FreeBSD 9.3-RELEASE Now Available

FreeBSD 9.3-RELEASE Announcement

The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 9.3-RELEASE. This is the fourth release of the stable/9 branch, which improves on the stability of FreeBSD 9.2-RELEASE and introduces some new features.

Some of the highlights:
  • The zfs(8) filesystem has been updated to support the bookmarks feature.
  • The uname(1) utility has been updated to include the -U and -K flags, which print the __FreeBSD_version for the running userland and kernel, respectively.
  • The fetch(3) library has been updated to support SNI (Server Name Identification), allowing to use virtual hosts on HTTPS.
  • Several updates to gcc(1) have been imported from Google.
  • The hastctl(8) utility has been updated to output the current queue sizes.
  • The protect(1) command has been added, which allows exempting processes from being killed when swap is exhausted.
  • The etcupdate(8) utility, a tool for managing updates to files in /etc, has been merged from head/.
  • A new shared library directory, /usr/lib/private, has been added for internal-use shared libraries.
  • OpenPAM has been updated to Nummularia (20130907).
  • A new flag, "onifconsole" has been added to /etc/ttys. This allows the system to provide a login prompt via serial console if the device is an active kernel console, otherwise it is equivalent to off.
  • Sendmail has been updated to version 8.14.9.
  • BIND has been updated to version 9.9.5.
  • The xz(1) utility has been updated to a post-5.0.5 snapshot.
  • OpenSSH has been updated to version 6.6p1.
  • OpenSSL has been updated to version 0.9.8za.
For a complete list of new features and known problems, please see the online release notes and errata list, available at:
For more information about FreeBSD release engineering activities, please see:

Availability

FreeBSD 9.3-RELEASE is now available for the amd64, i386, ia64, powerpc, powerpc64, and sparc64 architectures.

FreeBSD 9.3-RELEASE can be installed from bootable ISO images or over the network. Some architectures also support installing from a USB memory stick. The required files can be downloaded via FTP as described in the section below. While some of the smaller FTP mirrors may not carry all architectures, they will all generally contain the more common ones such as amd64 and i386.

SHA256 and MD5 hashes for the release ISO and memory stick images are included at the bottom of this message.  A PGP-signed version of this announcement is available at:
Please refer to the official announcement email for the full details regarding FreeBSD 9.3-RELEASE.

Acknowledgments

Many companies donated equipment, network access, or man-hours to support the release engineering activities for FreeBSD 9.3 including The FreeBSD Foundation, Yahoo!, NetApp, Internet Systems Consortium, ByteMark Hosting, Sentex Communications, New York Internet, Juniper Networks, NLNet Labs, iXsystems, and Yandex.

The release engineering team for 9.3-RELEASE includes:
Glen Barber <[email protected]> Release Engineering Lead, 9.3-RELEASE Release Engineer
Konstantin Belousov <[email protected]> Release Engineering
Joel Dahl <[email protected]> Release Engineering
Baptiste Daroussin <[email protected]> Package Building
Bryan Drewery <[email protected]> Package Building
Marc Fonvieille <[email protected]> Release Engineering, Documentation
Steven Kreuzer <[email protected]> Release Engineering
Xin Li <[email protected]> Release Engineering, Security Officer
Josh Paetzel <[email protected]> Release Engineering
Colin Percival <[email protected]> Security Officer Emeritus
Craig Rodrigues <[email protected]> Release Engineering
Hiroki Sato <[email protected]> Release Engineering, Documentation
Gleb Smirnoff <[email protected]> Release Engineering
Ken Smith <[email protected]> Release Engineering
Dag-Erling Smøgrav <[email protected]> Security Officer
Marius Strobl <[email protected]> Release Engineering
Robert Watson <[email protected]> Release Engineering, Security

Trademark

FreeBSD is a registered trademark of The FreeBSD Foundation.

Love FreeBSD? Support this and future releases with a donation to The FreeBSD Foundation!

