Slashdot Mirror

I think the point was that if the Debian maintainer had submitted his patch upstream, he'd have been told exactly how stupid it was.

There is a very good reason why the release focus is the way it is this time. It all started with this email with RMS trolling on the misc@ list (ended up being around an 800 email thread with RMS proving what a nutter he is):

http://marc.info/?l=openbsd-misc&m=119730630513821&w=2

You should also read the comment on the lyrics page. It's just under the picture in the left column:

http://openbsd.org/lyrics.html#43

"""
OK, there was the problem of relicensing of a driver for the Linux kernel
"""

Which people made him aware of, which should have been concerning to him because how that ended up would have negatively impacted his OS. But, his answer to people was to leave him alone on that matter. As in, he'll use any technique, no matter how shady to promote and further his own goals.

"""
but they should begin to work together instead of beginning a war
"""

Kinda hard when RMS works to license everything under the "you either license it all under our license or you can't work with us" GPL. Which, btw, is incompatible with the BSD. There's also the fact that he's been quoted as saying that he'd rather see all programmers be taxi drivers having all code free (using his NON-dictionary definition) than having any proprietary software at all.

Rather hard to work with someone when they are completely uncompromising. Seriously, read the thread. It tells of a *very* unstable person.

First of all, Reiser4 is not dead at all. The namesys.com website is still down because it is hosted in the US and the developers are on the other side on the globe. Who cares. There is a new location here and here.

Reiser4 development didn't stall at all! the mailing list is not particular noisy but there are bug fixes on a regular basis and new patches generally come out some days after a new kernel release.

It still is in the mm tree and gets updated regularly. Public GIT repositories are also to come very soon. Due to its modular design (*cough* plugins *cough*) reiser4 could be particularly interesting for new coders and specialized tasks. We'll see...

My personal note: Reiser4 is surprisingly stable. I have it on several machines since it was officially released. Of course I run daily backups but I didn't have to use them once. Occasionally I saw corruptions but these were fixed by an excellent fsck (all this might as well be personal luck though ;).

Recently a show stopper bug in the (not yet officially released) compression code has been fixed. This not only gave me lots of extra disk space but actually a performance boost - disk io is the bottleneck here. Better not get me started on comparing performance to the zfs counterpart on fuse or freebs).

And it goes to show you Bill Gates and Richard Stallman have something in common. They both don't know the definition of free software in Open Source.

http://marc.info/?l=openssh-unix-dev&m=120692745026265&w=2

It was available in 4.9, released just days before 5.0.

I think Cygwin's full of too many hacks to be a good starting point. For instance, Windows programs have no ability to fork

http://marc.info/?l=openbsd-misc&m=120268516518434&w=2

basically, the requirements for a successful 'exploit' are a poorly-attended system without even the most basic safeguards against abuse.

but mostly, who's Amit Klein? He may be brilliant, or he may be Gobbles (or somewhere in between). I don't know - but the OpenBSD team has a history of making smart decisions and doing the kind of development that has earned my trust. When presented with a scenario I can't necessarily judge for myself, and given the OpenBSD dev team on one side and $random_guy on the other, I think I'll trust the side that's already earned my trust, until they do something to lose it.

"Microsoft has way too many hooks into Gnome via Mono and too much reliance on Gnome could allow more harm when Microsoft gets more agressive with their patent claims."

Anyone with any brains has already stopped using gnome (if they were ever using it in the past). Mono is just the latest in a string of really bad decisions - "[Cancel] [OK]" button order being one of them ... or these abominations

>> standard: [Reset] [Cancel] [OK]
>> alternative: [Reset] [OK] [Cancel]

There are some OS implementations but there's no flash RFC or anything of that nature. It's all reverse-engineering, and everytime Adobe releases a new version, the OS code is out of date.
And Gnash doesn't work fine everywhere, because the devs don't really care. Check this out:
http://marc.info/?l=openbsd-misc&m=119765675010299&w=2

Are you serious? You're also the one who made the completely unsubstantiated claim that NetBSD is more portable than Linux (which I refuted and you had no answer to). So you seem like a troll.

So, what evidence do you have to back up this new claim? Here's something interesting. Both Solaris and Linux are recently implementing NUMA text replication. This is what the diff looks like for Solaris:

http://hg.genunix.org/onnv-gate.hg/rev/1b5c93035912
  28 files changed, 2508 insertions(+), 314 deletions(-)

And this is what the Linux one looks like:

http://marc.info/?l=linux-kernel&m=118552585814804&w=2
18 files changed, 812 insertions(+), 61 deletions(-)

So the Linux implementation is like 1/3 the size and touches 50% fewer files.

