Welcome to the MirOS Project!

Sponsored by
HostEurope Logo

Welcome to the MirOS Project!

MirOS BSD & MirPorts Framework – a wonderful operating system for a world of peace

What is MirOS?

MirOS BSD is a secure operating system from the BSD family for 32-bit i386 and sparc systems. It is based on 4.4BSD-Lite (mostly OpenBSD, some NetBSD®). The MirPorts Framework is a portable ports tree to facilitate the installation of additional software. The project also releases some portable software: mksh, a pdksh-based shell; PaxMirabilis, an archiver for various formats; MirMake, a framework for building software; MirNroff, an AT&T nroff based man page (and text document) formatter; MirCksum, a flexible checksumming and hash generation tool; and some more.

If you want to know more about these programs, visit the About MirOS page or read our advertisement or flyer (deutsch/German, français/French). Please note the BSD-Licence(7), especially the advertising clauses.

News

All announcements from the MirOS team are cryptographically signed using gzsig(1) in order to prevent abuse of our name and provide integrity of distfiles. In case of doubt, ask via IRC.

expect turmoil

08.02.2016 by tg@
Tags: archaeology bug hardware news pcli personal plan rant

My network at home is unstable. NetCologne suggests to switch to fibre network, but that only comes with a dynamic IPv6 address and NAT64; completely unsuitable to running a server. (I could arguably tunnel a static IPv4 address from a dedicated server to home, but that would completely foil my plans for redundancy.) So I may need an ISP (phone isn’t important) that provides me with connectivity where a static IPv4 (and, ideally, a static IPv6 /64 or /48 – but only if the reverse DNS gets delegated to me, otherwise that’s unusable) ends up at a device of my choosing (and not a plastic router which can then “forward ports”; I require full internet to end up at my own device).

HostEurope is relocating the other server, both physically and network-wise. Their plan seems fool-proof so far, though.

gecko2@ is decommissioning the server on which eurynome is hosted, shortly. This will also be no small amount of fun for everyone involved. Expect old links, SSH host keys, etc. to break. This explicitly includes /etc/ssh/*known_hosts.

During all those moves, I will downsize my DNS zones and change some entries, so that old or duplicate records will be gone.

I’ll likely generate and publish completely new hostkeys (both gzsig(1) and PGP clearsigned) once this is all over. The current gzsig(1) key is at the end of /usr/share/doc/README in any installed system. (Do note MD5 is considered insecure.) My current PGP key is 9031955E7A97A4FDA32B2B8676B534B2E99007E0 but this requires GnuPG, so check both.

My seeming inability to remember rarely-used “secure” passwords, i.e. those not fitting into my normal schemata, led to me not attempting to run a CA myself any more. While, thanks to rsc, we have an official certificate for www.mirbsd.org now, I probably will get StartSSL for “all” other systems (i.e. herc, as I appear to be downsizing), despite it lacking the SSL client purpose (important e.g. to SMTP). This shouldn’t affect anyone.

PS: I still hate Karneval!

Fearing loss of the server or the hard disc when reporting the hard disc issue I postponed that and created a snapshot (for i386) and a CVS repository snapshot and uploaded them first then backed up everything worthwhile on fish and created myself some custom rescue media.

(Some background info – this server is from 2006, and back then, they usually cost around 100 €, while this is partially sponsored. I was fearing stopping of the sponsoring or shutdown of such an old real iron hardware even though it works fine for my needs.)

Then I shut the server down and asked HostEurope support to check the HDD and, if possible, when replacing, put the old HDD into the second slot (I checked, the PowerEdge 750 has two of them). With a big German dedicated hoster that shall stay unnamed (it’s not the Uffline one), even with a RAID 1 you’re SOL because they refuse to just swap the discs, but I decided to try anyway.

So I put the request up in KIS and thought they’d do it during normal working hours (as off-hour work costs extra), but no more than four hours later, the HDD was checked as faulty, a new one (even bigger as they don’t stock 80 GB ones any more ☺) was put into the first slot and the old one into the second slot, and… oh well. The machine was booted into BIOS Setup, and I may connect with the DRAC III/XT (which needs a Java 1.4 plugin for MSIE, or telnet (not ssh), and whose password I forget due to unuse).

