UNIX Administratosphere

It is possible to get free online access to UNIX or to OpenVMS; these can be useful in building up your experience on a platform when starting from scratch – or when a review is required.

One of the oldest public access systems in the country is the Super Dimension Fortress (or SDF as it is usually called). SDF offers free accounts, but does ask for US$1 to gain standard access. This isn’t because access is expensive, but because too many people have used the facilities for nefarious purposes (the process suggests that the new user is not a person who will strike and leave).

SDF runs NetBSD on DEC Alphas; this was driven mainly by security and stability. Previously, Stephen Jones, the proprietor, ran SDF using Linux on Intel for several years (which he describes as “the dark years”). BSDTalk had an interview with him back in 2006.

You could also try PolarHome – this shell provider provides access to hosts running Linux (Red Hat, Debian, SUSE, Ubuntu, or Mandriva), OpenVMS (Alpha or VAX), OpenBSD, FreeBSD, NetBSD, HPUX, IRIX, QNX, Solaris, Ultrix, AIX, Tru64, and OpenStep. Unfortunately it requires payment for shell accounts – again because of abuse. The payment is 10 units of your local currency or US$2, whichever is more – and this is per host as well. No other site provides this diverse of a selection.

For truly free UNIX shell accounts, one can try Grex, which is a more professionally-run system (Polarhome and SDF are sole proprietorships). Grex offers totally free shell accounts, but also has memberships (for people to help support the site). It is possible that Grex has the most users as well. Like the others, paid membership does have its privileges – but unlike the others, membership is mainly to provide support for Grex, rather as a security feature.

For OpenVMS, there is a very unique online shell provider: Deathrow Cluster. This is a cluster of three machines running OpenVMS 7.3 – one VAX, one Alpha, and one emulated VAX (SIMH) on a dual Xeon machine. This last is a perfect example of what can be done with an emulator, especially with SIMH which can emulate all manner of old Digital and IBM hardware. However, SIMH does not emulate the Digital Alpha, unfortunately. Like Grex, Deathrow provides completely free shell accounts; like SDF and Polarhome, it is (or appears to be) mainly one person’s purpose to keep it running with a lot of volunteer help.

Any of these will be good sources to keep your shell skills sharp – and in some cases, programming as well. They’re also good people to support; why not offer them some donations if you can?

Sun’s ZFS is, by all accounts, the most revolutionary file system to come along in years. The Wikipedia entry on ZFS has some details, and Sun has a ZFS Learning Center where you can learn how to use it.

Of course, ZFS is in OpenSolaris, but it is also being introduced into FreeBSD as well.

The Solaris Internals site has a beautiful ZFS Best Practices Guide.

What does all of this have to do with Apple’s MacOS X (Snow Leopard)?

Just this: early in the development of MacOS X 10.6, Apple announced that they would use ZFS in the new MacOS X Snow Leopard. The ability to read ZFS volumes had been put into MacOS X Leopard Server. However, ZFS is missing from MacOS X Snow Leopard and Snow Leopard Server entirely. Robin Harris over at ZDNet has an excellent article that explains it all. He then went on to expand on his ZDNet article with more details.

The one detail in particular I wanted to note is the lawsuit between NetApp and Sun over ZFS and related patents. Groklaw has been following the lawsuit, but the last update from Groklaw is October 2008; Sun has more details on their lawsuit page. Way back in 2007 when the patent lawsuit erupted, CompuerWorld had an article suggesting that Apple might be forced into the lawsuit since it had been courting ZFS – or could be sued next if NetApp won. Neither Apple nor NetApp would comment.

It would also be worth noting that when IBM was in talks to buy Sun in March 2009, there were articles about how the ZFS lawsuit would affect such talks – especially given that IBM and NetApp had a strong partnership already (IBM remarkets NetApp hardware for instance). AMLawDaily had a nice article about it, as did CNET. It wasn’t much more than a month later – in April 2009 – that Sun announced it was being bought by Oracle.

Powered by ScribeFire.

I’ve been looking at the book Learning FreeNAS by Gary Sims, and trying out FreeNAS in the process. FreeNAS is now at 0.69.1, and is very stable and robust. FreeNAS is based on FreeBSD and thus is rock solid.

