nosh version 1.40

To: FreeBSD Hackers <freebsd-hackers@freebsd.org>, Debian users <debian-user@lists.debian.org>, Supervision <supervision@list.skarnet.org>
Subject: nosh version 1.40
From: Jonathan de Boyne Pollard <J.deBoynePollard-newsgroups@NTLWorld.COM>
Date: Wed, 20 Mar 2019 10:21:37 +0000
Message-id: <[🔎] b9fd75d2-1d20-5971-8839-9ebc4f8f3318@NTLWorld.COM>
In-reply-to: <9b60cf3a-9db7-7d80-92d1-be2731ae6155@NTLWorld.COM>
References: <54430B41.3010301@NTLWorld.com> <76c00c13-4cc9-ed9c-f48f-81a3f050b80b@NTLWorld.com> <5e8454f7-8b8d-ae9f-5aca-3b1b5737f81a@NTLWorld.COM> <9b60cf3a-9db7-7d80-92d1-be2731ae6155@NTLWorld.COM>

The nosh package is now up to version 1.40 .

This version sees changes to the doco, improvements to network configuration, and a change to machine ID generation.

FreeBSD binaries

================

I plan for this to be the last release with binaries built on FreeBSD 10. I am going to upgrade the build machine.

ifconfig

========

https://unix.stackexchange.com/a/504084/5132

There is now an ifconfig command in the toolset, with a command-line interface and output similar to the FreeBSD ifconfig. It is primarily intended for use on non-FreeBSD systems, to provide a FreeBSD-like ifconfig where one does not have the actual FreeBSD tool. The ifconfig@* services generated by the external configuration import subsystem make use of it on Linux operating systems, allowing the services themselves to be pretty much the same across platforms.

It handles multiple (unlabelled) addresses per interface and both IP version 6 and IP version 4 addressing, which are two of the long-standing complaints against the old ifconfig programs from GNU inetutils and NET-3 net-tools. It has no notion of overwriting a single "primary" address. It has a broadcast1 flag for calculating the broadcast address from the prefix length and address. It prefers the new (since 1993) notation for IP version 4 network masks. It can do the FreeBSD style of EUI-64 address assignment for IP version 6 with an eui64 flag.

And it colours its output if writing to a terminal. (-:

Machine ID generation

=====================

FreeBSD from 2007 onwards used the SMBIOS system UUID from the machine firmware as a fallback source for a machine ID. setup-machine-id prior to this release of the toolset would do the same for compatibility. This has now been removed from setup-machine-id. The privacy problems that it entails have turned out to outweigh what little utility it had.

Systems that would have fallen back upon the SMBIOS system UUID will now fall back to creating UUIDs using the C library. Note that the FreeBSD C library still uses MAC addresses to create UUIDs. The OpenBSD and GNU C libraries use CSPRNGs.

There is also now an erase-machine-id command that resets all of the machine ID storage locations set by setup-machine-id to a nil UUID. The machine-id service now calls erase-machine-id at shutdown.

Thus: Machine IDs (when using the supplied service bundles) now have a lifetime from bootstrap to shutdown, will not persist across reboots, do not reveal the SMBIOS system UUID and are not constant and correlatable because of it even when explicitly wiped, and can still reveal MAC addresses on FreeBSD.

The new machine-id(7) manual page lists some of the known users of machine IDs, explains where machine IDs are stored, and gives some of the history of machine IDs.

Square mode

===========

Square mode is now switchable in console-terminal-emulator, using DEC Private Mode 1369. console-control-sequence has a --square option for changing it.

Other tools

===========

ucspi-socket-rules-check has gained the ability to check uid/self/ and gid/self/ subdirectories when handling UCSPI-UNIX connections.

Doco

====

The Guide now includes the original command manuals, written in DocBook XML. These are directly readable using a GUI WWW browser and the supplied stylesheet. The conversions to HTML are still supplied, but reading the original DocBook XML format is better.

TUI WWW browsers such as lynx cannot read DocBook XML. Their deficiency has inspired a new console-docbook-xml-viewer tool that parses and displays the manual pages with a simple full-screen interface on a terminal. This can of course display other DocBook XML manual pages as well.

External configuration import improvements

==========================================

The external configuration import subsystem now allows various extensions in a /etc/network/interfaces file, including ipv4ll stanzas (which will cause avahi-autoipd services to be set up) and eui64 stanzas. A "broadcast +" setting is now transformed into the aforementioned broadcast1 flag for ifconfig.

It also now once more treats false for the login shell as signifying a non-personal user account.

More service bundles

====================

There are a few more service bundles in this release, including ones for Laurent Bercot's mdev, for two-ftp, and for NcFTPd.

Reply to:

Prev by Date: Re: youtube video downloader for chrome
Next by Date: loop module
Previous by thread: Re: djbwares version 9
Next by thread: loop module
Index(es):
- Date
- Thread