MidnightBSD Developer Journal

Opera, curl, tnftp, and tnftpd mports were updated tonight.  I also removed ftp/mirror as the upstream disappeared and the license limited what we could do with the software.

A vulnerability exists in the base system version of BIND as well as BIND 9.7 and 9.8 in mports.  The mports were updated last night, but the base system has not been patched yet.  It is recommended that users track the ports versions of BIND at this point.  

I will work on getting BIND updated in src.  I'm seriously considering dropping BIND from base as there have been a lot of security holes and changes at a fast pace over the last year.  It's becoming a lot of work and updating ports is much quicker. If I choose to do this, the first change will be switching to the separate libbind library and updating the few tools from BIND such as dig.  

I've added the Google +1 button to the MidnightBSD website as an experiment.  I'm hoping users will use it on pages they find useful.  It will help MidnightBSD in search results and let me know what pages I'm succeeding on.

I've also realized I've ignored the website too long.  I plan on adding more content to it. 

mport tools

Progress has been made on the MidnightBSD package tools.  The mport tool can now download an index generated from the Magus build cluster using a bootstrap site and then fetch from mirrors defined in that file.  It checks for updates weekly for index files.  Several bugs have been fixed in fetching files.  Delete and Update commands are working and progress has been made on the upgrade command, although it's not quite production ready.  Upgrade allows you to update all packages on your system.  There are some ordering issues left to fix and we have some minor bugs with ports that contain pkgnamesuffix.

mport has a new command deleteall, which will remove all packages for a system.  This is good when you want to start over with an update or you want to test different package configurations. 

The remaining steps for mport tools include integration with the installer and squashing a few more bugs before the 0.4-RELEASE.

 mports

Browsers

The GECKO engine makefiles have been tweaked to work better with newer versions of Mozilla products. Unbranded versions of Firefox are building again and work has begun on porting libxul for use with GNOME ports. 

Opera 11 has been added to the ports collection, but requires a very recent version of 0.4-CURRENT. . 

Chromium 5 has been in the tree for a few months and we're working on getting a newer version ported. 

Gnome

Gnome 2.32 is slowly shaping up in the tree. We have 90% of gnome2-lite working excluding yelp and epiphany which require libxul.  Gtk, and many Gnome ports have been updated in the process

Databases

MySQL, Postgresql, and sqlite3 have been updated to recent builds.  This includes several performance and security enhancements. 

X.org

X.org 7.5 has been imported into mports.  This combined with the recent drm update, allow newer video cards to work with acceleration.  This should improve support for all major graphics card vendors.

src

0.4-CURRENT has many improvements including mksh R40, Perl 5.14, security updates for BIND, drm updates, fixes for cam(3), and the default blocksize for UFS/FFS was increased to 32K with 4K fragments. The latter change will work better with advanced format hard drives like the WD Green drives (EARS).  

Sendmail 8.14.5 was imported.

Finally, xz and liblzma have been added to the tree.

X.org 7.5 is working on MidnightBSD now.  There are a few tweaks I want to make to ports, but it's running on i386 CURRENT.  The nv driver didn't get installed automatically.  

I've also started the migration to gnome 2.32.  

Totally unrelated, GNU grep was bumped to 2.7 tonight. 

For those of you using sendmail on MidnightBSD, the port has just been updated to 8.14.5.  i plan on updating the base system sendmail in current when I get time. 

These results aren't too good.  Part of this is some cleanup happening to make the new X.org happen.  

I'm working on updating several key ports I've let slide for far too long.  Getting ready for the next release. 

 Currently uploading packages for amd64 current from the last magus run to the ftp server.  These are located in the 0.4 directory rather than the historical use of current.  They are mport based packages.  An index will be generated from them for further testing the new mport tools.

Reverse DNS for our IPV6 addresses was finally completed today.  

This month has been crazy for me.  As I had a business trip and then got sick, I haven't had as much time as I'd like with MidnightBSD.  I managed to get a few ports updated today and fixed a bug in src showing up in tinderbox.  

The MidnightBSD forums have been taken offline until I can find a solution to the terrible spam problem.  Please use the mailing list instead.   The BSD licensed forum software I was using, jforum, has a few antispam features but it's rather clunky to use.  It would be nice if I could block ip quickly by user's last ip or even a subnet.  The spam is coming from China.  I suspect there are a few bugs with input parsing and a script is able to create accounts and spam from it even with activation emails and other measures. It was using a large amount of my bandwidth as well as slowing down several of the websites and causing large companies to contact me regarding trademark use.  :) 

My original goal was to get the 0.4-RELEASE out in May.  As I've lost most of April, I'm not shooting for June.  This is a smaller release focusing on the transition to the mport package system.  I'm also trying to get as many ports as possible updated for the release.  

The current focus of the project is to get the mport tools ready for the 0.4 release.  mport tools are now the default on CURRENT.  They work for basic operations and while we're not actively using it yet, they have a downloadable index with current packages available.  This index is created on the server with data from our Magus package cluster database and sqlite3.  It includes information like package name, license, mirrors to download the file, version, etc.  

I'm currently working on adding additional information to the index about categories mports belong to.  This would be nice for display in the installer as well as for searches.  

Speaking of the installer, I've been working on modifications to use the mport tools instead of the legacy pkg_tools.  sysinstall will eventually be replaced, although I doubt we'll use the pc-sysinstall or bsdinstaller backends from other systems.  Most likely it will not be a shell or lua based environment.  The installer is our next big project after mport tools.  

sysinstall was simplified recently.  Several menu options that are confusing to our userbase were removed.

