I like static webpage creators, they allow you to create nice websites without the need to have any code on the remote website. Anything that runs code has the possibility to be cracked, having a static website limit the attack vectors. You still need to protect the upload of the website and the system(s) that hosts your site of course.Read more...
Posts by YearDate:
The primary reason is to have a firewall that will be always up-to-update, unlike most commercial customer grade firewalls that are only supported for a few years. Having a firewall that runs opensource software - it’s based on FreeBSD - also make it easier to review and to verify that there are no back doors.
When I tried to upgrade it to the latest release - 19.1.7 - the upgrade failed because the filesystem ran out of inodes. There is already a topic about this at the OPNsense forum and a fix available for the upcoming nano OPNsense images.Read more...
Building your own Docker base images isn’t difficult and let you trust your distribution Gpg signing keys instead of the docker hub. As explained in the first blog post. The mkimage scripts in the contrib directory of the Moby project git repository is a good place to start if you want to build own docker images.Read more...
In this blog post, we’ll create Arch GNU/Linux based images.
Arch Linux stopped supporting i386 systems. When you want to run Archlinux on an i386 system there is a community maintained Archlinux32 project and the Free software version Parabola GNU/Linux-libre.Read more...
I was using docker on an Odroid U3, but my Odroid stopped working. I switched to another system that is i386 only.
You’ll find my journey to build docker images for i386 below.
Reasons to build your own docker images
Images versus unattended setup
In a traditional environment, systems are installed from a CDROM. The configuration is executed by the system administrator through the installer. This soon becomes a borning and unpractical task when we need to set up a lot of systems also it is important that systems are configured in same - and hopefully correct - way.
In a traditional environment, this can be automated by booting via BOOTP/PXE boot and configured is by a system that “feeds” the installer. Examples are:
- [Solaris Jumpstart](https://en.wikipedia.org/wiki/JumpStart_(Solaris)
- Redhat Kickstart
- DebianInstaller Preseed
- Suse Autoyast
Actually, I got it a couple of months back but I didn’t have time to play with it and it took some time to get some parts from Aliexpress.
The Thinkpad W500 is probably the most powerful system that is compatible with Libreboot, it has a nice high-resolution display with a 1920 x 1200 resolution which is even a higher screen resolution than the Full HD resolution used on most new laptops today.
Keep in mind that the core duo CPU does not get microcode updates from Intel for [spectre and meltdown](https://en.wikipedia.org/wiki/Meltdown_(security_vulnerability). There is no solution (currently) for spectre 3a - Rogue System Register Read - CVE-2018-3640 and Spectre 4 - Speculative Store Bypass CVE-2018-3639 without a microcode update.
Binary blobs are bad. Having a closed source binary-only piece of software on your system is not only unacceptable for Free Software activists it also makes it more difficult to review what it really does and makes it more difficult to review it for security concerns.
Having your system vulnerable is also a bad thing of course. Can’t wait to get a computer system with an open CPU architecture like RISC-V.
Openstack is a nice platform to deploy an Infrastructure as a service and is a collection of projects but it can be a bit difficult to setup. The documentation is really great if you want to setup openstack by hand and there are a few openstack distributions that makes it easier to install it.
Ansible is a very nice tool for system automatisation and is one that’s easier to learn.
Wouldn’t be nice if we could make the openstack installation easier with ansible? That’s exactly what Openstack-Ansible does.
In this blog post we’ll setup “an all-in-one” openstack installation on Centos 7. The installer will install openstack into lxc containers and it’s nice way to learn how openstack works and how to operate it.
In this arcticle we will setup Stubby - the DNS Privacy Daemon - on FreeBSD.Read more...
** Installing and configuring an encrypted dns server is straightforward, there is no reason to use an unencrypted dns service. **
DNS is not secure or private
This make your unencrypted DNS traffic a privacy risk and a security risk:
- anyone that is able to sniff your network traffic can collect a lot information from your leaking DNS traffic.
