AlanBarber.Org

BSD

Wednesday, July 06, 2005

Coverity scans FreeBSD for potential software flaws

I saw an interesting news article on SecurityFocus last week titled “Open-source projects get free checkup by automated tools”

Coverity makes code-analysis software that can scan source code for potential flaws, bugs, etc.  They’ve been scanning for free some open source projects to help detect and clean up possible bugs and flaws.  It’s a nice thing to do but of course the reality is they’re doing it to prove the quality of their tools.

Anyways, they just finished doing a scan of the FreeBSD OS.  They found 306 potential software flaws from the scan.  That might sound like a lot but most are really not flaws.  The FreeBSD guys are saying only five issues can be triggered by user input and twelve are buffer overruns.  Plus, either way they [FreeBSD programmers] have looked over the issues and have corrected them.  So there are updates available now and all future release will be safe from these flaws.

I must say this is pretty nice of Coverity.  I mean sure as I said it’s just something for publicity but it’s cool to see them help out open source software.  I would hope that they think about doing yearly scans of the projects.  Now that would be awesome to have them do yearly checkups of many of the big open source projects like Linux, FreeBSD, MySQL, Apache, etc.

Posted by abarber on 07/06/2005 at 07:18 PM
Computers & Technology • BSD • (0) Comments • Permalink

Tuesday, May 10, 2005

FreeBSD 5.4 Released

quote:

---

The Release Engineering Team is happy to announce the availability of FreeBSD 5.4-RELEASE, the latest release of the FreeBSD Stable development branch. Since FreeBSD 5.3-RELEASE in November 2004 we have made many improvements in functionality, stability, performance, and device driver support for some hardware, as well as dealt with known security issues and made many bugfixes.

For a complete list of new features, known problems, and late-breaking news, please see the release notes and errata list, available here:

http://www.FreeBSD.org/releases/5.4R/relnotes.html

http://www.FreeBSD.org/releases/5.4R/errata.html
Dedication

The FreeBSD 5.4 Release is dedicated to the memory of Cameron Grant. Cameron was an active FreeBSD Developer and principal architect of the sound driver subsystem despite his physical handicap. His is a superb example of human spirit dominating over adversity. Cameron was an inspiration to those who met him; he will be fondly remembered and sorely missed.
Availability

FreeBSD 5.4-RELEASE supports the i386, amd64, ia64, pc98, sparc64, and alpha architectures and can be installed directly over the net, using bootable media, or copied to a local NFS/FTP server. Distributions for all architectures except alpha are available now. The distribution for alpha should become available within the next day or two.

Please continue to support the FreeBSD Project by purchasing media from one of our supporting vendors. The following companies will be offering FreeBSD 5.4 based products:

FreeBSD Mall, Inc. http://www.freebsdmall.com/

Daemonnews, Inc. http://www.bsdmall.com/freebsd1.html

If you can not afford FreeBSD on media, are impatient, or just want to use it for evangelism purposes, then by all means download the ISO images. We can not promise that all the mirror sites will carry the larger ISO images. At the time of this announcement they are available from the following sites. MD5 checksums for the release images are included at the bottom of this message.
Bittorrent

As with the 5.3 release we are experimenting with Bittorrent. A collection of trackers for the release ISO images is available at

http://people.freebsd.org/~kensmith/5.4-torrent/
FTP

At the time of this announcement the following FTP sites have FreeBSD 5.4-RELEASE available.
ftp://ftp.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.FreeBSD.org/pub/FreeBSD/
ftp://ftp3.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.FreeBSD.org/pub/FreeBSD/
ftp://ftp.at.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.ch.FreeBSD.org/pub/FreeBSD/
ftp://ftp.cz.FreeBSD.org/pub/FreeBSD/
ftp://ftp.ee.FreeBSD.org/pub/FreeBSD/
ftp://ftp.es.FreeBSD.org/pub/FreeBSD/
ftp://ftp.fi.FreeBSD.org/pub/FreeBSD/
ftp://ftp.fr.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.ie.FreeBSD.org/pub/FreeBSD/
ftp://ftp.is.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.pl.FreeBSD.org/pub/FreeBSD/
ftp://ftp3.ru.FreeBSD.org/pub/FreeBSD/
ftp://ftp.se.FreeBSD.org/pub/FreeBSD/
ftp://ftp.si.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.tw.FreeBSD.org/pub/FreeBSD/
ftp://ftp.uk.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.us.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.us.FreeBSD.org/pub/FreeBSD/

FreeBSD is also available via anonymous FTP from mirror sites in the following countries and territories: Argentina, Australia, Austria, Brazil, Canada, China, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hong Kong, Hungary, Iceland, Indonesia, Ireland, Italy, Japan, Korea, Lithuania, Netherlands, New Zealand, Norway, Poland, Portugal, Romania, Russia, Saudi Arabia, Singapore, Slovak Republic, Slovenia, South Africa, Spain, Sweden, Switzerland, Taiwan, Turkey, Ukraine, United Kingdom, and the United States.

