If you have 30 minutes between now and October 16th, you can help the BSD Certification Group determine which real-world tasks should be assessed by the upcoming BSDP exam. Read on for details on how you can help.
The developer has stated that this is the last and final release of the DesktopBSD project.
Notable changes include:
- FreeBSD 7.2 as stable and secure base system
- KDE 3.5.10 as mature and easy-to-use desktop environment
- OpenOffice.org 3.1.1 as feature-rich office suite
- Pre-installed Java SE 6 environment
- X.Org release 7.4 with extensive graphics hardware support
If you live in an area where static IP addressing is either unavailable of cost prohibitive then refer to this tutorial with a nice guide for setting up dynamic DNS on FreeBSD.
In addition on the third day (September 20th) The BSD Certification Group (BSDCG) will offer the BSDA certification exam to attendees of EuroBSDCon 2009. The exam will be offered on Saturday, September 19 at 15:00 and the proctor will be Philip Paeps. Questions regarding the exam room can be answered at the iXystems/PC-BSD booth.
Participants have to register for a BSDCG ID which may take up to 24 hours to receive a BSDCG ID. Once you have an ID, you can choose an exam location and pay for the exam from the same website. Prices are in USD ($75 or $37.50 for those who were beta testers) and payable through Paypal or credit card.
Bordeaux is available for Solaris, Linux, and FreeBSD. You also have Bordeaux beta version for Mac. Will Bordeaux be available for other platforms too (OpenBSD, NetBSD…)?
Bordeaux will run on any system that Wine runs on, we have builds for FreeBSD and PC-BSD at this time and if their is demand we would try our best to support OpenBSD, DragonFly BSD or any other BSD derivative.
by Mikel King <firstname.lastname@example.org>
Where do I begin? Well for starters HTML Utopia from Sitepoint is a fantastic book to have in your arsenal and will definitely help you develop as a web software engineer. Like many technical books these days, especially the ones you will find reviewed here, this one is based on openly published standards. Granted you could spend countless hours teaching yourself CSS by reading RFC’s and the W3C definition of the the CSS standard, as well as the numerous online tutorials. I have muddled my way through various attempts to learn CSS over the years on my own mostly by deconstructing online examples. A method that has always worked well for me in the past when learning a new programming language. Yet for some reason in all honesty this is one subject that has eluded me.
I honestly believe that this utter lack of understanding is a direct result of my programming background. It is not to say that I am an expert programmer or anything, honestly far from it. However, in my 20 plus years working with computers and various informations systems, I have never really had to care too much how the out of the data looked so long as it was accurate. So after years of piping output from one application into another, and creating interesting chains to return the correct result, I honestly never had to worry about presentation , because most of my data was being read by machines. Basically when it comes to aesthetically pleasing UI’s I am a completely out of my element.
Therefore when I was asked to review this book, I approached it as an utter and complete novice. Although I can not say by any stretch of the imagination that I am now an expert, I finally have achieved an understanding. It is with the assistance of this book that CSS finally makes some sense to me. The two authors have done an excellent job of conveying this subject, to the point that one can actually read this book without ever writing code and learn the basics.
With that said if one were to read the book and follow along with the examples creating their own version of the included Footbag Freaks site then they would be well on there way to mastering the concepts. If you are interested in learning CSS I can honestly think of no better way. The examples are clear and concise. Especially when covering some of the advances grey areas such as padding and margins for instance. As well as object like concepts of property inheritance and overriding, which is actually the C in CSS or Cascade.
I believe the latter is what has always stifled my attempts at learning on my own. I can not begin to recount the number of times I’ve set a property and then changed something in a different section of the style sheet only to have that property completely disappear. I know that sounds trivial but is can be very frustrating to think one is heading down the right path only to make some changes and spend an hour experimenting as to why my new span has knocked my previous divs out of the water faster than my PT Boat on h6 & h7.