Some tricking around later I found out that their new netbootable rescue system (a Grml 2014.03 PONY WAGON) doesn’t work with my server, so I resigned to pay the 25 € to have someone boot it up with a Knoppix CD (uh-oh). After all, I just needed any system with which I could dd(1) the custom MirBSD installer ISO I previously made onto /dev/sda then boot into it.

To my surprise, I got an eMail telling me they had booted it with a Grml (not from network) and set it up so I could ssh(1) in… with the “initial password”. One eMail later I found out that this server predates passwords in KIS, and by now I’m in the process of restoring services by copying everything from the old to the new disc (only lost some directories under the anoncvs mirror from ocvs which is easily rsync’d right later)… ah, this completed during writing of this wlog/news entry.

In the end, this all worked perfectly fine, and I’ll be pointing the www RR back to fish after the bad disc was removed and everything has rsync’d back to my satisfaction.

hardware problems on www.mirbsd.org

14.01.2016 by tg@
Tags: bug hardware news rant

I just got wd0a: uncorrectable data error reading fsbn style messages in dmesg(8) on the machine behind our website. This is rather unfortunate; it’s possible the website will be down for a while, depending on what service I’ll be able to get for the antique thing.

Update: it’s still there after a reboot; I’ll most likely ask the hoster for a hardware check early next week and take the website down durinf that.

izabera did make a good point in IRC the other day for why we will need to have two locales at the very least in MirBSD – C and C.UTF-8 (the latter being widespread enough by now, thanks to me, interestingly enough. He uses code which leads to unexpected results…

	$ generate() { tr -dc "[:alnum:]" < /dev/urandom | dd bs="$len" count=1; }
	$ len=10; echo $(generate 2>/dev/null)
	Ut流54Ȫf

… because tr(1) was the first utility I converted to Unicode, to explore possibilities and craft the OPTU encoding and, thus, “流” is, indeed, an alphanumeric character.

This implies two things: we need to change MirBSD libc locale functions back to support two charsets (and make setlocale(3) match), and mksh(1) should implement locale tracking (to change set ±U whenever one of the relevant parameters (${LC_ALL:-${LC_CTYPE:-${LANG:-C}}}) changes in the session; users could still set utf8-mode manually though). For this to not break anything, we’ll have to audit scripts in MirBSD though (usually adding export LC_ALL=C at their begin is enough, and we need this for portable scripts anyway) and remove all occurrences of #ifndef __MirBSD__ before setlocale(3) calls in applications. This will take a while.


Secondly, I opened an issue with POSIX about handling of the (deprecated, and for good reason) `-style command substitutions. The GNU autoconf texinfo manual gives good advice for portable shell scripts, and we all knew that foo="bar `echo \"baz\"`" wasn’t portable due to use of more than one set of double quotes, but my (and the yash authors’) reading of the standard (and mksh R52’s POSIX mode) make it set $foo to bar "baz" instead of the historic bar baz now, and I wish to get this clarified (and, possibly, the standard changed to match historic practice, as this breaks at least the Acrobat Reader 5 start script). Nothing has been decided yet (due to the holidays, I’m sure), but we got input from some other people involved in shell.

So, if any #!/bin/sh scripts break or behave weirdly with R52, you now know why. I’m waiting for an official statement.

mksh R52 released

12.12.2015 by tg@
Tags: mksh pcli

The MirBSD Korn Shell R52 was published today. While there are still several known bugs, this is a release that primarily fixes lots of these, and, as with R51, we have no known regressions. Some of the itinerary for R52 has moved to R53 instead, as some bugfixes change the shell language and thus warrant a new major version, which is why this is not R51b, and they accumulated and could use some testing ;-)

This release has a nōnzero chance to break existing scripts that use some extension features – I had to quote some tildes in dot.mkshrc and a variable expansion in ${x/y"$z"} in MirWebseite (the $z) – twice!. As usual, test!

In less related news, a new release of the FixedMisc [MirOS] font is available (in BDF form and no conflict with the system Fixed [Misc] font); our CVS has the sources in bdfctool(1) format.


Read older news.

MirOS Logo