Writing a book about FreeNAS (or any Network Attached Storage system) is difficult for several reasons. The most obvious one is that entire books (big books!) have been written about each storage technology: Windows file-sharing (SMB/CIFS), NFS, iSCSI, FTP, backups, and more.

It is difficult to write a good book about NAS as it is not possible to cover all areas in depth – and alternately, it is not good to reduce the book to “click this button; click that button; next enter this data and click that button…” A NAS can make setting up and using a complicated server quite easy – and finding the right balance between describing all of how Samba works and just specifying which buttons to push can be a hard choice to make.

Learning FreeNAS tends slightly towards the simple end: if you discover any serious problems that require command-line knowledge, the book doesn’t really cover more than it must. In my case, I found that installing FreeNAS resulted in the lack of a default route. I had to add the default network route by hand, though the book never discusses this. This is not necessarily a deficiency, but one to be aware of.

One thing that I always look for in books is an in-depth index. These are simple to find: how many pages does the index contain? How many entries does each letter contain? How many entries can be found under U or X? This book contains 6 pages of index, compared to a similarly sized book that has 17 pages – and a smaller font size. As a reference work then, it will be harder to find items that are of interest.

Overall, this is a good book, worth getting. It could have been more in-depth, but as it stands it is still good. There is no comparable book for the only serious competitor in the open source NAS arena, OpenFiler (which is based on Linux).

The book is available from Packt Publishing in print or in a downloadable PDF.

Once you hear what a NAS appliance does, you might be tempted to think (as I did) what all the fuss might be about. But there are reasons for a NAS appliance, though a NAS isn’t for everybody.

Network Attached Storage is nothing more than a server with a pile of disks and a dozen different ways to access them. For most intents and purposes, the difference between a File Server of yesteryear and the Network Attached Storage of today is conceptually rather minimal.

NAS typically provides access to files via such methods as Windows shares, NFS, iSCSI, Appleshare and others.

So what does a NAS appliance provide that a NFS server does not? There are several benefits:

• Special purpose. Since the system is solely for the purpose of serving up files for users, there is no need for any other facilities except those that deal with its specified purpose. Thus, a lot of potentially vulnerable or unreliable code can be removed, and the speed and reliability of the system can be increased. Some systems do not come with a general purpose operating system of any kind, but rather a specially designed operating system for serving files alone.
• Extensive support. In many cases, since the system is specifically designed for serving up file storage, the innumerable variations of network storage protocols come supported out of the box.
• Ease of use. With the system designed to serve one purpose – and to provide the customer with the best possible experience – the system is generally made much easier to configure and easier to use than having to configure the varying servers and protocols independently.

There are two different NAS products that are the heavy-weights in the free and open source arena: FreeNAS (freenas.org) and OpenFiler (openfiler.com).

The most obvious difference between these two is their base (and their associated licenses). The base for FreeNAS is FreeBSD, and like FreeBSD, is licensed using the BSD license. However, OpenFiler uses Linux as its base, and is likewise covered by the General Public License version 2.

This week, I’ll focus on FreeNAS with the assistance of a book entitled Learning FreeNAS by Gary Sims and published by Packt Publishing.

Powered by ScribeFire.

The FreeBSD kernel recently had a issue in the kenv(2) kernel call, and this article describes very well what it is – and why it is bad. The vulnerability itself is not terribly bad, but the problem exposed is a common one and shows how all user data must be vetted before it is used: a programmer must treat all user data as suspect.

In fact, there have been studies done by Professor Barton Miller at the University of Wisconsin showing that both commercial and open source programs (in a variety of operating systems) are vulnerable (to differing extents) to a constant barrage of random data.

If your code is to be secure, you absolutely must treat user data as hostile and unknown: any trust placed in the user will be abused by someone, either accidentally or purposefully. If by accident, the user will think your software broken and unreliable; if by purpose, your system (or someone else’s!) could be compromised.

Two excellent books on this topic (from two different angles) are these: Hacking: the Art of Exploitation (by Jon Erickson) and Secure Coding Principles (by Mark Graff and Kenneth van Wyk). The first will show you how broken code can be taken advantage of; the second will show you how not to write broken code.

I’ve known that ZFS was a revolutionary filesystem, but never understood the details. Now there is an article that explains why ZFS is so desirable, and does so well.

Apple started supporting ZFS read-only in Leopard, and has released beta versions of Leopard with writable ZFS.

