Re: FreeBSD 11.0-BETA4 Now Available
On Mon, Aug 08, 2016 at 11:22:27AM -0700, Nathan Whitehorn wrote: > > > On 08/08/16 10:56, Glen Barber wrote: > >On Mon, Aug 08, 2016 at 10:53:26AM -0700, Nathan Whitehorn wrote: > >> > >>On 08/08/16 10:43, Lars Engels wrote: > >>>On Mon, Aug 08, 2016 at 10:15:07AM -0700, Devin Teske wrote: > >On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: > > > >On Mon, Aug 08, 2016 at 02:44:05PM +, Glen Barber wrote: > >>On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: > >>>On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: > -BEGIN PGP SIGNED MESSAGE- > o The new system hardening options have been fixed to avoid > overwriting > other options selected during install time. > >>>Can those options also get added to "bsdconfig"? > >>You would have to ask the bsdconfig maintainer(s). > >> > >Cc'ing dteske. > > > What aspects of bsdconfig need updating? > >>>bsdinstall has a new "hardening" module. AFAIK bsdinstall and bsdconfig > >>>share a lot of code, so bsdconfig should probably also offer the > >>>"hardening" module. > >>The hardening module should probably just be a part of bsdconfig, actually, > >>and an option to open bsdconfig be an option at the end of the installer. > >> > >In order for that to be an option, I'd strongly suggest updating > >bsdconfig to properly detect packages on the DVD (which it has not since > >10.0-RELEASE), as it makes too many incorrect assumptions. > > > > > > It's way too late for this for 11.0. I was just making a general statement. > I think things are fine as they are for the upcoming release. Agreed on both counts. Glen signature.asc Description: PGP signature
Re: FreeBSD 11.0-BETA4 Now Available
On 08/08/16 10:56, Glen Barber wrote: On Mon, Aug 08, 2016 at 10:53:26AM -0700, Nathan Whitehorn wrote: On 08/08/16 10:43, Lars Engels wrote: On Mon, Aug 08, 2016 at 10:15:07AM -0700, Devin Teske wrote: On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: On Mon, Aug 08, 2016 at 02:44:05PM +, Glen Barber wrote: On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: -BEGIN PGP SIGNED MESSAGE- o The new system hardening options have been fixed to avoid overwriting other options selected during install time. Can those options also get added to "bsdconfig"? You would have to ask the bsdconfig maintainer(s). Cc'ing dteske. What aspects of bsdconfig need updating? bsdinstall has a new "hardening" module. AFAIK bsdinstall and bsdconfig share a lot of code, so bsdconfig should probably also offer the "hardening" module. The hardening module should probably just be a part of bsdconfig, actually, and an option to open bsdconfig be an option at the end of the installer. In order for that to be an option, I'd strongly suggest updating bsdconfig to properly detect packages on the DVD (which it has not since 10.0-RELEASE), as it makes too many incorrect assumptions. Glen It's way too late for this for 11.0. I was just making a general statement. I think things are fine as they are for the upcoming release. -Nathan ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: FreeBSD 11.0-BETA4 Now Available
On Mon, Aug 08, 2016 at 10:53:26AM -0700, Nathan Whitehorn wrote: > > > On 08/08/16 10:43, Lars Engels wrote: > >On Mon, Aug 08, 2016 at 10:15:07AM -0700, Devin Teske wrote: > >>>On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: > >>> > >>>On Mon, Aug 08, 2016 at 02:44:05PM +, Glen Barber wrote: > On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: > >On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: > >>-BEGIN PGP SIGNED MESSAGE- > >>o The new system hardening options have been fixed to avoid overwriting > >> other options selected during install time. > >Can those options also get added to "bsdconfig"? > You would have to ask the bsdconfig maintainer(s). > > >>>Cc'ing dteske. > >>> > >>What aspects of bsdconfig need updating? > >bsdinstall has a new "hardening" module. AFAIK bsdinstall and bsdconfig > >share a lot of code, so bsdconfig should probably also offer the > >"hardening" module. > > The hardening module should probably just be a part of bsdconfig, actually, > and an option to open bsdconfig be an option at the end of the installer. > In order for that to be an option, I'd strongly suggest updating bsdconfig to properly detect packages on the DVD (which it has not since 10.0-RELEASE), as it makes too many incorrect assumptions. Glen signature.asc Description: PGP signature