Before trying the central FTP site, please check your regional mirror(s) first by going to:

ftp://ftp..FreeBSD.org/pub/FreeBSD

Any additional mirror sites will be labeled ftp2, ftp3 and so on.

More information about FreeBSD mirror sites can be found at:

http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html

For instructions on installing FreeBSD, please see Chapter 2 of The FreeBSD Handbook. It provides a complete installation walk-through for users new to FreeBSD, and can be found online at:

http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/install.html
Acknowledgments

The FreeBSD Developers deserve the most thanks. Without their efforts FreeBSD would not exist.

Many companies donated equipment, network access, or man-hours to finance the release engineering activities for FreeBSD 5.4 including The FreeBSD Mall, Hewlett Packard, Yahoo!, Sentex Communications, Sandvine, Inc., FreeBSD Systems, Inc, and NTT/Verio.

The release engineering team for 5.4-RELEASE includes:
Scott Long Release Engineering
Robert Watson Release Engineering, Security
John Baldwin Release Engineering
Ken Smith Release Engineering, amd64, i386, sparc64 Release Building, Mirror Site Coordination
Hiroki Sato Release Engineering, Documentation
Doug White Release Engineering
Murray Stokely Release Engineering, Documentation
Wilko Bulte Alpha Release Building
Marcel Moolenaar ia64 Release Building
Takahashi Yoshihiro pc98 Release Building
Kris Kennaway Package Building
Joe Marcus Clarke Package Building
Jacques A. Vidrine Security Officer
Paul Saab Bittorrent Coordination
CD Image Checksums

MD5 (5.4-RELEASE-amd64-bootonly.iso) = 6882dd5ce59cda1ba4a66ef45f017597
MD5 (5.4-RELEASE-amd64-disc1.iso) = 26bca75d799c0a1690c6ae0bf0886234
MD5 (5.4-RELEASE-amd64-disc2.iso) = 3da9debeae15a49158b01b1d92843fbc

MD5 (5.4-RELEASE-i386-bootonly.iso) = 2afe65af7e7b994c3ce87cefda27352e
MD5 (5.4-RELEASE-i386-disc1.iso) = 3dbb37485535e129354bc099e24aed99
MD5 (5.4-RELEASE-i386-disc2.iso) = e4b748415ca783fce64cfafd6bd56f57

MD5 (5.4-RELEASE-ia64-bootonly.iso) = 45b032bf952e7ea8b2c42f94c3fa4997
MD5 (5.4-RELEASE-ia64-disc1.iso) = 2b1ad22da2ea0fe86345c99590049ebd
MD5 (5.4-RELEASE-ia64-disc2.iso) = 62e589928628453f1813db7402b4f3ad
MD5 (5.4-RELEASE-ia64-livefs.iso) = 6c05d71c36d84179923668faddf58e43

MD5 (5.4-RELEASE-pc98-disc1.iso) = 003dee8647e9b2cbca7df0d92011800f

MD5 (5.4-RELEASE-sparc64-bootonly.iso) = 91cb2304c2ecbcce0b312738649ba88d
MD5 (5.4-RELEASE-sparc64-disc1.iso) = 5f77c9a20e09d5ef66fad9c60e17c2ac
MD5 (5.4-RELEASE-sparc64-disc2.iso) = 7da34a32ca8196a34732548fe92d71e6

---

Posted by abarber on 05/10/2005 at 06:36 AM
Computers & Technology • BSD • (0) Comments • Permalink

Tuesday, February 01, 2005

Scott Long talks about SMPng in FreeBSD

Scott Long, of FreeBSD fame, was interviewed recently over at O’Reilly’s OnLamp.com about SMPng.  SMPng stands for Symmetric MultiProcessing next generation.  SMP in general terms is just the technology that allows a computer to have more than one CPU.

This interview is very technical so the usual “Only geeks need bother to read” notice is in full effect here.

In order for any operating system to support SMP they have to specially design the OS.  This means there are many, many ways in order to provide SMP support.  Every OS does it differently. 

