Developers’ Weblog

Sponsored by
HostEurope Logo

Developers’ Weblog

All 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36

My plans are as follows: after squishing out all remaining bugs, I’ll publish another MirOS-current snapshot (i386 baselive, i386 installer, sparc installer, some selected few binary packages for both arches), announce that on the website, and make a CVS repository tarball.

After that, I’ll concentrate on setting up the new servers (tear and euynome) fully, and dispose of rant-featuring-herc. Features I wanted, such as full AES vnd(4) encryption, DJBDNS with no split v4/v6 transport binaries, etc. will have to wait.

With the infrastructure in place, we can start hacking again. We had planned on bringing out MirOS #10bis in time for FOSDEM, but it looks more like just another -stable snapshot, and maybe another month for the second release of -stable; Benny will have to work some on the branch prior to its tagging (I’ll concentrate on -current), especially because we want to use X11 (and gcc) from HEAD, since these are not branched.

mksh – The iShell

Try this:

	$ cvs -d co -PA mksh
	$ cd mksh
	$ cat > <<-'EOF'
		CC="${DEV}/usr/bin/gcc-4.0 -arch arm"
		CPPFLAGS="$CPPFLAGS -I${DEV}/usr/lib/gcc/arm-apple-darwin9/4.0.1/include"
		CPPFLAGS="$CPPFLAGS -F${SDK}/System/library/Frameworks"
		CPPFLAGS="$CPPFLAGS -F${SDK}/System/library/PrivateFrameworks"
		CPPFLAGS="$CPPFLAGS -F/System/library/Frameworks"
		LDFLAGS="-L${SDK}/usr/lib -L${DEV}/usr/lib/gcc/arm-apple-darwin9/4.0.1/lib"

		exec "$@"
	$ mksh mksh -r
	$ file mksh

Mach-O executable arm

Of course, you need the iPhone 2.0 SDK on your Mac for this (and, presumably, an installed native mksh… otherwise just change the above instructions a little.

We haven't tested it yet, but if gecko2@ can figure out how to run inside the emulator, he will… and possibly jailbreak his iPhone G3.

Maybe this fact (availability of mksh) strengthens our point.

In the meanwhile, gecko2@ has found the geocaches I placed.

Update 18.07.2008 12:42 – we have a fat binary with five architectures (amd64 arm i386 powerpc ppc64) now. This is the iShell, indeed.

mksh on… platforms

16.07.2008 by tg@

Okay, so I installed Windows® 2000 and Interix again. And UWIN. And the Microsoft, Digital Mars, and Borland command-line compilers. And mksh worked, of course.

Then I tried DJGPP. Yeah, mksh(1) for MS-DOS®. *sigh* GNU bash, the only shell available, SIGSEGVs on me trying to build anything nōn-trivial, even worse with gcc 4.2.3 than with gcc 3.2.3… but even pdksh could not be made, due to SIGCHLD missing. Too bad, no mksh for you, Mr “I don’t accept bug report mails from your IP, nor in the webinterface” Delorie.

The iPhone… will have to wait. We can install the BSD Subsystem and the Terminal application in gecko2’s SDK’s ARM emulator, then build and test for that. I just gave him the link to the BSD package, but he went to bed shortly before, so maybe tomorrow.

And then, mksh R35b can go out, we fixed some bugs and tested on more platforms (fixing testsuite shortcomings during that time, even).

As requested, Benny has written to Apple, Inc. about inclusion of mksh. Lucas “laffer1” Holt of MidnightBSD has said to follow, as has Andreas “gecko2” Gockel, the Fink maintainer for mksh. Link to this entry.

Lucas actually said he would care more about and use mksh(1) if it were integrated in Mac OSX, as most MidnightBSD developers (like Benny) do most of their work on a Macintosh. He has integrated mksh in his operating system quite some time ago.

mksh is also the default shell, including /bin/sh, on FreeWRT Embedded GNU/Linux.