Re: FreeBSD 11.0-BETA4 Now Available
On 08/08/16 10:43, Lars Engels wrote: On Mon, Aug 08, 2016 at 10:15:07AM -0700, Devin Teske wrote: On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: On Mon, Aug 08, 2016 at 02:44:05PM +, Glen Barber wrote: On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: -BEGIN PGP SIGNED MESSAGE- o The new system hardening options have been fixed to avoid overwriting other options selected during install time. Can those options also get added to "bsdconfig"? You would have to ask the bsdconfig maintainer(s). Cc'ing dteske. What aspects of bsdconfig need updating? bsdinstall has a new "hardening" module. AFAIK bsdinstall and bsdconfig share a lot of code, so bsdconfig should probably also offer the "hardening" module. The hardening module should probably just be a part of bsdconfig, actually, and an option to open bsdconfig be an option at the end of the installer. -Nathan ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: FreeBSD 11.0-BETA4 Now Available
> On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: > > On Mon, Aug 08, 2016 at 02:44:05PM +, Glen Barber wrote: >> On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: >>> On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: -BEGIN PGP SIGNED MESSAGE- >>> o The new system hardening options have been fixed to avoid overwriting other options selected during install time. >>> >>> Can those options also get added to "bsdconfig"? >> >> You would have to ask the bsdconfig maintainer(s). >> > > Cc'ing dteske. > What aspects of bsdconfig need updating? -- Devin ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: FreeBSD 11.0-BETA4 Now Available
On Mon, Aug 08, 2016 at 10:15:07AM -0700, Devin Teske wrote: > > > On Aug 8, 2016, at 8:02 AM, Lars Engels wrote: > > > > On Mon, Aug 08, 2016 at 02:44:05PM +, Glen Barber wrote: > >> On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: > >>> On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: > -BEGIN PGP SIGNED MESSAGE- > >>> > o The new system hardening options have been fixed to avoid overwriting > other options selected during install time. > >>> > >>> Can those options also get added to "bsdconfig"? > >> > >> You would have to ask the bsdconfig maintainer(s). > >> > > > > Cc'ing dteske. > > > > What aspects of bsdconfig need updating? bsdinstall has a new "hardening" module. AFAIK bsdinstall and bsdconfig share a lot of code, so bsdconfig should probably also offer the "hardening" module. pgpG3LDevrZoQ.pgp Description: PGP signature
Re: FreeBSD 11.0-BETA4 Now Available
On Mon, Aug 08, 2016 at 02:44:05PM +, Glen Barber wrote: > On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: > > On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: > > > -BEGIN PGP SIGNED MESSAGE- > > > > > o The new system hardening options have been fixed to avoid overwriting > > > other options selected during install time. > > > > Can those options also get added to "bsdconfig"? > > You would have to ask the bsdconfig maintainer(s). > Cc'ing dteske. pgphzR28U4r9O.pgp Description: PGP signature
Re: FreeBSD 11.0-BETA4 Now Available
On Mon, Aug 08, 2016 at 10:48:30AM +0200, Lars Engels wrote: > On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: > > -BEGIN PGP SIGNED MESSAGE- > > > o The new system hardening options have been fixed to avoid overwriting > > other options selected during install time. > > Can those options also get added to "bsdconfig"? You would have to ask the bsdconfig maintainer(s). Glen signature.asc Description: PGP signature
Re: FreeBSD 11.0-BETA4 Now Available
On Sat, Aug 06, 2016 at 09:05:26PM +, Glen Barber wrote: > -BEGIN PGP SIGNED MESSAGE- > o The new system hardening options have been fixed to avoid overwriting > other options selected during install time. Can those options also get added to "bsdconfig"? pgpDIfHtky6GL.pgp Description: PGP signature
FreeBSD 11.0-BETA4 Now Available
