1. 4

    Side note: DISABLE_VULNERABILITIES=yes seems like a strange way to spell “enable vulnerabilities.”

    1. 3

      You are right, it seems :)

      Here is its description from the FreeBSD’s ports(7) man page.

          If defined, disable check for security vulnerabilities
          using pkg-audit(8) when installing new ports.

      So in short it means disable check for security vulnerabilities with DISABLE_VULNERABILITIES=yes variable.

      They could use DISABLE_VULNS_CHECK which could be more ‘describing’ but they did not :)

    1. 4

      Interesting as he mentions x200 being ‘too big’.

      After doing system administration for many years I would NEVER change that X200 7-row ThinkPad keyboard to that caricature of keyboard …

      I will stick to my T420s/x220 for YEARS … until used ThinkPad 25 will get a reasonable price for used unit.

      1. 4

        As someone who uses a newer ThinkPad’s keyboard daily, (X230 Tablet) I honestly have little to no complaints about it. The keys are loud and tactile; the layout is different, but I’ve gotten used to it quickly. Of the ThinkPads I have (701cs, T42, X61 Tablet, X201) I find the X61T’s to be best, but the X201 and X230T are fine as well. (The T42 and 701cs keyboards, on the other hand, are horrid. the T42 feels numb and the 701cs get stiff and otherwise age like milk.)

        I find the hysterics X220 owners go through over the keyboard to be hilarious because it’s so overblown. The X220 and X230 are basically identical otherwise, and both are the nadir of ThinkPad build quality - my X230T definitely feels cheap compared to the X201, and some T420s I’ve tried feel the same. (From what I’ve heard, since xx40 and on, they got better build quality wise, though they’re even more controversial design wise. I suspect that to be a non-problem as well.) In retrospect, I kinda wish I got a Let’s Note, MacBook, or Surface instead of a lot of the ThinkPads I’ve bought, but used ThinkPads are both cheap and a known quantity, so that’s what I often ended up with.

        And I do find my X201 and X230T to be a bit on the big side. I like smaller machines, but they’re hard to come by in the West.

        1. 2

          I modded my X230 to use a X220 keyboard. Best of both worlds.

          1. 1

            Any ‘howto’ on that? :)

            1. 1

              I followed this guide: http://www.thinkwiki.org/wiki/Install_Classic_Keyboard_on_xx30_Series_ThinkPads

              There’s a project for building a modified EC firmware too that gets almost all the keys working as expected. If you don’t do the EC mod, most keys will still function properly. There’s a table on the wiki page that compares the two approaches.

              1. 1

                Thank you very much for that.

          2. 1

            I have used ThinkPad W530 with the ‘new’ ThinkPad layout for about 3 years daily. Still not got used entirely to the HOME END INS DEL layout … after that I got ThinkPad T520 with 7-row classic ThinkPad keyboard and finally felt like at home again, its just so natural to have the INS/DEL HOME/END PGUP/PGDOWN setup, especially if you also use large external keyboard daily.

            I also used Macbook for about a year but their layout also not suited me at all.

        1. 13

          Benno Rice is a FreeBSD core committer and openly speaks about why FreeBSD would be better off adopting a service like systemd: https://www.youtube.com/watch?v=6AeWu1fZ7bY

          Definitely not what I was expecting. Which ironically would be my part in feeding the tragedy that is the systemd story.

          1. 6

            Adopting the idea behind systemd is good, take SMF (svcs) on Solaris/Illumos for example, its very good.

            But adopting systemd is very bad idea.

          1. 2

            Scrolling still sucks…

            1. 3

              Some tips here on how to change the behavior, including scrolling, to be more like Chrome.

              1. 5

                Oh, it’s surprising there are so many animations and delays taking a lot of time (e.g. 400ms) after quantum.

                I know a colleague of mine has been involved reducing some. I’ll find out if I can get him to look at the ones mentioned here.

                1. 1

                  I’ve been using Google chrome as long as I can remember.

                  Sometimes it’s too easy to forget that this is a thing…

                2. 3

                  You probably mean smooth scrolling which is on by default.