So, why is it that you say Solaris is cleaner than Linux? I doubt you've even read the code.

"This situation shows one of the strongest arguments for open source."

But everyone should also bear in mind that that argument also has limits. In TFA, you see a reference to Linux having problems with it's PRNG. That was a semi-big deal a couple of years ago. From that reference (http://eprint.iacr.org/2006/086.pdf, for your convenience)"

"Why reverse-engineering the LRNG is not easy. The LRNG is part of an open source project and therefore one might assume that its source code is available for public scrutiny and that its security can be easily analyzed (or at least, is not based on security by obscurity). However, the LRNG is not well documented and there is no clear description of the implemented algorithm. The LRNG is composed of about 2500 lines of code, and in addition, hundreds of code patches were applied to the code during the last ve years (and consequently, the available documentation does not always reect the current code). One example of the complexity of the LRNG code is the fact that for 17 months the LRNG code included a bug in which entropy addition used a vector of size 4 × n instead of n. We also note that throughout our analysis we were not helped by any of the LRNG authors."

That last sentence was overly harsh. The LKML thread is at: http://marc.info/?l=linux-kernel&m=114772953214912&w=2
Posts from Ted T'so in that thread cover his design thoughts, etc. Interesting read. I remember looking at that code, back when, and thinking, WTF? So yes, it's Open Source. OTOH, it was very much a WTF moment.

Then early this month, another PRNG flaw was found on kernels before 6.2.22. I guess I should drag the code back out, have another look, and hope that it's now been cleaned up. A *lot*.

So, I'm right there with you on your "Trust no one" comment. I wouldn't personally run, or professionally deploy, anything but Open Source, except firmware that I can't avoid, and a couple of binary blob drivers I have installed on a home workstation. And I don't like even that.

But I hope there aren't newbies out there thinking this Open Source thing is a panacea. It's a lot better than binaries-only, as witness the huge problem with Win2k's PRNG also published (by almost the same crowd as the paper above) back around the beginning of the month, and which has quite possibly been around since the release of the OS. http://eprint.iacr.org/2007/419.pdf But it's not a panacea.

Jeez, what is it with PRNGs this month?

More than just talk wouldn't happen to include support for a Qualcomm ARM11 chipset, would it??

You'd be a fool to run Linux on one of these machines. The OpenBSD guys were getting 29Mb/s and with the latest optimisations to pf are now getting 58Mb/s. Not quite fast enough to saturate a wired LAN, but fast enough for most Internet connections. Add in a crypto miniPCI card and you can offload VPN calculations too.

Last week there happened to be a discussion on the OpenBSD mailing list about SELinux. See http://marc.info/?l=openbsd-misc&m=119047563000795&w=2/

I had an employer many moons ago who manufactures PC-add-on boards such as RAID controllers
[...]
because a bigger competitors could take that knowledge and turn it into a less expensive product
[...]
there were features designed into the hardware ASIC's that should have worked, but didn't.
[...]
the company was unwilling to disclose that there were embarrassing design flaws in their hardware, a perception that could have ruined them

Sounds like your bigger competitor could have been Adaptec. I guess they used the same ASICs. Was the 'race' about circumventing non-functional parts of RAID-controllers ?

http://hardware.slashdot.org/article.pl?sid=05/03/20/1944233
http://marc.info/?l=openbsd-misc&m=111118558813932
http://www.sigmasoft.com/~openbsd/archives/html/openbsd-misc/2005-03/msg01362.html

I am not a lawyer, know only what I read in the US Code about copyright law, and know nothing about the original circumstances that started this topic, so of course I am Slashdot qualified to comment on it like I know everything there is to know about the subject.

1) Theo De Raat was right in his first posting about this topic. You can't remove or alter a copyright notice in the process of distribution if that license prohibits that activity. Even under dual-license you can't eliminate one to prefer the other or it no longer becomes a "dual" license.

2) Theo De Raat exhibits his first rate fucktard nature when replying to people he disagrees with. I believe that De Raat is quite simply the greatest impediment to the development of *BSD code. It is my honest opinion that no one likes dealing with him but instead tolerate him because he has excellent coding skills and has such a long history with the code base that he can't be ignored. I guess he prefers the "respected rather than liked" method to life.