Monthly dashboard

Thursday morning, 5 AM, I couldn’t sleep. I thought I could use the time before
work to do something useful, so I started handling a few PRs for FreeBSD. After
a couple of commits, a warm shower, and just before heading to work, I quickly
browsed through my irc backlog and suddently got very sad: someone was angrily
asking why bug reports were being ignored for such a long time, pushing for his
own PR to finally be given some consideration.

Thinking about it in the bus to work I realized that this guy was right to
complain: when a bug is reported it should ideally be fixed right away. Still I
was feeling sad because being on the other side of the fence I know how much
dedication volunteers put into FreeBSD, but I was not sure everybody was aware
of this. I had to find something to express this dedication.

That’s how the idea of the monthly dashboard came: simple figures that can tell
a whole story. See for yourself with this dashboard that can be found in portmgr
monthly report for June 2014:


Monthly dashboard

Number of messages to portmgr@: 564 (+53%)
Number of commits on ports: 3,717 (+17%)
Number of ports PRs closed: 873 (+25%)
Active ports committers: 147 (+10%)


 

Isn’t it amazing? Nearly 4,000 updates on the ports tree and nearly 900 problem
reports closed in a single month!

That’s a tremendous amount of work done by our committers. Take Linux for
example: with more than twice as much contributors during the same period four
times less commits were applied to the Linux kernel than to the FreeBSD ports
tree [1].

Those figures pay tribute to our committers, and I am pleased to see that the
activity keeps growing. I personnally believe there has never been a better time
to start contributing to the FreeBSD ports tree with all those new features
currently being introduced. So come and join the party!


[1] Statistics taken from http://www.ohloh.net/p/linux:
962 commits done by 344 contributors (activity recorded from Jun 9 2014 to Jul 9 2014)

New FreeBSD Core Team elected

The FreeBSD Project is pleased to announce the completion of the 2014 Core Team election. The FreeBSD Core Team acts as the project's "board of directors" and is responsible for approving new src committers, resolving disputes between developers, appointing sub-committees for specific purposes (security officer, release engineering, port managers, webmaster, etc ...), and making any other administrative or policy decisions as needed. The Core Team has been elected by FreeBSD developers every two years since 2000.

PC-BSD Feature Digest 31 — Warden CLI upgrade + IRC Announcement

Hey everyone!  After a brief hiatus from feature updates we are back!  We’ve switched from Fridays to Mondays and rather than trying to get an update out every week we aren’t on a specific schedule.  We will continue to push out these feature updates when we have some cool new features come out we think you’ll want to know about.

The Warden and PBI_add backend (CLI)  management tools have received some exciting new features we’d like to tell you about.  You can now create jails on the fly when adding a new PBI to your application library.  For instance say you’re adding a PBI using the “pbi_add” command and you want to install the PBI into a new jail that you haven’t created yet.  You would specify:  “sudo pbi_add –J apache” without the quotes to create a default named jail with the PBI apache installed directly into it.  The –J being the new flag that specifies the creation of the new jail.

There’s also a new option now to do a bulk jail creation.  By simply using the new –bulk and –ip4pool flag you can easily roll out your preset number of jails quickly and efficiently.  To use this cool new feature just type:  “warden create <jailname> –bulk 5 –ip4pool 192.168.0.2″ and voila you’ve got 5 brand spanking new jails created in no time starting at IP address 192.168.0.2 .

The PC-BSD team is now hanging out in IRC!  Get involved in the conversation and come  visit us on Freenode in channel #pcbsd.  We look forward to seeing you there!

FreeBSD 9.3-RC3 Now Available

FreeBSD 9.3-RC3 Now Available


The third RC build of the 9.3-RELEASE release cycle is now available on the FTP servers for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

The image checksums can be found in the PGP-signed announcement email.

ISO images and, for architectures that support it, the memory stick images are available here:

    http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/

(or any of the FreeBSD mirror sites).

If you notice problems you can report them through the normal Bugzilla PR system or on the -stable mailing list.

If you would like to use SVN to do a source based update of an existing system, use the "releng/9.3" branch.

