The MirOS Project will show up with both developers to run a booth at FrOSCon; we will be giving away Live CDs (either #10-stable or #10-current) and flyers. You will be able to meet us and a few helpers (known from IRC and mailing lists) there, chat about mksh, have a beer, fun, whatever.
This year, one of the two XFree86® developers will also attend; you can probably meet him at our booth.
The 2008-07-22 snapshot of MirOS BSD/i386 #10-current has been released as a new-style dualive CD image (BaseLive + Install CD for i386, Install CD for sparc, build logs, a selected few binary packages and their distfiles, but nothing fancy) on the usual BitTorrent tracker, multi-tracked with a major BT site for these who pick it up there.
It's also available for NetInstall on both architectures. Note that /MirOS/ has been cleaned up a little: some old NetInstall or upgrade packages are removed.
The MirBSD Korn Shell R35 has just been released; as per the Changelog this is a major update with some bugfixes, a lot of new features, and licence simplification (the advertising clause is gone). This version was not tested on AIX, BSD/OS, Interix, IRIX, GNU/kFreeBSD, UWIN, the Intel compiler, but we expect no regressions on these platforms either. New supported platforms include dietlibc, LLVM. Platforms already working continue to be MirOS BSD, DragonFly BSD, FreeBSD, MidnightBSD, NetBSD, OpenBSD, DEC ULTRIX, Mac OSX, HP Tru64, HP-UX, Solaris, Debian GNU/HURD, Cygwin, and various GNU/Linux systems; using gcc, pcc, SUNWcc, llvm-gcc, Compaq C, HP aCC, TenDRA; on a variety of hardware architectures.
Update 18.07.2008 – mksh R35b is out, with major bug fixes, read the changelog.
As mentioned on the Downloads page, the naming scheme of the anoncvs mirrors changed. We now have:
- master system, restricted access, ssh, rsync + cvs:
- offering: /MirOS /Pkgs /cvs /ncvs /ocvs
- email@example.com (private, IPv4 + IPv6)
- firstname.lastname@example.org (private, IPv4 + IPv6)
- primary mirror, ssh, rsync + cvs, currently the same as 2.anoncvs:
- email@example.com (public, IPv4 + IPv6)
- firstname.lastname@example.org (public, IPv4 only)
- email@example.com (public, IPv6 only)
- hephaistos (unixforge.de), Germany, ssh, rsync + cvs:
- ‣ sshd(8) [old broken link removed] host keys
- offering: /MirOS /Pkgs /cvs
- firstname.lastname@example.org (public, IPv4 + IPv6)
- email@example.com (public, IPv4 only)
- firstname.lastname@example.org (public, IPv6 only)
- eurynome (VMware instance), Germany, ssh, rsync + cvs:
- ‣ sshd(8) [old broken link removed] host key
- offering: /MirOS /Pkgs /cvs (/Distfiles /www not yet)
- email@example.com (public, IPv4 + IPv6)
- firstname.lastname@example.org (public, IPv4 only)
- email@example.com (public, IPv6 only)
- allbsd.org, Japan, IPv4 + IPv6, rsync only:
- offering: /MirOS /cvs
- rsync://rsync.allbsd.org/miros-cvs/ = /cvs
- rsync://rsync.allbsd.org/miros-ftp/ = /MirOS
We are in the process of setting up eurynome (see above) to take over most functions from www.mirbsd.org and mirror everything, but, as this is a new system and VMware has issues, this will probably take a while. However, all data should be available from some place anytime.
Update 20.07.2008: moved SSH host keys from this page, to keep width inside some reasonable bounds, 10x gecko2@ for noticing in MobileSafari
The CVE-2008-1447 does not, according to various sources, affect systems that randomise their source port. MirOS libc’s integrated resolver, according to some OpenBSD developers, does this, as does DJBDNS. The net/bind mirport is affected, but by using pf(4) to NAT yourself (thanks to Vutral for the suggestion), you can randomise these ports too. According to RUS-CERT, only using DNSSEC is a fix… I wonder if this is truth or advertising for a technique without wide-spread use.
The fixes10.ngz set, of course gzsig(1)d, contains an updated mksh binary and dot.mkshrc as well as /.profile (root) and /etc/profile (user) files, which speed up logins, as well as an updated /etc/ssh/ssh_known_hosts file. It can be directly applied from the installer, or untarred in / (do not forget the 'h' and 'p' options to tar(1)). Note that this will overwrite any existing changes to these files:
Use this for integrity checking:
RMD160 (fixes10.ngz) = 6c85c3e8eb4a5046b5b45373a0996cee2a3208b7
Our anoncvs mirror has changed its ssh host keys due to a Debian-specific problem (it's hosted on a machine running Debian GNU/Linux courtesy of gecko2@). The new keys are: [Update: [old broken link removed] moved]
Please copy these into /etc/ssh/ssh_known_hosts or ~/.etc/ssh/known_hosts, overriding the existing keys for the same IPs or host names.
