Justin Dearing | 24 Apr 19:26 2015
Picon

[talk] Is anyone doing GIS stuff in FreeBSD with Python 3?

Hey all,

I've been working on some Geospatial web apps written in python 3.4 with flask. Deploying them to Centos has proven problemsome due to the GDAL libraries being old. The FreeBSD ports collection has up to date ports for the stuff I need.

Before I go building a FreeBSD box, I was wondering if there were any caveats I should worry about on FreeBSD from someone who does GIS stuff with Python in FreeBSD, and know the pain of projections being renamed and the gdal exception handler not working in python.

Justin 
<div><div dir="ltr">Hey all,<div><br></div>
<div>I've been working on some Geospatial web apps written in python 3.4 with flask. Deploying them to Centos has proven problemsome due to the GDAL libraries being old. The FreeBSD ports collection has up to date ports for the stuff I need.</div>
<div><br></div>
<div>Before I go building a FreeBSD box, I was wondering if there were any caveats I should worry about on FreeBSD from someone who does GIS stuff with Python in FreeBSD, and know the pain of projections being renamed and the gdal exception handler not working in python.</div>
<div><br></div>
<div>Justin&nbsp;</div>
</div></div>
George Rosamond | 22 Apr 03:53 2015

[talk] some notes on flashrd

flashrd (www.nmedia.net/flashrd) has been around a long long time.  It
is a light weight build system for embedded OpenBSD for flash media. It
was created and is maintained by Chris Cappuccio, among others.

The current image at images/20150320 doesn't boot due to PIE settings,
but I can provide an image if anyone's interested until it's resolved. I
also have a build script that isn't quite elegant shell (yet), but it
does simplify configuring a build. Importantly, the build machine must
match the platform, so to build i386, you need an i386 box, unless
you're using a virtualized build system.

Lots of funky features, such as switching between read-only and
read-write modes, the use of vnodes, etc.

I started hacking on it last week.  There's a certain simplicity that is
nice.  I imagine that if FreeBSD's Crochet was limited to one board, the
two build systems would have a lot in common.

My build is only using bsd*.tgz and etc*.tgz files.  Adding a swap file
is vital to do anything interesting with a Soekris of course.

What's truly impressive is that I pulled out two ancient Soekris 4801s
with that potent 266mhz CPU and 128M of RAM, and it works fine.

Remote upgrades and fallback to the previous configuration if any
problems is simple and straight-forward.

There are regular DMA errors when booting off old CF cards.  I'm having
an issues forcing PIO mode and disabling DMA, as the changes to the
kernel don't seem to stick from UKC.  Any input appreciated.

boot> boot -c

wd* flags changed to 0x0ffc and 0x0ff0, but neither sticks after a reboot.

Anyways, worth checking out as a solution for small systems.

g
Isaac (.ike) Levy | 19 Apr 19:29 2015
Picon

[talk] VPNs: Choosing between OpenVPN and L2TP/IPsec

Hi All,

So I thought folks here may have words on a topic which has hit this
list in years past: VPN choices.

Choices are great, but now I'm trying to choose one. :)

Until recently I've been able to escape the complexity altogether, but
now I have need to roll out and manage roving VPN connectivity, and I'm
in a quandary with which tech to start with- and would love to hear any
experiences or tid-bits on each.

THE CHOICES, AS I SEE IT
--

PPTP - off the table, deader than dead.

L2TP/IPsec - Contender
+ easy/reliable cert-based client integration (mostly Macs for my world)
+ well worn (many platforms, many years now)
- IPsec traffic hassles from clients in restrictive/unreliable networks
- These days I shy away from the muddled state of IPsec (1)
- Troubleshooting issues: difficult, complex and opaque in tooling.

OpenVPN - Contender
+ Robust reliability on restrictive/unreliable networks
+ Clear cert-based client integration on many platforms
- Needs third party software for most user applications
- less well worn (some sharp edges here and there for users)
+ and -, SSL based crypto transport
- OpenSSL base, (2)

ENDLESS QUESTIONS
---
What's it like for users these days?
What's it like for administrators these days?
Multi-factor auth?  Key management?
What networking 'gotchas' are folks dealing with?
Anyone rockin' IPv6 inside/outside their tunnls (I'll be trying...)?
What crypto concerns do folks here have?

