Feed openbsd-journal OpenBSD Journal

OpenBSD Journal

Link http://undeadly.org/
Feed http://undeadly.org/cgi?action=rss
Updated 2019-11-22 13:27
krw@ adventures at p2k19
Next up in the series of p2k19 reports is Ken Westerback (krw@), who writes:
p2k19 Hackathon Report: Jeremy Evans on PostgreSQL and Ruby
Our next p2k19 report comes from Jeremy Evans (jeremy@):
p2k19 Hackathon Report: Landry Breuil on unveil(2)-ing Mozilla, sqlite3 testing
Fresh from the just concluded p2k19 hackathon comes this report from Landry breuil (landry@), who writes:
Martin Pieuchot: The Unknown Plan
Fresh from Bucharest is this story from Martin Pieuchot (mpi@) with his experience from p2k19:
OpenSSH U2F/FIDO support in base
Damien Miller (djm@)posted to tech@:
p2k19 Hackathon Report: Good vibes from Bucharest by Marc Espie (espie@)
The first p2k19 hackathon report comes from Marc Espie (espie@), who writes:
HEADS UP: ntpd changing
Theo de Raadt (deraadt@)postedto tech@:
DNSSEC enabled in default unbound(8) configuration
DNSSEC validation has been enabled in the defaultunbound.conf(5)in -current.The relevant commits werefromJob Snijders (job@)
U2F support in OpenSSH HEAD
In amessageto the openssh-unix-dev mailing list,Damien Miller (djm@) wrote:
EuroBSDCon 2019 videos available
The EuroBSDCon channel at YouTube now has the EuroBSDCon 2019 videos online. One excellent way to start is with Patricia Aas' excellent keynote Embedded Ethics and just go on, but you could also go directly to the OpenBSD related talks:
New openbsdstore available with 6.6 T-shirts
A new OpenBSD store has been started, for those looking for OpenBSD swag now that the project no longer produces CDs. If you like the artwork that comes with the releases, this is a great way to support it. Quoting the about page:
OpenBSD 6.6 Released
In amessageto relevant mailing lists,Theo de Raadt (deraadt@) announced that theOpenBSD project's 47 release,OpenBSD 6.6,is now available frommirror sitesworldwide.Rather than reproducing here the full list of new features,we refer readers to the officialOpenBSD 6.6 page,and the detailedchangelog.Notable changes include but are not limited to:
OpenBSD crossed 400,000 commits
Theo de Raadt (deraadt@)posted to tech@:
sysupgrade(8) Added to OpenBSD 6.5
In a move bound to be greeted with great enthusiasm, the newly-releasedPatch 012for OpenBSD 6.5 addssysupgrade(8)to the system.Readers are encouraged to show their appreciation bydonating!
OpenBSD moving towards 6.6
Theo de Raadt (deraadt@)has changednewvers.shto6.6:
Support for the sgi platform discontinued
Support forthe sgi hardware platformhas been discontinued:
OpenBSD at EuroBSDcon 2019
EuroBSDcon 2019has concluded, and materials for the OpenBSD-related talks can be found inthe usual place.At the time of writing, official video recordings are not yet available,but the organisers assure us that they will be as soon as the editing is done.
The return of startx(1) for non-root users [with some caveats]
Mark Kettenis (kettenis@) has recentlycommittedchangeswhich restore a certain amount ofstartx(1)/xinit(1)functionality for non-root users.The commit messages explain the situation:Read more…
Setting up a mail server with OpenSMTPD, Dovecot and Rspamd
On hisblog,Gilles Chehade (gilles@) has writtena very detailed article on running anOpenSMTPD mail server.The article begins:
DoH disabled by default in Firefox
On Monday, Otto (otto@) committed a small but significant change to the Firefox port.
Package updates for -stable available for arm64 (too)
The arm64 architecture hasjoinedamd64 and i386in having -stable package updatesavailable.
Package updates for -stable branch now available for amd64, i386 soon
In a very welcome development, Solene Rapenne (solene@) announced that binary package updates for the most popular platforms will be available for the latest OpenBSD release.The announcement reads:
6.6-beta has been tagged
Theo de Raadt (deraadt@)has justtagged6.6-beta:
Game of Trees
Stefan Sperling (stsp@) is developing a version control system,"Game of Trees".From <https://gameoftrees.org/>:
snmp(1) added to -current
Martijn van Duren (martijn@) hascommitteda newSimple Network Management Protocol(SNMP) client,snmp(1):
tpmr(4) driver added to -current
David Gwynne (dlg@) has committed to -current another new network driver -an 802.1Q Two-Port MAC Relay driver,tpmr(4).Themain commit messageexplains the raison d'être:
Touchpad, Interrupted
On hisblog,Joshua Stein (jcs@) has written an[another!]excellent article on an involved investigation into a complex issue:the non-arrival of interrupts for certain touchpad devices.
