12″ PowerBook G4

April 4th, 2014

PowerBook G4
With the talk on Twitter & App.net about old computers I started to get nostalgic. I had cleared out most of my collection back in 2012 & been resisting the urge to resume hoarding again largely, having successfully put off the purchase of a Ubiquiti EdgeRouter Lite to run FreeBSD on, I remembered that I was offered a G4 PowerBook a few months back which I turned down. It was still available if I wanted to take it, which made very happy. a 12″PowerBook6,4 that I’d assumed it was going to be a 15″ model. I’ve been playing about with it for the past couple of days, wiping the pre-installed copy of Leoapard & going through the Panther to Tiger path.

The system is now running 10.4.11, patching was a lot of fun, java update after java update, pretty sure it didn’t seem that bad at the time.
It was interesting to see that there was no iTunes update made available, having to manually fetch v9.2.1 from kb DL1056. Safari was updated to v4.1.3.

With no more updates on offer from the software update facility I disabled the java & macromedia plugins by moving them out of /Library/Internet Plug-ins & /Library/Application Support.

Going back to Tiger was a mixture of pleasure & pain, visually, I much prefer the brighter white look of aqua, as opposed to the grey theme which introduced in Leopard. Terminal.app in Tiger is not that great, font smooth is particularly poor, I may have to resort to sourcing a copy of the original iTerm. Plan9 from userspace built without issues using gcc from XCode 2.5, but I guess finder doesn’t like something about the bundled transparent icon of Glenda on the dock as it shows up with a white background & though acme launches correctly, the icon continues to bounce on the dock.
F.lux 1.1 is the last supported PowerPC build which runs on Tiger, no support for UK in location settings of this build.
TenFourFox takes the place of Firefox as an up to date, maintained version for the PowerPC Mac’s. Python was updated to 2.7.6 using a package straight from python.org.

There is a PowerPC Software site, which contains links to the last builds of popular software which supported the PowerPC Mac’s.

Mercurial & Ruby built successfully from source, pkgsrc also bootstrapped without any issue, the system is currently building GCC 4.8 from pkgsrc.
Needed to declare MACOSX_DEPLOYMENT_TARGET=10.4 otherwise the build process would fail with ld: flag: -undefined
dynamic_lookup can't be used with MACOSX_DEPLOYMENT_TARGET environment
variable set to: 10.1

The system currently has 512MB of RAM & a 74GB HDD, 40GB allocated to OS X & the remaining intended for use with OpenBSD, will have to netinstall OpenBSD as I don’t have any blank CD’s with me, no USB hub, the USB ports don’t provide sufficient power to run a Zalman Virtual CD and I suspect the system is unable to boot from USB anyway. Been looking on Amazon for IDE SSD drives but probably will increase the RAM first.


RetroBSD on chipKIT Max32 with Arduino Ethernet shield

March 29th, 2014

I bought myself one of these boards to play with RetroBSD a few months back but with build issues & other distractions in real life I didn’t get very far because the stock MAX32 kernel configuration is for SD card slots wired to the board whereas I was trying to use the SD card slot on an ethernet shield. This resulted in the kernel not being able to detect the SD card, hence no root file system. I’d use prebuilt binaries without trying to build my own but for some reason there is no prebuilt kernel image for the configuration I require. Finally, tonight I managed to get a MAX32-ETH kernel built & flashed onto the board, still unable to build the userland but I was able to get an older prebuilt image from the RetroBSD Autobuild Server which currently has images for build 860 & 778.

Will follow up once I have everything building from scratch.

2.11 BSD Unix for PIC32, revision 892 build 1:
Compiled 2014-03-29 by xxx@xxx.xxx:
cpu: 795F512L 80 MHz, bus 80 MHz
oscillator: XT crystal, PLL div 1:2 mult x20
console: tty0 (5,0)
sd0: port SPI2, select pin C14
sd0: type SDHC, size 15339520 kbytes, speed 13 Mbit/sec
phys mem = 128 kbytes
user mem = 96 kbytes
root dev = rd0a (0,1)
root size = 163840 kbytes
swap dev = rd0b (0,2)
swap size = 2048 kbytes
temp0: allocated 47 blocks
/dev/rd0a: 576 files, 8644 used, 154555 free
temp0: released allocation
Starting daemons: update cron

2.11 BSD UNIX (pic32) (console)


Serial terminal on Nexus 7 with keyboard

January 12th, 2014

Back in September last year at Wuthering Bytes, during a discussion about programming I thought I’d look into the availability of development tools on the android platform & was pleasantly surprised to find tool chains & IDE’s, not having a keyboard made even a simple hello world application painful to write though so I left it at that with the intention of buying a keyboard. I finally got around to buying a keyboard for my 2012 model, settling for a mobile bluetooth keyboard for nexus 7, first impression is the keys feel a little on the small size on but will see after a bit more use.

I’m happy with the size & form factor, it reminds me of the Windows CE HP Journada PDA which are supported by NetBSD/hpcsh though the Journada’s were smaller.

As I have a OTG cable which allows me to connect USB devices to the nexus 7 which normally wouldn’t work (due to requiring host mode) I looked into the state of serial adapter support.

Prolific who produce a very popular USB to Serial chip (PL2303) have an app for Android, as I didn’t have a null modem cable at hand I couldn’t test functionality beyond seeing if the adapter is detected.