FreeBSD committed ZFS to the 7.0 tree in April of 2007. There is an excellent article that describes how to install FreeBSD 7.0 with ZFS. The FreeBSD Project also has a wiki page that describes the current state of ZFS under FreeBSD, and has some nice links about ZFS.

So why isn’t ZFS in the Linux kernel tree? Because the license for ZFS, the Sun CDDL, conflicts with the Linux kernel’s GPL license. There was an interesting discussion on the Linux Kernel Mailing List (lkml) summarized at kerneltrap.

One way to avoid the license issues is to run Linux inside a Solaris zone; while the Linux system is not aware of the filesystem used as the backing store for the zone, the Solaris system could use ZFS as the zone’s filesystem.

Over at Webmasters by Design there was a very interesting article by Scott Spear about Why FreeBSD is My Favorite *nix OS. Like him, I find FreeBSD to be wonderful and like it a lot. However, I find that I don’t want to use it for everything.

Why I Like BSD: Small Footprint

FreeBSD works in many, many, many more places than Linux – and even more places than Solaris. There just isn’t a lot of overloaded kernel involved. As kernels grow faster and faster, it is refreshing to be able to use something not so bloated.

Why I Like BSD: History

Unlike Linux, BSD goes back a very long ways (longer than Solaris even) and is UNIX. It is possible that with the exception of Unixware and NetBSD, no other UNIX system has as much of a history. Some of the original developers are still involved in FreeBSD (Marshall McKusick comes to mind).

Why I Like BSD: Cohesiveness

No matter how hard they try, a Linux distribution can’t match the overall cohesiveness of one of the BSD systems (such as FreeBSD). Some Linux distributions are very well done, but they still have “missing parts” – usually documentation.

Why I Like BSD: Documentation

There is nothing that matches FreeBSD documentation in the Linux world. Once, I ran a test: I wrote a script to test for the existance of man pages for every binary in the usual locations on the system (/bin /sbin /usr/bin /usr/sbin). Red Hat Linux come up with a number of programs that were undocumented; FreeBSD did not have a single missing man page.

All of the kernel tunables can also be found in man pages, and more.

The FreeBSD Handbook is phenomenal, and a valuable resource. Linux environments don’t have anything like it.

Why I Don’t Like BSD: Linux (In)Compatibility

Linux compatibility fails as often as it succeeds, and it is more of a simulated environment than it is just a compatibility layer. It doesn’t work, it’s bloated and it’s wrong to rely on it in any case.

Why I Don’t Like BSD: Flash et al

Getting to use Flash in FreeBSD is a nightmare. Even following the directions is no guarantee that it will work. Distributions such as OpenSUSE and Ubuntu come ready to plug in Flash support, and Adobe has specified that they will support Linux. That leaves out FreeBSD.

This may be better in PCBSD; I aim to try it soon.

Why I Don’t Like BSD: Installation

Sysinstall is not the easy install process that installation of distributions like Ubuntu and OpenSUSE is. There are way too many technical details to comprehend.

This probably has improved with FreeBSD 7; I’ve not yet tried FreeBSD 7.

I just can’t believe all of the birthdays in the recent weeks.

The Debian Project celebrated 15 years on August 16th. There is a nice wiki page about the celebration (known as Debian Day) which occurs every year around the world.

FreeBSD also celebrates 15 years. The announcement of the celebration was made in the freebsd-announce mailing list by Matt Olander. The celebration will be at Meet BSD California ‘08 on November 15-16 in Mountain View, California (and at Google no less!).

The GNU project turns 25 in September. There is a delightful film by Stephen Fry describing GNU and what it is and what it’s done (and an article about the film), and there is an article by Matt Lee about GNU and how it will celebrate.

Google turns 10 on Sep. 7. There are photos of what the Google computing center looked like over the years from a talk by James Dean give at the 2007 Seattle Scalability Conference.

One more birthday (though not one to celebrate!) is the one-year anniversary of the RIAA’s legal campaign against on-campus file sharing. Ars Technica has a nice article about it, and there is a nice response by Bill Wyman. It’s also the four-year anniversary of the RIAA’s general legal strategy against file sharing; this is covered nicely in an article by David Kravets at Wired. That article starts with an impressive number indeed: 20,000 lawsuits? Astounding…

Any other anniversaries I missed?