A list of changes since 9.2-RELEASE are available on the 9.3-RELEASE release notes page here:


Changes between 9.3-RC2 and 9.3-RC3 include:

  • Bug fix for axge(4) range checks and receive loop header parsing.
  • Bug fix to exclude loopback addresses rather than loopback interfaces has been fixed.
  • Bug fix in uhso(4) to prevent memory use after free() and mtx_destroy().
  • Bug fix in bsdinstall(8) where certain conditions could prevent directory creation before use.
  • Bug fix for DNS-based load balancing.
  • Vendor update to oce(4).

The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier FreeBSD releases can upgrade as follows:

    # freebsd-update upgrade -r 9.3-RC3

During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly.

    # freebsd-update install

The system must be rebooted with the newly installed kernel before continuing.

    # shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new userland components:

    # freebsd-update install

It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x.  Alternatively, the misc/compat8x port can be installed to provide other compatibility libraries, afterwards the system must be rebooted into the new userland:

    # shutdown -r now

Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

    # freebsd-update install

Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

FreeBSD 9.3-RC3 Available

The third RC build for the FreeBSD-9.3 release cycle is now available. ISO images for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures are available on most of our FreeBSD mirror sites.

BSDday

BSDday (http://bsdday.org/), University of Buenos Aires' Faculty of natural and exact sciences, Buenos Aires, Argentina 9 August, 2014. BSDday Argentina is a conference for users, sysadmins and developers of BSD software and based systems. The conference is for anyone developing, deploying and using systems based on FreeBSD, NetBSD, OpenBSD, DragonFlyBSD and others *BSD. BSDday Argentina is a technical conference and aims to collect the best technical papers and presentations available to ensure that the latest developments in our open source community are shared with the widest possible audience.

Getting to know your portmgr-lurker: William Grzybowski

From July to the end of October two new lurkers will have the opportunity to get insights into FreeBSD portmgr internals, namely William Grzybowski and Nicola Vitale. William was the first to answer our interview so let’s get to know him a bit better.

 

Name

William Grzybowski

Committer name

wg

Inspiration for your IRC nick

my name initials

 TLD of origin

.br

 Current TLD (if different from above)

Occupation

Software engineer

 Blog

None

Inspiration for using FreeBSD

Stability and simplicity

Who was your first contact in FreeBSD

I don’t recall, too long ago!

Who was your mentor(s)

culot, jpaetzel

What was your most embarrassing moment in FreeBSD

Breaking INDEX, but hey, who ever didn’t? ;)

vi(m) /  emacs / other

vim

What keeps you motivated in FreeBSD

The passion of everyone in the zoo about it. You can very easily see a
guy angry by someone’s else commit like stealing candy from his son :)

Favorite musician/band

AC/DC

What book do you have on your bedside table

book? what is that? :)

coffee / tea / other

coffee, beer (but real beer, no corn!)

How would you describe yourself

Calm and mind-centered

sendmail / postfix / other

postfix

Do you have a hobby outside of FreeBSD

Play soccer, gym

What is your favorite TV show

Fringe

Claim to Fame

I was mentored by culot and I survived! Just kidding, I have none, I am a joke!

What did you have for breakfast today

An orange and a slice of yogurt cake

What sports team do you support

Gremio Foot-Ball Porto Alegrense, brazillian soccer team

What else do you do in the world of FreeBSD

I do work mostly in python ports and help closing PRs.

2014Q3 Branched

The 2014Q3 branch has just been branched and the package builder has been
updated to use that branch. This means that the next update on the quarterly
packages will be on the 2014Q3 branch.