For serial console on my Rasberry Pi’s I use a SiLabs CP2102 chipset USB to TTL & a FTDI FT232PL chipset adapter for BeagleBone Black. To connect both of these adapters to my Nexus 7 I used USB Serial Lite. At first the app seemed very unstable, becoming unresponsive after the first attempt to send something over the serial port, this turned out to be CR / LF not being enabled to send on transmit, having at least one of them above the text entry box on the TX row & ticked solves this issue.
There are many more apps available in the Play store for connecting to USB serial adapters but I couldn’t get any of them to produce output from the CP2012.

Building tcsh on 4.3BSD-Quasijarus

December 15th, 2013

So after build installing 4.3BSD on simh I was left with a somewhat bare environment.
My first need was a better shell than stock csh with history & tab completion. I proceeded to download the latest version of tcsh to attempt a build.
Things fell into place quickly as I realised this was not going to be as straight forward.
At some point in the development path of tcsh, support for the GNU tool chain was added which would allow one to use autotools to build the software.
Bootstrapping the baseline is always a lengthy pain which prepackaged binaries ease. I was reminded of the period I avoided using OpenBSD-CURRENT because I was unaware packages were available so I would resort to painfully long builds as I started to tried to compile firefox on a freshly installed system.
I decided to see how far I can get in building software without the introduction GNU components, not using up to date versions is acceptable just so I can achieve the task. This also falls in line with the philosophy of the 4.3BSD-Quasijarus project.

I struggled to get tcsh 6.18.01 to build so thought I’d try the earliest version I could find on the official mirror to see if that would work any better.
Version 6.00 is the earliest one available on the US FTP site, the README file references 4.2 & 4.3BSD among a whole bunch of other legacy OS’s & no sign of GNU autoconf.
With a bit of experimentation I had tcsh compiled, essentially just needed to undefine functionality that was not present in my stock install (NLS) or available in the version I was running (better POSIX compliance).
There is lots of code which is spaced out so as to disable its functionality requiring the deletion of the spaces to re-enable depending on the intended target.
This approach assumes knowledge of the OS & its capabilities along with the functionality enabled in the version installed as apposed to the autotools approach where the developer is responsible for putting together something which in theory will reduced the requirement from the end user installing the software to running configure & make.
In my opinion it’s an idea which is poorly executed while not actually solving the problem, instead pushing the responsiblity from one end to the other with added complexity.
I discovered through an interview with Larry Wall that he was responsible for the patch utility we commonly use, I was curious to see how it would function on 4.3BSD & to my surprise there was no patch utility in base. There is the diff utility for generating differential patches but no support for unified context just copied context. You can generate scripts for ed which can be used to apply the changes for subsequent users.

To build tcsh on 4.3BSD Qausijarus
Fetch the tcsh-6.00.00.tar.gz from FTP
Uncompress with
gzcompat tcsh-6.00.00.tar.gz | uncompress | tar xf -

Copy tcsh-6.00/config/config.bsdreno to tcsh-6.00/config.h

Apply the following changes in this diff to your source & build by running make

By default, the install process puts files into /usr/local so you’ll need to create /usr/local/bin & /usr/local/man

> echo $version
tcsh 6.00.00 (Cornell) 07/04/91 options 8b,dl,al,dir

Last week I came across a project to develop 4.5BSD, a continuation from where 4.4BSD stopped. Comparing the current state of the modern BSD derivatives, we’ve come a long long way, with effort going in to reduce the need to bring the system to a useable state post install & shipping with sane defaults we are in a much better place. 20 years worth of changes to back port is a serious effort.

Running 4.3BSD Quasijarus with simh VAX

December 8th, 2013

I’d previously installed simh via macports & though it was supposedly built with networking support, the guests didn’t actually work with networking on mavericks.
I gave the v4.0 beta a try to see if the problem existed, following the simh Ethernet document I built simh using
make USE_NETWORK=1 LPATH=/usr/lib:/usr/local/lib:/opt/local/lib with libpcap installed via macports & tuntap installed from sourceforge (it is available from macports if you prefer as tuntaposx).
Networking support turned out to work fine with the stock MicroVAX 3900 simulator, failing on the other VAX guests (11/{730,750,780} and 8600) with an error about a non-existent device.

To install 4.3BSD Quasijarus on simh I followed this guide fetching the Mkdisttap.pl script & gzcompat.c from the Computer History Wiki.

I used the following ini file I used for the guest once everything was installed

load -r /opt/local/share/simh/VAX/ka655x.bin
set cr dis
set lpt dis
set rl dis
set ry dis
set ts dis
set rq0 ra82
att rq0 quas.dsk
set rq1 dis
set rq2 dis
set rq3 dis
att tq0 quas.tap
set dz lines=8
att dz 8888
set dz 7b
att xq tap:tap0
set cpu idle=ALL
att nvr nvram.dat
dep bdr 1
! ifconfig tap0 netmask

With the ini file above, the host is assigned the IP address, serial console listening on TCP port 8888 and IDLE loop detection works with set cpu idle=ALL, this means that a guest sits at around 3% CPU & only goes up to a maximum of 70% CPU on my macbook air when compiling software as opposed to 100% at all time. As the application needs to bind to a tap interface & set an IP address it needs to be run as root.