There was a delightful post about tiny (or “embedded”) versions of FreeBSD at the FreeBSD (the Unknown Giant) blog. Embedded refers to the fact that these versions can be put into tiny spaces – 16 Mb for instance – or into physically tiny spaces (toasters?) – usually both go together.

I’ve always known about PicoBSD (before it was incorporated into the FreeBSD tree even!) – and it was PicoBSD that showed me that BSD could run in 8M where Linux could not. Looks like NanoBSD picks up where PicoBSD left off. (I suppose the next generation will be FemtoBSD?).

NanoBSD is covered in an excellent article by Daniel Gerzo. There is also a nice presentation (content is rich, anyway) apparently from BSDCan 2006. Over at pean.org there is a nice concise writeup about how the writer is using NanoBSD.

There is also FreeSBIE but that’s not really an embedded operating system, just a “LiveCD”.

I simply must try one of these. You should too!

It’s strange I should come across this article in one of my favorite blogs just after I switched from my FreeBSD desktop to Kubuntu. I’m also surprised at the lack of knowledge and the propagation of some long-standing myths about Linux and FreeBSD for that matter.

There are some ways that FreeBSD (or better put, BSD) is better than Linux – but the comparisons must be valid and appropriate without myths and falsehoods.

Perhaps the primary myth is that FreeBSD is a complete operating system and Linux is a boat-load of different distributions in all different flavors with different setups and so on. However, FreeBSD also has a large number of alternatives, including OpenBSD, NetBSD, PCBSD, DesktopBSD, PicoBSD, and Dragonfly BSD to name just a few.

Another comparison is that FreeBSD is put together by the FreeBSD Core team and that this is better than Linux (which has a “benevolent dictator” model). There’s no discussion of OpenBSD, for instance, which also follows this “benevolent dictator” model. There’s also no comparison to Red Hat Enterprise Linux, for example, which has a large number of people working towards putting together a complete distribution, not just the kernel.

The documentation is definitely an argument in favor of BSD – virtually everything that is in the system anywhere is documented in the online documentation, and the FreeBSD Handbook is without equal. It can be proven programmatically that there are commands in Red Hat (or other distributions) that are not documented. I daresay that the FreeBSD documentation beats other BSD variants as well.

Another benefit of FreeBSD specifically is the vast number of ports available. There are more ports for FreeBSD than any other system but Debian GNU/Linux. The sheer amount of packages available in both environments has made them appealing to me – and perhaps to others. Where else are you going to get Steel Bank Common Lisp for example? Both Debian and FreeBSD have it.

The article specifically asked about FreeBSD for the desktop: FreeBSD is definitely not ready for the desktop at all. When I installed it for my desktop (twice now), the basics are there certainly – but there were numerous problems that I had to overcome. Among them, I had to set up my own system bootsplash, and had to configure and set up my own login screen (kdm). USB devices plugged in weren’t properly recognized. Hibernation and sleep didn’t work. Flash doesn’t work. Unlike what has been said before, the drivers are much less available than they are for Linux: hardware manufacturers don’t see a need to support BSD, and many new UNIX users (and developers) don’t see a need to use anything but Linux. Wireless support is perhaps an exception, but that development is centered in OpenBSD, not FreeBSD.

There is also, in my mind, a benefit to BSD that goes often unmentioned: it has the smallest kernel of the open source UNIX and Linux kernels out there today. FreeBSD and OpenBSD will run in smaller environments that Linux won’t: on my 512M laptop, a Compaq Armada E500, Fedora 5 would crash during the install (not enough memory) – whereas the much more current FreeBSD 6.2 installed just fine.

Now, when I installed Kubuntu onto a Compaq nc4010 with 1G of memory, it went will – and it recognized everything – wireless, hibernate, bluetooth, USB devices, PCMCIA, video display, power capabilities, etc. – all without special configuration. (I might note that, here too, on this machine Fedora crashed – this time the Live USB Fedora 9 crashed during exit – sigh…) Preconfigured and tested support for Flash, Java, and MP3s was a click away.

When it comes to the desktop, FreeBSD has a long way to go (perhaps PCBSD is a lot better?). However, on the server end, I would propose that FreeBSD is a better way to go than Linux in many cases (except for OpenBSD might, in my opinion, be even better). It is unfortunate that none of the BSD variants are often considered for enterprise server use – especially considering FreeBSD is commonly found in NetCraft’s list of top uptime.