In any event if you really wish to gain control of the UI in your web projects then this book is an excellent reference as well as learning tool. However this brings me to the little issue I have with the title besides being a bit on the long side. The without tables concept of this book is a little more than misleading. Believe or not I have listened to many web programmers mention this concept, getting all excited about never having to write table tags again. I mean salivatingly excited The concept of designing without tables, which unfortunately you do not learn this until proceeding fairly far through this book, it a bit of a misnomer. One firm resolution that you walk away from this book is the that there is nothing further from the truth. If you are displaying columnar data, such as a spreadsheet then you will use the html table construct. However you will also us CSS to enhance the rendering of this data.
Designing without table simply refers to all of the other aspects of page layout where many developers used to use tables in their navigation systems for instance or even in image placement. In some extreme cases developers used tables within tables within even larger tables to create the common 3 columnar layout as see on many portal sites. Now with the aid of CSS you can avoid such constraining methods.
This is exactly the area that this book shines. The authors deftly guide you through the intricacies of page layout from start to finish. They show how to properly divide your content into individual DIVs and SPANs, then show by example how to turn them into a single column simple navigation menu driven web site. Then quickly shifting gears and with some changes of your style sheet convert that rather flat page into 2 column and subsequently once again 3.
I will leave you with one final thought. The authors clearly express the well thought out reasoning for designing with CSS and leave the reader for a respect for the standard as a whole. I honestly think that most readers will walk away from this book with the feeling that they must discard noncompliant browsers because the methods they employ seem like tawdry parlor room tricks by comparison.
In summary I found this book not only delightful to read but actually useful and isn’t that what is really important. Aside from the slightly misleading title, this is one of those books that every developer should have in their reference library. Especially if said developer designs for one of those deficient browser technologies.
by Mikel King <email@example.com>
First of all do not be put off by this book’s lack of size. Its concise 193 pages contain a wealth of information specific to PF and related systems. More importantly the material is NOT unique to OpenBSD, in fact Jeremy has gone to great lengths to include the other major BSD varieties like Free, Net and DragonFly. Although one can argue that this book is largely just a collection of documentation culled from the OpenBSD PF FAQ as well as other sources already throughout the web, it is important to note that it is in actuality more of a community effort that lead to the development of the NetBSD specific web pages as well as the entire chapter on spamd.
What is unique to this book is that it encompasses all of those distinct entities homgenizing them into one compact text with notes interject throughout by the editor. As anyone who has ever been under pressure of a client looming over their shoulder continually asking, “How long until I get my email back?” will tell you when the main connection to the internet is down all the web pages in the world will not do you an ounce of good. A concise book like this in your library and you should be able to overcome most firewall troubles. This is an invaluable text to keep text to keep at one’s side.
One of the main features I particularly enjoyed is the comparative notes interjected by Mr. Reed as he progresses through the installation and setup of each component. It was nice to read things like if you are installing PF on FreeBSD you will need to do it this way as opposed the way it would be done on say Net of DragonFly for instance. This kind of commentary is particularly invaluable to system planners who would need to evaluate the consequences of selecting one platform over another even if that other happens to be a different BSD.
The later sections include chapters dealing with advanced subjects like FTP, AuthPF, spamd and CARP to function with PF. While FTP and spamd should be rather self explanatory, AuthPF and CARP is more likely to seem mystical to the uninitiated. Well AuthPF is a semi built-in mechanism for requiring a user to successfully authenticate to the gateway prior to the gateway routing his/her traffic. An example of this would be a hospitality network, where you need to enter a username and password or even purchase a day pass credential to use the network.
While Common Address Redundancy Protocol or CARP as it is more commonly known supports both IPv4 and IPV6 address sharing between multiple hosts on the same network segment. Basically it is an Open and Free alternative to other proprietary solutions like VRRP (Virtual Router Redundancy Protocol) and HSRP (Hot Standby Router Protocol). Fortunately once again the editor continues with his commentary to aide in the installation and proper setup of such advanced features under the other BSDs.