Mac displays prohibition sign when booting from install media

October 6th, 2013

I wanted to re-configure my 11″ MacBook Air so that it dual boots Mac OS X as well as OpenBSD but found that I was unable to boot from a USB flash drive containing 10.8.5.
Booting from a flash drive resulted in a prohibition sign in place of the apple logo with the spiral animation continuing to spin.

Booting again but this time in verbose mode (command + v) showed that the kernel is waiting & repeating the message

Still waiting for root device

, I assumed this message was regarding the USB boot disk, it turns out it’s referring to onbroad SSD.

Searching around I found a thread which used the remote recovery function along with a USB flash drive to restore the Mac (something which I was trying to completely avoid because my internet connection is really poor & the recovery process is slow), this reminded me of the recovery disk assistant which allows you to build a recovery disk as well as update the recovery partition on your system disk.
Attempting to boot from a recovery disk succeeded & allowed me to repartition the SSD in my macbook air with disk utility. I was then able to boot from the USB flash disk containing mac os x & reinstall successfully.

Edit: clarify that it was the SSD which was repartitioned in last paragraph.

OpenBSD on 11″ MacBook Air 5,1 (mid-2012)

September 4th, 2013

While my MacBook was away at the service centre to have the SSD replaced I noticed the NetBSD wiki had marked the install guide as obsolete as it’s no longer required to build a custom kernel because the necessary changes have been integrated so that the generic kernel works out of the box.
The last time I tried to run OpenBSD on a MacBook Air was over the christmas holiday on a mid-2012 13″ model & while I managed to boot a multiuser system, USB support was very unstable & eDP support was missing from Xenocara.
Having received my MacBook back I decided to revisit Net/OpenBSD, I tried booting NetBSD/AMD64 6.1.1 & the 29/08/2013 AMD64 OpenBSD snapshot.
Both exhibited the same behavior, as soon as the kernel loaded into memory the screen would go blank, I attached a thunderbolt display which made displayed some output before going to a blank screen as the kernel probes for devices, I believe this is when OpenBSD now changes font.
I switched from the OpenBSD snapshot to what I (half asleep) thought was 5.4-RELEASE but it turned out to be a mislabelled iso of a snapshot from July. This time it worked fine using a Thunderbolt display, screen still goes blank otherwise.
Onboard wireless doesn’t work, instead I’m using a tiny urtwn(4) wireless adapter.