Andreas already has run tests for using mksh(1) as /bin/sh on Darwin, although I did not request that personally, and brought up the question of /etc/profile adjustments and ~/.mkshrc integration. (FreeWRT has a changed system-wide profile including a system-wide copy of the mkshrc file; other possible ways would involve setting $ENV or (preferred) placing .mkshrc in the New User’s Skeleton and in root’s home directory, if existent.

Strong points of mksh: free (as in BSD, now even without advertising clause), small, fast, portable, easy to use, can run many ksh93 and bash scripts, is actively developed, and benefits from the BSD development style (central development, security focus).

To everyone with an Apple ID: please suggest to Apple to include mksh(1), write to them how good it is despite lacking popularity, how compatible it is, and just how much you like to use it. Even if you do not use it yourself, if you can follow our reasons, write to them. If you have access to other operating systems, do the same, especially with mere porting frameworks, as the OpenBSD ports tree still does not include our port, which was ready-made for committing by me to reduce workload for them.

Some unrelated side notes… Geocacheing continues: (Update: images moved here) – Dr. Pfeffer especially liked mine^WWaldemar’s Zaurus SL-C3200 with CacheWolf running on Ewe… even if I still think it’s dead slow. Interestingly, porting Ewe to the iPhone G3 would not violate the clause preventing you from creating “instant messaging or real time navigation software”, and CacheWolf itself would not have to be ported. I’d like to have more RAM on the Z though – maybe via the SD Card slot?
SCSI sucks. And mksh gets better… IRIX, and a bug fix. Just still no SunOS 5.5 (missing /usr on the HDD).

This is the title of the bug report I filed with the Apple Bug Report Tool yesterday. The problem ID is 6069931; I think you can only see your own bug reports in the tracker though, so you may not be able to see my report. FWIW, I filed it against Mac OS X 10.5.4 (the current version), with "Feature (new)" as a severity. For reference, the full text of the bug report follows:

11-Jul-2008 11:58 AM Benny Siegert:

I would like to kindly request the inclusion of mksh as an alternative shell into future versions of Mac OS X.

mksh (the MirOS Korn Shell) is a Korn Shell derivative under a BSD-like licence. It includes the features from the OpenBSD ksh as well as additional bash compatibility. Almost all bash scripts run under mksh, however with a speedup of about a factor 2. The code was checked for security problems by Coverity, Inc. UTF-8 support is fully integrated. With all these features, it is still very small, just 240 KiB as an i386 binary. The build process is done by a script called, Mac OS is already a fully supported and maintained platform.

This could potentially replace the ksh93 included now as /bin/ksh or be installed side by side as /bin/mksh. In short, it can be regarded a more modern replacement for older ksh releases.

The homepage of mksh is located at The current version is available from


09.07.2008 by tg@

Since quite a while I’ve had anger about BSDstats – their ports reporting stopped including ours (MirPorts Framework, NetBSD® pkgsrc®, OpenBSD ports tree, Debian dpkg), the maintainer was rarely reachable, at most by eMail, and the entire system had issues. Now, the site no longer exists, apparently nobody knows why, and our systems error out. Well, I have disabled BSDstats, this will probably make MirOS appeal more to privacy-conscious geeks again, and save us from getting more errors in our logfiles, especially the Live CD reporting was already totally broken due to weird User-Agent tricks.

I’ll now count on people just using IRC or so to say hi to us if they’re using MirOS, are happy or tell us things we could improve. Or meet us at conferences and pay for our beer ☺ and other beverages (we’re not BeerFSD after all).

Configuring name-based apache vhosts with SSL and IPv6… is hard. Really. This is probably due to it being “a patchy webserver”. Here is a quick cut and paste solution, well, sort of.

Scenario: I have a web server running name-based vhosts on the SSL port. I get a either wildcard certificate, or – in my case – a certificate with some subjectAltName extensions set; CAcert supports these now. All vhosts I wish to serve must be included, and the primary commonName (as part of the distinguishedName) ought to be the host’s primary FQDN, and it must be duplicated as subjectAltName.

