Did you notice? The registration was temporary open today and we welcome all new users!

While we still have a plenty of free resources, we might switch from an open registration model to a recommendation / mentor model where already present users can invite new users.

This is not yet fix but a possibility to avoid misusage and abuse where our primary goal is still to provide resources for people interested into BSD based systems. Maybe also closer integrations with BSD communities like the BSD Cafe (@stefano) could be an approach.

#freevps #free #education #ipv6 #hosting #bhyve #proxmox #freebsd #netbsd #openbsd #runbsd #boxybsd @gyptazy

I am torn between the easy interface of #TrueNAS & the stability of #FreeBSD with the slightly better integration of #ZFS. I want to upgrade to latest BSD but TrueNAS switched to Linux under the covers. Anyone else come to a similar dilemma? #RunBSD #BSDHelp #BSDAdvice

Sent an email to a high profile bsd support company, and got an OO reply from a core freebsd member. I'm going to frame it. #runbsd #freebsd

Thanks to SeaweedFS, I've set up two replicas of the BSD Cafe's media. One is on a backup server (for disaster recovery purposes only, also containing the hourly zfs-autobackup backups), and the other is on a Raspberry Pi 4 running FreeBSD, which is one of my home backup servers - just one meter away from my desk.
I've also configured Nginx in a jail, so when I'm at home, the BSD Cafe's media is served directly from the local replica.
The performance is lightning fast.

A new BSDCan video has posted:

Improvements to FreeBSD KASAN By Zhuo Ying Jiang Li

https://youtu.be/pwwSdQi0NUI

KASAN is a kernel sanitizer commonly combined with fuzzing techniques to detect memory corruption bugs, some of which could lead to security compromise. Currently, FreeBSD's KASAN can only detect a subset of temporal safety vulnerabilities due to the lack of a delayed freeing mechanism of freed items. Furthermore, the effectiveness of detecting spatial safety vulnerabilities is also limited because FreeBSD's KASAN does not add redzone padding around UMA allocations.

In this talk, I will present my current work on improving the effectiveness of KASAN by extending it with a quarantining mechanism and injecting redzones around UMA allocations. The development was done on CheriBSD, a fork of FreeBSD with CHERI support, to explore the synergy between CHERI and KASAN. I plan to upstream the relevant improvements to FreeBSD.

A new BSDCan video has been posted:

Sleep on FreeBSD: A bedtime story about S0ix By Aymeric Wibo

https://youtu.be/RCjPc4X2Edc

One of the main things still missing in FreeBSD for it to be usable on modern laptops is the ability to go to sleep. In the past, this was done using ACPI S3, but newer laptops have removed this in favour of S0ix, leaving FreeBSD without support for suspend on those machines.

This talk aims to get the casual user familiar enough with the terms and concepts behind power management, such that they can understand what's going on, what's already possible, what can be done, and be able to narrow down power management issues they might encounter.
Full description

This talk will cover:

The background and history of power management on FreeBSD, from APM, to ACPI S3, and finally to s2idle/S0ix, and how to know whether or not a given laptop supports S3 or S0ix or both.

What the full suspend process looks like with modern standby, going into details like ACPI D-states & power resources, SPMC DSMs (acpi_spmc), the AMD SMU (system management unit, amdsmu), etc. and some of the challenges encountered.

Specifics about sleep on AMD, such as USB4 power management in the HCM (host connection manager) and GPIO controller interrupt servicing.

Cover debugging with residency counters, with the SMU on AMD, _LPI objects, and LPIT on Intel.

Niceties and potential future work, such as idleness determination, a powertop equivalent, a built in amd_s2idle.py equivalent (for debugging sleep issues), etc.

A new BSDCan Video has been posted:

porch(1): it's not what you expect(1) By Kyle Evans

https://youtu.be/Drbk4rEH1sk

In a world ruled by expect(1) and TCL, we discuss an alternative that was developed based on scripting with lua instead. porch(1) was developed with a language already available and used in FreeBSD base in mind, with the aim of TTY testing via pts(4).

The overall aim of this project is to provide a simple subset of expect(1) functionality specifically aimed at developer and sysadmin automation in another popular language with many niceties for scripted interaction.

In this talk, we'll specifically discuss:

The motivation for writing porch

The underlying design/philosophy (with diagrams to describe the model)

Bundled-in functionality beyond script execution

Practical samples used in FreeBSD today

--

The author has been a FreeBSD src committer since 2017, working on many parts of the tree and gradually introducing lua into the base system. His most recent exploits include improving base system boot environment management with bectl(8) and excursions into the tty layer.

Some friendships just don't crash. Happy Friendship Day from your most stable and reliable OS. #RunBSD #FriendshipDay #SysAdmin #FreeBSD #OpenBSD #NetBSD #GhostBSD #DragonflyBSD #MidnightBSD #HardenedBSD & other BSDs i might have missed :)

Get ready for the European *BSD event of 2025!

54 days to go!