In addition to this work, we've been updating and adding new features to the base system.  DRM/DRI code was imported from FreeBSD 7.1 as well as cdevpriv wrappers.  nss_mdns was added to the base system; it allows one to find other systems on the network using multicast DNS.  Systems running mDNSResponder or Avahi can now be seen on the network.  I'm now able to ssh between my iMac and MidnightBSD machines by name (.local).  

The time zone update file, tzdata2011c, was imported. An OpenSSL security issue was patched that only affects CURRENT.   

Finally, xz 5.0.1 and liblzma were imported into the base system.  mports was modified to use the system version when possible. 

I read a recent post on osnews.com about their recent traffic and wondered what type of users are visiting the MidnightBSD website.  We don't get a lot of traffic, but still it was an interesting question who visits the site.  Here is a breakdown by OS:

 1 3677372 485071 OS unknown

2 1519710 228260 Known robots

3 767452 108338 Windows

  437089 78553  Windows XP

  306080 24350  Unknown Windows

  13331 2691  Windows Server 2003

  8845 1763  Windows 2000

  1149 403  Windows 98

  471 282  Windows NT

  143 126  Windows ME

  140 79  Windows 95

  183 72  Windows CE

  21 19  Windows 3.1

4 488384 35717 Unix

  449753 32489  Linux

  29375 2302  FreeBSD

  3039 291  OpenBSD

  2124 172  NetBSD

  903 151  Unknown BSD

  1668 150  SunOS

  964 100  MidnightBSD

  101 25  MirBSD

  330 20  DragonFly

  126 16  Other Unix

  1 1  AIX

5 119959 9461 Macintosh

6 189 21 Symbian OS

7 137 12 Sony PS3

8 31 5 BeOS

9 26 4 OS/2

10 81 4 Amiga

11 9 2 Sony PSP

12 1 0 Nintendo Wii

Over the last two days, I've updated mDNSResponder in MidnightBSD to 258.14.  I've also added a new nsswitch module (nss_mdns) for resolving mdns entries.

To enable this, you would need to be on current, have mDNSResponder enabled, and then add mdns to the hosts line in /etc/nsswitch.conf

hosts: files mdns dns

To enable mDNSResponder, add the following to /etc/rc.conf

mdnsd_enable="YES"

It might be necessary to implement additional routines in nss_mdns, but at this point I'm able to ping hosts and run basic programs like ssh while connecting to hosts on my local network.

I've been working on getting the mport tool to list packages that need updating.  Some of this code was already in place, but there was no driver for it.  It also required creating a new utility to generate an index from our magus package cluster system.  

A new command is available:

mport list updates

Output currently looks like this:

# mport list updates

apache: 2.2.17 < 2.2.17_1

clamav: 0.96.3 < 0.96.5

dirmngr: 1.0.2_1 < 1.1.0_1

docbook: 4.1_3 < 4.2_1

The system supports aliases for package names.  We could eventually add aliases like apache for the apache22 port to make it easier to work with popular packages.

Indexes are created from the MySQL based magus database for a specific run (os version + arch are unique).  The index is a sqlite3 database containing the package meta data such as the name, version and license as well as the aliases and list of mirrors to download from.  The index file is bzip2 compressed and placed on the HTTP server for distribution to clients.  If an index is older than twenty-four hours, mport will download an updated index, extract it and then perform operations on it.

The next step is writing the upgrade and update commands in mport to automatically fetch and update packages. When this work is complete, mport will be come the new default package format. 

This is an interesting page on the evils of AllowEmptyInput in X.org config files.   In short, if you use hald, you don't need input sections in your /etc/X11/xorg.conf file.  If you don't want to use hald for input devices, use

  Option "AutoAddDevices" "Off"

If  you are running BIND 9.7  or 9.8 from mports, please update to the latest release.  There is a security issue affecting these versions which is rather serious.  See the ISC website for details.

Over the weekend, I updated the amdtemp(4) driver to support the sensors framework.  This serves the same function as kate(4) in OpenBSD and DragonFly, but it supports K10 and K11 AMD CPUs as well. I based some of the design on how the coretemp(4) works, but it's exposed differently in hw.sensors because of the bus it's on. 

We've got a news mention discussing 0.4-CURRENT in this month's issue of BSD Magazine. 

Right after the release, I focused on getting some contrib software up-to-date.  While writing the release notes for 0.3, it was apparent that we needed to get on the ball.  

OpenSSL, OpenSSH, file, GNU sort, awk, sqlite, tcsh, BIND and sudo have all been updated in the last month.  I've added it(4) and lm(4) to work with the sensors framework introduced in 0.3.  eeemon(4) was recently added for hardware monitoring on some Asus eee PCs.  alc(4) was introduced for atheros gigabit lan cards.  ale, alc, ae were all added to GENERIC in current.  

Intel coretemp(4) monitor was modified to work with the sensors framework. It's now possible to monitor the CPU temp with sensorsd on Intel CPUs.  I'm working on adding similar functionality to amdtemp.  

A locking fix was introduced today on the route code related to ICMP traffic.  

I just posted a non security update to the 0.3 branch.  sqlite 3 was misreporting it's version in the pkg-config script.  This has been corrected.  It shouldn't have any real impact on the base system or packages shipped with MidnightBSD. 

I also fixed the example cvsup file so that it checks out RELENG_0_3 on that branch.