3) The submitter fucked up the article title. Eban Moglen was not lashing back at De Raat. He was commenting about the person posting as J.C. Roberts, a person I believe is an unsufferable shitstain who likes to throw around threats of lawsuits and malpractice. I read the thread with De Raat's original comments and couldn't find any threats of lawsuits. Maybe I'm reading the wrong threads.

http://marc.info/?l=openbsd-misc&m=118861134304239&w=2

4) This has nothing to do with Linux. This has everything to do with the GPL and BSD. Linux is a fucking kernel that has a GPL license.

Fucking shit, people! There are more important things to comment on in this world.

O.J. has been arrested for armed robbery, for Christ's sake.

here's the article on undeadly and and here's a synopsis from a misc post An excellent (and apparently sarcastic) quote:

Then you haven't read Theo's rant. When they converted the files to GPL they even deleted the lines at the top that said 'do not remove these lines'. The BSD license does permit use in proprietery code, but does not permit the removal of the copyright notice.

Read these two posts.
1> http://marc.info/?l=openbsd-misc&m=118865605929266 &w=2
2> http://marc.info/?l=openbsd-misc&m=118865748911976 &w=2

Then you haven't read Theo's rant. When they converted the files to GPL they even deleted the lines at the top that said 'do not remove these lines'. The BSD license does permit use in proprietery code, but does not permit the removal of the copyright notice.

Read these two posts.
1> http://marc.info/?l=openbsd-misc&m=118865605929266 &w=2
2> http://marc.info/?l=openbsd-misc&m=118865748911976 &w=2

The Linux code is being patched to fix the license problem, says TFA. Here's the content of the patch.

Note what the patch is doing, very carefully. The patch is changing the copyright notices on top of the modified files to say that these files are licensed under the GPL, but are also based upon an earlier work licensed under the BSD, and then reproduce the copyright and license statements as required by the original BSD licenses. This makes completely transparent the following things:

1. The new work is released under the GPL license only. Anybody who uses, modifies or distributes this new work must abide by that license. They don't have any other license to that work.
2. The new work is based on older work whose authors released under the BSD license, and the authors of the new work received the original under that license. In order for the authors of the new work to comply with the license that allows them to release a derivative of the original work, they reproduce the copyright and license notices of the original. These license notices only apply to the portions of the new work that are taken from the original one.

These vendors include:

        Sun Apple IBM HP Cisco Netgear RedHat SuSe

        most operating system vendors except Microsoft

        nearly other major network equipment manufacturer

        (but many other vendors too)

These vendors have never given us even a dime. (To put it more
clearly, IBM loaned one developer a machine to make sure that OpenSSH
would run better on it, but they INSISTED on it being a loan instead
of just giving it to the developer).

It HAS to make some files it creates, writable, in order to create an output file of results I imagine...

I don't care if it makes them writable. It should not have to make them world-writable. Big difference there.

Writable means someone can write to them -- usually the user who created the file.

World-writable means anyone can write to them -- including anonymous/guest accounts, system services that aren't supposed to write to anything, or even just another user who isn't supposed to have admin rights.

THIS IS A SECURITY RISK? Come on...

Yes, I would say so.

Your casual "come on" statement comes up against decades of best practices in Unix, as well as some opinions by some people in security that I actually know of and respect. It's so obvious a bad idea that I can see it for myself, too -- I don't even need a second opinion.

And even if I ran it, what would it prove? If they can't even secure their own security-testing program, I'd say any results they come up with are suspect.

No, that's not a way of "getting out of a bad score" -- even if I got an incredibly good score, I would question the results. I wouldn't just use them to push an agenda, the way you seem to be.

You've got to be kidding me man... then, just install SUN's JVM, install the program & run it...... & then uninstall it.

So your solution to wanting me to run an obviously insecure program is to uninstall it when I'm done?

You're kidding, right?

In that case, I have a challenge for you: Here's a link I found in my spam. Go ahead and download that file, and run it. Then uninstall it. Your system should be secure again, right?

If you aren't willing to do that, you should be able to understand why I'm not willing to download some random, stupidly-insecure program to test my machine.

If you are willing to do that, I imagine you'll get an object lesson in how spyware works.

I don't see how that matters, as long as you were modded up for reasons other than "funny" or "karma" (these 2, to myself @ least, don't mean much - technical points mods, however, do)!