Even anecdotes about life with commercial products at either end is
informative, although I'm obviously interested in open tech.

Best,
.ike

--
Footnotes:
1) IPsec is awesome, but lets face it, also muddled.  It's not
unreasonable that some major flaw could be discovered which exposes a
fundamental flaw or even intentional backdoor in coming years:
http://www.mail-archive.com/cryptography <at> metzdowd.com/msg12325.html
For the time being, IPsec holds strong with no known weaknesses- but
even the fact that it was backported from IPv6 bits makes it even more
complicated to keep track of...

2) LibreSSL, BoringSSL, and good ol' OpenSSL- a discussion deserving
it's own thread :)
http://www.libressl.org/
http://article.gmane.org/gmane.os.openbsd.tech/37174
https://boringssl.googlesource.com/boringssl/
https://www.openssl.org/

George Rosamond | 16 Apr 15:25 2015

[talk] NYC*BUG Announcements

A few things to note.

First, NYC*BUG hosts a lot of resources for the broader *BSD community,
but we tend to not publicize it widely. A few days ago, we set up a
mailing list for a new BUG in Poland.  It's the "Subcarpathian BSD Users
Group" (Podkarpacka grupa użytkowników BSD) based in southeast Poland.

http://lists.nycbug.org/mailman/listinfo/sbug

****

We have a great list of upcoming meetings set for the next few months.

May 6 - "Bitrig" John C. Vernaleo

June 3 - "FreeBSD's NUMA" John Baldwin

->June 12-13, BSDCan, Ottawa, Canada

June 18 - "mandoc: from scratch to the standard BSD documentation
toolkit in 6 years" Ingo Schwarze

June 19 - social event with Ingo (location TBA)

July 1 - "Staying in sync with the Precision Time Protocol" Steven Kreuzer

August 5 - "What's New with OpenBSD" Brian Callahan

->October 1-2, EuroBSDCon, Stockholm, Sweden

Rumor has it, another vBSDCon is being planned for the fall in Virginia.

****

All the NYC*BUG meetings are at Stone Creek, except for the special June
18th meeting with Ingo Schwarze on mandoc.  Let us know if you have any
good leads.  A place without RSVPs and with food/drinks is ideal.

The September meeting is looking like it will feature a veteran of the
Bell Labs/Bellcore days, whose work continued into Plan 9. It's a
meeting we're extremely excited for. NYC*BUG has always emphasized the
larger Unix thread that we see the *BSDs as a fundamental part of.

****

The video for Christos' Blacklistd meeting is posted at
https://youtu.be/0UKCAsezF3Q.  Huge thanks Patrick M.
_______________________________________________
talk mailing list
talk <at> lists.nycbug.org
http://lists.nycbug.org/mailman/listinfo/talk
Patrick McEvoy | 13 Apr 14:35 2015
Picon

[talk] blacklistd

Hey Folks,
Blacklistd video posted. Enjoy.
P

https://youtu.be/0UKCAsezF3Q
George Rosamond | 12 Apr 02:42 2015

[talk] blacklistd slides

Posted:

http://www.nycbug.org/index.cgi?action=event&do=view&id=10358

IMHO, more people should be playing with it...

g
Marc Spitzer | 10 Apr 23:50 2015
Picon

[talk] very handy gmake trick

the core is:

If you're using GNU make and you need help debugging a makefile then there's a single line your should add. And it's so useful that you should add it to every makefile you create.

It's:

    print-%: ; <at> echo $*=$($*)

It allows you to quickly get the value of any makefile variable. For example, suppose you want to know the value of a variable called SOURCE_FILES. You'd just type:

    make print-SOURCE_FILES

If you are using GNU make 3.82 or above it's not even necessary to modify the makefile itself. Just do

    make --eval="print-%: ; <at> echo $*=$($*)" print-SOURCE_FILES

to get the value of SOURCE_FILES. It 'adds' the line above to the makefile by evaluating it. The --eval parameteris a handy way of adding to an existing makefile without modifying it.