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 The fourth BETA build of the 11.0-RELEASE release cycle is now available. Installation images are available for: o 11.0-BETA4 amd64 GENERIC o 11.0-BETA4 i386 GENERIC o 11.0-BETA4 powerpc GENERIC o 11.0-BETA4 powerpc64 GENERIC64 o 11.0-BETA4 sparc64 GENERIC o 11.0-BETA4 armv6 BANANAPI o 11.0-BETA4 armv6 BEAGLEBONE o 11.0-BETA4 armv6 CUBIEBOARD o 11.0-BETA4 armv6 CUBIEBOARD2 o 11.0-BETA4 armv6 CUBOX-HUMMINGBOARD o 11.0-BETA4 armv6 GUMSTIX o 11.0-BETA4 armv6 RPI-B o 11.0-BETA4 armv6 RPI2 o 11.0-BETA4 armv6 PANDABOARD o 11.0-BETA4 armv6 WANDBOARD o 11.0-BETA4 aarch64 GENERIC Note regarding arm/armv6 images: For convenience for those without console access to the system, a freebsd user with a password of freebsd is available by default for ssh(1) access. Additionally, the root user password is set to root, which it is strongly recommended to change the password for both users after gaining access to the system. Installer images and memory stick images are available here: ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/11.0/ The image checksums follow at the end of this e-mail. If you notice problems you can report them through the Bugzilla PR system or on the -stable mailing list. If you would like to use SVN to do a source based update of an existing system, use the "stable/11" branch. A summary of changes since 11.0-BETA3 includes: o The mtx_trylock_spin(9) kernel synchronization primitive was added. o The machdep.disable_msix_migration loader tunable has been re-enabled for EC2 AMIs. o The iwm(4) and iwmfw(4) drivers have been updated. o The new system hardening options have been fixed to avoid overwriting other options selected during install time. o Several build-related fixes. o Several miscellaneous bug fixes. A list of changes since 10.0-RELEASE are available on the stable/11 release notes: https://www.freebsd.org/relnotes/11-STABLE/relnotes/article.html Please note, the release notes page is not yet complete, and will be updated on an ongoing basis as the 11.0-RELEASE cycle progresses. === Virtual Machine Disk Images === VM disk images are available for the amd64 and i386 architectures. Disk images may be downloaded from the following URL (or any of the FreeBSD FTP mirrors): ftp://ftp.freebsd.org/pub/FreeBSD/releases/VM-IMAGES/11.0-BETA4/ The partition layout is: ~ 16 kB - freebsd-boot GPT partition type (bootfs GPT label) ~ 1 GB - freebsd-swap GPT partition type (swapfs GPT label) ~ 20 GB - freebsd-ufs GPT partition type (rootfs GPT label) The disk images are available in QCOW2, VHD, VMDK, and raw disk image formats. The image download size is approximately 135 MB and 165 MB respectively (amd64/i386), decompressing to a 21 GB sparse image. Note regarding arm64/aarch64 virtual machine images: a modified QEMU EFI loader file is needed for qemu-system-aarch64 to be able to boot the virtual machine images. See this page for more information: https://wiki.freebsd.org/arm64/QEMU To boot the VM image, run: % qemu-system-aarch64 -m 4096M -cpu cortex-a57 -M virt \ -bios QEMU_EFI.fd -serial telnet::,server -nographic \ -drive if=none,file=VMDISK,id=hd0 \ -device virtio-blk-device,drive=hd0 \ -device virtio-net-device,netdev=net0 \ -netdev user,id=net0 Be sure to replace "VMDISK" with the path to the virtual machine image. === Amazon EC2 AMI Images === FreeBSD/amd64 EC2 AMIs are available in the following regions: us-east-1 region: ami-fb65f7ec us-west-1 region: ami-befebede us-west-2 region: ami-4dab632d sa-east-1 region: ami-74dd4b18 eu-west-1 region: ami-6180e912 eu-central-1 region: ami-c940b7a6 ap-northeast-1 region: ami-99f137f8 ap-northeast-2 region: ami-b720ead9 ap-southeast-1 region: ami-9cf22cff ap-southeast-2 region: ami-675d6904 === Vagrant Images === FreeBSD/amd64 images are available on the Hashicorp Atlas site, and can be installed by running: % vagrant init freebsd/FreeBSD-11.0-BETA4 % vagrant up === Upgrading === The freebsd-update(8) utility supports binary upgrades of amd64 and i386 systems running earlier FreeBSD releases. Systems running earlier FreeBSD releases can upgrade as follows: # freebsd-update upgrade -r 11.0-BETA4 During this process, freebsd-update(8) may ask the user to help by merging some configuration files or by confirming that the automatically performed merging was done correctly. # freebsd-update install The system must be rebooted with the newly installed kernel before continuing. # shutdown -r now After rebooting, freebsd-update needs to be run again to install the new userland components: # freebsd-update install It is recommended to rebuild and install all applications if possible, especially if upgrading from an earlier FreeBSD release, for example, FreeBSD 9.x. Alternatively, the user can install misc/compat9x and other compatibility