BSDCan Videos are being published. It can give you a taste of the great content you can witness live in Zagreb.

Grab your tickets at https://tickets.eurobsdcon.org

The schedule is at https://events.eurobsdcon.org/2025/schedule/

For everything else, peek at https://2025.eurobsdcon.org/
More information is added all the time.

EuroBSDCon 2025 in Zagreb, Croatia
September 25-28, 2025

A new BSDCan video has been posted:

A packet's journey through pf By Kristof Provost

https://youtu.be/JtSg6ylDALo

A walkthrough of a packet's journey through (FreeBSD's) pf, concentrating on the big picture and its implications.

We'll cover when packets are inspected, when rules are evaluated and how states are used. Along the way we'll cover what DTrace probes can show us, what some of pfctl's counters mean and just how many times pf can look at a single packet.

This talk is intended for firewall admins looking for a deeper understanding and aspiring pf developers. It is not a "How to use pf" talk.

What are you missing at @BoxyBSD?

Let me know what miss, what you need and how I can improve the service to make it easier and better for you!

Another record broken! Highest monthly donation to date, it tipped the scale even earlier for silver sponsorship again.

21 new VMs were added and 79 VMs were renewed.

We donated €1395 to the #OpenBSD Foundation, €55070 since we started.

Thank you, our users, and OpenBSD developers for an awesome OS!

Stay safe, healthy & sane!

#RUNBSD in 2025

New BSDCan Video Posted:

Hardware-accelerated program tracing on FreeBSD By Bojan Novković

https://youtu.be/NrBGw8N4qL4

Hardware tracing facilities are designed to capture various metrics and information about software execution with a minimal performance overhead, making them a valuable tool for performance analyses and debugging. FreeBSD recently gained a new in-kernel framework for hardware-accelerated tracing technologies (hwt(8) [1]) with support for ARM64 and Intel CPUs.

This talk will cover the work that went into adding support for Intel's Processor Trace technology in hwt(8). We'll start by covering several key concepts related to hardware-accelerated tracing and use them to explore the architecture of FreeBSD's hwt(8) framework. We'll then move on to a case study of Intel Processor Trace technology, giving a brief overview of its features before diving into key implementation details. The talk will also include a short demo of hwt(8)'s features on the Intel platform.

#runbsd #freebsd @bsdcan

#RUNBSD! But BoxyBSD now also starts to support #Linux! We're starting soon with the Linux support for already present users, offering free boxes:

* #AlmaLinux
* #Alpine
* #Debian
* #Devuan
* #CentOS
* #Fedora
* #Gentoo
* #OpenSuse
* #OpenEuler
* #RockyLinux

Just next to our core OS like #FreeBSD, #OpenBSD, #NetBSD, #MidnightBSD and #DragonflyBSD (and #illumos). This should also make the step easier to compare and test different scenarios where BSD provides a different behavior compared to Linux systems.

Thanks to @gyptazy for the implementation!

Have any of you found a less pricey accommodation in Zagreb for EuroBSDCon than the listed ones on https://eurobsdcon.org?
A bed and some outlet is all I need.

Even with the discount more than a 100€ just to sleep (pr. night) is just way off for my budget!

This is what I answered to the question "Why are you still using #OpenBSD and why should we?" at the #UNIXsocialClub of #Dijon, #France, last weekend.

Slides in French. Post in english.

#RunBSD

https://www.tumfatig.net/2025/why-are-you-still-using-openbsd/

New post!

The NetBSD Guide has an extensive chapter on installing NetBSD that covers a wide range of scenarios. Its an invaluable resource maintained by volunteer contributors.

After performing a few installs, these are my personal notes of steps taken and choices made. My short and sweet version.

https://www.dwarmstrong.org/netbsd-install/

At EuroBSDCon 2025 in Zagreb: "Liberating the social web using *BSD" by Jeroen - @h3artbl33d - and Stefano Marinelli, see https://events.eurobsdcon.org/2025/talk/PJJLFV/

Schedule at https://events.eurobsdcon.org/2025/schedule/

To register https://2025.eurobsdcon.org/registration.html

A new BSDCan video has been posted:

Sandbox Your Program Using FreeBSD's Capsicum By Jake Freeland

https://youtu.be/Ne4l5U_ETAw

With security vulnerabilities rapidly rising each year, program security is more important than ever. One solution to keeping your program from being the victim of the next big CVE is FreeBSD's Capsicum.

Originally developed at the University of Cambridge Computer Laboratory, Capsicum is a lightweight capability and sandbox framework built into the FreeBSD base system. It is designed around the principle of least privilege - where programs only have access to resources that are required for operation.

This talk will follow my blog post, which outlines the process of Capsicumization, or sandboxing your program using Capsicum. I will cover capability violation detection, restructuring existing programs for Capsicum, and filesystem/networking access inside of the capability sandbox.

Recent Capsicumization efforts in the FreeBSD base system and the future of Capsicum will also be discussed.

#runbsd #freebsd #sandbox