Issue 258
Published December 17, 2025

BSD Now 641 covers FreeBSD 15.0 release, OpenBSD-to-FreeBSD firewall migration, and ZFS Boot Environments explained and more.

Releases

No releases.

BSDSec

No security announcements. As always, it’s worth following BSDSec. RSS feed available.

News

Valuable News – 2025/12/15: The Valuable News weekly roundup curates notable updates and articles primarily focused on UNIX, BSD, and Linux systems, along with hardware and general tech developments. Highlights include the discovery of the original UNIX v4 OS from 1973 by the University of Utah, FreeBSD 15.0 performance benchmarks against Ubuntu on AMD EPYC servers, and updates on OpenZFS community contributions.

1980s Usenet debates on Unix, BSD, and hardware: Archived Usenet discussions from the 1980s reveal the technical and cultural landscape of early Unix, BSD, and hardware development during the era. Users debated the high costs of AT&T’s Korn shell ($2,000 per site) and the slow adoption of virtual memory, which was still a novel feature on systems like the VAX-11/780. BSD was widely regarded as faster and more innovative than AT&T’s System V, though System V was praised for better documentation. Hardware limitations, such as the 64KB memory constraint of the PDP-11, forced creative workarounds, while early multi-core systems like Sequent’s Balance 8000 offered glimpses of future computing power. Security was a persistent concern, with vulnerabilities like setuid root binaries and weak password encryption frequently discussed, alongside early attempts to improve usability, such as alternatives to the clunky /bin/su command.

BoxyBSD talk at credativ’s Virtualization Gathering 2025: The 2025 talk at credativ’s Virtualization Gathering in Mönchengladbach, Germany, detailed the evolution of BoxyBSD, a free VPS platform designed to lower barriers for exploring BSD systems. Initially launched in late 2022 on spare hardware, the project expanded into a globally distributed, automated platform requiring no credit card or prior infrastructure knowledge. The presentation covered its transition from FreeBSD jails and bhyve to KVM and Proxmox VE, addressing scaling challenges and operational realities. It also highlighted related projects like ProxLB and ProxWall, emphasizing automation through Ansible modules and open tooling. The talk underscored BoxyBSD’s role in fostering community-driven learning and contributing to the BSD ecosystem, with slides and recording links provided for further reference.

OpenBSD’s Propolice stack protector origins: In a detailed retrospective by longtime OpenBSD developer Miod Vallat, the early development of Propolice—a stack protection mechanism—is explored as a pivotal shift in the project’s security philosophy. The article highlights how OpenBSD transitioned from focusing solely on bug-free code to actively making exploitation more difficult, even when vulnerabilities existed. Vallat explains the technical challenges of implementing Propolice across diverse architectures, including now-obsolete systems like OpenBSD/vax, ensuring broad compatibility. Though the term Propolice has faded from common use, the work laid critical groundwork for modern stack protection techniques in OpenBSD and beyond. The piece serves as both a historical account and a technical deep dive into the evolution of defensive programming practices within the project.

HardenedBSD 14-STABLE Deprecation Notice: March 2026: Shawn Webb, Co-founder and Security Engineer at HardenedBSD, announced the deprecation of support for the 14-STABLE branch, effective March 31, 2026. This is due to the upcoming release of FreeBSD 15.0 in December 2025. Users are encouraged to start testing HardenedBSD 15-STABLE, although the current package repository for 15-STABLE is not fully compatible with the quarterly release, requiring users to build their own packages for testing.

Unwrapping ZFS: Key 2025 Open Source Contributions: The OpenZFS community delivered several major improvements in 2025, including a unified allocation throttle that optimizes data distribution across mixed-performance vdevs to enhance long-term performance and reduce fragmentation. Special VDEV enhancements now allow ZIL storage on high-performance flash, improving synchronous write IOPS for databases and virtual machines, while relaxed size restrictions for special_small_blocks increase hybrid pool flexibility. Vectorized AES encryption boosts throughput by 80-100% on AVX-512 CPUs, and the new rewrite command enables in-place defragmentation and property updates without full data replication. JSON output support simplifies programmatic data extraction for monitoring systems. These contributions from over 100 developers including Klara Systems, Lawrence Livermore National Laboratory, and TrueNAS demonstrate the project’s growing collaboration and innovation.

