Episode Details

Back to Episodes
90: ZFS Armistice

90: ZFS Armistice

Published 10 years, 10 months ago
Description

This time on the show, we'll be chatting with Jed Reynolds about ZFS. He's been using it extensively on a certain other OS, and we can both learn a bit about the other side's implementation. Answers to your questions and all this week's news, coming up on BSD Now - the place to B.. SD.

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid

Headlines

Playing with sandboxing

  • Sandboxing and privilege separation are popular topics these days - they're the goal of the new "shill" scripting language, they're used heavily throughout OpenBSD, and they're gaining traction with the capsicum framework
  • This blog post explores capsicum in FreeBSD, some of its history and where it's used in the base system
  • They also include some code samples so you can verify that capsicum is actually denying the program access to certain system calls
  • Check our interview about capsicum from a while back if you haven't seen it already ***

OpenNTPD on by default

  • OpenBSD has enabled ntpd by default in the installer, rather than prompting the user if they want to turn it on
  • In nearly every case, you're going to want to have your clock synced via NTP
  • With the HTTPS constraints feature also enabled by default, this should keep the time checked and accurate, even against spoofing attacks
  • Lots of problems can be traced back to the time on one system or another being wrong, so this will also eliminate some of those cases
  • For those who might be curious, they're using the "pool.ntp.org" cluster of addresses and google for HTTPS constraints (but these can be easily changed) ***

FreeBSD workshop in Landshut

  • We mentioned a BSD installfest happening in Germany a few weeks back, and the organizer wrote in with a review of the event
  • The installfest instead became a "FreeBSD workshop" session, introducing curious new users to some of the flagship features of the OS
  • They covered when to use UFS or ZFS, firewall options, the release/stable/current branches and finally how to automate installations with Ansible
  • If you're in south Germany and want to give similar introduction talks or Q&A sessions about the other BSDs, get in touch
  • We'll hear more from him about how it went in the feedback section today ***

Swap encryption in DragonFly

  • Doing full disk encryption is very important, but something that people sometimes overlook is encrypting their swap
  • This can actually be more important than the contents of your disks, especially if an unencrypted password or ke
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us