                  One of the few things I do is disable the smooth scroll. :)

                  Here are other settings in ABOUT:CONFIG I use that make Firefox mode usable for me:

                  VALUE        COMMENT
                  browser.cache.memory.enable                                    FALSE
                  browser.display.show_image_placeholders                        false
                  browser.link.open_newwindow.restriction                        0
                  browser.safebrowsing.downloads.enabled                         FALSE
                  browser.safebrowsing.enabled                                   FALSE
                  browser.safebrowsing.malware.enabled                           FALSE
                  browser.search.suggest.enabled                                 FALSE
                  browser.sessionhistory.max_entries                             5
                  browser.sessionstore.interval                                  45000
                  browser.tabs.animate                                           FALSE
                  browser.tabs.insertRelatedAfterCurrent                         FALSE
                  datareporting.healthreport.service.enabled                     FALSE
                  datareporting.healthreport.uploadEnabled                       FALSE
                  general.smoothScroll.lines                                     false
                  general.smoothScroll.mouseWheel                                true
                  general.smoothScroll.other                                     false
                  general.smoothScroll.pages                                     false
                  general.smoothScroll.pixels                                    false
                  general.smoothScroll.scrollbars                                false
                  geo.enabled                                                    FALSE
                  gfx.xrender.enabled                                            true
                  javascript.options.mem.max                                     65535
                  loop.enabled                                                   FALSE
                  media.autoplay.enabled                                         FALSE
                  media.block-autoplay-until-in-foreground                       FALSE
                  media.peerconnection.enabled                                   FALSE
                  network.dns.disableIPv6                                        true
                  network.http.pipelining                                        TRUE
                  network.http.pipelining.max-optimistic-requests                2
                  network.http.pipelining.maxrequests                            4
                  network.http.pipelining.ssl                                    TRUE
                  network.http.proxy.pipelining                                  TRUE
                  network.negotiate-auth.allow-insecure-ntlm-v1                  TRUE
                  network.prefetch-next                                          FALSE
                  network.trr.mode                                               5
                  privacy.trackingprotection.enabled                             TRUE
                  security.dialog_enable_delay                                   0
                  security.notification_enable_delay                             0
                  security.ssl3.rsa_fips_des_ede3_sha                            FALSE
                  security.tls.version.fallback-limit                            0
                  security.tls.version.max                                       3
                  security.tls.version.min                                       0
                  services.sync.prefs.sync.browser.safebrowsing.enabled          FALSE
                  services.sync.prefs.sync.browser.safebrowsing.malware.enabled  FALSE
                  services.sync.prefs.sync.browser.urlbar.maxRichResults         false
                  toolkit.scrollbox.smoothScroll                                 false
                  toolkit.telemetry.enabled                                      FALSE
                  browser.tabs.tabMinWidth                                       10
                  dom.webnotifications.enabled                                   false
                  media.autoplay.default                                         1
                1. 13

                  An article reflecting the future of FreeBSD without a single mention of OpenBSD, NetBSD or DragonFlyBSD seems incomplete to me.

                  It’s not only about competing with Linux, but especially distinction compared with other BSD’s. OpenBSD is known for its security approach, NetBSD is known for a wide range of hardware support (for better or worse) and DragonFlyBSD offers HAMMER and very interesting kernel features.

                  What does FreeBSD offer? Come to think of it, it is the most “boring” of them all, and I say that as a FreeNAS user who likes boring for many applications. The sad truth is though, that if OpenBSD caught on with ZFS support and other things, FreeBSD would be abandoned for lots of server applications. FreeBSD is caught in a state of “stability”, where the true performance comes from reliability and continuity. It’s very difficult to spark anything from this state that might be exciting to newcomers, as this state is usually known from big stagnant companies.

                  1. 9

                    FreeBSD may be boring because it just works and it has most of the things that are needed. Besides ZFS (with Boot Environments which means bulletproof updates/changes - https://is.gd/BECTL) it comes with GEOM framework for storage, the devd(8) is what hald/udev always wanted to be. The sound architecture with 256 OSS channels is just great and works out-of-the-box. VirtualBox and WINE works, lots of FUSE filesystems work, automounting works with plenty of solutions like mine sysutils/automount for example. You have up to date packages regularly built with great pkg(8) manager. WiFi and 3G work well for me also.

                    FreeBSD should also import lots (if not all) HardenedBSD features for security.

                    Sure FreeBSD is not perfect but after trying all major BSDs I always come back to FreeBSD because as boring as it is it just delivers.

                    For example OpenBSD packages are built only on RELEASE which means 6 months of security holes in packages week or more after the release. This is big concern for me because most of the security problems are from the applications you use.

                    There is no virtualization on OpenBSD (Qemu is just slow emulation and vmm(8) is for OpenBSD and limited Linux only).

