Let’s Compile a Custom Kernel for OpenBSD … and let’s check if we can tune the Process it with multiple Processors.

get Sources and prepare Custom Kernel

cd /usr/src
ftp https://cdn.openbsd.org/pub/OpenBSD/$(uname -r)/sys.tar.gz
tar xfz sys.tar.gz
rm xfz sys.tar.gz
cd /sys/arch/$(uname -m)/conf
cp GENERIC.MP CUSTOM.MP
config CUSTOM.MP
cd ../compile/CUSTOM.MP

-> with config CUSTOM.MP, you can enable disable Components which will be built into your Custom Kernel. Wlan Drives for a VirtualServer, as example, does not make sense.

With Tags, we have the possibility to “Tag” a certain Point as important. Just give it a release Number (v0.1, v0.2, v1.0) or whatever you like.

list all tags for a certain repo

git tag

add Tag

when you’re fine with a version, add a tag …

git tag -a v1.0 -m "my Version 1.0"

push Tags

you have to push the Tags separatly. they do not get pushed with the common “git push” command

BGP Looking Glass with OpenBSD

something I’ve wanted to do for a long time and never got around to it …

Just give a try, it’s public available: https://bgp.stoege.net/

Prerequisite

OpenBSD VM (at least 2G RAM)
Public IPv4 / IPv6
DNS Record / Static IP
Full BGP Feed (don’t worry, you can get it for free)

httpd config

OpenBSD got their own HTTP Daemon in Base System. Let’s enable and configure it.

I like Websites with the Copy Button for certain Snippets. Why not integrate into the own Blog ?

Folder, Copy JS Stuff

Change to Hugo Root Folder

mkdir -p static/js/

cat << 'EOF' > static/js/copy-code.js
(function() {
  'use strict';

  if(!document.queryCommandSupported('copy')) {
    return;
  }

  function flashCopyMessage(el, msg) {
    el.textContent = msg;
    setTimeout(function() {
      el.textContent = "Copy";
    }, 1000);
  }

  function selectText(node) {
    var selection = window.getSelection();
    var range = document.createRange();
    range.selectNodeContents(node);
    selection.removeAllRanges();
    selection.addRange(range);
    return selection;
  }

  function addCopyButton(containerEl) {
    var copyBtn = document.createElement("button");
    copyBtn.className = "highlight-copy-btn";
    copyBtn.textContent = "Copy";

    var codeEl = containerEl.firstElementChild;
    copyBtn.addEventListener('click', function() {
      try {
        var selection = selectText(codeEl);
        document.execCommand('copy');
        selection.removeAllRanges();

        flashCopyMessage(copyBtn, 'Copied!')
      } catch(e) {
        console && console.log(e);
        flashCopyMessage(copyBtn, 'Failed :\'(')
      }
    });

    containerEl.appendChild(copyBtn);
  }

  // Add copy button to code blocks
  var highlightBlocks = document.getElementsByClassName('highlight');
  Array.prototype.forEach.call(highlightBlocks, addCopyButton);
})();
EOF

Update Header

Open this File …

Area41

Looking Forward to the next Security Congress in Zurich https://www.area41.io . It’s sold out since a while, happy i got a early ticket :)

… and all the Talks are online … https://www.youtube.com/watch?v=Hs5olUBX2cg&list=PLv-PXy2JVviu32C4U6F8KHKcyL4s-i_Fo

Any Comments ?

sha256: 07f41198ed084963405456466b567179077366052c560295e9868a0046f0a714

OpenBSD 7.1 released !

… a while ago. I upgraded all my boxes since quite a while, but i didn’t write a short post about it. There is nothing really unexpected, a stable, easy, straigh-forward development of my favourite OS, except that there is a need for more than 1G Free Disk Space in /var. That was a bit a problem for smalled Boxes like the APU with 16G Disk …

List Packages Prime

[root@freebsd13 ~]# pkg prime-list
bash
doas
fping
git
go
gohugo
gsed
hping3
htop
jq
...

List Packages Origin

[root@freebsd13 ~]# pkg prime-origins |sort
archivers/py-borgbackup
devel/git
devel/py-pip
devel/py-poetry-core
editors/vim
emulators/open-vm-tools
ftp/wget
lang/go
lang/python310
net/fping
...