BSD Now 641: Open to Free: This episode covers the release of FreeBSD 15.0, including its key features and improvements as outlined in the official announcement and release notes. It also explores a user’s experience migrating from OpenBSD to FreeBSD for firewall deployments, highlighting practical considerations and motivations behind the switch. Additionally, the episode provides a detailed explanation of ZFS Boot Environments, offering insights into their functionality and benefits for system administration. Other topics include a new configuration management tool called rocinante from the BastilleBSD team and a discussion on a recently discovered ZFS data corruption bug, including its technical implications and mitigation strategies.

FreeBSD may drop PowerPC 64-bit support: FreeBSD developers are considering discontinuing support for the PowerPC 64-bit architecture before the release of version 16, which would make FreeBSD 15 the final stable release supporting it. The proposal initially mentions both big-endian and little-endian variants but later focuses primarily on big-endian, leaving some ambiguity about the scope of the change. The decision appears influenced by the declining availability and higher cost of PowerPC hardware, despite its continued relevance in enterprise environments. Users have expressed concerns about the impact on legacy systems and the broader ecosystem, with some considering alternatives like OpenBSD/powerpc64, which is actively tested on Raptor hardware. The discussion also highlights broader challenges in maintaining support for less common architectures in open-source projects.

FreeBSD Foundation Q3 2025 progress highlights: The FreeBSD Foundation’s Q3 2025 status update outlines key advancements in technical and non-technical support for the FreeBSD Project. Major initiatives included the Laptop Support and Usability project with Quantum Leap Research and an infrastructure modernization effort funded by the Sovereign Tech Agency, resulting in 451 src, 71 ports, and 25 doc commits. Notable improvements covered virtual memory scalability, UFS reliability for large filesystems, support for systems with over 4 TB of RAM, and fixes for race conditions in timeout(1). The Foundation also sponsored 12 successful Google Summer of Code projects and participated in events like EuroBSDcon 2025 and the Open Source Summit Europe. Advocacy efforts included publishing tutorials, organizing the November 2025 FreeBSD Vendor Summit, and releasing newsletters and the FreeBSD Journal. Fundraising and legal support for FreeBSD trademarks and core team inquiries remained ongoing priorities.

Tutorials

Migrating from Azure Functions to FreeBSD: A developer details their transition from Azure Functions to a self-hosted FreeBSD server after encountering service disruptions and deprecation warnings. The migration was prompted by Azure’s planned end-of-life for its Linux Consumption plan, which no longer supported custom Rust handlers. The process involved adapting existing services to run as standalone daemons on FreeBSD, leveraging tools like daemon(8) for process management and newsyslog(8) for log rotation, while offloading TLS termination to Cloudflare Tunnels. The shift resulted in improved performance, cost savings, and greater control over the infrastructure, though it required manual adjustments for log handling, CORS configuration, and PostgreSQL integration. The author highlights the trade-offs, including the loss of automated deployments and staging environments, but emphasizes the long-term stability and simplicity of self-hosting.

Recovering a botched FreeBSD 14 to 15 upgrade: An incorrect use of freebsd-update -r 15.0-STABLE install on a FreeBSD 14 system led to a broken installation due to missing shared libraries like libsys.so.7. The issue was resolved by leveraging a pre-reported bug with a workaround involving statically linked rescue tools to fetch and extract the missing library from a FreeBSD 15.0-BETA2 tarball. Additional steps included remounting the ZFS root filesystem as read-write, reinstalling the package manager, and upgrading packages. Post-recovery, a separate graphics driver issue caused kernel panics, highlighting ongoing challenges with AMD GPU stability in FreeBSD 15 despite its listed improvements. The process underscored the importance of reviewing release notes and updating packages before major system upgrades.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Stay safe!

Become a Sponsor! Become a Patron!

We won't spam you. Unsubscribe any time.