                    Wine does not work on OpenBSD.

                    OpenBSD has no modern filesystem with bit-rot protection, no compression, no volume manager, you can only use mirror and partition on that … not to mention that OpenBSD ports/packages are only about 8000 while there are more then 36000 ports/packages on FreeBSD.

                    NetBSD’s Xen is too out of date and also no ZFS.

                    HAMMER2 is still not ready, and no VirtualBox or Bhyve on DragonFly BSD so that is also ‘no go’ for me … but it will be interesting to see where this development will go as HAMMER2 aims to be CLUSTER filesystem which is very interesting for me.

                    1. 8

                      OpenBSD has no modern filesystem with bit-rot protection, no compression, no volume manager, you can only use mirror and partition on that

                      This is actually one of the few pain points I really have with my use of OpenBSD. I really would like checksummed data (even if Apple decided it’s not necessary for APFS), but I doubt that can be done in a backwards-compatible manner. I don’t mind compression being absent. I think it’s mildly dangerous for the filesystem to also manage volumes as it violates a fundamental separation of concerns, but it’s frustrating that softraid layers can’t be combined yet.

                      I know, bring your own patches for the softraid stuff, but that’s way above my skillset and not enough of a pain point to actually go deep into an extremely critical subsystem as an outsider.

                      1. 7

                        There is no virtualization on OpenBSD (Qemu is just slow emulation and vmm(8) is for OpenBSD and limited Linux only).

                        Nitpick, but the part in parentheses proves the part before that wrong. Maybe “There is very limited virtualization”?

                      2. 4

                        FreeBSD is somehow both boring and exciting. Solid fundamentals and cool features.

                        • biggest community of the non-Linux free unixes
                        • tickless kernel (Not sure about NetBSD but Open and DFly are still always ticking)
                        • hardware support — 10GbE, NVMe, AMD GPU, Bluetooth, any USB peripherals (webcams, tablets, joysticks etc.) Linux supports (via webcamd)…
                        • the well known features — jails, ZFS, DTrace
                        • sandboxing innovation with Capsicum and CloudABI
                        • evdev in input drivers, which brings
                        • Wayland support!
                      1. 1

                        Dunno how I feel about this. I don’t run NextCloud yet but I’ve been considering it, and my experiences running a Mastodon instance for a few months left me unwilling to try again. Maybe they’ve scaled the requirements, footprint and admin surfaces back to a sane level.

                        1. 7

                          Actually this is a ActivityPub implementation, not a Mastodon one, which actually makes this a little more interesting.

                          By using the popular ActivityPub standard, Nextcloud users can subscribe to and share status updates with users in the so-called ‘fediverse’, an interconnected and decentralized network of independently operated servers!

                          Mastodon is probably the best known implementation of ActivityPub protocol, but there are actually a bunch of federated applications based around ActivityPub. For example there is also:

                          • PeerTube (YouTube-ish)
                          • PixelFed (Flickr/imgur-ish)
                          • Diaspora (Facebook-ish)

                          One of the kind of cool things is that all of these applications are using the same federated publishing protocol, they can federate with each other. I can reply to a thread on PeerTube in Mastodon, and PeerTube will understand it as a reply and display it as such, or you can publish an album on PixelFed and I can see as a posted album in my Diaspora.

                          1. 2

                            I didn’t realize that Diaspora had joined the Fediverse! Good on them!

                          2. 2

                            running nextcloud is pretty easy with docker

                            1. 2
                              1. 1

                                Running it might be easy, administrating and keeping it running never is. This goes for pretty much every server software out there.

                              2. 1

                                I’ve been running NextCloud for years, mainly for the very robust calendar which also happens to have a great UI and stellar integration with other calendar clients (Lightning, Android calendar, iPhone calendar, etc.)

                                1. 1

                                  The post doesn’t seem to say either way whether it’s a reskinned Mastodon server or an independent reimplementation, does it?

                                  1. 2

                                    Looking at the source code it looks like it’s a PHP backend like the rest of NextCloud with a Vue.js frontend

                                    From a cursory inspection it doesn’t look like they’re running all the infra necessary to run a full Mastodon node.

                                    I suspect but don’t know that you’re actually just using their app to federate from one of their instances they’re running behind the curtain, but again I have no bullet proof evidence on that.

                                    1. 4

                                      ActivityPub is an open standard with some lightweight implementations (Mastodon is not one of them). From my cursory look at the source, I think this is a full activitypub compatible server.