- with a DNS spoofing attack an attacker can trick you let go to malicious website or try to intercept your email traffic.
Encrypt your dns traffic
Encrypting your network traffic is always a good idea for privacy and security reasons - ** we encrypt, because we can! ** - . More information about dns privacy can be found at https://dnsprivacy.org/
On this site you’ll find also the DNS Privacy Daemon - Stubby that let’s you send your DNS request over TLS to an alternative DNS provider. You should use a DNS provider that you trust and has a no logging policy. quad9, cloudflare and google dns are well-known alternative dns providers. At https://dnsprivacy.org/wiki/display/DP/DNS+Privacy+Test+Servers you can find a few other options.
You’ll find my journey to setup Stubby on a few operation systems I use (or I’m force to use) below …
Most Linux distributes have the virtio & QXL drivers you might need to install the spice-vdagent.
On Windows you can download and install the virtio and QXL drivers.
Using the virtio drivers will improve your guest system performance and your virtualization experience.Read more...
Kernel-based Virtual Machine (KVM) has become the defacto hypervisor on GNU/Linux systems it works with great performance as it utilizes the CPU virtualization extensions Inetl VT-x or AMD-V). KVM doesn’t emulate hardware but uses QEMU for this.
Nested Virtual guest
It’s possible to use nested virtualization this make it possible to run a hypervisor inside a KVM virtual machine.Read more...
This would left me with a unsupported firewall which was one of the reasons to use pfsense instead of a closed source commercial router.
I could have moved to a new firewall like the pcengines apu but there is no reason to replace hardware that works fine.
The nice thing about opensource software is that we’ve options to choose from if software doesn’t match your usecase we’ve other options to choose from.
In Belgium/Flanders we have two main internet line providers;
On telephone network there are alternative internet providers but they use the network of proximus.
I switched my internet connection from ADSL to VDSL and switched to a new provider ( edpnet). The internet speed was below the expectations and my modem reported errors on the line. After fixing the internal phone cabbeling in my appartment I wanted the retrigger the DLM monitoring.
To start the DLM monitoring in Belgium you need to call 0800 22 424 and type in your line number. If you don’t have a proximus phone number the line number is not the same as your phone number. To get your line number you need to connect an analog phone to our line and call 1924 this will read aloud your line number.
** Have fun **Read more...
When you create an new virtual KVM virtual system the video ram is limited to 16MB by default to use a higer screen resolution you need to increase the video ram. The available resolution reported by the virtual screen may also not include the resolution that you want to utilize.
You’ll find my journey to enable higher screen resolutions in my KVM (qemu) virtual systems below.Read more...
I used the relay host of my internet provider but this was causing issues since my email was getting mark as SPAM in gmail.
It was already on my to-do list to move my outgoing mail to my mail provider also to make it easier to move to another ISP or to implement SPF but was not on the top of my to-do list.
My email provider requires authentication, so I needed to reconfigure postfix in my FreeBSD mail jail to use a relay host with authentication.
Meltdown & spectre
With Meldown https://nvd.nist.gov/vuln/detail/CVE-2017-5754, Spectre Variant 1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 and Spectre Variant 2 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753 out in the wild there is a lot of confusing going about updating microcode.
There is a “Spectre & Meltdown Checker” available at https://github.com/speed47/spectre-meltdown-checker
Usage is very easy just clone the git repository and run the script.
Microcode isn’t uploaded to the CPU but loaded during the boot strap of the CPU. Normally the BIOS upload the microcode to the CPU but this can also be done by the by the bootloader, or the operating system kernel.Read more...
I finally got the time to continue with my bacula backup setup. See my previous posts about the start of my bacula setup.
I created a new zfs pool “bigpool” with some old harddisks I probably need to replace them with bigger harddisk in the further.Read more...