I wish to serve a default page (just the standard index.htm from /var/www/htdocs/) to everyone who does not provide a proper host name (e.g. speaking HTTP/1.0 without Host: header, or just probing my IP addresses), and a couple of vhosts to everyone else. I use one IPv4 and one IPv6 address. The vhost configuration is placed in several files in /var/www/conf/vhosts/ called «vhostname».«port»; if some information is to be shared (e.g. vhost on both port 80 and 443), these are placed in «vhostname».common and included by the port configs.

Important: Do not use wildcard vhosts, they won’t work and give errors. Do not use the _default_ vhost in any form, it silently won’t work.

You might want to place directory information in the vhost configuration file instead of in the main configuration file.

Part of httpd.conf is:

	ServerAdmin «mail address for the server itself»
	ServerName «main FQDN»

	NameVirtualHost 443
	NameVirtualHost 2001:db8:1234:1::1 443

	<IfDefine SSL>

	Include /var/www/conf/vhosts/eurynome.443

	<VirtualHost [2001:db8:1234:1::1]:443>
	Include /var/www/conf/vhosts/eurynome.443

	Include /var/www/conf/vhosts/call.443

	<VirtualHost [2001:db8:1234:1::1]:443>
	Include /var/www/conf/vhosts/call.443

	Include /var/www/conf/vhosts/default.443

	<VirtualHost [2001:db8:1234:1::1]:443>
	Include /var/www/conf/vhosts/default.443


(using documentation addresses)

Make sure every vhost except the default one sets ServerName (and ServerAdmin if it differs), and DocumentRoot etc. as usual. The default vhost does not need to set ServerName, but the line
ServerAlias *
must be present and it must be the last vhost in the list, as above.

If you still have questions – especially now that even OpenBSD has seen the light and applied the IPv6 patch I not only applied to MirBSD some four years ago but also suggested to them some two or three times – come to IRC or drop us an eMail, and we’ll try to fix things. Apache is definitively historic ballast, but still common enough on todays Unices.

So the uppercase eszett – ‘ẞ’ (or ‘ẞ’ if your monospace font has it) – is now an ISO 10646 standard. Your favourite BSD has been one of the first to add support for it to libc, a (contributed) keyboard layout, and even Markus Kuhn’s fixed-misc Unicode fonts, after the proposal with a real codepoint assignment came out. Not all Germans, nor typographers, but historicians, might like it, the discussion has been flamewar-like. But we knew this all along.

Ah, by the way. No, we aren’t dead. Websites are irrelevant, but if you end up here, please read about mksh anyway. Real questions are asked on the mailing lists or in IRC. And we don’t have a handbook (yet), because with two developers, nobody has yet had enough spare time to write one, plus you’d need a couple of handbooks – one for people coming from Open/NetBSD (Lite-based), one for people coming from Free/DragonFly/MidnightBSD (386BSD-based), one for people coming from Unix®, one for the Apple followers, one for the GNU/Leenocksers, etc. You see?

And while here: Xcode 3.1 (on gecko2@’s Macbook) comes with llvm-gcc… but not in /usr/bin/ but in /Developer/usr/bin/. It compiles quickly, produces fast and small code… kind of nice. If Apple brings LLVM+clang into a usable shape to replace our gcc 3.4.6 (gcc4 has unsafe optimisations that cannot be turned off, and all other compilers produce bigger code, which breaks the installation media (especially floppies) and SPARC kernels), in a form usable as compact command-line compilers (and not just libraries for Xcode integration), I’ll be happy. (They’d just need to add mksh to Mac OSX then to make me even happier, but I guess I’m sort of late with that request. Even if it’s fully free – in contrast to GNU bash – and, in its most recent incarnations, even advertising clause free.)

Getting things done… slowly

13.06.2008 by tg@
Tags: hardware

While “the swiss are laggards, and the people from Bern are the slow motion of switzerland”, other things take their time as well. However, vnd(4) updates have started, and other encryption schemes (including a hardware-accelerated AES variant for Columbo0815 from #IceWM) will end up in the code very soon, as promised.

During hacking, I spot other things – bugs in the random(4) code, as well as improvements to the kernel and XFree86® possibly leading to my ALIX.1c board to be supported (thanks to for keeping me informed). And Benny fixed ports bugs again, as well as put security updates for Freetype2 et al. into the tree. Thanks!