                                    2. 1

                                      No it doesn’t give much detail at all. If it’s a reskinned stock mastodon server, that’s a hefty chunk of infrastructure required to run the thing (PostgresSQL, Redis for Sidekiq, etc.) and a lot of under the hood complexity go wrong.

                                      I have mad respect for Eugen and the work they’re doing, but if it is in fact a stock Mastodon server, I’m out. I’m not a Ruby on Rails hacker and don’t have time to become one, and my installation hosed itself pretty hard.

                                      1. 1

                                        There’s always Pleroma if you want lightweight ActivityPub.

                                        1. 1

                                          Pieroma is lightweight, but its upgrade story and to a lesser extent its installation story are … Putting it kindly, lightly sketched out :)

                                          You have to want to become an Elixir/Phoenix hacker if you really want to run a Pieroma with confidence. Not that that’s a bad thing at all mind, but you should be aware of that before you sign up.

                                          At least that was the case a few months ago when my Mastodon instance ate itself.

                                  1. 3

                                    Not totally config-less but its not much for sure.

                                    % cat .exrc 
                                    set noautoindent
                                    set number
                                    set ruler
                                    set tabstop=8
                                    set wrapmargin=0
                                    1. 2

                                      I didn’t know whether in include my config in the article, but here it is:

                                      set all&
                                      set ruler
                                      set backspace=indent,eol,start
                                      set incsearch hlsearch ignorecase
                                      set bg=dark
                                      set et ts=4 sw=4 sts=4 autoindent
                                      filetype plugin indent on
                                      set hidden
                                      syn on
                                      nnoremap Y y$
                                      nnoremap <silent> <C-l> :nohl<CR><C-l>
                                    1. 2

                                      Thanks for this very detailed write up. It’s prompted me to try out FreeBSD on my XPS 15 again. Also great that you included details of disabling Nvidia graphics. On Arch I disable it with bumblebee and I believe this has a significant (positive) impact on battery life.

                                      1. 2

                                        Welcome, share your thoughts on setting up FreeBSD on that XPS 15 machine.

                                      1. 3

                                        You can download BSD/OS 4.2 ISO images from here if you want to check it out:

                                        1. 6

                                          If you load the coretemp(4) kernel module with kldload(8) command you will get additional temperature information.

                                          note: amdtemp on AMD CPUs

                                          The biggest enemies of supend/resume mechanism are bugs in your BIOS/UEFI firmware for your hardware. Sometimes disabling Bluetooth helps – that is the option for ThinkPad T420s for example

                                          On the X240 it was disabling the TPM!


                                          Huh. Looks much nicer than the overly detailed Intel pcm.x! Neat.

                                          1. 3

                                            Thank You for comment, I will write an update with amdtemp(4) and TPM for suspend/resume.

                                          1. 15

                                            The best ones ever:

                                            • X220
                                            • T420s
                                            • T420

                                            EDIT: if 15” size is welcomed then also these:

                                            • W520
                                            • T520
                                            1. 3

                                              I’ll add there’s a bunch of those on eBay right now, refurbished, that are as cheap as netbooks.

                                              EDIT: Does anyone know if the CPU’s in these got updates for side channel vulnerabilities? Or they out of support? The Core i5 I looked at in a T420 had a microcode update posted in August on Intel’s website. Researchers are still finding more stuff, though.

                                              EDIT 2: Wait, they got X220 i7’s w/ 8GB RAM for $230 at a seller I could probably drive to. That sounds promising. Yo, vermaden, is that a good setup without any known issues?

                                              EDIT 3: Tried to bypass eBay’s charges on sellers by offering to drive the 5 miles or so to them to pay cash. They replied they’re in Rochester, NY. Epic, geolocation fail. Yeah, I’m not driving over there…

                                              1. 9

                                                I use ThinkPad T420s daily and everything is supported and works. I got ‘uptimes’ of 15-20 days for most of the time. I wrote uptime in ’ chars because I use suspend/resume all the time so its not ‘typical’ uptime :)

                                                About X220, I also have it and use it as laptop for FreeBSD Desktop series so yes, its as well supported as T420s: https://vermaden.wordpress.com/2018/04/11/freebsd-desktop-part-2-install/

                                                When buying X220 remember that only ones with i7 CPU have USB 3.0 port and also make sure to get X220 with IPS screen which is a lot better then TN one.

