Podcast Episode Details

Back to Podcast Episodes
90: ZFS Armistice

90: ZFS Armistice

This time on the show, we'll be chatting with Jed Reynolds about ZFS. He's been using it extensively on a certain other OS, and we can both learn a bit about the other side's implementation. Answers to your questions and all this week's news, coming up on BSD Now - the place to B.. SD.

This episode was brought to you by

iXsystems - Enterprise Servers and Storage for Open SourceDigitalOcean - Simple Cloud Hosting, Built for DevelopersTarsnap - Online Backups for the Truly Paranoid

Headlines

Playing with sandboxing

  • Sandboxing and privilege separation are popular topics these days - they're the goal of the new "shill" scripting language, they're used heavily throughout OpenBSD, and they're gaining traction with the capsicum framework
  • This blog post explores capsicum in FreeBSD, some of its history and where it's used in the base system
  • They also include some code samples so you can verify that capsicum is actually denying the program access to certain system calls
  • Check our interview about capsicum from a while back if you haven't seen it already ***

OpenNTPD on by default

  • OpenBSD has enabled ntpd by default in the installer, rather than prompting the user if they want to turn it on
  • In nearly every case, you're going to want to have your clock synced via NTP
  • With the HTTPS constraints feature also enabled by default, this should keep the time checked and accurate, even against spoofing attacks
  • Lots of problems can be traced back to the time on one system or another being wrong, so this will also eliminate some of those cases
  • For those who might be curious, they're using the "pool.ntp.org" cluster of addresses and google for HTTPS constraints (but these can be easily changed) ***

FreeBSD workshop in Landshut

  • We mentioned a BSD installfest happening in Germany a few weeks back, and the organizer wrote in with a review of the event
  • The installfest instead became a "FreeBSD workshop" session, introducing curious new users to some of the flagship features of the OS
  • They covered when to use UFS or ZFS, firewall options, the release/stable/current branches and finally how to automate installations with Ansible
  • If you're in south Germany and want to give similar introduction talks or Q&A sessions about the other BSDs, get in touch
  • We'll hear more from him about how it went in the feedback section today ***

Swap encryption in DragonFly

  • Doing full disk encryption is very important, but something that people sometimes overlook is encrypting their swap
  • This can actually be more important than the contents of your disks, especially if an unencrypted password or ke

    Published on 10 years, 7 months ago





If you like Podbriefly.com, please consider donating to support the ongoing development.

Donate

© 2025 Developer Service

DevAsService

DevAsService

Cloud Home Lab

Developer Service

Imaginator

Courses Developer Service

Is It Clickbait