OpenBSD 5.4-current (GENERIC.MP) #50: Mon Sep 2 13:43:54 MDT 2013
RTC BIOS diagnostic error b1
real mem = 8475713536 (8083MB)
avail mem = 8242003968 (7860MB)
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0000 (54 entries)
bios0: vendor Apple Inc. version "MBA51.88Z.00EF.B02.1211271028" date 11/27/2012
bios0: Apple Inc. MacBookAir5,1
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: wakeup devices P0P2(S4) PEG2(S4) EC__(S4) HDEF(S4) RP02(S4) ARPT(S4) RP05(S4) EHC1(S4) EHC2(S4) XHC1(S4) ADP1(S4) LID0(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz, 1896.01 MHz
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
cpu0: apic clock running at 99MHz
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz, 1895.70 MHz
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz, 1895.70 MHz
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 1, core 0, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i7-3667U CPU @ 2.00GHz, 1895.70 MHz
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
ioapic0: misconfigured as apic 0, remapped to apid 2
acpiec0 at acpi0
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-153
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (P0P2)
acpiprt2 at acpi0: bus -1 (PEG2)
acpiprt3 at acpi0: bus 2 (RP02)
acpiprt4 at acpi0: bus 3 (RP05)
acpicpu0 at acpi0: C3, C1, PSS
acpicpu1 at acpi0: C3, C1, PSS
acpicpu2 at acpi0: C3, C1, PSS
acpicpu3 at acpi0: C3, C1, PSS
acpibat0 at acpi0: BAT0 model "3545797981023400290" type 3545797981528607052 oem "3545797981528673619"
acpiac0 at acpi0: AC unit offline
acpibtn0 at acpi0: LID0
acpibtn1 at acpi0: PWRB
acpibtn2 at acpi0: SLPB
acpivideo0 at acpi0: IGPU
acpivout0 at acpivideo0: DD02
cpu0: Enhanced SpeedStep 1896 MHz: speeds: 2001, 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200, 1100, 1000, 900, 800 MHz
memory map conflict 0xe00f8000/0x1000
memory map conflict 0xfed1c000/0x4000
memory map conflict 0xffe70000/0x30000
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 3G Host" rev 0x09
vga1 at pci0 dev 2 function 0 "Intel HD Graphics 4000" rev 0x09
intagp0 at vga1
agp0 at intagp0: aperture at 0x90000000, size 0x10000000
inteldrm0 at vga1
drm0 at inteldrm0
inteldrm0: 1366x768
wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
wsdisplay0: screen 1-5 added (std, vt100 emulation)
"Intel 7 Series xHCI" rev 0x04 at pci0 dev 20 function 0 not configured
"Intel 7 Series MEI" rev 0x04 at pci0 dev 22 function 0 not configured
ehci0 at pci0 dev 26 function 0 "Intel 7 Series USB" rev 0x04: apic 2 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1
azalia0 at pci0 dev 27 function 0 "Intel 7 Series HD Audio" rev 0x04: msi
azalia0: codecs: Cirrus Logic CS4206, Intel/0x2806, using Cirrus Logic CS4206
audio0 at azalia0
ppb0 at pci0 dev 28 function 0 "Intel 7 Series PCIE" rev 0xc4: msi
pci1 at ppb0 bus 1
ppb1 at pci0 dev 28 function 1 "Intel 7 Series PCIE" rev 0xc4: msi
pci2 at ppb1 bus 2
"Broadcom BCM43224" rev 0x01 at pci2 dev 0 function 0 not configured
ppb2 at pci0 dev 28 function 4 "Intel 7 Series PCIE" rev 0xc4: msi
pci3 at ppb2 bus 3
ppb3 at pci3 dev 0 function 0 vendor "Intel", unknown product 0x1547 rev 0x03
pci4 at ppb3 bus 4
ppb4 at pci4 dev 0 function 0 vendor "Intel", unknown product 0x1547 rev 0x03: msi
pci5 at ppb4 bus 5
vendor "Intel", unknown product 0x1547 (class system subclass miscellaneous, rev 0x03) at pci5 dev 0 function 0 not configured
ppb5 at pci4 dev 3 function 0 vendor "Intel", unknown product 0x1547 rev 0x03: msi
pci6 at ppb5 bus 6
ppb6 at pci4 dev 4 function 0 vendor "Intel", unknown product 0x1547 rev 0x03: msi
pci7 at ppb6 bus 55
ppb7 at pci4 dev 5 function 0 vendor "Intel", unknown product 0x1547 rev 0x03: msi
pci8 at ppb7 bus 104
ppb8 at pci4 dev 6 function 0 vendor "Intel", unknown product 0x1547 rev 0x03: msi
pci9 at ppb8 bus 105
ehci1 at pci0 dev 29 function 0 "Intel 7 Series USB" rev 0x04: apic 2 int 22
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 "Intel EHCI root hub" rev 2.00/1.00 addr 1
pcib0 at pci0 dev 31 function 0 vendor "Intel", unknown product 0x1e56 rev 0x04
ahci0 at pci0 dev 31 function 2 "Intel 7 Series AHCI" rev 0x04: msi, AHCI 1.3
scsibus0 at ahci0: 32 targets
sd0 at scsibus0 targ 0 lun 0: SCSI3 0/direct fixed naa.0000000000000000
sd0: 115712MB, 512 bytes/sector, 236978176 sectors, thin
ichiic0 at pci0 dev 31 function 3 "Intel 7 Series SMBus" rev 0x04: apic 2 int 18
iic0 at ichiic0
iic0: addr 0x2c 03=fc 05=66 06=40 71=06 72=80 86=70 90=37 91=1c 92=35 93=3f 94=62 95=8c 96=63 97=85 98=24 99=04 9a=88 9f=7c a0=7f a1=b5 a2=bf a3=7b a4=28 a5=cf a6=64 a7=2d words 00=0000 01=0000 02=00fc 03=fc00 04=0066 05=6640 06=4000 07=0000
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns8250, no fifo
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
nvram: invalid checksum
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
uhub2 at uhub0 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
uvideo0 at uhub2 port 1 configuration 1 interface 0 "Apple Inc. FaceTime HD Camera (Built-in)" rev 2.00/80.25 addr 3
video0 at uvideo0
ugen0 at uhub2 port 1 configuration 1 "Apple Inc. FaceTime HD Camera (Built-in)" rev 2.00/80.25 addr 3
uhub3 at uhub1 port 1 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2
uhub4 at uhub3 port 8 "Standard Microsystems product 0x2512" rev 2.00/b.b3 addr 3
uhub5 at uhub4 port 1 "Apple Inc. BRCM20702 Hub" rev 2.00/1.00 addr 4
uhub5: device problem, disabling port 1
uhidev0 at uhub5 port 2 configuration 1 interface 0 "Apple Computer product 0x820b" rev 2.00/1.00 addr 5
uhidev0: iclass 3/1, 2 report ids
ums0 at uhidev0 reportid 2: 3 buttons
wsmouse0 at ums0 mux 0
ugen1 at uhub5 port 3 "Apple Inc. Bluetooth USB Host Controller" rev 2.00/1.00 addr 6
uhidev1 at uhub4 port 2 configuration 1 interface 0 "Apple Inc. Apple Internal Keyboard / Trackpad" rev 2.00/2.19 addr 7
uhidev1: iclass 3/1, 9 report ids
ukbd0 at uhidev1 reportid 1: 8 variable keys, 6 key codes, country code 15
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhid0 at uhidev1 reportid 9: input=0, output=0, feature=3
uhidev2 at uhub4 port 2 configuration 1 interface 1 "Apple Inc. Apple Internal Keyboard / Trackpad" rev 2.00/2.19 addr 7
uhidev2: iclass 3/0, 68 report ids
uhid1 at uhidev2 reportid 68: input=511, output=0, feature=0
uhidev3 at uhub4 port 2 configuration 1 interface 2 "Apple Inc. Apple Internal Keyboard / Trackpad" rev 2.00/2.19 addr 7
uhidev3: iclass 3/1, 2 report ids
ums1 at uhidev3 reportid 2: 3 buttons
wsmouse1 at ums1 mux 0
vscsi0 at root
scsibus1 at vscsi0: 256 targets
softraid0 at root
scsibus2 at softraid0: 256 targets
root on sd0a (0f625884de9eca57.a) swap on sd0b dump on sd0b
clock: unknown CMOS layout
hw.sensors.cpu0.temp0=36.00 degC
hw.sensors.cpu1.temp0=36.00 degC
hw.sensors.cpu2.temp0=36.00 degC
hw.sensors.cpu3.temp0=36.00 degC
hw.sensors.acpibat0.volt0=7.50 VDC (voltage)
hw.sensors.acpibat0.volt1=7.23 VDC (current voltage)
hw.sensors.acpibat0.power0=12.26 W (rate)
hw.sensors.acpibat0.watthour0=42.41 Wh (last full capacity)
hw.sensors.acpibat0.watthour1=0.25 Wh (warning capacity)
hw.sensors.acpibat0.watthour2=0.10 Wh (low capacity)
hw.sensors.acpibat0.watthour3=6.90 Wh (remaining capacity), OK
hw.sensors.acpibat0.raw0=1 (battery discharging), OK
hw.sensors.acpiac0.indicator0=Off (power supply)
hw.sensors.acpibtn0.indicator0=On (lid open)