FWIW: Opera 9.50 segfaults on me. It can’t be updated thusly.

Linuxtag 2008, Berlin, .de

27.05.2008 by tg@
Tags: event

This year's LinuxTag will not go by without the BSD projects exhibiting their fine software. Of course, we will attend – the usual gang (Benny and me, gecko2 and Przemek will help out). New is that we'll also be distributing a couple of MidnightBSD CDs and flyers I had a helping hand in creating, as they are US based and won't be able to make it to Germany for this event. This all would not be possible without the help of, again. Thanks, Daniel!

The MirBSD CDs distributed contain a Live + Install CD, as usual, of an unnamed #10-stable snapshot, plus a couple of packages, including Benny's new firesomething port instead of opera-linux. The MidnightBSD CDs aren't as big and miss the install part, but are a relatively new and especially stable 0.2-CURRENT snapshot (including mksh of course).

We'll attend Tuesday (probably late) till Saturday.


24.05.2008 by tg@

Last time I had tried qemu+kqemu (on GNU/Linux), it made BSD segfault, kinda like VirtualBox nowadays. But things seem to have changed: I ran the Linuxtag 2008 Live CD Edition inside it (on MirBSD) with no problems at all. Nice, and shows that BSDs can have LKMs.

Now missing: vmxnet source code… or evil BLOB? I suppose the latter.

Unrelated side note: Netcologne is cool, but they suck: you can only change the PTR for your static IP, which you pay 4.90 € per month for, if you’re a business customer. No IPv6 anyway (but SixXS has a new PoP, out of all places in Düsseldorf *evil grin*). And Strato gives gecko2@ two IPs, but only allows the MAC of the built-in NIC (so no bridging to domU or VMs). Why can’t they ever do something not totally clueless? (Okay, I could ask the support… Netcologne support even phoned me back after my eMail enquiry apparently went through their entire house until they could figure out what I need (to mail Fefe, who blocks PTRs like foo-www-xxx-yyy-zzz.ISP), but rejected; Strato support is, from my past experience, hopeless.)

The MirPorts Framework, which also runs on MidnightBSD, is the first to bring native firesomething support to said operating system, almost effortless thanks to our good portability infrastructure, and because bsiegert@ has already done the dirty work porting it to MirBSD. Thanks, Benny! And thanks Lucas for the chance to prove the superiourity of our infrastructure. And ctriv, don’t take it too hard, just take our patches and put them on your mport.

Hardware sucks. The Z doesn’t power on after it has been shut down for a while. The CF wi(4) is broken. Software sucks. And we all know it. A web forum sucks. They probably will never learn it. Yet people support their… attitude. Americans suck, but that’s not news. Luckily, there are a few not totally clueless ones. Life sucks, and bureaucracy sucks even worse. And there’s no way around that. Too bad. (I had an encounter with bureaucrats again… could you tell? Hah. They want money back, even though it belongs to me.)

Update 21.05.2008: Benny has committed an update to firesomething-, and I bumped the dash ver and made it work as well on MidnightBSD. Sample build:

 $ cd /usr/mirports/www/firesomething
 $ mmake install clean PKG_CONFIG_PATH=$(mmake \

You must have installed fontconfig from mports (and, of course, perl, for MirPorts to work at all.

This beast now works on MirBSD/i386 and MidnightBSD/i386, should work on OpenBSD/i386, OpenBSD/amd64, OpenBSD/alpha, OpenBSD/powerpc, OpenBSD/sparc, OpenBSD/sparc64, and possibly MidnightBSD/amd64 and MirBSD/sparc (not yet on MidnightBSD/sparc64, but they’ll want to test and fix that). No idea about Darwin and Interix. Benny is going to bump to the latest upstream version now, whereas Jonathan recommended us to go to 3.0b2 for increased speed and decreased resource use. We’ll see. The mports maintainers can now take our patches and get rid of their linuxulated firesomething binary port ☺

All 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36

MirOS Logo