What happened during the last 3 months:
- 177 different committers have participated
- 9918 commits happened
- diffstat says: 23646 files changed, 554070 insertions(+), 577210 deletions(-)

What does that means for users:
- default Java is now 1.7
- massive conversion to stagedir (93% of the ports are now properly staged)
- massive improvement of the usage of libtool (which reduces a lot overlinking)
- new USES: mono, objc, drupal, gecko, cpe, gssapi, makeinfo
- new Keywords for plist: @sample, @shell
- LibreOffice has been updated to 4.2.5
- Firefox has been updated to 30.0
- Firefox-esr has been updated to 24.6
- Default postgresql has moved from 9.0 to 9.2
- nginx has been updated to 1.6.0
- Default lua is 5.2
- subversion has been split into multiple ports for each features
- On FreeBSD 9-STABLE and 10-STABLE the default xorg 1.12.4 (for default binary
packages it is still 1.7.7)
- Improved QA checking in the infrastructure
- Info files are handle correctly even if base has been built WITHOUT_INFO
- Ancient emacs version has been cleaned out

FreeBSD 9.3-RC2 Now Available

FreeBSD 9.3-RC2 Now Available


The second RC build of the 9.3-RELEASE release cycle is now available on the FTP servers for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures.

The image checksums can be found in the PGP-signed announcement email.

ISO images and, for architectures that support it, the memory stick images are available here:

    http://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/9.3/

(or any of the FreeBSD mirror sites).

If you notice problems you can report them through the normal Bugzilla PR system or on the -stable mailing list.

If you would like to use SVN to do a source based update of an existing system, use the "releng/9.3" branch.

A list of changes since 9.2-RELEASE are available on the 9.3-RELEASE release notes page here:


Changes between 9.3-RC1 and 9.3-RC2 include:
  • A bug in the fast rx buffer recycle path has been fixed in the cxgbe(4) driver.
  • A bug that would incorrectly allow two listening SCTP sockets on the same port bound to the wildcard address has been fixed.
  • Multiple vulnerabilities have been fixed in file(1) and libmagic(3).  [FreeBSD-SA-14:16.file]
  • A workaround has been implemented to fix serial ports on certain motherboards, in particular the Intel D2500CCE board.
  • A bug in bsdgrep(1) that would prevent certain pattern matching has been fixed.
  • The bsdconfig(8) utility has been updated to support pkg(8)-format packages.
  • Firmware for the cxgbe(4) Chelsio T4 and T5 cards has been updated to version 1.11.27.0.
The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases.  Systems running earlier FreeBSD releases can upgrade as follows:

    # freebsd-update upgrade -r 9.3-RC2

During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly.

    # freebsd-update install

The system must be rebooted with the newly installed kernel before continuing.

    # shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new userland components:

    # freebsd-update install

It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 8.x.  Alternatively, the misc/compat8x port can be installed to provide other compatibility libraries, afterwards the system must be rebooted into the new userland:

    # shutdown -r now

Finally, after rebooting, freebsd-update needs to be run again to remove stale files:

    # freebsd-update install

Love FreeBSD?  Support this and future releases with a donation to the FreeBSD Foundation!

FreeBSD 9.3-RC2 Available

The second RC build for the FreeBSD-9.3 release cycle is now available. ISO images for the amd64, i386, ia64, powerpc, powerpc64 and sparc64 architectures are available on most of our FreeBSD mirror sites.

fossil in prison

Since my last post about how I do host fossil I have been asked write about the new setup I do have

The jail content

I have created a minimal jail:

$ find /usr/local/jails/fossil -print
/usr/local/jails/fossil/var
/usr/local/jails/fossil/var/tmp
/usr/local/jails/fossil/libexec
/usr/local/jails/fossil/libexec/ld-elf.so.1
/usr/local/jails/fossil/bin
/usr/local/jails/fossil/bin/sh
/usr/local/jails/fossil/bin/fossil
/usr/local/jails/fossil/lib
/usr/local/jails/fossil/lib/libc.so.7
/usr/local/jails/fossil/lib/libssl.so.7
/usr/local/jails/fossil/lib/libreadline.so.8
/usr/local/jails/fossil/lib/libz.so.6
/usr/local/jails/fossil/lib/libcrypto.so.7
/usr/local/jails/fossil/lib/libncurses.so.8
/usr/local/jails/fossil/lib/libedit.so.7
/usr/local/jails/fossil/data
/usr/local/jails/fossil/dev