I don’t use super key(s), and would prefer to have a keyboard without it. But when it has super keys I’d rather have it without the windows logo on it so it was time to replace them with the tux versionRead more...
I finally got the time to try out my jenkins build on my new 20 Core Dual Processor Jenkins Build Workstation
I’m able to run all test on multiple operation systems now. I still need to review this setup and perhaps move some tests to docker instead of the virtual machines to save some memory. …but this jenkins setup was configured before docker was a thing.
Have funRead more...
My jenkins builds are taking too long mainly due the lack of memory. I mainly use jenkins to verify that my software work on different operation systems (GNU/Linux distributions / *BSD / Solaris).
Looking for a solution that is still affordable I ended up with building a dual Xeon workstation. CPU and memory comes from www.ebay.be
In this post we will continue with the database connection (Catalog) we’ll go the extra
mile 1,609344 km and encrypt the catalog connection with ssl. Why? We encrypt.. because we can!
The Bacula Director is daemon that runs in the backgroud that control all backup operations.
The Bacula console is an administrator program that allows an system administrator to control the Bacula director.
The Bacula File is a backup client install on the backup client.
The backup media.
A Bacula monitor service is a program that allows the system administrator to cerify the status of the bacula Directors, Bacula File Daemons and Bacula Storage Daemons.
Bacula ServerRead more...
I do take backups; my current solution are couple of shell script wrapper around dump/zfs send/btrfs send/rsync which is a mess. So decided give bacula a try
I use ezjail to manage my FreeBSD jails. PostgresSQL is my favorite database and will use this database as the backend for bacula and will use this database as the backend for bacula. I want to move all my databases to 1 FreeBSD jail this should make the easier to create reliable database backup in the further. For this reason we’ll setup 2 FreeBSD jails 1 for the database and 1 for bacula.
You’ll find my journey of installing PostgreSQL on a FreeBSD jail. In another blog post we will continue with the installation of baccula.Read more...
I finally found time to complete the installation of my Libreboot laptop
Download the Parabola GNU/Linux iso and boot it
After Parabola GNU/Linux is booted verify that you have internet access if the network card is support and dhcp is enabled on you network you should get a network address.Read more...
I got a ThinkPad x60 (tablet version) from ebay.be to install libreboot on it.
I tried to compile libreboot on Debian and Parabola GNU/Linux but both failed, compling Libreboot on Trisquel 7 works fine so I’ll use Trisquel to replace the BIOS with libreboot.
I’m not sure that I’ll use Trisquel 7 as my daily driver since it is a bit outdated… I might go with Debian Strech without the non-free repositories to get a fully Free Software Laptop/tablet. I’ll need to replace the Intel wifi adapter since this requires non-free firmware.
You’ll find a small howto install libreboot on a Thinkpad X60 below.
The latest version of libreboot isn’t available via a binary distribution so I decided to build it from source.Read more...
I’m preparing to move my workstation to arch linux Before I’ll install it on my physical workstation I did the installation on a virtual machine. I’ll use btrfs as the filesystem during the installation. btrfs is a nice filesystem but it had some serious dataloss issue with RAID5/RAID6 recently.
btrfs might not stable enough for a production environment but it has some nice features like snapshots, send/recieve, compression etc. I use zfs for my important date anyway.Read more...
On http://kb.mozillazine.org/Getting_an_SMIME_certificate you get a list of free s/mime certificate.
The import of the pkcs12 failed in Thunderbird with the message: “The PKCS #12 operation failed for unknown reasons.”
Searching the internet didn’t provide a solution. To debug this issue I started to extract the private / certificate from the pkcs12 file provided by globalsign and creating a new one.
To execute this command I use an encrypted luks volume.
Create a new pkcs12 fileRead more...
Lookat 1.4.4 is the latest stable release of Lookat/Bekijk the userfriendly file browser/viewer.Read more...