The only problem with a book of this nature is that the information may become stale and outdated faster than one can assimilate it. However the spirit of the text and the conceptual knowledge that it conveys stands on its own. Ultimately this book is in my opinion a must have for your NOC library, and should prove an invaluable tool for maintaining such systems.
By Mikel King <firstname.lastname@example.org>
First of all you will need to install the host OS, and in this case we are using Windows Server 2003X64 Standard Edition R2 which must include IIS, however could have easily been an approve Linux variant, or even the VMWare ESX solution. In either case it is probably a good idea to ensure that all of the patches and updates have been applied, I mean it is still Windows after all. The nice thing about running FreeBSD in an instance under VMWare Server or any other hardware virtualization platform is that the instance can be easily relocated to new physical hardware without much concern for that new hardware.
Launch the VMWare Server Console and proceed through the configuration of creating a new instance. A quick detour for just a moment, the console application uses port 902 TCP & UDP to connect to the VMWare Server System. Therefore, if your system has any sort of local firewall you might want to ensure that communication is allowed on those ports.
Regarding the configuration it helps to have some idea of what you would like to do with the guest server before you actually start. Yet for this situation let’s just role with the tutorial. Keep in mind that a general rule of thumb you should have 1GB of RAM physical available to allocate to each virtual machine you intend to run. However in my own personal experience that rule of thumb does not really apply to FreeBSD as I tend to get away with less memory reserver for this OSes instances.
Figure 1 New Virtual Machine
Figure 2 New Virtual Machine screen 2
Figure 3 Naming Your Virtual Machine
Uncheck the “Make this virtual machine private” box and proceed to the Starup/Shutdown dialog. In addition select Local System account in figure 4 so that you new server will start automatically upon the host server boot up. Additionally if you do not select this option then your new VM instance will terminate, rather unhappily the moment you logout of the host OS session.
Figure 4 Virtual Machine Service Account Settings
This is followed by a CPU selector. It is worth noting that when I made these original screen shots I did indeed select dual CPU however; as I learned the hard way this option is considered ‘EXPERIMENTAL’. Thus I changed the setting after to single CPU. Until VMWare releases dual CPU for FreeBSD I recommend that you stick with the default option or bad thing will probably happen. My server locked up time and again whenever I tried to compile large items like Apache2 or the World.
Next is the memory configuration screen and I know I mentioned the general rule of 1GB per VM but I also stated that with FreeBSD I’ve been able to work with less in many cases I’ve experienced success with as little as 128MB. Fortunately like the CPU setting you can always modify you memory allocation as your needs change.
Figure 5 Virtual Machine Memory Allocation Settings
I almost always proceed with the default bridged network interface selection. Although I will not cover it in this article it is possible to actually bind a specific NIC to the virtual network on a particular bridged interface. In fact that is exactly what is occurring with this selection, as it is binding to the default NIC for the virtualized lnc0.
One note of caution regarding NIC assignments. I find it is easiest to allow the Guest OSes (a.k.a. instances) to bind to the default physical NIC, and then assign a secondary physical NIC to the host OS for it’s exclusive use and securely firewalled from the instance LAN. This is a good idea should one your instances become compromised they would not allow escalation of the breach onto the host.
Figure 6 Bridge Network Option for your Virtual Machine
The following screens demonstrate some of the disk options. I personally prefer to specify the maximum size of the disk, in lieu of selecting the dynamic allocation. In addition I ALWAYS opt for IDE emulated disks rather than SCSI, even if I am creating a Windows based instance. I do this for mostly administrative reasons. It is easier to boot from CD/ISOs and mount an IDE based disk opposed to a SCSI one, this is especially true of Windows where you would need a floppy to load third party SCSI drivers. Of course that may not seem too important, but if the server is 1500 miles away from your work location simply inserting a floppy becomes a rather monumental task. Of course there is the other issue with floppy disks, most manufacturers only offer them as an option if at all.
