the full guide:

freebsdfoundation.org/blog/how…

#FreeBSD #OpenSource #VideoConferencing #Galene

Does #FreeBSD have some kind of sshd connection throttling mechanism that is outside the PerSourcePenalties config? (I set mine to 'no')

Use blacklist is set to no.
pf is not running either.

Getting really strange intermittent timeouts where I just can't log in yet I can get to the banner with telnet on port 22.

Some PAM thing with FreeBSD perhaps?

Running tcpdump, the FreeBSD machine is constantly sending its own list of KexAlgorithms until the connection times out.

FreeBSD is based sshd: 9.9p2
Connecting client is Linux openssh 10.0p2

new FreeBSD bridge(4) review: “bridge: add defvlanfilter and defuntagged options" reviews.freebsd.org/D51176

this lets you do:

$ ifconfig bridge0 defvlanfilter defuntagged 1

... which causes all newly-added member interfaces to have VLAN filtering enabled and be in VLAN 1 (only).

then your VM/jail management tools (vm-bhyve, …) can continue using 'ifconfig addm' to add bridge members and don't need to know about VLAN configuration.

fun fact: this is how most people expect bridge(4) to work already, but it is not how bridge works already! in reality, all bridge members have access to all VLANs by default, and before VLAN filtering there was no way to restrict this at all.

i wonder how many systems accidentally allow jails/VMs to access their host management VLAN because of this?

for that reason (among others) i'd like to make this the default configuration of bridge(4) in a future version... 15.0 may be too early, though. but we should document this better.

#freebsd

Apparently the first "Beastie" (never named as such by Kirk) was drawn by the artist for girlgeniusonline.com Phil Foglio

I learned this at the BSDCan 2025 talk Kirk gave!

#Bsd #FreeBSD #NetBSD #DragoinFlyBSD #OpenBSD #BSDCan #BSDCan2025 #Comics

As I start to explore the ZFS filesystem in more detail on FreeBSD, this post on snapshot basics is very helpful:

klarasystems.com/articles/basi…

#ZFS #FreeBSD

Basics of ZFS Snapshot Management - Klara Systems

Master ZFS snapshot management—learn to create, use, and delete snapshots to protect your data and optimize backups.

^{Dru Lavigne (Klara Systems)}

Linux is 2nd class citizen in ZFS world. No ZFS Boot Environments - no GRUB for modern ZFS pools - no distro with installer support for ZFS on root and BE setup.

Why then #FreeBSD would downgrade to Linux level on ANY level?

Its insane for me.

Details:
github.com/freebsd/freebsd-src…

32 years ago today, #FreeBSD was announced for the first time. I haven't tried this OS yet but I can assure you that I will because I want Quark, my OpenSource reverse proxy, to be supported on other Unix systems than Linux.

For this special occasion, I drew this little picture on #Krita 🙂

#FreeBSDday #Unix #Server

#FreeBSD provides the Ports Collection, a convenient way to install applications. Some ports allow users to configure options before building and installing. By default, this configuration is done through an interactive menu in the terminal.

To improve readability and #Accessibility especially for users with low vision or color blindness, it's important to offer simple and customizable color options. These features have recently been implemented and documented in the preview version of the FreeBSD Accessibility Handbook:
freebsd-accessibility-9d667f.g…

The next step is to extend these features to all terminal-based graphical components.

I'd love to hear from you:
Do you use any accessibility features in the terminal?
Which color-related assistive technologies make the biggest difference in your daily workflow?

Together, we can make FreeBSD more accessible for everyone. #ThePowerForEveryone #FreeBSD #Accessibility #OpenSource #LowVision #ColorBlindness #AssistiveTechnology #AccessibilityMatters

Thanks to the release of 14.3, I tried reinstalling #FreeBSD on my mini-PC.
The Wi-Fi is detected but doesn't seem to connect. I might have mistyped the password, so I'll double-check tomorrow. Wayland/Plasma works but has two bugs: Ctrl+C closes the session when launched from SDDM, and right-clicking the desktop crashes KWin. It runs correctly on X11.