                                                These ThinkPads are also last ones with real 7-row keyboard which is VERY pleasant to use. You will literally hate every other laptop after using it. The only modern ThinkPad that has such keyboard is the ThinkPad 25 but its costs $1200 used and $1800 new, which is too much IMHO. But new ThinkPads were never cheap.

                                                I can also recommend T520 (for FullHD screen) and W520 (same FullHD screen and USB 3.0 ports and also powerful graphics cards if you need it), but they are 15”.

                                                EDIT: … and yes, all Core i3/i5/i7/i9 CPUs have updates for side channel vulnerabilities. Core Duo and Core 2 Duo (and older CPUs) will not get the updates for side channel vulnerabilities.

                                                1. 1

                                                  Thanks for the tips!

                                                  1. 1

                                                    Ok, after looking at a lot of them, the only thing that bothers me about X220 is all the cheap ones I’m seeing have a tiny screen. All the others are 14-15” like my current laptop. In search, some programmers are complaining about lower resolution, too, affecting how code looks in IDE’s and such. One mentioned external monitor for X220.

                                                    Is there a bigger display on X220’s? And does T420 solve whatever resolution problems they’re griping about?

                                                    1. 2

                                                      Maximum X220 resolution is 1366x768 but you can get an IPS one.

                                                      Maximum T420/T420s resolution is 1600x900 which is ok.

                                                      Maximum T520/W520 resolution is 1920x1080.

                                                      X220 is ‘hard’ to mod to use 1080p screen, but its possible.

                                                      T420s is ‘easy’ to mod to use 1080p screen, check ebay for details.

                                                      1. 1

                                                        What sort of battery life do you get on your x220? I have an x230T that I enjoy well enough, but its battery life leaves a bit to be desired.

                                                        1. 1

                                                          Depends with which batteries :)

                                                          X220 have 3 types for internal battery:

                                                          • 4-cell
                                                          • 6-cell - with this one I get about 3+ hours, sometimes 4
                                                          • 9-cell - with this one I get about 5+ hours, sometimes 6

                                                          … and 2 types for additional battery:

                                                          • 3-cell ultrabay battery that you can put into Lenovo ThinkPad UltraBase Series 3 - about 1+ to 2 hours
                                                          • 9-cell slice/bottom battery - this one gives additional 5+ to 6 hours

                                                          … but I limit my CPU speed up to 1.6 GHz to not drain the power too much.

                                                  2. 4

                                                    If it’s Rochester, then they are within a few miles of me. If it’s the recycler across from my workplace, it’d be stupid easy to get. Mail me (justin@shiningsilence) if that is useful for you…

                                                    1. 2

                                                      Emailed you the seller info.

                                                  3. 2

                                                    I’ve got an old T510 that runs openbsd like a dream. It’s bulky but otherwise it’s a good machine and keyboard is great. I picked mine up as a refurb at a local microcenter for a little over $200, but you should be able to get one for less.

                                                    1. 2

                                                      The Sandy/Ivy Bridge model ThinkPads are overrated. The build quality on them feels really bad compared to the previous generation, and the generations that came after. The screen and battery life in particular are weakpoints.

                                                      Source: I use an X230T as my daily driver on the go, and have an X201 and X61t to compare with. In retrospect, ThinkPads as a whole are overrated - maybe back in the 90s and early 2000s they were the “only good laptops,” but there’s choices nowadays. I just wish I imported a Let’s Note from Japan instead, or saved up enough for an rMBP/Surface Pro.

                                                      1. 2

                                                        For me its not their build quality or best screen or things like that.

                                                        For me its the keyboard layout alone with additional things like screen/battery not interupting.

                                                        One of my favorite laptops was Dell Latitude D630 with extended 9-cell battery that sticked out from front and also used ultrabay 3-cell battery for maximum of 9 hours battery time, but it was ‘only’ Core 2 Duo system and TN 1400x900 with 14” screen size is also not great.

                                                        Dell D630. http://www.preturibune.ro/imagini/foto/902.jpg

                                                        I also like/use Dell Latitude D6400/D6500 and D6410/D6510 - the last Dell laptops with REAL 7-row keyboards.

                                                        … but for me its the keyboard.

                                                        1. 2

                                                          Even on these counts, ThinkPads are problematic. The screen on my X201 was so awful I simply couldn’t use it in many situations. (The X230T at least has an IPS panel, so it’s far better on this count.) Battery life isn’t as good as 9-cell users would let you think; (My X61T with a new 9-cell battery only manages 4 hours; the X230T with a 6-cell that juts out of the rear and bottom can barely manage 2.) the battery decay from poor power management means even if you do get good battery life now, you won’t in a year. (My friends with Let’s Notes and MacBooks still are on their original batteries and still get near-stock battery life.)