Figure 7 Definbing the Virtual Disk
Figure 8 Virtual Type
Figure 9 Virtual Disk Allocation
Set your disk capacity and select ‘Next’ create your virtual disk which is really nothing more than a large binary file sitting on the physical disk. This means that on the local file system there will be a single files the size 26GB in this case refer to Figure 9 above.
Figure 10 Preflight Virtual Machine Display
At this point you can either boot the instance from an install CD in the host cd drive or bind the instance CD-ROM to an ISO as shown in Figure 11. The net result is the same in either case, however I personally find the ISO route easier.
Figure 11 ISO Binding
Upon boot up follow your own normal install procedures, and setup FreeBSD as you like. Note VMWare recommends that you disable IPV6. Also please create yourself an account in the wheel group so that you can ssh with as you will NEED it later. Which of course means that you need to enable sshd during the install. Finally be certain to do yourself a favor and set the root password which really should be distinct form the HOST OS password. Remember just because this is a virtual server doesn’t mean you should treat it any differently than a physical server.
Now after you’ve complete installing FreeBSD let’s walk through the settings for the system. Select ‘Edit virtual machine settings’ and from there go to the Options tab as displayed in the next Figure 12. You can make and prestartup modifications here, and it is a good idea to become familiar with the options available in this screen. You can alway return the this screen via the Edit Virtual Machine Settings selection on the preflight screen. It is worth noting upon startup the prefilght will be replaced with your running instance, and you must halt the VM to make changes.
Figure 12 Virtual Machine Options and Settings
Now we need get down to business and install the VMWare Tools for FreeBSD. To do this we have to once again we are going to bind an iso to the cdrom device. The documentation about this process isn’t exactly clear about where the iso’s are located so I’ll help you out a bit C:\Program Files\VMware\VMware Server\freebsd.iso. Also note that as far as I can tell the only way to perform this binding is with the vm powered off. So having followed along this far your instance is running and you are able to ssh in and su to root so that we can proceed.
Figure 13 Virtual Machine Preflight Status
As root you will mount /cdrom followed by an extraction of the lone file from the virtual cd to your local hard disk. Upon completion cd into the extracted directory and execute the installation script (that’s ./install just in case you weren’t following along). The main advantage of the VMWare Tools installation into FreeBSD is that when you halt the host OS it is support to safely halt each guest OS as well.
A final issue worth noting before you run off to portsnap your ports and build your favorite applications. In Figure 14 below I have documented the entries from my /boot/loader.conf which I would strongly encourage you to add if you experience any anomalies with the operation of your vm server’s clock. The hint makes an adjustment to the clock tick counter, which if left unchecked will make your system think that time is reversing.
# Beginning of the block added by the VMware software vmxnet_load="YES" hint.apic.0.disabled=1 # End of the block added by the VMware software
Figure 14 VMWare Server /boot/loader.conf Settings For FreeBSD
I hope you’ve enjoyed our little tour of VMWare Server.
by Mikel King <email@example.com>
One of the roles any sysadmin will have to play throughout his or her career is that of network psychic. Whether you use tarot cards, tea leaves, magick dice or what ever voodoo that you do to anticipate network outages it is a difficult task to say the least. Maybe you rely on the end user picking up the phone and giving you a call in the event of a crisis. Personally, I never enjoy those sorts of calls as they tend to waste precious troubleshooting time and achieve very little other than raising my blood pressure.
I have experimented with various auto-alert monitoring systems, and many of these require as much time and care to maintain as the systems that they are supposed to be monitoring. Whether you manage a huge infrastructure with hundreds of servers, routers, switches, and security devices or you have a small lab in your home connected to your cable service, the one thing users consistently demand is that you are reasonably aware of everything that is happening throughout your domain. So what is a poor sysadmin to do?
Nagios is a relative new-comer to the realm of system and network monitoring solutions. However, it is a considerably robust and full-featured system, with just about every bell and whistle that any self-respecting system manager would want. Most importantly, it has a fairly simple plugin development process. For most situations, if you need to monitor something that Nagios does not already support, then can write a very simple shell script and return one of a series of predefined parameters. And there you have it, your own custom plugin.