And a bit more at the below link

http://blog.jgc.org/2015/04/the-one-line-you-should-add-to-every.html


File under stupid, but handy, unix tricks

Marc
--
Freedom is nothing but a chance to be better.
--Albert Camus

The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries.
-- Winston Churchill

Do the arithmetic or be doomed to talk nonsense.
--John McCarthy
<div><div dir="ltr">the core is:<br><br>If you're using GNU make and you need help debugging a makefile then there's a single line your should add. And it's so useful that you should add it to every makefile you create.<br><br>It's:<br><br>&nbsp; &nbsp; print-%: ;  <at> echo $*=$($*)<br><br>It allows you to quickly get the value of any makefile variable. For example, suppose you want to know the value of a variable called SOURCE_FILES. You'd just type:<br><br>&nbsp; &nbsp; make print-SOURCE_FILES<br><br>If you are using GNU make 3.82 or above it's not even necessary to modify the makefile itself. Just do<br><br>&nbsp; &nbsp; make --eval="print-%: ;  <at> echo $*=$($*)" print-SOURCE_FILES<br><br>to get the value of SOURCE_FILES. It 'adds' the line above to the makefile by evaluating it. The --eval parameteris a handy way of adding to an existing makefile without modifying it.<div><br></div>
<div>And a bit more at the below link</div>
<div><br></div>
<a href="http://blog.jgc.org/2015/04/the-one-line-you-should-add-to-every.html">http://blog.jgc.org/2015/04/the-one-line-you-should-add-to-every.html</a><div><br></div>
<div><br></div>
<div>File under stupid, but handy, unix tricks<br clear="all"><div><br></div>
<div>Marc</div>-- <br><div class="gmail_signature">Freedom is nothing but a chance to be better.<br>--Albert Camus<br><br>The inherent vice of capitalism is the unequal sharing of blessings; the inherent virtue of socialism is the equal sharing of miseries. <br>-- Winston Churchill<br><br>Do the arithmetic or be doomed to talk nonsense.<br>--John McCarthy</div>
</div>
</div></div>
George Rosamond | 8 Apr 20:30 2015

[talk] NYC*BUG Tonight: Christos Z on Blacklistd

Wednesday, April 8
Blacklistd, Christos Zoulas
18:45, Stone Creek Bar & Lounge backroom: 140 E 27th St

Abstract

Today's systems expose multiple network daemons and are constantly
attacked by a fleet of zombie bots or determined attackers. Scanning
logs to determine if an attack is in place in order to modify a firewall
to block an attack is an adhoc inelegant solution. Blacklistd is a
daemon and a library interface that attempts to correct this problem.

Speaker Bio

Christos' first experience with Unix was in 1983 while studying at
Cornell. He currently maintains a few Unix programs (file, tcsh,
libedit, rdist6) and he contributes to many others. He is a board member
of the NetBSD Foundation and a recipient of the Usenix Lifetime
Achievement Award for contributions to the Unix operating system. His
day job is in Finance.
Mark Saad | 8 Apr 16:54 2015

[talk] Need ideas for a replacement SAS controller

Hi Talk
  I am looking for a SAS Raid card to swap in , in place of a dead
areca ARC-1680IX-24 PCIe x8 SAS RAID Card . The issue here is this card 
is attached to 20 disks in a 4U supermicro chassis.  I want to switch to 
a LSI Megaraid but I cant find any with 20 ports. The closest I found 
was this gem LSI MegaRAID SAS 9280-16i4e . It has 16 internal ports and 
4 external. Anyone have any recommendations. This is for a FreeBSD 10.1 
ZFS box. I dont need RAID just SAS to drive the 3G SAS disks.

--

-- 
Mark Saad | msaad <at> ymail.com
George Rosamond | 7 Apr 17:51 2015

[talk] OPNsense Added to NYC*BUG Mirrors

The New York City *BSD User Group (NYC*BUG) is proud to announce mirror
hosting for the OPNsense project. NYC*BUG is the first community hosted
mirror for OPNsense.

NYC*BUG maintains a mirror for a variety of BSD-related projects at
http://mirrors.nycbug.org.
George Rosamond | 6 Apr 17:28 2015

[talk] Ingo's mandoc meeting

We are really fortunate to have OpenBSD developer Ingo Schwarze coming
through NYC for a couple of days in June, and he's going to speak about
mandoc.

We will probably have two nights with him.

June 18, the Thursday, will be his meeting, and Friday, the 19th will be
a loose social event.

However, we need a good meeting space for the June 18 meeting.  Our
current location, Stone Creek, is booked.

If you have any ideas/leads let admin <at>  know.  Ideally the space does NOT
require RSVPs.

g

Gmane