Not even a 33KB SSD

August 22nd, 2013

The SSD on my 11″ 2012 Macbook Air has now failed too, this time nothing is registered in disk utility.
If your system ever gives you the firmware flash screen when there hasn’t been an update which you’ve initiated then take it as a signal that the end is near, this time round it was 2 weeks between the two events.


Dvorak layout with ctrl & caps lock swapped round on FreeBSD

July 11th, 2013

Since getting a MacBook Air with a Japanese keyboard, I have grown accustomed to having the control key in place of the caps lock, so much so that now it’s annoying not having it there if I switch to another system. Searching around to see what I’d find on the subject, it seems that a similar frustration exists for users who are used to the left control key being in the bottom left hand side instead of the new Fn key & infact I have a bios image which makes this change for my X61s.

From the brief search for a bios image brought up lots of links to the image which I already have for swapping fn with ctrl & I didn’t fancy an introduction to ThinkPad BIOS hacking with IDA so I began to look for OS specific solutions.

On FreeBSD, a variant of the UK (uk.cp850-ctrl.kbd, uk.iso-ctrl.kdb) & US standard layouts (us.pc-ctrl.kbd) exist which swap the location of the two keys round & I found this guide (in Japenese) which discusses what changes are needed to a layout file (reassigning scan codes 29 & 58) but all this was already taken care of some 12 years ago. The header of us.dvorak.kbd menions:

“There are some minor variations, but this seems like the most common layout. I personally use one with three more pairs swapped:
esc `~, clock lctrl, and =+ \| (supplied as “us.dvorakx.kbd“). ”

I just needed to declare keymap="us.dvorakx.kbd" in /etc/rc.conf & restart /etc/rc.d/syscons.

UNIX/WORLD Review Sun 2 Workstation, October 1984

June 24th, 2013

I was looking around for information on Lions’ Commentary when I came across this site which happened to be of a journalist who reviewed the Sun 2 workstation for the UNIX/WORLD magazine back in 1984.
The reference to a Sun employee demonstrating the dual head capability made me smile & reminded me of the Project Looking Glass demonstration.

What took me there was his derivative copy of the UNIX v6 source code but I also grabbed the v7 documentation which he posted up as updated PDF (changelog on the page)

Technology has created storage faster than we can use it

May 3rd, 2013

The Plan9 from Bell Labs paper discusses serving files and the central server used in their scenario:
“The central server in our installation has about 100 megabytes of memory buffer, 27 gigabytes of magnetic disks, and 350 gigabytes of bulk storage in a write-once-read-many (WORM) jukebox.”

The paper goes onto describe their use of this storage setup to demonstrate the ability to do dumps of file systems for backups & recovering or interacting with previous changes in Plan9, finishing with
“Our WORM has served a community of about 50 users for five years and has absorbed daily dumps, consuming a total of 65% of the storage in the jukebox. In that time, the manufacturer has improved the technology, doubling the capacity of the individual disks. If we were to upgrade to the new media, we would have more free space than in the original empty jukebox. Technology has created storage faster than we can use it”.


May 1st, 2013

From the paper “First edition Unix: Its creation and restoration

because the PDP-11/20 provided no memory protection against kernel corruption by the running process, it was considered a courtesy for a programmer to yell ‘‘a.out?’’—the name of the Unix assembler’s default output file—before running a new executable for the first time


April 10th, 2013

Work issued me with a mid 2012 MacBook Air, one constant running issue has been rebooting on wake from sleep after a thunderbolt display has been attached or detached in previous state, with the upgrade to 10.8.3 I also started experiencing graphics glitches on wake. In the last week things took for the worse, Friday & Saturday I experienced my system going back to intial login screen on wake & after logging in having two concurrent sessions which meant some apps didn’t work correctly, Sunday night after a fresh reinstall, system failed to detect system disk but after 15 minutes everything was ok, on Monday I rebooted & the system displayed the progress bar at the boot screen as if it was flashing firmware though I’d not initiated an update.
Today I returned to my computer to find the system hung, power cycling the system produced the same flashing folder with a question mark which means unable to find system folder.
Booted of a 10.8.3 USB flash disk, disk utility reports a 33KB Sandforce SSD!