/bin/sh is necessary to get the exec.start jail argument to work /var/tmp is necessary to get fossil to open his temporary files (I created it with 1777 credential) /data is a empty directory where the fossil files will be stored

Jail configuration

The configuration file is the following:

fossil {
	path = "/usr/local/jails/fossil";
	host.hostname = "fossil.etoilebsd.net";
	mount.devfs;
	ip4.addr="127.0.0.1";
	exec.start = "/bin/fossil server -P 8084 --localhost --files *.json,*.html,*.js,*.css,*.txt --notfound /index.html /data &";
	exec.system_jail_user = "true";
	exec.jail_user = "www";
	exec.consolelog = "/var/log/jails/fossil.log" ;
}

More about fossil itself

In /data I created an index.html which is an almost empty html with a bit of Javascript.

When loading the javascript will request a list.txt file.

This file contain the list of repositories I want to show publically (one per line).

For each of them the javascript will use the json interface of fossil (meaning your fossil has to be built with json) and gather the name and the description of the repo to print them on the index.

Starting/Stopping the service

2 simple command are necessary to manage the service:

Starting up:

# jail -c fossil

Stopping:

# jail -r fossil

The service is only listening on the localhost, it is up to you to create your reverse proxy, in my case I do use nginx with the following config:

server {
	server_name fossil.etoilebsd.net;
	listen       [::]:443 ssl;
	listen       443 ssl;
	ssl_certificate     ssl/fossil.crt;
	ssl_certificate_key ssl/fossil.key;

	location / {
		client_max_body_size 10M;
		proxy_buffering off;
		proxy_pass http://127.0.0.1:8084/;
		proxy_set_header HTTPS on;
		proxy_set_header   Host             $host;
		proxy_set_header   X-Real-IP        $remote_addr;
		proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
	}
}

PC-BSD 10.0.2 Released!

The PC-BSD team is pleased to announce the availability of the next PC-BSD quarterly update, version 10.0.2!

This update includes a number of important bug fixes as well as newer packages and desktops, such as KDE 4.12.5, Cinnamon 2.2.13, Gnome 3.12.2, and more. This release also includes an alpha release of the new Lumina desktop which is being developed on PC-BSD. For more details and updating instructions, refer to the notes below.

Notable Changes:

  • KDE 4.12.5
  • Cinnamon 2.2.13
  • Gnome 3.12.2
  • Alpha release of Lumina desktop
  • Revamped AppCafe and PBI subsystems, integrated fully with FreeBSD’s PKGNG
  • AppCafe support for application screenshots, 5-Star rating system and comments integrated with our Wiki
  • Unified various UI elements and keyboard shortcuts
  • Integrated package cleanup functionality into AppCafe / PBI system
  • Updated Control Panel UI with additional view options and asynchronous item reading
  • Improved UI notification between applications and tray notification systems
  • Added PulseAudio as default audio backend for all packages which can support it
  • Added full-disk encryption options with GELI, which does *not* require a separate un-encrypted /boot partition
  • Support for automatic boot-environment creation before doing any upgrades or updates to the system or packages
  • Boot-environment support for full-disk encrypted installations
  • Added support for adding snapshot “Comments”
  • Options to set L2Arc / ZIL devices during installation
  • Many other bugfixes and improvements to Life-Preserver, Warden and more

A more detailed list of changes can be found in What’s New in 10.0.2.

Updating:

Desktop users already running 10.0 can update via Control Panel -> Package Manager -> Updates. Server users can update via the “pc-updatemanager” command-line utility.

If package updating fails due to conflict errors, please be sure to apply all system updates first before trying again.

After updating and rebooting, please run the AppCafe once to begin the conversion process from the old style PBIs to 10.0.2 packages.

Installing:

10.0.2 DVD/USB media can be downloaded from here.

Reporting Bugs:

Found a bug in 10.0.2? Please report it (in as much detail as possible) to our Trac Database.