Not that I expect it to change your mind, but registered users get a whole bunch of preferences like that. If you wanted to, you could actually set funny and karma bonuses to have 0 effect on a post's apparent score to you, or even a negative effect.

unless of course you are of the opinion that BSD is dying.

Safari also vulnerable...

There's a story behind that...http://marc.info/?l=linux-kernel&m=10289305 4014512&w=2

That's akin to some photocopier-humor geek jokes we assembler coders used to share in my salad days. My favorite hypothetical assembler opcode was "HCF"... "Halt and Catch Fire".

Most Beowulf clusters run parallel codes written to use the Message_Passing_Interface (MPI). MPI programs really don't want to be migrated to different nodes while they're running, so load management is achived through schedulers such as Grid Engine, TORQUE, and others. These schedulers avoid the need for process migration by preallocating the resources (compute nodes) in advance, and prevent the load imbalance from happening in the first place. openMosix waits for the imbalance to slow down the computation before it migrates a process to relieve the problem.

If you check the archives of the Beowulf mailing list, you'll see that while the Beowulf community knows about openMosix, very few Beowulfers use it.

Most Beowulf clusters run parallel codes written to use the Message_Passing_Interface (MPI). MPI programs really don't want to be migrated to different nodes while they're running, so load management is achived through schedulers such as Grid Engine, TORQUE, and others. These schedulers avoid the need for process migration by preallocating the resources (compute nodes) in advance, and prevent the load imbalance from happening in the first place. openMosix waits for the imbalance to slow down the computation before it migrates a process to relieve the problem.

If you check the archives of the Beowulf mailing list, you'll see that while the Beowulf community knows about openMosix, very few Beowulfers use it.

Let us not forget this all came about because the FSF zealots were trolling lkml about the GPL3 to begin with... Linus didn't exactly go out of his way to bash RMS, the FSF and their followers out of the blue. There was a thread with hundreds of posts started by someone else and FSF fanatics who have contributed nothing to the kernel started trolling. I was involved with the thread off list (since I'm not a kernel dev and I felt it would be inappropriate for me to spout off what I think the kernel devs should do with their code) and I walked away with a severe distaste for the FSF and their concept of "free software." Not satisfied with that, the primary FSF zealot in the thread started another thread with the goal of trying to make Linux dual-licensed so projects like the Hurd could rip code of out Linux since the GPL2 and 3 are incompatible.

Linus has every right to be upset that an organization he explicitly doesn't trust to control the license of his software is badgering him to adopt their new license. When repeatedly told that he doesn't like the new license, they just badger him more to try to convert him (to further their own projects). I get along with most Catholics fine but the Jehovahs, who used to come to my house every Saturday morning so they could try to convert me, can go fsck themselves. All they did was ensure that I saw them as fanatics and thus would never want to associate with them.

As for Linus being egotistical and petty, RMS is no better... and it is RMS' own ego which caused him to divide the FOSS community with the GPL3 by making it incompatible with the GPL2, be presumptive enough that everyone releases GPL2 software for the same reason he does (and further try to leverage the GNU code base to get GPL2only authors to convert their license to his new one even if they disagree with it, invite the PHP worry and open the FOSS community to whole new levels of FUD.

Let us not forget this all came about because the FSF zealots were trolling lkml about the GPL3 to begin with... Linus didn't exactly go out of his way to bash RMS, the FSF and their followers out of the blue. There was a thread with hundreds of posts started by someone else and FSF fanatics who have contributed nothing to the kernel started trolling. I was involved with the thread off list (since I'm not a kernel dev and I felt it would be inappropriate for me to spout off what I think the kernel devs should do with their code) and I walked away with a severe distaste for the FSF and their concept of "free software." Not satisfied with that, the primary FSF zealot in the thread started another thread with the goal of trying to make Linux dual-licensed so projects like the Hurd could rip code of out Linux since the GPL2 and 3 are incompatible.

Linus has every right to be upset that an organization he explicitly doesn't trust to control the license of his software is badgering him to adopt their new license. When repeatedly told that he doesn't like the new license, they just badger him more to try to convert him (to further their own projects). I get along with most Catholics fine but the Jehovahs, who used to come to my house every Saturday morning so they could try to convert me, can go fsck themselves. All they did was ensure that I saw them as fanatics and thus would never want to associate with them.