                                                          The keyboard’s nice, but it’s not that nice that I want to sacrifice everything else that makes a useful laptop.

                                                      2. 1

                                                        I’ll definitely check them out. Thanks!

                                                      1. 12

                                                        Far as FreeBSD, the most Lobsters-like strategy might be to see what @vermaden uses or recommends so you can use the advice in their many posts on FreeBSD setups. Comments here say most OpenBSD devs use Thinkpads. Maybe ask them or use Lobsters search to see what models. NetBSD has a laptops page which says some Thinkpads work. FreeBSD supports them. DragonflyBSD mentions a few.

                                                        So, a used Thinkpad seems to be the most BSD-friendly solution. Depending on your goals, you might want to pick:

                                                        1. The Thinkpad that works well with the most BSD’s.

                                                        2. The Thinkpad that works best with FreeBSD but can run others minus unnecessary peripherals or something.

                                                        3. The cheapest if 1 or 2 are out of budget.

                                                        Hope that helps.

                                                        EDIT: vermaden does exactly that while I was writing the post. That’s great haha.

                                                        1. 2


                                                        1. 8

                                                          With pkgng, the package management tool used in FreeBSD has almost 27.000 compiled packages for you to use. Almost all software found on any of the important GNU/Linux distros can be found here. Java, Python, C, C++, Clang, GCC, Javascript frameworks, Ruby, PHP, MySQL and the major forks, etc. All this opensource software, and much more, is available at your fingertips.

                                                          But (last time I checked) unfortunately not Racket, which for me is a no-go for putting it on my server.

                                                          Tried using it on the desktop as well, but LibreOffice crashed constantly and Gnumeric gave strange rounding errors. Probably not the fault of the FreeBSD developers, but I think it’s best to be realistic about the trade-offs of using FreeBSD, which is not something that can be said about the documentation or the linked article:

                                                          PS: I haven’t mentioned both softwares, FreeBSD and SmartOS do have a Linux translation layer. This means you can run Linux binaries on them and the program won’t cough at all.

                                                          I just found this not to be the case at all.

                                                          1. 10

                                                            unfortunately not Racket

                                                            huh? lang/racket is now at version 7.1. I even contributed a patch that enabled the build on non-x86 architectures like aarch64 (without JIT) :)

                                                            1. 3

                                                              Yay! Thanks for fixing that.

                                                            2. 2

                                                              Tried using it on the desktop as well, but LibreOffice crashed constantly and Gnumeric gave strange rounding errors.

                                                              Which FreeBSD version was that?

                                                                1. 3

                                                                  This is Gnumeric 1.12.43 on FreeBSD:


                                                                  Seems to be fixed now.

                                                                  I never had any stability issues with either Libreoffice 5/6 or Gnumeric on FreeBSD.

                                                                  Used FreeBSD 11.2 and tried 12.0-RC1 recently - also stable.

                                                                  … but thats me.


                                                                  1. 1

                                                                    I think the bug is/was dependent on the type of processor.

                                                            1. 4

                                                              I’ve always found it annoying that Red Hat offers no way to upgrade across major versions. This is to me an essential feature. There seems to be some (very limited) support for it nowadays, but it’s nothing compared to (for example) the Debian upgrade story.

                                                              1. 6

                                                                Redhat brings out new versions every ~5years, supports thema fort 10years. After that many years imho it’s beter tot re-install if only to make sure there are no dependencies someone installed by hand. This will make your life easier by reducing technical debt. At least that’s the theory…

                                                                1. 1

                                                                  And it’s pretty rare to have a system live longer than 10 years in an enterprise environment.

                                                                  1. 12

                                                                    Yeah, you’d think so. You’d really think so.

                                                                    (pours another shot)

                                                                    1. 1

                                                                      Well, obviously there are going to be small exceptions, but can anyone produce an example of a 1000+ system datacenter running 10yr+ old systems for production? Most of my background is HPC, and that would have been quite rare to see because of power inefficiency.

                                                                      1. 1

                                                                        In the HPC world, that may be true. In a typical enterprise, it’s nothing of the sort.