Now I need to figure out suspend-to-RAM. After watching Aymeric Wibo's presentation, I'm curious to try his branch. He explained how to do it in the slides, but I'll need to find the instructions.

#RunBSD

Configured auto-mounting of USB storage devices on FreeBSD courtesy of `sysutils/automount` and instructions by @vermaden ... tested with my Kobo ereader and it works good!

vermaden.wordpress.com/2018/10…

#FreeBSD #RunBSD

Day 29 of #31DaysOfFreeBSD

FreeBSD does not include a graphical user interface in its base system. This is how I install and set up the X Window System (X11) before installing my preferred window manager or desktop environment:

dwarmstrong.org/freebsd-x11/

#X11 #FreeBSD #RunBSD

Added 𝗨𝗣𝗗𝗔𝗧𝗘 𝟮 - 𝗧𝗿𝘂𝗲𝗡𝗔𝗦 𝗖𝗢𝗥𝗘 𝗶𝘀 𝗗𝗲𝗮𝗱 - 𝗟𝗼𝗻𝗴 𝗟𝗶𝘃𝗲 𝘇𝗩𝗮𝘂𝗹𝘁 to the 𝗧𝗿𝘂𝗲𝗡𝗔𝗦 𝗖𝗢𝗥𝗘 𝘃𝗲𝗿𝘀𝘂𝘀 𝗧𝗿𝘂𝗲𝗡𝗔𝗦 𝗦𝗖𝗔𝗟𝗘 article.

vermaden.wordpress.com/2024/04…

#truenas #zvault #freebsd #zfs #storage #nas #core

I’ve been working on a #freebsd from scratch blog post series and was going to skip right over Xorg (preferring #wayland and #sway)…and then I heard about #NSCDE - a reimplementation of #Solaris #CDE look-and-feel via #fvwm

Thanks to work by Christian Moerz, it was a snap. Literally `pkg install Xorg nscde` a change to my .xinitrc and I was up in a pastel bliss again. Run #interlisp on it is a beautiful joy.

I was so impressed AND I got to avoid abandonware security holes and bit rot— so I sent some librepay love. It’s a great project!

prime

#unix_surrealism #technomage #freebsd

cool shell clique

#unix_surrealism #comic #shell #linux #rc #ksh #bash #dash #zsh #freebsd #daemon

Announcing FediMeteo – Weather in the Fediverse!

Weather has always influenced our lives: from agriculture to outdoor activities, to extreme events that, thanks to modern technology, can now be predicted with greater reliability. Personally, weather plays a significant role in my daily decisions, which is why I decided to create a service tailored for the Fediverse.

FediMeteo uses Open-Meteo data to publish updates every 6 hours, including current weather conditions, forecasts for the next 12 hours, and predictions for the upcoming days. Each country is served by its own dedicated instance (e.g., it.fedimeteo.com for Italy), managed through snac to ensure simplicity and efficiency in publishing.

You can follow FediMeteo directly in the Fediverse (on Mastodon and compatible platforms), via RSS, or by visiting the dedicated page for your city (e.g., fr.fedimeteo.com/paris).

Currently supported countries include:
Austria, Germany, France, Italy, Spain, the United Kingdom, and the Netherlands – with many more regions coming soon!

FediMeteo is hosted on a FreeBSD-based VPS, with each country isolated in its own jail to ensure security and scalability.

Visit the main site to explore the national instances and start following your local weather updates today:
fedimeteo.com

Happy weather monitoring to all! 🌦️

FediMeteo is dedicated to my grandfather, who every evening would give me the weather forecast based on TV, radio, and his personal experience. He would convince me that the weather would be bad, so he had an excuse to accompany me to school instead of me going alone.