The manufacturer of the odroid u3 - hardkernel - provides ubuntu 14.04 images with xbmc and mali support. It isn’t possible to get the newer of version of xbmc - now kodi - running, or I didn’t succeed withit. I’ll look for another solution for my media server needs this might be my raspberry pi 1 model B+ that is laying around doing nothing running openelec
Since we are using docker on arm we have to build our own docker base images instead of using the docker registery. I have security concerns about installtion and using unsigned non-verified software anyway. If you build your own image it possible to audit/verify the build process.Read more...
I use a yubi key for my ssh authentication. But I’ve other ssh keys for my remote services so wanted something that allows me to take a backup of my keys see this post for more information on to backup/restore a SmartCard-HSMRead more...
For my other private keys/data I was looking for something cheeper since I need to have a backup of my secured data so I bought a few Smartcard-HSM smartcards they cost 16 € each while a yubi-key neo cost 54 € at amazon.deRead more...
Lookat 1.4.4rc2 is the second release candicate of Lookat 1.4.4Read more...
However transferring large data files to it causes the network to hang. The realtek network interface had issues with freebsd from the beginning. On the screen and in syslog the entry “re0: watchdog timeout” is printed.
Most FreeBSD people recommends to use Intel nics, I ordered a new Intel nic at dx.com. After the installation of the new NIC the network seems to be stable again.Read more...
It is a national holiday in Belgium so I have some time to code again.
Lookat 1.4.4rc1 is the first release candicate of Lookat 1.4.4Read more...
PKGNG configRead more...
You’ll find my journey to get the smartcard interface working with ssh on a fedora 22 system below;Read more...
The installation went fine but it was impossible to create new credentials.
I had a similar issue with my openvas 6 installation, this was resolved by creating the
/etc/openvas/gnupg directory and creating the key
But on my openvas 7 installation a creation of the encryption key was slooooow. As always Good Randomness is important for creating keys. So I decided to install haveged to get more randomness and hopefully this would speed up key creation.
[root@localhost ~]# yum install haveged Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * atomic: www6.atomicorp.com * base: centos.cu.be * extras: centos.cu.be * updates: centos.cu.be Package haveged-1.9.1-2.el7.art.x86_64 already installed and latest version Nothing to do [root@localhost ~]# [root@localhost ~]# systemct list-unit-files --type=service | grep haveged -bash: systemct: command not found [root@localhost ~]# systemctl list-unit-files --type=service | grep haveged haveged.service disabled [root@localhost ~]# systemctl enable haveged ln -s '/usr/lib/systemd/system/haveged.service' '/etc/systemd/system/multi-user.target.wants/haveged.service' [root@localhost ~]# systemctl start haveged [root@localhost ~]#
The key creation took a only sec.
[root@localhost ~]# openvasmd --create-credentials-encryption-key Key creation succeeded. [root@localhost ~]#
Adding new credentials works like a charm now.
Happy hacking!Read more...
Update (Mon Jun 8 2015): Running google-chrome inside a docker container isn't stable for me. I switched back to LXC to run google-chrome which seems to be more stable.
Created a docker image to start a docker container with chrome. Destroying the container each time that you start a browser is a easy way to get rid of your cookies and browser history.Read more...
As always with virtualization you’ve to careful with sharing systems or containers that doesn’t below to the same customer or service on the same physical machine since you’re never sure which traces are left behind in the memory etc.
When I tried to create a few containers on Fedora 20, the first attempt (a debian container) wasn’t an success.
On a newly create debian container networking didn’t work.Read more...
Size matters, but … resolution and image quality are as import.
Since I was diagnosed with diabetes I have eyes issues things are getting better recently but I still needs glasses for reading etc.
Compared to the others screens I used to work with the image quality is amazing and the higher resolution give so much more space.Read more...
I own a western digital tv live 1st generation the user interface is a bit slow but it’s still a nice media player.
Unfortunately it’s unable to display PGS (blu-ray) subtitles.