The current version of the /etc/ssh/ssh_known_hosts file can be retrieved via anonymous CVS (from the server affected), anonymous rsync (also from rsync.allbsd.org), CVSweb (from both servers) or by an eMail request.
Yesterday's snapshot does not yet include the new public host keys, as they were generated only today.
The 2008-05-14 snapshot of MirOS BSD/i386 #10-current has been released as a simple baselive CD image (Live + Install CD, build logs, but nothing fancy) on the usual BitTorrent tracker, multi-tracked with a major BT site for these who pick it up there.
The #10/i386 binary packages should all be installable on this snapshot, although it does come with more recent MirPorts Framework.
A new MirMake version has been issued, to fix problems compiling C++ code with strange file extensions (.cpp as on Microsoft® Windows®, and .C as BOINC uses). MirMake is a sort-of-portable version of the MirOS make(1) utility, a few header files and a libmirmake.a containing helper functions, and some supporting utilities: install(1) lndir(1) lorder(1) mkdep(1) readlink(1) tsort(1)
The MirPorts Package Tools have been updated as well, as Lucas “laffer1” Holt, the MidnightBSD founder, has implemented ldconfig(8) -U too, and the use of this option by pkg_create(1) is now required for a lot of packages (since GNU libiconv, expat and libpng use their own fake-pkgview subdirectories.
Hashes of our current distfiles:
- RMD160 (gzsigkey.cer) = 0a24e416b26e4753eee4cbfe8f1dc74f2486eb6e gzsig(1) distribution sign key
- RMD160 (fwcf-1.05b.tar.gz) = 355e1a46ef384b4ca26cccb7892a2f60eff2ffe2 for FreeWRT
- RMD160 (libnointl-20070726.tar.gz) = 3b97197a9bd8f693bebd8b528dd0d5c942e83e64
- RMD160 (arc4random.c) = ad0ef189b7ffe80b9224b1f3886377847341bac5
- RMD160 (joe-3.1jupp8.cpio.gz) = bbcc42ff82fd7a47feb51579864a487f31ca3a91
- RMD160 (cksum-20080314.cgz) = 7566313c6db3182a99437eb6543b0da6abbed5bd
- RMD160 (paxmirabilis-20080314.cpio.gz) = 3966925c2d87838b0b55e2a0c715f027df3d965b
- RMD160 (ed-20060924.tar.gz) = 7d41e76e169caa73c8bbd043ad40b2b84339761a
- RMD160 (mirmake-20080411.cpio.gz) = e18bd36bc6c260332ab5df008f30b57a9849bc50
- RMD160 (mksh-R33d.cpio.gz) = d810a705b01e146f9addd184c168798a22a36d38
- RMD160 (mpczar-20061119.cgz) = cccf88ae27225c808f327ae7d56dbd9f2c053249
- RMD160 (mirmtree-20050912.cpio.gz) = b4de12ddfd022538732b2c14dad60c2351b3011c
- RMD160 (mirnroff-20050912.cpio.gz) = 5063466a267a64b3f088c86a29e011b5ad712c4a for Interix ONLY
- RMD160 (sitetmac-20071023.tar.gz) = 107e5b64ecbf1214e19681f6fc0add6599fef25d temporary
- RMD160 (tmacmbsd-20071003.tar.gz) = 223c38916e489469703627b189f6fc16b9a36e27 temporary
- RMD160 (patch-20051110.cpio.gz) = ac32b2b0a1e7203256ec4bd255c7525053afb3ed for Interix
- RMD160 (pkgtools-20080411.cgz) = edf320a3798aa40c015e57c579310df754f28820
- RMD160 (rdate-20070817.tar.gz) = 3501ae05c05d7c4f39ccb1c76dd51663c2b91e34
- RMD160 (mirsort-20050912.cpio.gz) = 69a1a632c7343c09ca7bab39f6359667bb461c1c
UPDATE 02.04.2008: mksh R33c is out, with a bugfix and a new fully supported OS (ULTRIX 4.5).
I thought these might come in handy for poor i386 users:
The ISOs itself (both El Torito and Live-HD/CF boot) as well as the included 1440 KiB Floppy images have been adjusted to automatically boot from serial console. To accomodate broken BIOSes (like the one from my VIA C7 server, or the Soekris COMBIOS), the bootloader does not wait for input, but instead directly boots into the kernel. This prevents you from using “boot -c”, but you can patch boot.cfg in the top directory of the ISO or floppy to achieve that.
Users of the sparc architecture just setenv input-device ttya and setenv output-device ttya instead; OpenBOOT can handle a serial console just fine out of the box and provides the speed as well.