Archive
Posts in OpenBSD
Setting the timezone on OpenBSD servers
I have performed a number of OpenBSD installations in the past, and have always used the installer to set the timezone. One system that I recently built didn't have a timezone set, which required me to run the zic(8) utility manually to change the timezone on the system. To set the servers timezone to Eastern with support for daylight savings time, I executed zic with the "-l" (Use the given time zone as local time) option and the timezone I wanted to use: Once the timezone was set, I used the rdate utility to synchronize the time on the server: If your not certain which timezone to use, you can check the directory /usr/share/zoneinfo. The zoneinfo directory contains the full list of timezones that can be passed to zic.
$ read more →Install OpenBSD packages to alternate directories
I run OpenBSD on a few Soekris 4801s. To get an image "prepped" for the Soekris, I use the directions on the Installing OpenBSD on Flash website. Periodically I need to apply patches to the images, which requires me to adjust the "make install" process to install the package to an alternative location. To apply a patch to a package and install it to an alternate location, I first apply the patch to the package that contains the errata: After the patch is applied, I use the build procedure outlined in the patch header to create the binaries and supporting infrastructure: Once the package is built, I use the DESTDIR variable to control where the package is installed: I poked around on google to see which variables are available to control the build process, but was unable to find a complete list…
$ read more →OpenBSD Security technologies
I came across an awesome presentation that describes all of the the security enhancements that been added to OpenBSD to thwart stack- and heap-based overflows. Now that OpenBSD 3.8 is in beta, I cannot wait to download and install 3.8 when it's released!!
$ read more →OpenBSD 3.8 features
It looks like OpenBSD 3.8 will introduce some really cool features. I personally dig the introduction of unpredictable allocation addresses and guard pages, which should make exploiting heap-based overflows a bit more difficult.
$ read more →OpenBSD port FLAVORS
The OpenBSD ports tree comes with 1000s of packages in source form, and allows each port to be compiled and installed by executing "make install" in the application port directory (e.g., /usr/ports/net/mtr ) . Since individual ports can be built different ways, OpenBSD provides different "FLAVORS" to control the package build process. To view the FLAVORS offered by a specific port, the make utility can be invoked with the 'show' option: To build a package with a specific FLAVOR, the FLAVOR environment variable can be set prior to building the package: Now if they only offered 21 flavors of ice cream (as my friend Clay once said)!
$ read more →