I created a shell scripts (converPgsSub.sh) to convert the subtitles a mkv file so it’s possible to play it on my 5 year old wdlive.
convertPgsSub 1.0.0stable1 is available github:
Have fun...Read more...
With Fedora 20 being released a few weeks ago and no official zfsonlinux support for Fedora 20. It time to get zfs on linux working on Fedora 20.
Zfs on linux 2.6.2 required a custom DKMS package. Lucky the patches that were required for zfs on linux are already integrated into Fedora: http://negativo17.org/dkms-patches-for-zfs-on-linux-merged/
So lets try to build the rpm packages for Fedora 20 from the source.Read more...
When you are developing you sometimes forget to create backups and push it to git, and mistakes are around the corner.
Lucky bash saved my day!
$ ./create_cache_entries.sh > create_cache_entries.sh -bash: ./create_cache_entries.sh: /bin/bash: bad interpreter: Text file busy $ vi create_cache_entries.sh
[root@vicky etc]# yum update -y Loaded plugins: langpacks, refresh-packagekit Repository google-chrome is listed more than once in the configuration fedora/19/x86_64/metalink | 33 kB 00:00:00 fedora | 4.2 kB 00:00:00 fedora-chromium-stable | 3.4 kB 00:00:00 google-chrome | 951 B 00:00:00 rpmfusion-free | 3.3 kB 00:00:00 rpmfusion-free-updates | 3.3 kB 00:00:00 rpmfusion-nonfree | 3.3 kB 00:00:00 rpmfusion-nonfree-updates | 3.3 kB 00:00:00 updates/19/x86_64/metalink | 30 kB 00:00:00 updates | 4.4 kB 00:00:00 zfs | 2.9 kB 00:00:00 (1/6): fedora-chromium-stable/19/x86_64/primary_db | 20 kB 00:00:00 (2/6): zfs/19/x86_64/primary_db | 6.7 kB 00:00:00 (3/6): updates/19/x86_64/group_gz | 385 kB 00:00:02 (4/6): fedora/19/x86_64/group_gz | 384 kB 00:00:06 (5/6): updates/19/x86_64/primary_db | 8.8 MB 00:01:53 (6/6): fedora/19/x86_64/primary_db | 17 MB 00:03:34 (1/10): google-chrome/primary | 1.9 kB 00:00:00 (2/10): rpmfusion-free-updates/19/x86_64/primary_db | 217 kB 00:00:01 (3/10): rpmfusion-nonfree/19/x86_64/primary_db | 149 kB 00:00:00 (4/10): rpmfusion-free/19/x86_64/primary_db | 440 kB 00:00:03 (5/10): rpmfusion-nonfree-updates/19/x86_64/primary_db b | 97 kB 00:00:00 (6/10): rpmfusion-nonfree-updates/19/x86_64/group_gz | 990 B 00:00:05 (7/10): rpmfusion-nonfree/19/x86_64/group_gz | 993 B 00:00:07 (8/10): rpmfusion-free/19/x86_64/group_gz | 1.6 kB 00:00:07 (9/10): rpmfusion-free-updates/19/x86_64/group_gz | 1.6 kB 00:00:07 (10/10): updates/19/x86_64/updateinfo | 861 kB 00:00:09 google-chrome 3/3 Resolving Dependencies --> Running transaction check ---> Package dkms.noarch 0:220.127.116.11-14.zfs1.fc19 will be updated --> Processing Dependency: dkms = 18.104.22.168-14.zfs1.fc19 for package: zfs-dkms-0.6.2-1.fc19.noarch ---> Package dkms.noarch 0:22.214.171.124-17.fc19 will be an update --> Finished Dependency Resolution Error: Package: zfs-dkms-0.6.2-1.fc19.noarch (@zfs) Requires: dkms = 126.96.36.199-14.zfs1.fc19 Removing: dkms-188.8.131.52-14.zfs1.fc19.noarch (@zfs) dkms = 184.108.40.206-14.zfs1.fc19 Updated By: dkms-220.127.116.11-17.fc19.noarch (updates) dkms = 18.104.22.168-17.fc19 Available: dkms-22.214.171.124-5.fc19.noarch (fedora) dkms = 126.96.36.199-5.fc19 You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest [root@vicky etc]#
On another fedora system
yum update worked fine, after reviewing the differences in the yum configuration it seems that
yum-plugin-priorities wasn’t installed on my box. After installing