As for Linus being egotistical and petty, RMS is no better... and it is RMS' own ego which caused him to divide the FOSS community with the GPL3 by making it incompatible with the GPL2, be presumptive enough that everyone releases GPL2 software for the same reason he does (and further try to leverage the GNU code base to get GPL2only authors to convert their license to his new one even if they disagree with it, invite the PHP worry and open the FOSS community to whole new levels of FUD.

That article can create some misunderstandings about what Torvalds actually said and meant. If you want to form your own opinion, read the email discussion thread (it is huge) at http://marc.info/?t=118136815500004&r=36&w=4 and Linus' posts e.g. at http://marc.info/?l=linux-kernel&m=118235728513045 &w=4 and http://marc.info/?l=linux-kernel&m=118236278730043 &w=4 .

I think Linus' statements make much more sense in context.

For instance, several posters here have responded to "Only religious fanatics and totalitarian states equate 'morality' with 'legality'," by pointing out that all western legal systems represent morality in some way. However that is missing the point, and I think, not what Linus meant. Democratic systems compromise on a *common* idea of how morality should be represented by laws. This is entirely different from religious fanatics or totalitarian states where the moral ideas of an individual or small group is the only acceptable one. The point Linus is making here is that the GPLv3 is used as a vehicle to impose upon others the ideas of a few and regulate what Linus thinks should be a matter of choice.

I agree with Linus point of view: it might be wrong to trust in the choice of users. Maybe users will not do what I wish they would do - not buy DRM protected music etc. Maybe this will lead to a point where Linux needs a program that can play DRM protected media. But still, I think that taking that choice away from future Linux users would be the totalitarian way of trying to achieve things. Personally I would not want that. I hate DRM, software patents, vendor lock it, but as a *NIX user of more than a decade, I do not want Linux (and other open source software) to become the blunt weapon of a few fanatics instead of an inviting and competitive alternative.

That article can create some misunderstandings about what Torvalds actually said and meant. If you want to form your own opinion, read the email discussion thread (it is huge) at http://marc.info/?t=118136815500004&r=36&w=4 and Linus' posts e.g. at http://marc.info/?l=linux-kernel&m=118235728513045 &w=4 and http://marc.info/?l=linux-kernel&m=118236278730043 &w=4 .

I think Linus' statements make much more sense in context.

For instance, several posters here have responded to "Only religious fanatics and totalitarian states equate 'morality' with 'legality'," by pointing out that all western legal systems represent morality in some way. However that is missing the point, and I think, not what Linus meant. Democratic systems compromise on a *common* idea of how morality should be represented by laws. This is entirely different from religious fanatics or totalitarian states where the moral ideas of an individual or small group is the only acceptable one. The point Linus is making here is that the GPLv3 is used as a vehicle to impose upon others the ideas of a few and regulate what Linus thinks should be a matter of choice.

I agree with Linus point of view: it might be wrong to trust in the choice of users. Maybe users will not do what I wish they would do - not buy DRM protected music etc. Maybe this will lead to a point where Linux needs a program that can play DRM protected media. But still, I think that taking that choice away from future Linux users would be the totalitarian way of trying to achieve things. Personally I would not want that. I hate DRM, software patents, vendor lock it, but as a *NIX user of more than a decade, I do not want Linux (and other open source software) to become the blunt weapon of a few fanatics instead of an inviting and competitive alternative.

That article can create some misunderstandings about what Torvalds actually said and meant. If you want to form your own opinion, read the email discussion thread (it is huge) at http://marc.info/?t=118136815500004&r=36&w=4 and Linus' posts e.g. at http://marc.info/?l=linux-kernel&m=118235728513045 &w=4 and http://marc.info/?l=linux-kernel&m=118236278730043 &w=4 .

I think Linus' statements make much more sense in context.

For instance, several posters here have responded to "Only religious fanatics and totalitarian states equate 'morality' with 'legality'," by pointing out that all western legal systems represent morality in some way. However that is missing the point, and I think, not what Linus meant. Democratic systems compromise on a *common* idea of how morality should be represented by laws. This is entirely different from religious fanatics or totalitarian states where the moral ideas of an individual or small group is the only acceptable one. The point Linus is making here is that the GPLv3 is used as a vehicle to impose upon others the ideas of a few and regulate what Linus thinks should be a matter of choice.