#FediMeteo #Announcements #FreeBSD #FediMeteo #WeatherForecasts #Weather #Meteo #snac #Fediverse #Mastodon

Dear friends of the BSD Cafe,

As 2024 comes to an end, it’s time to reflect on what we’ve built together during the first full year of life for BSD Cafe. Launched on 20 July 2023, this project has grown far beyond what I could have imagined. While I haven’t tracked full uptime data, I can confidently say that the downtime was less than 30 minutes overall - even though the main VM hosting our services moved multiple times (including a switch from a Proxmox hypervisor to bhyve on FreeBSD, for the sake of alignment with our mission). In a world filled with over-engineered HA systems, we’ve outperformed many “big-name” cloud providers. Not bad for a community project, right?

For me, this has been an incredible journey. The users here are not just participants - they’re collaborators, and their positivity has been inspiring. The content shared and created at BSD Cafe has been valuable not only to the BSD community but beyond. What truly sets BSD Cafe apart is the openness for dialogue and exchange. Whether it’s social media posts, Matrix discussions, repositories in our brew, or RSS feeds, people seem to genuinely appreciate what we create and the conversations we foster.

BSD Cafe is a journey - one that grows, evolves, and continues. Our goal isn’t endless growth (we’re a community, not a business) but rather to maintain a welcoming, inclusive space where everyone feels a sense of positivity and belonging. For me, opening any service with “bsd.cafe” in the domain brings joy and pride. That’s the spirit I’ve tried to convey, and I hope it resonates with all of you, whether you’re active BSD Cafe users or friends of the community.

Promoting self-hosting and #OwnYourData has, as a side effect, inspired some users to “go solo” with their own setups. But even then, they remain part of BSD Cafe - in spirit, in purpose, and in connection.

Here’s a look at what we’ve achieved together this year:

- mastodon.bsd.cafe: 370 total users
Active in the past month: 207
Active in the past six months: 286
- snac.bsd.cafe: 14 total users
Active in the past month: 7
- blendit.bsd.cafe: 61 registered users
- matrix.bsd.cafe: 23 users
- brew.bsd.cafe: 29 users - 80 repositories
- freshrss.bsd.cafe: 25 users
- miniflux.bsd.cafe: 11 users
- press.bsd.cafe: 9 users
- myip.bsd.cafe: Constantly used by various users
- wiki.bsd.cafe: Could use a bit more love and content, but it fulfills its role as a functional homepage.
- tube.bsd.cafe: Still in testing - Peertube 7.0 update is on the way.

For detailed stats from our reverse proxy and general router (excluding media services, which generate most traffic but are handled via caching reverse proxies), you can check here - updated hourly: netstats.bsd.cafe

The journey of BSD Cafe continues, and I look forward to seeing where 2025 will take us. Together, we’ve built something special - something driven by passion, shared purpose, and a little bit of the BSD magic that makes all of this possible.

Here’s to a new year full of joy, serenity, and connection. Thank you for being part of this adventure.

Wishing you all a fantastic 2025 - and THANK YOU!
Stefano

#BSDCafe #BSDCafeServices #BSDCafeAnnouncements #BSDCafeUpdates #Fediverse #HappyNewYear #Mastodon #Snac #snac2 #lemmy #matrix #dokuwiki #forgejo #freshrss #miniflux #wallabag #peertube #FreeBSD #OpenBSD #NetBSD #RunBSD #BSD

paid in innocence

#unix_surrealism #comic #linux #runbsd #openbsd #9front #plan9 #glenda #puffy #freebsd #hack #cdc #mastoart #fediart #art

THE USUAL MAGES

#unix_surrealism #technomage #dragonflybsd #freebsd #openbsd #9front #linux #comic #cirno #puffy #beastie #tux #fred

Interesting 🤔 how #CVE are leveraged as resume items, putting #programmers #developers & project leads under pressure by #bogus CVE reports or unnecessary high CVE ratings.

Popular and obscure programs are affected in the #OpenSource #POSIX world e.g #Linux #freeBSD #netBSD #openBSD

#Curl ➰ by #Daniel #Stenberg and #IP by #Fedor #Indutny are popular programs hit by this #phenomena which can lead to unwarranted #panic in the users space

bleepingcomputer.com/news/secu…