Package Cleanup

pkg autoremove

Pkg Audit

audit installed packages against known vulnerabilities

pkg audit -F

Any Comments ?

sha256: 41490d57eaf6f60005156ccf31d91c8293d7086bb6b203dc23e32d7b2c3489a6

Upgrade FreeBSD 13.0 to 13.1

should be a easy task, right ?

Patch it first

freebsd-update fetch
freebsd-update install

reboot

may not needed, but you have to boot anyway a few times …

Fetch and Upgrade to 13.1

this needs some time ! depending on your internet speed, and specially to power and filesystem performance of your machine. 20-30min for a common VM is not unreal :(

time freebsd-update upgrade -r 13.1-RELEASE
time freebsd-update install

Reboot

shutdown -r now

Finish Install

freebsd-update install

Final Reboot

shutdown -r now

Any Comments ?

sha256: f5d56eadc5e7a757d4a2af764da5a0446ebb246ce6ea630b158a53dc3a160996

Crosscompile under GoLang

Python is cool and everybody like it, but i also like the Concept of writing some Code, compile it for different Platforms and run it everywhere. Google’s Go Language got the possiblity to compile it for multiple Architectures and Operating Systems at the same time. Why not give a try … ?

Little Hello World

package main

import (
    "fmt"
    "os"
)

func main() {
    s := "world"

    if len(os.Args) > 1 {
        s = os.Args[1]
    }

    fmt.Printf("Hello, %v!", s)
    fmt.Println("")

    if s == "fail" {
        os.Exit(30)
    }
}

go.mod

module example.com/test

go 1.18

Compile and run under macOS

go build

./test
Hello, world!

CrossCompile Script

#!/usr/bin/env bash

archs=(amd64 arm64)
os=(darwin freebsd linux openbsd windows)
name="hello"

for arch in ${archs[@]}; do
  for os in ${os[@]}; do
        env GOOS=${os} GOARCH=${arch} go build -o ${name}_${os}-${arch}
  done
done

Compile it

execute it …

Misc Oneliners

Tar Folder and copy to remote Machine

tar cf - /etc/ |ssh ${remote-host} "cd /tmp/ && cat > $(hostname)-etc.tar"

Tar & GZIP Folder and copy to remote Machine

tar czf - /etc/ |ssh ${remote-host} "cd /tmp/ && cat > $(hostname)-etc.tar.gz"

Dump Certs Chain

s="google.com"; timeout 2 openssl s_client -servername ${s} -connect ${s}:443 -showcerts > /tmp/${s}.chain

selfsigned certificate for 1 year

cd /etc/ssl; openssl req -nodes -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 356

set default branch to main

git config --global init.defaultBranch main

bash - check multiple files

[ -f /etc/resolv.conf -a -f /etc/hosts ] && echo "Both files exist" || echo "One or Both Files are missing"

remove word ’nosuid’ on the line /var in /etc/fstab

sed -E -i.bak 's/(.*\/var.*)(,nosuid)(.*)/\1\3/' /etc/fstab

macos show hidden files

defaults write com.apple.finder AppleShowAllFiles -boolean true; killall Finder

or

get Sources and prepare Custom Kernel

list tags

add Tag

push Tags

BGP Looking Glass with OpenBSD

Prerequisite

httpd config

Folder, Copy JS Stuff

Update Header

Area41

OpenBSD 7.1 released !

List Packages Prime

List Packages Origin

Package Cleanup

Pkg Audit

Upgrade FreeBSD 13.0 to 13.1

Patch it first

reboot

Fetch and Upgrade to 13.1

Reboot

Finish Install

Final Reboot

Crosscompile under GoLang

Little Hello World

go.mod

Compile and run under macOS

CrossCompile Script

Compile it

Misc Oneliners

Tar Folder and copy to remote Machine

Tar & GZIP Folder and copy to remote Machine

Dump Certs Chain

selfsigned certificate for 1 year

set default branch to main

bash - check multiple files

remove word ’nosuid’ on the line /var in /etc/fstab

macos show hidden files