Okay, so now that I’ve whet your appetite a bit, let’s focus on the book, coincidentally titled Nagios: System and Network Monitoring and authored by Wolfgang Barth, ISBN 1-59327-070-4. Published by No Starch Press, with 20 chapters and just under 500 pages, this book packs a powerful punch. Pound for pound, it’s well worth the read, and if you decide to employ Nagios in your environment it will be an indispensable addition to you NOC Library.
While the author does give honorable mention to BSD and several other operating systems, the text is arranged from an austere Linux point of view. It would have been nice to acknowledge that many other systems have packaging and porting systems that make the initial installation a bit easier. The opening chapter is expertly written for walking even the most novice of users through downloading the source and building the application, but it is not for the faint of heart. I would have prefered the author to relegate such things to the appendices and placed an exit sign reading “Compiler Jockeys get off here.”
Be that as it may, the remainder of the first chapter revolves around the testing of the system using some modules built during the installation followed by the Apache integration. This leads directly into the second chapter, which deals squarely with Nagios Configuration. This is a hefty chapter and one I do not recommend you skim through quickly. Near the end of this chapter, the author discusses the various methods for expediting the configuration procedures.
In chapter three, we actually get to launch the daemon and take her out for a test drive. This chapter, while good for reference, is relatively useless in the BSD environment. Luckily for us, however, the system’s port maintainer provides all the necessary clues for us to prepare the system successfully for take-off. Regardless, it is worth a quick review of the chapter’s contents to ensure that you have a grasp of what the system expects.
Chapters 4 and 5 cover the various the underlying structure of the system, while chapter 6 is an introduction to the Nagios plugins. The plugins are examined again in chapters 8, 9 and, to an extent, in chapter 10. One thing to keep in mind is that this book covers a lot of ground, and at this point we are only half way through the table of conents.
In the eleventh chapter, we learn the aspects of collecting data via SNMP, which leads into the next chapter’s explanation of how to setup the various notification options. This theme continues in chapter 14, which discusses the NSCA (Nagios Service Check Acceptor) and how to prepare your syslog and inted services for interaction with Nagios.
Rather than tell you all about chapter 7 I will let you read it from the publisher’s site. Chapter 7: Testing Local Resources
Chapter 15 covers the methods required to employ a Nagios hub, which will enable you to set up distributed monitoring stations and improve the fault tolerances of the system.
In the sixteenth chapter Wolfgang thoroughly describes the web interface and its underlying structure, followed by a discussion on data rendering in chapter 17. Finally, the remaining chapters 18 through 20 are specialty chapters followed by four appendixes
By Mikel King <firstname.lastname@example.org>
I thought it might be nice to start off with a simple little article about a simple app in the ports tree that I find particularly useful. It is called fetchyahoo. Basically, what it does is fetch your email out of your mail.yahoo.com account via the http interface and download it into a mailbox. Of course, that may not seem all that special or important, but what is really cool about this app is where it can put the messages, and some of the advanced features, like dumping the bulk messages and automatic expunging of the deleted messages.
Now, one of the first things I usually do before I build anything from the ports tree is run a quick cvsup off my in house mirror to refresh the tree on the machine I am using. I find that this is generally a good thing to do. For instance, the version in the ports tree is 2.8.6 and mine is 2.8.0 which, of course, is not that great, but if you are going to take the time to build something, then why not do it right?
OK, so building the port is easy once you complete the cvsup. I did have some trouble with the fetching of various dependencies but I suspect that was more or less bandwidth related. But, eventually, the make install clean will complete and you will be able to step into the .fetchyahoorc configuration file. A sample can be found in the build directory, and excerpts are included for explanation, as follows.
This first section is rather self explanatory, just substitute your yahoo credentials here and then proceed to the next section.