[root@vicky etc]# yum install yum-plugin-priorities Loaded plugins: langpacks, refresh-packagekit Repository google-chrome is listed more than once in the configuration Resolving Dependencies --> Running transaction check ---> Package yum-plugin-priorities.noarch 0:1.1.31-18.fc19 will be installed --> Finished Dependency Resolution Dependencies Resolved =================================================================================================================================================================================================================== Package Arch Version Repository Size =================================================================================================================================================================================================================== Installing: yum-plugin-priorities noarch 1.1.31-18.fc19 updates 22 k Transaction Summary =================================================================================================================================================================================================================== Install 1 Package Total download size: 22 k Installed size: 28 k Is this ok [y/d/N]: y Downloading packages: yum-plugin-priorities-1.1.31-18.fc19.noarch.rpm | 22 kB 00:00:01 Running transaction check Running transaction test Transaction test succeeded Running transaction Installing : yum-plugin-priorities-1.1.31-18.fc19.noarch 1/1 Verifying : yum-plugin-priorities-1.1.31-18.fc19.noarch 1/1 Installed: yum-plugin-priorities.noarch 0:1.1.31-18.fc19 Complete! [root@vicky etc]#
And make sure that the zfs has the priority
[root@localhost etc]# cat yum.repos.d/zfs.repo [zfs] name=ZFS of Linux for Fedora $releasever baseurl=http://archive.zfsonlinux.org/fedora/$releasever/$basearch/ enabled=1 priority=1 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-zfsonlinux Requires: yum-plugin-priorities [zfs-source] name=ZFS of Linux for Fedora $releasever - Source baseurl=http://archive.zfsonlinux.org/fedora/$releasever/SRPMS/ enabled=0 metadata_expire=7d gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-zfsonlinux [root@vicky etc]#
yum update works again.
[root@vicky etc]# yum update -y Loaded plugins: langpacks, priorities, refresh-packagekit Repository google-chrome is listed more than once in the configuration 2 packages excluded due to repository priority protections No packages marked for update [root@vicky etc]#
At home I prefer to read on my monitor since this is bigger.
Unfortunately this books is not compatible with cloud reader.
Proprietary_formats should be avoid, lesson learned (again).
The installation was pretty straightforward on Fedora 19.
- Install wine
[root@vicky ~]# yum install wine Loaded plugins: langpacks, refresh-packagekit
- Download Kindle for Window xp
Download it from: http://www.amazon.com/gp/feature.html/ref=kcp_pc_ln_ar?docId=1000426311
- Run the installer
[swagemakers@vicky ~]$ wine ~/Downloads/KindleForPC-installer.exe
- Create kindle startup script
wine $HOME/.wine/drive_c/Program\ Files\ \(x86\)/Amazon/Kindle/Kindle.exe &
It’s better to only read ebooks in an open formatRead more...
Don’t worry I still have a debian system at hand…
The boot time on a ssd is fast:Read more...
Besides the health benefits you save a lot of money.
My “no smoking” Piggy Bank was fat enough to sponsor a pc upgrade.
My upgrade consists;
- a new motherboard: MSI Z87-G43
- a new cpu: Intel® Core Haswell i7-4770
- 16 GB DDR3 Ram: Crucial 16 GB DDR3-1600
- I had even some money left to purchase a nice ssd: Samsung 840 Pro Series 256GB
My pc is “smoking” fast now :-)Read more...