20130411-124209 AM.jpg

20130411-124233 AM.jpg

20130411-124248 AM.jpg

Book review : Kerberos, The definitive guide

February 10th, 2013

Kerberos & AFS have been two technologies I’ve wanted to deploy for a long time but based on my experience with Kerberos in Windows 2000 & and studies for MCSE I had made myself believe that it would be a painful task, I purchased this book a couple of years back but never got around to reading it properly until the start of the new year. The book is divided into 10 chapters, the first 3 explain how Kerberos works conceptually, from there on the book covers the practical aspects, how to deploy Kerberos using the MIT, Heimdal & Windows implementation, how to troubleshoot common issues, improve security, integrate applications & services, implement cross realm authentication, windows & UNIX integration, finishing off with the future of Kerberos.
The book uses FreeBSD as the OS which the UNIX examples are demonstrated on though Kerberos is built from source. I also used FreeBSD to perform my test installation but instead opted to use the Heimdal implementation which comes bundled as standard in the base OS of the BSDs. Implementation was really simple, once the KDC was up & the necessary SRV records were in place, telnet authentication worked seamlessly and after I’d set GSSAPIAuthentication yes in my ssh(1) & sshd(8) config files, SSH also worked seamlessly. Only thing that caught me out was Heimdal in FreeBSD base uses DNS where as the book assumes that this is switched off (not sure if this feature was switched off by default at the time & has now changed or it’s just the FreeBSD bundled version which has it on by default). The information for troubleshooting & some of security is still relevant but other than that it is badly outdated, discussing DES encryption & the lack of support for RC4 encryption which was the default cipher used by Windows 2000. Setting up a slave KDC has also change since this book was published in Heimdal, you now need a hprop/hostname principal for each slave server where as the book recommends host/hostname principals which doesn’t work with Heimdal anymore.

Looking around, you will still see references to Windows 2000 when doing Kerberos implementation eg in the current Heimdal documentation, I’m not sure if this is still applicable to the latest version of Windows or it’s there for historical reference.
If I were looking to learn about Kerberos, specifically Heimdal, I would use the official documentation & the Kerberos5 article on the FreeBSD handbook instead of buying this book as there is too much outdated advice in this book that no longer applies.
Ignoring the outdated best practices, the initial implementation information has remained the same over the year & it’s amazingly easy to deploy in a lab scenario for testing.

bhyve – BSD Hypervisor

February 10th, 2013

With the videos released last month from euroBSDcon 2012, I watched Michael Dexter’s talk on bhyve, the BSD hypervisor has come along way since I last tried it over a year ago & Michael has helped a with it’s progress by writing articles on CFT & scripts for running bhyve.
Last week I decided to get myself a server which I could use to do builds quickly & to run virtual machines for testing. Hetzner do high spec consumer hardware as servers,  €59 per month get you a i7 with 32GB of RAM & 2x 3TB HDD, I ordered the server along with a 16GB USB flash drive with the plan of running SmartOS, once my login details for the server came through, I raised a support ticket for access to a IP KVM, within the hour I was given access & the installation went seamlessly. SmartOS was running on my server & it all went down hill from there.
As there is a IPv4 address shortage, hetzner charge a premium for additional addresses as a routed subnet, along with an additional fee for having the ability to request additional addressses as a “flexi pack”, a /27 would cost €47, I was not going to pay this so decided to go IPv6 only as I have connectivity at home & work. Unfortunately, though IPv6 support is there in the core of SmartOS by interitence from OpenSolaris, the additions from Joyent for KVM don’t, main culprit being vmadm(1m), after losing two days trying to get things working I came to the conclusion that A) it would be a big pain to maintain going forward as the burden would be on me to work around the shortfalls of the system B) I didn’t want to maintain my own release with third party patches which were not in yet C) I didn’t like the way I would have to extend the system to add functionality eg to set the hostname for your system persistently you have to use a script D) getting IPv6 support to guests was painful.

The majority of the work I’m doing is oriented around FreeBSD, it takes over 4 hours to do a build world & kernel on my ThinkPad X61s with a 1.6GHz Core2Duo so anything that can prolong it’s life & give me new builds quickly is good. I placed another support request for IP KVM (LARA in the world of hetzner) & once I had the login details I netbooted the server to  their FreeBSD rescue environment which is a FreeBSD 8.3 based copy of mfsBSD. From there I fetched the latest FreeBSD-CURRENT usb image & wrote it to the flash drive using dd(1) & went about setting up a mirrored zpool to install FreeBSD onto.

Once the installation was complete & the system was up & running I revisited Michael’s talk, slides & scripts.
His scripts are numbered sequentially so you can easily go from creating a disk image to running & managing your virtual machines. This article covers a summary of what is involved to get a guest VM ready with FreeBSD-CURRENT built from source which are taken from his scripts & slides. As development has progressed since the talk, some things which are performed are no longer required. Essentially, you can boot a stock system from a disk image with only 2 necessary modifications to stock configuration files for dealing with the console.
There is also a vmrun.sh script which simplifies the whole process to try out (see instructions)

First build world & kernel (not necessary, you can use the precompiled binary instead if you choose)

On the host add the following to /boot/loader.conf

Create a file which will be used as your disk, eg a 80GB one
truncate -s 80G disk.img
Create a md(4) disk with the file you just created
mdconfig disk.img
Initialise the disk to use the entire disk as a freebsd slice
fdisk -BI md0

You’ll receive the following error which can be safely ignored
******* Working on device /dev/md0 *******
fdisk: invalid fdisk partition table found

Write a standard label & boot code to slice 1
bsdlabel -wB /dev/md0s1
Write a filesystem to slice 1a
newfs -U /dev/md0s1a
Mount it to /mnt
mount /dev/md0s1a /mnt

From /usr/src, install world, kernel & distribution (contents of /etc) onto the disk image
make installworld DESTDIR=/mnt
make installkernel DESTDIR=/mnt
make distribution DESTDIR=/mnt

Setup your fstab to mount root from /dev/vtbd0s1a
echo "/dev/vtbd0s1a / ufs rw 1 1" > /mnt/etc/fstab
Configure your console
echo 'console "/usr/libexec/getty std.9600" vt100 on secure' > /mnt/etc/ttys
echo 'console="userboot"' > /mnt/boot/loader.conf

Aside from configuring /etc/rc.conf the instructions above cover the bare minimum to get a booting VM.