###### SHOULD configure these ###### username = *yahoo-user-name* # this can be a password or an md5_hex hashed password password = *yahoo-password* # set this to 0 to turn off HTTPS and login insecurely via plaintext instead use-https = 1 ###### mail spool, mbox file and procmail configs ###### # set use-spool to 0 to disable outputting to a file/filter use-spool = 1 # if spoolName ends with a / we output in maildir format to that directory spool = /var/spool/mail/*local-user-name* # spool-mode must be either append, pipe or overwrite # use pipe for procmail or other filter and append for a normal spool # ignored if spoolName is a maildir directory spool-mode = append
OK, at this point we could fire off a sync and download the email into a standard Unix type mailbox. Which is OK because you could then use pine or mutt, or even mail, to read through the messages and you’re done, right? Wrong, sorry, that just wasn’t good enough for me. For one, the server I installed this onto also happens to be running an IMAP server (cyrus, to be exact). So, once the messages were downloaded onto the server and appended into my mailbox, then served up by my IMAP server automagically — this is cool — you’d think that I’m done, right? Again, however, I had other plans.
Well, for one, I’m now getting all of that bulk mail that tends to collect into my yahoo account, and well, I really don’t want it. Therefore, the first thing to do is set the
empty-bulk = 1
which means that the bulk messages are dumped prior to downloading into my inbox. Another setting I enable is
empty-trash-before = 1
, which dumps the deleted messages — just like it says — before downloading your inbox. I feel that these are good settings and save on the bandwidth as well.
OK, so a quick recap of what we have accomplished thus far is to configure fetchyahoo to download the messages from the specified account and to ensure that both the bulk and trash are emptied before the actual download begins. Then, once it has completed the operation, you can connect to the mailbox on your server via any of several methods; in this case I use IMAP. But one thing that is lacking is automation. I could schedule this with cron, and indeed this does work and was the case back when I first stumbled across this application, but now there is a new
setting repeat-interval = n
, where n = the number of minutes between mailbox checks.
I have tested the repeat interval and, while it does work, it’s just not as daemonized as I’d like. Therefore, you’ll need to either run the app in a detached screen (also available in the ports tree) session or set up a personal cron job. The reason is that after a couple of iterations the fetchyahoo process terminates even if it is running in the background. My personal feeling is to go with the latter as cron is more reliable and it is fairly easy to set up a crontab. That sounds like a good lead in for a sequel, doesn’t it?
Finally, there are a couple of other features that are quite handy. For instance, you can setup fetchyahoo to forward all of the downloaded messages to a particular SMTP address, which is good if you don’t have your own IMAP server. But another possibility is to use the IMAP forward feature which is good if, for instance, your main office uses Lotus Domino to which you connect via any IMAP-enabled mail client. In order to use the IMAP forward feature you need to have the CPAN Mail::IMAPClient installed, and since it is not listed as a dependency yet, you will need to jump into the port and manually install p5-Mail-IMAPClient or, if you are good with perl, then via the CPAN console.
Once you have completed the p5-Mail-IMAPClient from the ports tree, update your .fetchyahoorc with the appropriate credentials and server settings and you are good to go.
###### IMAP configuration ###### # set use-imap to 1 to enable output to an IMAP mailbox use-imap = 0 imap-host = imap.example.com imap-port = 143 imap-username = imap-user-name imap-password = imap-password imap-mailbox = INBOX
There is one issue that you should consider: the security of this application is rather light. Meaning that, although it does use SSL for the network traffic, the credentials are stored in plain text which for some can be a huge issue. At a minimum, you should set the permissions on your .fetchyahoorc file accordingly (mode 0700). I would suspect that future updates will most likely include some sort of security enhancements, but only time will tell.
So, in summary, what I end up with is fetchyahoo will download my messages from the yahoo server account and then upload them into my main account for work which I then use Thunderbird to check the messages. Or, as silly as this sounds, our webmail system (based on horde/imp, which coincidentally enough is also available via the ports tree).