I’m pleased to anounce that Lookat/Bekijk 1.4.3 has been released.
This new stable version will compile correctly with LLVM/clang.
Have fun...Read more...
The dvd drive was still handy to load another operating system on it.
The dvd drive has an ide interface which are hard to get these days…
I found a ide to sata convertor and a new dvd drive with a sata interface at conrad. This should convert the sata interface to an ide interface without any driver and works with any operating system.
Well let's put this to a test on a sparc system with solaris :-)
The installation was pretty straightforward, luckily the dvd rom drive has a plastic back since the converter touches the back of the dvd rom drive.
“yum install lookat” works on Fedora now ;-)
[staf@vicky ~]$ sudo yum install lookat [sudo] password for staf: Loaded plugins: langpacks, presto, refresh-packagekit, security Repository google-chrome is listed more than once in the configuration Resolving Dependencies --> Running transaction check ---> Package lookat.x86_64 0:1.4.2-1.fc18 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================================================================================================================ Package Arch Version Repository Size ================================================================================================================================================================================ Installing: lookat x86_64 1.4.2-1.fc18 updates 55 k Transaction Summary ================================================================================================================================================================================ Install 1 Package Total download size: 55 k Installed size: 118 k Is this ok [y/N]: y Downloading Packages: lookat-1.4.2-1.fc18.x86_64.rpm | 55 kB 00:00:00 Running Transaction Check Running Transaction Test Transaction Test Succeeded Running Transaction Installing : lookat-1.4.2-1.fc18.x86_64 1/1 Verifying : lookat-1.4.2-1.fc18.x86_64 1/1 Installed: lookat.x86_64 0:1.4.2-1.fc18 Complete! [staf@vicky ~]$
Thanks to Christopher MengRead more...
Trying to release more often…
The first release candicate of lookat 1.4.3 has been released.Read more...
The reason for this is that the port is marked as RESTRICTED. Since it seems to be a fork from ezjail without respecting the copyright and license https://lists.freebsd.org/pipermail/freebsd-jail/2013-March/002149.html.Read more...
I used cvs2git It took a bit longer than expected.
My first attempt didn’t had the release tags right.
--retain-conflicting-attic-files to cvs2git resolved this issue.
You’ll find how I did it it below.Read more...
I’m using ezjail now.
The reason for this is that the port is marked as RESTRICTED. Since it seems to be a fork from ezjail without respecting the copyright and license https://lists.freebsd.org/pipermail/freebsd-jail/2013-March/002149.html.
I’m adding more services to my freebsd system
On FreeBSD there are jails to isolate services and improve security.
At first I didn’t like jails the way the freebsd handbook describes it requires a buildworld which takes a long time on my system with a AMD C-60 CPU.
Lucky Qjail makes the deployment a lot easier.Read more...
As my file and backup system pluto died i’m building a new one.
The motherbord will be a Asus C60M1-I. The cpu may not have not enough horsepower for deplucation at full speed but it has 6 sata ports which is not common on a mini ITX motherbord. I will reuse my old harddrives and add or replace them when I need more storage.
The realtek f8111F is supported in the latest driver code, after rebuilding my kernel the network adapter works fine. Very useful on a NAS ;-)Read more...
Finaly a long overdue release of Lookat / Bekijk the userfriendly file browser.
The new stable version 1.4.2 is available at the http://www.wagemakers.be/english/programs/lookat
1.4.2 is a maintenance release. When there are more than 24 hours in a day I’ll start with the long waited utf-8 support ;-)Read more...
After 10 year, my fileserver pluto died. Pluto was a AMD64 had 1GB RAM and 4 too loud samsung drives (160GB).
( 1 minute silence …. )
I take backups of course ;-) I already ordered the parts to build a new pluto.
I also decided to create a blog and I wanted something that integrated well with github. Octopress seems to be the most logical choose. It’s written in ruby which is a nice bonus.Read more...