The article outlines how to replicate FreeBSD's Poudriere build environment in Debian using SBuild for isolated package development. It begins by creating a Debian Unstable tarball with essential tools like Qt dependencies, analogous to a Poudriere jail, then extracts it into a persistent chroot directory. The process includes binding external source directories into the chroot for development while maintaining system isolation. The author contrasts this approach with Docker, noting that persistence is critical for their workflow, unlike Docker's ephemeral containers. The guide emphasizes practical steps for Debian packaging work, particularly for projects like libaccounts, while acknowledging Debian's inconsistent package naming conventions.

ZFS scrubs are a critical maintenance process that verifies data integrity by comparing every block in a storage pool against its stored checksum, ensuring corruption is detected and repaired before it causes data loss. Unlike traditional filesystem checks, ZFS scrubs validate both metadata and user data, leveraging redundancy to automatically correct errors when possible. The process relies on ZFS's Merkle tree structure, where each block's checksum is stored in its parent pointer, allowing end-to-end validation of the entire dataset. Regular scrubs help prevent silent data corruption—common in modern high-capacity drives—by identifying and repairing bit rot, hardware inconsistencies, or media decay before they accumulate. Monitoring tools like zpool status provide insights into scrub progress, repair counts, and device health, enabling administrators to proactively address hardware issues and maintain long-term storage reliability.

OpenBSD has issued errata patches for the rpki-client utility affecting versions 7.7 and 7.8, addressing unspecified vulnerabilities or bugs. Binary updates are available for amd64, arm64, and i386 architectures through the syspatch tool, while source code patches can be obtained from the official errata pages for each release.

The OpenBSD project has deprecated LACP (Link Aggregation Control Protocol) functionality in the trunk(4) network driver, as announced by developer David Gwynne. The decision stems from the availability of a more robust implementation in aggr(4), which already handles LACP with improved performance and maintainability. The removal also addresses technical debt, as trunk(4)'s LACP code relied on the outdated netlock mechanism in the Ethernet stack, complicating future optimizations. While other trunking protocols like failover and load balancing remain in trunk(4), the project encourages users to migrate to aggr(4), with migration guidance provided in the FAQ. The change reflects ongoing efforts to modernize OpenBSD’s networking infrastructure.

The Valuable News weekly roundup curates notable updates, articles, and resources primarily focused on UNIX/BSD/Linux ecosystems, with occasional broader tech and life topics. This edition highlights FreeBSD advancements, including guides on NFSv4 with Linux clients, Restic backups, and Mandatory Access Control (MAC) frameworks like portacl and biba, alongside tools such as the ZFS management GUI ZfDash and the lightweight Dovecot brute-force blocker doveguard.

The wc command in FreeBSD is used to count lines, words, characters, and bytes in a file or from input you provide. Whether you're analysing logs, reading large datasets, or just checking the size of your scripts, wc gives a quick summary.

This guide outlines the process of adding new software to the FreeBSD Ports collection, replacing the deprecated shar(1) tool with a git(1)-based workflow. It begins with creating a port directory containing essential files like Makefile, distinfo, and pkg-descr, then demonstrates how to test the port locally before submission. Common issues such as checksum and size mismatches are addressed, along with troubleshooting steps. The guide also covers generating a git diff for submission via the FreeBSD Bugzilla system, including screenshots of the submission form. Additionally, it briefly discusses updating existing ports and critiques the trend of vendor-specific variables in port configurations. The author notes past frustrations with contributing to official documentation but emphasizes the practicality of sharing knowledge through personal platforms.

This episode of BSD Now highlights the release of Oracle Solaris 11.4 SRU 87, detailing its latest updates and improvements. It also examines the cultural factors behind Perl's decline, contrasting them with technical limitations. Additional topics include a user's transition from Linux to FreeBSD for simplicity, a 2025 overview of mixed DNS server deployments, and updates from HardenedBSD. The episode further explores FreeBSD's integration of JSON support in its base system, ongoing development efforts, and community feedback on projects like Flua.

CheriBSD is a modified version of FreeBSD designed to leverage CHERI (Capability Hardware Enhanced RISC Instructions) architectures, such as Arm’s Morello and CHERI-RISC-V platforms. Developed by SRI International and the University of Cambridge, it integrates memory protection and software compartmentalization features through CHERI’s capability-based security model. This model extends traditional hardware architectures with 128-bit capabilities that enforce fine-grained memory access control, reducing vulnerabilities like buffer overflows and use-after-free errors. CheriBSD supports a mix of over 10000 pre-built memory-safe packages and 260000 memory-unsafe packages, allowing compatibility with existing software while offering enhanced security for new applications. However, adoption is currently limited by the requirement for specialized CHERI-enabled hardware, and some features like DTrace and optional kernel modules are not supported.

This article details configuring FreeBSD and Poudriere to function in high-security environments with restricted internet access, relying on a dedicated proxy server. It begins by explaining how to set up a FreeBSD host to use a proxy for package management with pkg(8), including modifying repository configurations to remove the pkg+ prefix and changing the mirror_type to none. The guide also covers fetching and updating the FreeBSD Ports tree using gitup and configuring system-wide proxy settings. For Poudriere, the article outlines the necessary configurations in /usr/local/etc/poudriere.conf, including proxy environment variables and package fetch settings, to ensure successful package building. The process involves troubleshooting with tools like ktrace and kdump to identify and resolve issues related to proxy usage, ultimately achieving a fully functional Poudriere setup in a restricted network environment.