From Michael’s 2-install-guest.sh I’ve skipped loading the virtio drivers in /boot/loader.conf as they’re loaded by default in FreeBSD-CURRENT & the following though I’ve not given it more testing
Helps Kernel detected it’s running in a virtualised environment
Avoid clock drift

PCI pass-through support as it caused hangs

Unmount the file system
umount /mnt
Detach the file from md(4)
mdconfig -d -u 0
Assuming you’re using md0
You can get a list of configured devices with
mdconfig -l

As covered in 3-host-prep.sh you can load the required kernel modules for bhyve & guest networking by running
kldload vmm
kldload if_tap
kldload bridgestp
kldload if_bridge
or rebooting :)

Before starting your VM, you need to create the needed interfaces, a tap(4) interfaces with a bridge(4) linked to the interface you want the VM to be able to communicate on, in my case a re(4)
ifconfig tap0 create up
ifconfig bridge0 create up
ifconfig bridge0 addm tap0 addm re0 up

Because of STP, once you have started the virtual machine, you should pause at the boot menu by pressing space & waiting 20 seconds until STP has stabilised otherwise you may find strange issues with you guest not being able to communicate properly.
If you restart a VM, it is also important to destroy the tap & bridge interfaces before starting up again or you will again experience odd behaviour e.g I was seeing traffic come in to the VM but not going out.
ifconfig tap0 destroy
ifconfig bridge0

To start a VM with less than 4GB RAM issue
sudo bhyveload -d /path/to/disk.img -m 256 vmname && sudo bhyve -c 1 -a -A -m 256 -I -H -g 0 -s 0:0,hostbridge -s 2:0,virtio-blk,/path/to/disk.img -s 1:0,virtio-net,tap0 -S 31,uart,stdio vmname
This will start a VM called vmname which uses 256MB RAM.

To start a VM which uses 4GB or more you’ll have to specify memory settings differently as you need to lead space for PCI MMIO decode below 4GB, so for example, if you wanted to use 8GB RAM, you’d issue
sudo bhyveload -d /path/to/disk.img -m 2048 -M 6144 vmname && sudo bhyve -c 1 -a -A -m 2048 -M 6144 -I -H -g 0 -s 0:0,hostbridge -s 2:0,virtio-blk,/path/to/disk.img -s 1:0,virtio-net,tap0 -S 31,uart,stdio vmname

To shutdown a VM issue
bhyvectl --vm=vmname --destroy

My next step is to now see how to use a ZFS filesystem instead of a file based disk for the VM.

Skype uses nginx?

February 9th, 2013

Or is it that box with the RFC1918 address that appears 3 hops away when I run a traceroute?



February 7th, 2013

Last week I attended a conference on open source software called FOSDEM in Brussels, the two day event has lots of tracks, based on either specific projects or topics such as Java or securiy.

I attended the following talks
On Saturday
XMPP 101
The Open Observatory of Network Interference
Practical Security for developers, using OWASP ZAP
The future of X.org on non-Linux systems
Declarative style GUI programming
How to build an Identity Management System on Linux

On Sunday
The Lua Scripting Language in the NetBSD Kernel
Supporting the new C and C++ standards in FreeBSD
Improvements in the OpenBSD IPsec stack

My favourite talk of the event was the OWASP talk on Saturday by Simon Bennetts who did a great job of clearly explaining what ZAP can do & how it is of use for testing the security of your web application.
The XMPP 101 talk gave an overview of what the protocol can do, the OONI talk had a very late start & laptop issues, didn’t get much from the talk but it does seem like an interesting project from the info on the website. Matthieu Herrb  talked about the progress of running X.org on UNIX, conclusion “Tough times for non-linux systems”. Marc Balmer gave two talks on using Lua, first in GUI programming & the second on the lua(4) subsystem in the NetBSD kernel, allowing users to explore the system easily & doing rapid prototype without the initial steep learning curve of learning C & kernel internal, making the system internals easily accessible. The last talk on the Security track was on FreeIPA, luckily the slides were quiet detailed as it was impossible to hear the speaker because the mic was hanging too low off  his shirt collar.

The BSD track on Sunday was where I spent most of the day. David Chisnall spoke about the C & C++ standards & the mistakes made by the standards groups which we have to live with. I spent the lunch break talking with David about FreeBSD, how I struggle with doing buildworld on my X61s, what can be done to speed up buildworld, why the buildworld process takes so long & the tools Juniper has developed which allow you to track the dependency path for building each component in FreeBSD base.
Mike Belopuhov spoke about the IPsec stack & NAT64 support in OpenBSD, I had an opportunity to ask Mike about dead peer detection, in my previous site to site VPN deployment I had issues where if the connection dropped at either site, the tunnel with not be re-established, needing manual intervention, It was good to hear that this was a problem with the isakmpd & not necessarily a configuration issue.