                                                                        In a typical medium-sized enterprise, you have multiple datacenters filled with some mix of modern and “legacy” hardware in each. All of this is managed by separate teams operating in their own little silos. Projects come and go based on which middle managers impressed a C-level exec last week on the golf course. Even in a particularly profitable year when the purse strings are loosened up enough to modernize most of the infrastructure, there’s that one fucking server that’s responsible for some highly business-critical task but the person who knew the task and wrote the software (in friggen Delphi or something, probably) retired five years ago. Nobody wants to touch it because there’s no documentation on it and the source code was lost when IT re-imaged his desktop PC after he left. Many have tried to virtualize it or at least upgrade the OS but all have failed. The last time it went down in the middle of the day, the CEO of the company came down personally from the seventh floor just to yell at a room full of IT managers for two hours with the conference room door deliberately left open. The best anyone can do about it now is monitor some opaque queue status built into the thing, have some spare hardware handy, and make sure all the backups still run nightly.

                                                                        Yes, a company could hire a consultant to come in and disassemble the code to figure out how it works, and then possibly write a more maintainable clone for it. But that would introduce risk to whatever business process it manages and it would cost a lot more money than just keeping the old thing chugging along a little while longer, which is already working fine and, much more importantly, has already been paid for.

                                                                        That’s the enterprise I know, anyway.

                                                                        1. 1

                                                                          I believe Google had this problem and ended up installing Debian over top of each Red Hat box. https://www.usenix.org/node/177348

                                                                      2. 1

                                                                        Physical systems? Yes. That was the great thing about applications running directly on physical servers. Server warranty expired -> application had to be installed somewhere else, and most likely with a new OS and newer application version. Now with virtualization the VMs simply get migrated to a new cluster when the hardware is EOL. Aaand of course the application is important enough that management accepts the system running although there hasn’t been security patches for years…

                                                                      3. 1

                                                                        In OpenBSD it is easy and with little pain to perform a similar task, in my opinion that’s one of the benefits of developing a coherent system with unified and carefully maintained set of tools, developed wisely by the same team. In GNU, many of the basic userland operating system programs don’t have the same maintainer, and are not developed as part of an entity.

                                                                        1. 3

                                                                          I don’t think you understand, this has nothing to do with the operating system itself. If you leave any system running with users that can access it, bad things will happen. They will put small shell scripts on it that control mission critical functionality without you knowing, store important data on it, (ab)use it to access another system, …

                                                                          While I agree that being able to do upgrades could in theory be handy, I believe periodically wiping a system and replacing it will end up being better. All depends on your environment/job of course, but I’ve seen a fair share of 8+year old systems, not regularly re-created and accessible by almost everyone in the company. Shutting them down will probably end up causing a downtime somewhere else, or someone will complain about his data becoming inaccessible. This is no fun…

                                                                      4. 4

                                                                        This is ‘enterprise’ in the Red Hat world works.

                                                                        You can upgrade FreeBSD from 5.3-RELEAES - by several steps - up to latest 11.2-RELEASE but you can not upgrade Red Hat (or CentOS) from 6.9 to 7.5, because NOT.

                                                                        1. 2

                                                                          Looks like upgrading RHEL 6 to 7 server on x86_64 is supported.

                                                                          1. 1

                                                                            Have you checked the details?

                                                                            • Limited package groups: The upgrade process handles only the following package groups and packages: Minimal (@minimal), Base (@base), Web Server (@web-server), DHCP Server, File Server (@nfs-server), CIFS File Server and Print Server (@print-server). Although upgrades of other packages and groups are not supported, in some cases, packages can be uninstalled from the RHEL 6 system and reinstalled on the upgraded RHEL 7 system without a problem. See the table below.

                                                                            So no, you can not compare that to freebsd-update and/or pkg upgrade from FreeBSD which will work in ANY condition and with all packages/states supported.

                                                                            By the way, its only an ‘additional’ article in the knowledge base, its not official documentation of the Red Hat system.

                                                                          2. 1

                                                                            Well, the modern way of working is immutable infrastructure (or at least scripted and therefore fastish to recreate) anyway, so that should be a moot point. And yeah, I know, in reality it is not :/

                                                                          1. 2

                                                                            Still not desktop icons on the ‘desktop’ os ;)

                                                                            1. 3

                                                                              I use 2011 ThinkPad T420s and sometimes ThinkPad X220 and I still remember how great the 2007 Dell D630 was with its extended battery sticking out from the front creating additional palm rest.