OpenBGPD 6.5p1 released.
Claudio Jeker (claudio@) hasannouncedthe release of a new version ofOpenBGPD:
OpenBSD::Unveil(3p) added to -current
Andrew Fresh (afresh1@)hascommittedOpenBSD::Unveil(3p),a Perl interface tounveil(2):
aggr(4) driver added to -current
David Gwynne (dlg@) hascommitted to -currenta dedicatedLink Aggregation (EEE 802.1AX)driver,aggr(4).Themain commit messageexplains the raison d'être:
OpenBSD Community goes Platinum for 2019!
Ken Westerback wrote in with some good news:
doas environmental security
Ted Unangst (tedu@)postedto the tech@mailing list regardingrecent changes to environment handling indoas(in -current):
SSH gets protection against side channel attacks
Damien Miller (djm@) has just committed a new feature for SSH that should help protect against all the various memory side channel attacks that have surfaced recently.
ntpd auto time setting
Otto Moerbeek (otto@) has writtenan updateon his recent ntpd(8) work to the tech@ mailinglist:
rpki-client(8) imported into the tree
Job Snijders (job@) hasimportedKristaps Dzonsons'rpki-client(discussed previously)into the tree:
BSDCan 2019 videos available
Videos of presentations atBSDCan 2019are now (becoming) available from theYouTube channel.Links to the videos can now also be found in the usual place.
g2k19 Hackathon Report: Stefan Sperling on Access Points and Ghosts
Our next hackathon report comes from Stefan Sperling (stsp@):
acme-client(1) moves to Let's Encrypt v02 API
Florian Obser (florian@) hascommittedthe changes required to moveacme-client(1)in -current to theRFC 8555protocol used by theLet's Encrypt v02 API:
Recent Security Innovations
IntroductionThere have been some recent securityinnovationspreviously unreported here:
Smartisan becomes Iridium Donor for 2019
Ken Westerback of The OpenBSD Foundation wrote in with some excellent news on the 2019 fundraising campaign:
g2k19 Hackathon Report: Andrew Fresh on portgen(1), coffee, and more
Next up with a report from g2k19 is Andrew Hewus Fresh(afresh1@):
g2k19 Hackathon Report: back to dee trace
Martin Pieuchot (mpi@) wrote in with a report from g2k19:
Call for testing of ntpd(8) automatic mode
Otto Moerbeek (otto@) has been working on improving the behaviour of ntpd(8) during system boot, especially for machines whose time is way off (e.g. for machines without a battery-backed clock (RTC)).One recently committed improvement dealt with the problem of bad time in a DNSSEC environment, but Otto is working on more changes in this area.Read more…
SNI support added to relayd(8) in -current
With thiscommit,Reyk Floeter (reyk@) completed the addition ofServer Name Indication (SNI)torelayd(8):
g2k19 hackathon report from Claudio Jeker
With the latest hackathon finished, the subsequent BSDCan completed and its attendees having returned home, Claudio Jeker (claudio@) writes in with the first report from g2k19:
OpenBSD 6.5 Released
2019-04-24, Calgary, Alberta, Canada and elsewhere: With a message sent to relevant mailing lists, Theo de Raadt (deraadt@) announced that the OpenBSD project's 46th release, OpenBSD 6.5 is now generally available from mirror sites all over the world.Notable changes include but are not limited to:
docbook2mdoc-1.0.0 released
After doing active development on it for about a month,i just released version 1.0.0 of the DocBook to mdoc converter,docbook2mdoc(1).The OpenBSD port was updated, too.In a nutshell, docbook2mdoc was brought from experimental statusto an early release that can be considered mostly usable forproduction, though no doubt there are still many rough edges.That's why i called it 1.0.0 and not 1.1.1.Read more…
t2k19 Hackathon Report: On rsync, ssh, and ports cruft
The stream of t2k19 hackathon reports continues with this from Christian Weisgerber (naddy@):
t2k19 Hackathon Report: unwinding in Taipei
Fresh from the recent t2k19 hackathon in Taipei, Florian Obser (florian@)writes in with this report:
t2k19 Hackathon Report: Stefan Sperling on 802.11? progress, suspend/resume and more
A new hackathon report has arrived, this time from Stefan Sperling (stsp@), who writes: