Slashdot Mirror

← Back to Stories (view on slashdot.org)

Staying Current with NetBSD

Posted by michael on from the when-apt-get-dist-upgrade-isn't-available dept.

BSDForums writes "Open source never stands still. Even the flexible and mature BSDs are continuing to evolve. In this article, Michael Lucas looks at the NetBSD upgrade process, demonstrating the most common steps to stay abreast of the current source code. This article isn't a comprehensive tutorial that covers every possible situation; rather, it covers the most common situation: updating your source with CVS, building that source code, and installing it on the build machine."

22 comments

  1. Secure CVS - how did NetBSD do it? by hrarbinger · · Score: 4, Interesting
    The article shows you how to get the updates via CVS over SSH with this:

    # setenv CVSROOT anoncvs@anoncvs.netbsd.org:/cvsroot
    # setenv CVS_RSH ssh
    ....

    Now I'd always heard that CVS' pserver wasn't the most stable or secure thing in the world, and that you should use CVS over SSH instead. However I also heard that the abilities of a CVS user were such that if they were determined enough, they'd be able to get shell-like access through the commands that are available. Thus you were only supposed to give CVS access to users who you also give shell access.

    So my question is this: do the NetBSD folks have a page anywhere that describes their anonymous CVS setup? I assume they've done a secure job of locking it down to prevent the entire world from being able to get into their download server for obvious reasons.

    1. Re:Secure CVS - how did NetBSD do it? by Anonymous Coward · · Score: 0

      What's the point of serving an open source project over ssh?

      Weird.

    2. Re:Secure CVS - how did NetBSD do it? by kenfrid · · Score: 3, Insightful

      Except for the (supposed) stability issue, it probably doesn't matter to if anonymous users connect by pserver or ssh. Also remember that there are developers using CVS also, and they probably would not like the passwords for their accounts (with commit priviledges) being sent plain-text.

    3. Re:Secure CVS - how did NetBSD do it? by Dahan · · Score: 4, Insightful
      What's the point of serving an open source project over ssh?

      Obviously the encryption isn't important, but ssh does more than encryption--it also makes sure that you're actually talking to the server you think you're talking to. With ssh, you can avoid someone redirecting your connection to another machine and sending you trojaned source files.

    4. Re:Secure CVS - how did NetBSD do it? by kjd · · Score: 3, Informative
      Although there is a comment to the contrary, SSH's encryption (and the inherent integrity checking) is beneficial even with Free source code.
      • Helps prevent insertion attacks (attacker modifying your source code on-the-fly while you download)
      • May help prevent nosy people upstream from knowing that your latest project uses certain software
      • Compression
    5. Re:Secure CVS - how did NetBSD do it? by Ed+Avis · · Score: 1

      Sourceforge has special CVS-ssh servers where the only command you can run on the remote end is 'cvs'. So short of an exploit in that program, you don't have general shell access. It would be possible for NetBSD to do the same I suppose.

      --
      -- Ed Avis ed@membled.com
    6. Re:Secure CVS - how did NetBSD do it? by rsax · · Score: 1

      Here's a link from the NetBSD documentation website. And here's one provided by a netbsd user, translated from spanish. The second one is better because it incorporates ssh and a chroot jail for the entire repository. I have the actual english version which I downloaded from one of the netbsd mailing lists, don't remember exactly which one though. Search through them, should still be there.

  2. Not First Post! by Anonymous Coward · · Score: 0
    I use NetBSD and it is easily one of the best operating
    systems out there. I just updated my system to a
    1.6 current and can't wait for the 1.6.1 release.


    PS. Please work on Sparc IPC and IPX supprt ;)

  3. Cool. by Anonymous Coward · · Score: 0

    It's about time. I sort of gave up after managing to rebuild world from an old 1.6 snapshot. That was a doozy because of the switch to a dynamically linked root, etc. After that, I was able to get cvsup to compile and run, and I thought it would be pretty straightforward from then on, just like with FreeBSD. Just find a canned config file and roll. Unfortunately, none of the few NetBSD cvsup servers out there understood what parts of the source tree I wanted aside from pkgsrc. I gather that there is a dependency or two for building cvsup that isn't portable across the various architectures out there, and so it's not very popular in the NetBSD camp.

    1. Re:Cool. by Dahan · · Score: 2, Interesting
      I gather that there is a dependency or two for building cvsup that isn't portable across the various architectures out there, and so it's not very popular in the NetBSD camp.

      cvsup is written in Modula-3, and the Modula-3 compiler hasn't been ported to many of the platforms NetBSD supports. I think it's only available for NetBSD/i386, actually...

  4. Re:Mature BSD? When did that happen? by Anonymous Coward · · Score: 0
    Isn't BSD pretty much dead for using it in the Enterprise?

    That's a fair accessment. To be honest, BSD is mostly a hobby system. Commercial support is essentially nonexistent, although sometimes you will find a BSD hobbyist trying to operate "mom and pop" support in their hometown. It's a hardscrabble way not to make a living.

  5. Re:Mature BSD? When did that happen? by LizardKing · · Score: 3, Insightful

    That's a fair accessment. To be honest, BSD is mostly a hobby system.

    You better go and tell that to Yahoo! and all those ISP's who have server farms running nothing but FreeBSD. You better tell all those embedded companies who have mistakenly chosen NetBSD over some less well featured, closed source alternative. And all those people running critical edge systems (firewalls, routers, etc.) on OpenBSD - better tell them to switch as well. And those amateurs at Apple, what the hell are they doing running a BSD based operating system?

    Your post is the most ill informed rubbish I've seen in oh, a couple of hours. Well, since I last checked SplashSnot anyway.

    Chris

  6. I tried to follow the instructions by Anonymous Coward · · Score: 1, Funny

    But I couldn't get my PDP-11 to bootstrap using the tape image they provided. Are they still having trouble with the more recent firmware versions (I upgraded to the newest one from June 1979), or do you still have to have at least two terminals connected for it to work?

    Also, is there TCP/IP support in this version? UUCP doesn't interoperate very well with our windows systems.

  7. Re:Mature BSD? When did that happen? by cant_get_a_good_nick · · Score: 4, Insightful

    To be honest, BSD is mostly a hobby system.

    Not sure what you mean here, anymore than Linux is just a hobby system. Linus doesn't sell anything, it's tken from him and the maintainers and packaged by others.

    Commercial support for BSD isn't what it is for Linux, thats true. If thats your only criterion for comparison, I guess it is "hobby", much like Linux was. The reason for this is more accident than anything; Linux didn't have to fight a lawsuit over the UNIX name. Linus himself has said that he would have used BSD if it wasn't encumbered at the time. Instead he made Linux.

    FreeBSD does have a longer history. For years it had a better VM, so much so that Linux binaries would run better on FreeBSD under load than on a Linux system. Besides a stabler VM, the scheduler is more mature, and they don't tend to do huge changes in the middle of a stable branch (the VM and scheduler changes in the 2.4 branch) nor did they have a file system corruption bug in a stable branch.

  8. Re:Mature BSD? When did that happen? by LizardKing · · Score: 1

    Spoken like a fan-boy with an ax to grind. Let me guess, your hobby is BSD?

    Nope. My job is *programming* on several BSD's, occasionally Linux and even more occasionally Tru64. My hobbys are much more interesting.

    Chris

  9. one problem with the article by MobyTurbo · · Score: 3, Insightful

    There's only one problem I have with the article, it shows how to track -current, the alpha/beta branch of NetBSD. (As -current is with all other *BSDs). It did not show how to track 1.6-STABLE (using "-r netbsd-1-6" in your cvs command line.) It should have mentioned that as most people just want the latest bugfixes and upgrades rather than testing what is going to become 2.0 with all of the changes that implies.

  10. Re:Mature BSD? When did that happen? by rsax · · Score: 1

    Not to mention the millions of dollars in grants given to the OpenBSD project by DARPA. Must be a pretty expensive hobby.