FreeBSD Q2 2025 updates, HardenedBSD security enhancements, NetBSD async I/O advancements and more.
Releases
No releases.
BSDSec
No security announcements. As always, it’s worth following BSDSec. RSS feed available.
News
Valuable News – 2025/09/01: This edition of Valuable News curates key updates across UNIX/BSD/Linux ecosystems. Highlights include FreeBSD’s Q2 2025 status report, detailing bug-tracking improvements via Bitergia dashboards, and GhostBSD’s new Gershwin desktop—an experimental, GTK/Qt-independent environment.
HardenedBSD July-August 2025 Progress: HardenedBSD’s July-August 2025 status report highlights key advancements in security and infrastructure. The team focused on reducing technical debt, including removing legacy hbsdcontrol, enhancing Trusted Path Execution (TPE) with jail support, and hardening mac_do(4) to prevent privilege escalation. Ports updates included llvm/clang patches for auto-initialization and heartwood 1.3.0. Infrastructure improvements addressed cooling issues, enabling a new test server for Radicle, though scalability remains a challenge. With FreeBSD 15.0’s upcoming stable branch, HardenedBSD will create a hardened/15-stable branch, requiring ~2 months for build infrastructure setup. Support for 14-stable may be limited post-transition. Future work includes a censorship-resistant mesh network using Reticulum.
NetBSD GSoC 2025: Advancing Asynchronous I/O Framework: The 2025 Google Summer of Code project for NetBSD focused on enhancing its asynchronous I/O capabilities by introducing a service pool model. Each process now manages a pool of worker threads, with jobs grouped per-file to avoid vnode lock contention and improve concurrency. While the current implementation falls back to synchronous I/O, it lays the foundation for future optimizations like VFS bypass, pending maturity of NetBSD’s BIO layer. The developer implemented a lightweight testing environment using QEMU and FFS roots, enabling rapid kernel iteration. Challenges included the complexity of integrating asynchronous I/O with NetBSD’s existing buffer cache and vnode locking mechanisms, which lack abstractions like FreeBSD’s struct bio. The project highlights NetBSD’s potential for performance improvements, though substantial effort is required to realize them.
FreeBSD Q2 2025 Status Report: Key Updates on Kernel, Ports, and Projects: The FreeBSD Q2 2025 Status Report highlights major advancements across the OS, including kernel improvements (e.g., suspend/resume enhancements, HFS+ porting, and USB debugging), ports updates (e.g., GCC 15 integration, OpenJDK 24.0.1, and security hardening options like WITH_FORTIFY), and project milestones (e.g., pkgbase installer support, Sylvea’s unified system management platform, and PinePhone Pro progress). The FreeBSD Foundation sponsored critical initiatives like Wi-Fi/Bluetooth improvements, audio stack refinements, and infrastructure modernization, while community efforts expanded documentation (e.g., Chinese translations, accessibility handbook) and third-party tools (e.g., BSD-USER 4 Linux for running FreeBSD binaries on Linux). The report also notes team changes (e.g., Release Engineering, DocEng) and upcoming goals, such as FreeBSD 15.0’s December release and continued CI/CD automation.
BSD Now 626: USB webcam testing: FreeBSD Journal Summer 2025 Edition, Java hiding in plain sight, BSDCan 2025 Trip report, Call for testing OpenBSD webcams, recent new features in OpenSSH, Improved 802.11g AP compatibility check, and more.
Tutorials
Migrating PeerTube from Debian to FreeBSD: A Step-by-Step Guide: This guide details migrating a PeerTube instance from Debian Linux to FreeBSD, driven by a preference for traditional Unix tools like rc scripts, ifconfig, and syslog over modern Linux systems like systemd. The process covers FreeBSD installation (including storage and networking setup), configuring dependencies (Redis, PostgreSQL 17), and installing PeerTube with nginx for web publication. Key steps include data migration via rsync and PostgreSQL dump/restore, ensuring minimal downtime. The author also highlights optional optimizations like pf firewall rules, acme.sh for Let’s Encrypt certificates, and telemetry setup with VictoriaMetrics.
Using Torrent on FreeBSD: Setup, Ethics, and Tools: This article explores the use of the BitTorrent protocol on FreeBSD, emphasizing its legitimate applications, such as distributing open-source projects like FreeBSD and GhostBSD. The author critiques the misconception of BitTorrent as solely a piracy tool, comparing it to HTTPS and highlighting its efficiency in load distribution. Ethical considerations around “piracy” are discussed, questioning the fairness of paid services offering lower-quality content compared to freely available torrents. The guide provides detailed steps for setting up qBittorrent with search plugins and aria2c for command-line downloads, making it accessible for both beginners and experienced users. The author also touches on broader issues like corporate use of pirated content and the selective enforcement of copyright laws.
Did we miss anything?
This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.
Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).
Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.
Thanks for reading and see you next week! Stay safe!