BSDnewsletter.com

   Front | Info | Lists | Newsfeeds | Study Guide | What is BSD? RSS  

BSD Links

· Advocacy
· Drivers
· Events
· Flavours
· FAQs
· Guides
· Programming
· Security
· Software
· User Groups

Taking MicroBSD for a test run

By Jeremy C. Reed

Well, I've been reading a little about MicroBSD. So I decided to quickly give it a try. This article talks about installing MicroBSD, what features make it special, troubles and successes I encountered, and the beauty of the BSD license.

So I retrieved the MicroBSD 0.5 ISO image and burned a CD. It appears that the MicroBSD webpages mention an upcoming or already existing 0.6 release. I was unsure and I didn't ask. (And I am confused over the many URLs I have found at hostfactory.net, wiretapped.us, and the three microbsd.{org,net,com} sites.)

Installing OpenBSD ... I mean ... MicroBSD 0.5

The CD booted fine and the system bootup and installation looked just like OpenBSD:
>> MicroBSD/i386 BOOT 1.29
boot>
Then when the kernel was done loading, a prompt read:
(I)nstall, (U)pgrade or (S)hell

I chose Install and was greeted with:

Welcome to the MicroBSD/i386 0.5 install program.
It also said it would be useful to have a calculator handy, the installation program can cause SIGNIFICANT data loss, and default answers are in brackets. So I proceeded with the install:
Cool! Let's get to it...

I chose the default VT220 terminal type and did not use the keyboard encoding table. Then I chose to not use the entire disk (that it detected). From a quick look at the fdisk and fdisk manual, it was just the same OpenBSD unintelligent fdisk (where a calculator would be handy). It is interesting to note that partition ID "A6" is called "MicroBSD".

It was useful in the installer that SHIFT-PAGE UP worked to scroll up. It looked like around seven screens were available in the scroll buffer.

I ended up choosing for the installer to use the whole disk. The next step was for the disklabel. It is more userfriendly; for example, it automatically gives defaults for start offsets.

Then when I quit out of disklabel, I chose "done" for no more disks to initialize and then chose "y" to proceed with creating filesystems.

After a few moments it was finished. And then I chose "y" to configure the network. It auto-detected my fxp0 ethernet interface. The questions were simple and easy, like:

Enter IP address of default route: [none]
Enter IP address of primary nameserver: [none]
Would you like to use the nameserver now? [y]
Then it asked if I wanted to escape to the shell to do further network configuration. I didn't.

Then I set the root password. And then I chose "c" for CD-ROM as the location of the install sets and pressed ENTER to use the detected cd0. I also chose the default 0.5/i386 path to the sets on the CD. Six sets were available and all were selected. I pressed ENTER for "done" and "y" to begin installing.

It showed the progress of getting the sets with percentage, kilobytes loaded, and the estimated time of completion. The sets were: base05.tgz 24961KB (37 seconds), etc05.tgz 1153KB (3 seconds), misc05.tgz 1649KB (2 seconds), comp05.tgz 17013KB (37 seconds), man05.tgz 5454KB (13 seconds) and bsd 4521KB (2 seconds). Then I chose default "n" for no more sets to extract.

Then I chose the default "y" for expecting to run the X Window System -- even though no X sets were installed. Then it copied the fstab, hostname.fxp0, hosts, myname, mygate, resolv.conf, and sysctl.conf files into place.

It prompted for my timezone and I chose the default again: "US/Pacific".

Then without asking it made the device nodes (which took about 40 seconds), installed the boot block, and unmounted the wd0a partition.

I was at a shell prompt and the install was finished:

CONGRATULATIONS! Your MicroBSD install has been successfully completed!
And it said to enter "halt".

But before restarting the system, I had a look around. The ramdisk was about 1.6 megabytes and it was around 85 percent full. the ramdisk had an empty /etc/ppp directory and a very short /etc/services file. It had various commands used for the installation and would also be useful for a very simple rescue CD. Some of the commands included: dhclient, mount_ext2fs, ping, ancontrol, egrep, ftp, gzip, and sed.

ksh and sh were one and the same. And it was enabled so the up arrow worked for history (emacs mode) and it had tab completion.

MicroBSD and OpenBSD sure are easy to install.

So I rebooted with the CD out.

What is MicroBSD?

The Freshmeat announcements for MicroBSD say it is a hardened, secure, and small OS for x86/Alpha/Sun/PPC platforms that provides services for firewalling, intrusion detection, VPN, SMTP, WWW, DNS, FTP and more.

Some of its special features include network port ACLs, POSIX 1e auditing controls and logging, logging of executed commands, restricted symlinks, ld.so environment stripping, binary integrity verification, mandatory access controls, filesystem level ACLs, application stack hardening and protection, and TCP/IP improvements.

Some of this is based on Stephanie for OpenBSD. It provides an additional layer of security. The Stephanie documentation via http://www.innu.org/~brian/Stephanie/ says untrusted users can no longer download an exploit, compile, and run it on your system by using the trusted path execution patches. The basic privacy security stops users from seeing information with ps(1) and w(1) for processes they don't own. The ld.so environment stripping stops ld.so from loading potentially malicious environment variables. It offers a few other features too.

And some of the other features are from the TrustedBSD research. The http://www.trustedbsd.org/ webpage says it provides various access control methods, system privilege management improvements, event auditing and system monitoring.

Continue reading to page 2:   Looking at MicroBSD and My Questions

September 16, 2013 11:24:29

Front | Information | Lists | Newsfeeds | Study Guide