                                                                              Yes, I miss the 1080p that I had in the W520 and T520 but they are REALLY large and heavy. T420s and X220 are very light and compact and I also like very much the bottom slice X220 battery, laptop is still quite compact and small but little taller … and battery time is great then.

                                                                              Why I use them? Real 7-row ThinkPad keyboard is second to none if it comes to type anything on a computer.

                                                                              The only today 1080p alternative that I know is ThinkPad 25th Anniversary Edition as it also has real 7-row ThinkPad keyboard. It costs $1800 new and about $1000 used/refreshed/refurbished … and I will buy it sometime when the price will be round $500, probably after 1.5-2.0 years.

                                                                              From other options ThinkPad Carbon X1 5th and 6th generations get good review from the users - besides new ‘island’ keyboard downgrade.

                                                                              1. 2

                                                                                X220 and T420s are also my current favourites – using an external monitor (UHD resolution) most of the time, though.

                                                                                Strangely, with the T420s the external monitor (Dell Ultrasharp) turns black from time to time. From my observations it seems the GPU (Intel HD Graphics 3000, same as in the X220) switches off the external port with higher CPU loads. Observed with multiple T420s/Dell-combinations.

                                                                                1. 4

                                                                                  X220 user here as well. It just works with FreeBSD [1], so I don’t feel compelled to spend money on anything new. USB 3.0 and nvme drive(s) might be nice, but mirrored SSDs (sata and msata) give descent i/o. Maybe I’m just ignorant to what I’m missing, but ignorance is bliss, right? I am certainly not loyal to Lenovo, but their ThinkPads just seem to work well for me and I have built up a lot of muscle memory for the pointing sticks, which are not common on other laptops.

                                                                                  [1] wireless, suspend/resume, brightness, webcam, and sd card all work.

                                                                                  1. 2

                                                                                    USB 3.0 and nvme drive(s) might be nice If you get ThinkPad X220 with i7 CPU then you will have one USB 3.0 port. For the record also T420s has one USB 3.0 port on the back.

                                                                                    About performance difference between current laptops and 2011 ThinkPads T420s and X220 the Intel CPUs are faster by about 25-35% only. The power usage is a lot better as these older CPUs had 35 W TDP while current ones have about 15 W and they are even ‘configurable’ to have even less.

                                                                                  2. 2

                                                                                    If you go back one generation further, the X201 has a nicer screen since it was from before they went to 16:9. A 10% increase in pixels is definitely worth the minor performance drop.

                                                                                1. 1

                                                                                  On Linux I had to change the signal 17 to 19 and 19 to 18, according to trap -l

                                                                                  1. 2


                                                                                    thanks for input.

                                                                                    I modified the desktop-pause.sh script to use kill -SIGCONT PID and kill -SIGSTOP PID commands instead.



                                                                                    Now it should work on FreeBSD and Linux without modifications.

                                                                                    1. 1

                                                                                      As a note, I do the same thing for macOS for firefox. I just use pkill -STOP basically, no wrapper script. I’m almost always in a terminal so it being in my history is fine enough for me.

                                                                                    2. 1

                                                                                      I made another modification with uname/case so all Linux systems should work properly now.

                                                                                      There was problem with Ubuntu 16.04 which uses Dash as /bin/sh.

                                                                                    1. 4

                                                                                      This one is actually usable under almost every UNIX environment with X11. Pretty sure it could be easily managed to work with Wayland.

                                                                                      I really miss that neat Pause key on Sun Workstations which actually paused the whole Solaris, leaving you to OpenFirmware console with simple debugger. You were able to get back into running system like nothing ever happened.

                                                                                      1. 1

                                                                                        I really miss that neat Pause key on Sun Workstations which actually paused the whole Solaris, leaving you to OpenFirmware console with simple debugger. You were able to get back into running system like nothing ever happened.

                                                                                        Nice! Did not know that :)

                                                                                        1. 1

                                                                                          PPC Mac’s had Open Firmware. I wonder if they can do that.

                                                                                        1. 1

                                                                                          I guess GNU du is too old since it doesn’t support -g;) you can pass -BG to get the same effect. Nice series by the way, I’ve only discovered !<pattern> recently by coincidence.

                                                                                          1. 1

                                                                                            Thanks ;)

                                                                                          1. 4

                                                                                            With this registry addon Windows XP will have support till 2019:

                                                                                            Windows Registry Editor Version 5.00
                                                                                            1. 1

                                                                                              It ate your backslashes by the way…

                                                                                              1. 1

                                                                                                Fixed. Thanks.