One of the big changes from FreeBSD 4.x to FreeBSD 5.x was to do a major overhaul of SMP support.  This is what SMPng is.  The project to create the future SMP system for FreeBSD.  It’s a major undertaking and has taken a long time for it to mature.

Now get yourself over to OnLamp.com and read the interview.

Oh yea, for those that might want to check out the SMPng project here is the url: http://www.freebsd.org/smp/

Posted by abarber on 02/01/2005 at 08:33 PM
Computers & Technology • BSD • (0) Comments • Permalink

Sunday, January 09, 2005

Getting back into the programming groove

I decided today to get back into programming after being burned out from work for so long.  I work at UPS loading boxes every day.  Loading boxes all day is about the most brain-dead a job you can do.  You would think I would come home and want to programming just to use my brain. Yet, I just don’t feel like it.

I haven’t written a line of code since the middle of October.  So, today I made the effort to get back into coding.  I had started several programming projects a while ago and just stopped.  They projects were add-ons for the ExpressionEngine web publishing system that I’m using.

I really haven’t done any coding today.  Today was just prep and setup.  I’m making a FreeBSD 5.3 test server to do the development work on.  Right now I have the OS installed but I’m doing a buildworld on it in order to update everything and patch security holes.  Tomorrow I’ll get apache, mysql, php, etc installed and running.  The next day I’ll finally get ExpressionEngine installed and my special backup/rollback procedure configured and running.

Then after all that I’ll actually get around to start coding!

I’m sure I’ll have enough on my plate for a while but I’m already thinking of some other programming projects I’d love to work on so we’ll just see how much I manage to get done.

Posted by abarber on 01/09/2005 at 10:43 PM
Blogging • Computers & Technology • Work • BSD • ExpressionEngine • (1) Comments • Permalink

Sunday, November 28, 2004

Tutorials and Guides for BSD

I found an interesting site full of Tutorials and Guides for BSD called conveniently BSD Guides.

There aren’t a ton of guides but they do cover common tasks that users will want help with.  Things like an intro guide to vi, hardening FreeBSD, setting up a webserver and even general security tips.

If you’re new to using any BSD be it Free, Open, Net or Mac OS X it’s worth taking a few minutes to browse the collection and learn a few things at BSD Guides.

Posted by abarber on 11/28/2004 at 07:30 PM
Computers & Technology • BSD • (0) Comments • Permalink

Sunday, September 19, 2004

FreeBSD PHP Ports Changes

It’s actually pretty old news I guess but I just got around to doing some updating on my FreeBSD installation today and found out some major changes have been made to the way PHP is now installed.

It used to be that you could do an install of php “/usr/ports/www/mod_php4> make install clean” and a menu would come up to lets you select the extensions to install.  IE… support for mysql, session, xml, etc.

However now there are no options and you will get only a default base install.

To install the extensions you either have to do each one manually by finding them spread out around the ports tree.  MySQL support is in “/usr/ports/databases/php4-mysql” for example. The easier way is to use the new php extension meta-port in “/usr/ports/lang/php4-extensions”.  doing an “install” of this port will show the menu where you can select all the extensions then it will go out and do installs of all the extensions.

The notices are in the /usr/ports/CHANGES and /usr/ports/UPDATING dated July 17th, 2004.  Just thought I’d point this out since I’m sure there will be a few folks to miss this like I did.  Yes I know I should read the CHANGES and UPDATING files but like 90% of people I just run the updates on the ports and don’t check out things until something doesn’t work right!

** UPDATE (9/20/2004) **
Ok even after running the php4-extensions meta-port the modules were still not loading.  After spending this morning searching the web I managed to figure out that the problem is the php.ini file has a misconfigured “extension_dir”.  It appears default is set to “./” where as for php4 the actual location is “/usr/local/lib/php/20020429”.

If you look in the php.ini file found in “/usr/local/etc” for these lines:
; Directory in which the loadable extensions (modules) reside.
extension_dir = “./”

You can either comment out the extension_dir line by putting a semicolon before it or change the “./” to “/usr/local/lib/php/20020429”.  A quick restart of apache and you should be good to go.

Posted by abarber on 09/19/2004 at 04:30 PM
Computers & Technology • BSD • (3) Comments • Permalink

Saturday, January 17, 2004

BSD for Linux users

Posted by abarber on 01/17/2004 at 12:26 AM
Computers & Technology • BSD • (0) Comments • Permalink