I agree with Linus point of view: it might be wrong to trust in the choice of users. Maybe users will not do what I wish they would do - not buy DRM protected music etc. Maybe this will lead to a point where Linux needs a program that can play DRM protected media. But still, I think that taking that choice away from future Linux users would be the totalitarian way of trying to achieve things. Personally I would not want that. I hate DRM, software patents, vendor lock it, but as a *NIX user of more than a decade, I do not want Linux (and other open source software) to become the blunt weapon of a few fanatics instead of an inviting and competitive alternative.

The GNU GPL is used by developers with various views, but it was written to serve the ethical goals of the free software movement. Says Stallman, "The GNU GPL makes sense in terms of its purpose: freedom and social solidarity. Trying to understand it in terms of the goals and values of open source is like trying understand a CD drive's retractable drawer as a cupholder. You can use it for that, but that is not what it was designed for."

the AMT (Advanced Management Technology) is the truly frightening bit. Big Brother visits your computer:

A Swedish ASIC designer explains:
http://strombergson.com/kryptoblog/?p=311

(A rough) translation:
http://marc.info/?l=openbsd-misc&m=118302016430106 &w=2

For those that wish to read the whole thread:

http://marc.info/?l=openbsd-misc&m=118296441702631 &w=2

In addition, git works well for simple projects but not so well for projects that have many different related subprojects which share code.

Linus has written some very low-level subproject support, but at this point I think it's only interesting to very early adopters and/or people who can help hack on the higher-level infrastructure that'll be needed to make it usable.

You can try one of the GIT crash courses at: http://git.or.cz/course/index.html

But if you're a CVS/SVN user, I'd start by trying to understand the conceptual difference between centralized and distributed development models. Linus has a detailed explanation here: http://marc.info/?l=git&m=113072612805233&w=2

So ... where is the original email? I'm not subscribed to the LKML, but the EE Times is reporting the same email, and neither seems to cite a source, so does that mean Linus sent an email to the LKML? Anyone want to paste a copy in here?

Announcing free software drivers for the new Intel 965GM Express Chipset

ATI, NVIDIA: fuck you. Open source graphic drivers are possible, period.

Precisely. Sun has been shipping OpenSSH in Solaris since around 2002. As Theo de Raadt points out, Sun has never given OpenBSD a dime, despite the fact that they saved millions in licensing costs by choosing OpenSSH over SSH.COM.

So what's Sun's game here? Have they suddenly started giving to projects they've profited off of, or are they up to something else? My guess is that Sun's claim to be the "number one contributor to open source worldwide" is a little bit of slight-of-hand based on the fact that they've opened up Java and Solaris. Have they really given more money to OSS than, say, Red Hat or Google?

For example, CVE-2006-3648 and Exploiting the Otherwise Non-exploitable on Windows details how MS exeption handling in Internet Explorer can be exploited. Why should I have faith that the effects of this crash are not exploitable as well.

Additionally, just because something was initially reported as a crash, does not mean researchers won't find a way to later exploit it. Again, visiting the MS IE browser: Javascript window() issue in IE was publicly reported as a DoS in May 2005 and was ignored, until being reported as exploitable in November 2005. Why could not the same thing happen here?

Oh, I get it, Mr. LeBlanc at MS wants to tout his SafeInt class... well, being Office is closed source, vulnerability researchers cannot really examine this "security feature". I guess this offers MS a safety net to claim that these "features" are "3... meant it to blow up, and [are] clearly not exploitable", while protecting themselves from the vulnerability community finding exploitable flaws in the SafeInt code.

Too bad we don't have the OpenBSD private discussion.

It seems mb_ (Michael Buesch) is genuine in his "public has the right to know", not in a hateful manner.

The only thing in mb_'s disadvantage us [..] that mb_ did expect Theo to respond in this manner.

unionfs was pulled from the openbsd tree last year.

Here are a couple of the removal commits:
http://marc.info/?l=openbsd-cvs&m=111706859725229& w=2
http://marc.info/?l=openbsd-cvs&m=111707147811254& w=2

And here's the why:
http://marc.info/?l=openbsd-misc&m=110226865110477 &w=2

unionfs was pulled from the openbsd tree last year.

Here are a couple of the removal commits:
http://marc.info/?l=openbsd-cvs&m=111706859725229& w=2
http://marc.info/?l=openbsd-cvs&m=111707147811254& w=2

And here's the why:
http://marc.info/?l=openbsd-misc&m=110226865110477 &w=2