There were a lots of projects & businesses with stands, Oreilly had a stand selling books, Google were in the recruitment section, Oracle with three big banners for java, mysql & something else, the lady on the stand was very friendly, telling me about how Oracle participates in open source software such as Java, the penny then dropped about the update 13 release.
It was good to see CAcert had a stand and were looking very busy with assurances. I visited the mozilla stand & had the opportunity to try out the firefoxOS on a nexus s?
I’m strongly considering moving to it as I’d rather go with firefoxOS than android, the lock down of iOS is very painful for sharing data between my own devices & makes it frustrating for getting content from several devices to a single place.
I visited the google stand to talk to the recruiters there, I was curious to learn about their recruitment process, since 2007 I have been approached by Google on 3 different occasion, the most recent being back in July last year. I always assumed they had drives every so many years & I’d just been lucky to have been listed on three separate occasions, it turns out actually that once you’re on their radar, they will make contact every once in a while to see if your situation has changed & if have developed sufficiently since last time to be able to pass the interview tests.
I spoke with others regarding this, with those now employed by them & those who have also been approached in the past, discussing why systems folks are sought after & what options you have should you wish to no longer be contacted (supposedly under Californian law, if a person requests a company to never be contacted again, the company has to comply?).

Over the weekend I spotted a few OpenBSD tops (more hoodies than t-shirts) & met my first MirBSD user/developer, Benny Siegert who was the organiser of the BSD track at FOSDEM.
I also had the opportunity to meet up with/bump into folks from communities such as MetaBUG, OSHUG, LOSUG, Brighton 2600, London *BSD, it was good to catch up.

Hetzner website doesn’t work

February 6th, 2013

Contrary to what the page says. :)

20130206-044517 PM.jpg

WordPress Plugin: Old Core Files

January 27th, 2013

I saw the Old Core Files plugin advertised on my WordPress dashboard & I was curious to see what it’d report for this instance.
It listed 461 obsolete files which I was unable to delete but this may be due to my config rather than a plugin issue (fiddling with filesystem permissions did not help). After the tidy up I went to compose a post only to find that leaving the plugin active breaks the add new post section of WordPress, the following error message is logged

2013/01/27 21:46:36 [error] 49410#0: *511 FastCGI sent in stderr: "PHP Fatal error: Call to a member function abspath() on a non-object in /myblog/wp-content/plugins/old-core-files/old-core-files.php on line 237" while reading upstream, client:, server: http://www.myblog.foo, request: "GET /wp-admin/post-new.php HTTP/1.1", upstream: "fastcgi://unix:/tmp/php.socket:", host: "www.myblog.foo", referrer: "https://www.myblog.foo/wp-admin/"

If you have an instance of WordPress that’s been around for a while & has gone through several version updates then it’s well worth installing as a one off. Use the plugin to get a list of obsolete files & remove the plugin afterwards. The current version (v1.0) seems to cause issues if left enabled.

Update 28/1/2013
Version 1.1 has been released which removes the delete button.

FreeBSD, 10 years on

January 26th, 2013

I write this article a week after my 10th anniversary as a FreeBSD user.
I had heard of FreeBSD previously but had never tried it. The closest I had come to a flavour of BSD was unsuccessful attempts at downloading NetBSD on various modems ranging from 14.4k to 33.6 to install onto a Sun 3/60 in the late 90′s.
In the summer of 2002 I managed to obtain a DEC Alpha which I initially ran NT4 on & Redhat 7.2.
I performed a full install with Gnome & watched as the system crawled as it started X11, over the next couple of days It became more & more apparent that the system couldn’t handle it.
I was reading slashdot one night & saw FreeBSD 5.0 had just been announced & the Alpha was a supported platform so I decided to give it a try & downloaded an iso.
Installation went ok, I can’t remember if I had to restart the process because I’d said yes to test the X configuration in sysinstall or not but I do remember that managed to set my syscons font to swiss.
My background was DOS & Windows with several failed attempts at becoming a Linux users, I had some basic knowledge of the *nix user land but more dangerous than anything. Relying on search engines to find answers which in the case of Linux were either incorrect, outdated or didn’t apply to the distro I happen to be running at the time.
It quickly became apparent that this was not a problem on FreeBSD, everything pointed back to the handbook. Using the handbook with some pointers from IRC I made a lot of progress, far more than I had ever made with Linux, I was able to get GDM running, a BSD theme installed & switch window managers. The system also performed really fast, there was a clear noticeable difference between FreeBSD 5.0 & Redhat 7.2.
Using ports I was able to compile software with little effort & the clear divide of user land between base installed & user installed made it easy to track things down.
I ran the 5.0 release for a couple of weeks & was very happy with the progress I had made with configuring the system but I did run into lots of issues which I was told were bugs in FreeBSD 5.0 & it’s not really production ready so I re-installed 4.7 & stuck with the RELENG_4 branch until 4.11.
I was in love with FreeBSD, it was un-intrusive, well organised, well documented & empowering.
By the time version 5.3 was released I was hosting my first customers websites & email with it & have continued to do so for myself & other customers on many occasions since. 10 years on I am now working with many servers running FreeBSD around the world & I’m as happy with it as the first day that I installed it.