LLDP daemon and tool committed to -current https://undeadly.org/cgi?action=article;sid=20250507045746

#antivaxxers

Move Back to Europe

A new website to help people migrate from US digital platforms to European ones

(Obs.: The people behind the site decided to recommend specific companies rather than give a list of alternatives for the person to choose from)

https://backtoeu.eu

#EuropeanAlternatives #BuyFromEU #BuyEuropean

Capitalism didn't give us the internet.

Large-scale cooperation, open protocols, and free software gave us the internet. Capitalism gave us mobile sites that don't work because fifteen ads cover the screen.

This is great!

https://www.youtube.com/watch?v=Wv7WVaoJJ0Y&ab_channel=Joseph%27sMachines

Fantastic post by @fimion.

At first I was like: Oh no, I guess I have to clean up my RSS reader because I certainly never subscribed to AI shilling blogs. Then I opened the post and had to laugh out loud.

https://alex.party/posts/2025-05-05-the-future-of-web-development-is-ai-get-on-or-get-left-behind/

@deadbeefdotmonster Love the beard!

Activist en hacker Rop Gonggrijp heeft een zorgwekkende boodschap: in Nederland laten wij niet écht tot ons doordringen hoe snel de Verenigde Staten afglijden in fascisme. ‘Ik weet niet wat er nu nog zou moeten gebeuren om ons tot actie over te laten gaan. Dat vind ik beangstigend.’

Lees hier het nieuwe verhaal van correspondent Maurits Martijn: https://corr.es/ddd074

A very welcome change in #OpenBSD -current that impacts software which restrict filesystem access with unveil(2), but permit access to /tmp (like web browsers). :flan_thumbs:​

ssh-agent(1) listener sockets and forwarded sockets in sshd(8) will now be under ~/.ssh/agent instead.

djm@ modified src/usr.bin/ssh/*: Move agent listener sockets from /tmp to under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8).

This ensures processes (such as Firefox) that have restricted filesystem access that includes /tmp (via unveil(3)) do not have the ability to use keys in an agent.

Moving the default directory has the consequence that the OS will no longer clean up stale agent sockets, so ssh-agent now gains this
ability.

To support $HOME on NFS, the socket path includes a truncated hash of the hostname. ssh-agent will by default only clean up sockets from the same hostname.

ssh-agent gains some new flags: -U suppresses the automatic cleanup of stale sockets when it starts. -u forces a cleanup without keeping a running agent, -uu forces a cleanup that ignores the hostname. -T makes ssh-agent put the socket back in /tmp.

feedback deraadt@ naddy@
doitdoitdoit deraadt@

#OpenSSH

80 jaar vrijheid. Zelden deed de herdenking me zoveel. Want hoe lang nog? En vrijheid voor wie dan?

“At no point did I approve Microsoft's terms of service, yet they now have a copy of all my e-mails. No idea in which jurisdiction or data center. Also, if you had asked me: I wanted zero Microsoft in my e-mail infrastructure — zero.”

When your mail gets migrated from under your ass.

https://blog.hartwork.org/posts/domainfactory-wtf-2025/

#OpenBSD -current has replaced its own aging (freedesktop.org compatible) pkg-config(1), originally written in Perl by ckuethe@, espie@ & jasper@, with the more modern and actively maintained pkgconf implementation.

tb@ modified src/usr.bin/pkgconf/*: import pkgconf 2.4.3

Our homegrown Perl-based pkg-config cannot cope with the giant DAGs [Directed Acyclic Dependency Graphs] arising in modern software, especially from the abseil-cpp and protobuf family. Waiting minutes for configure to complete in some ports is just awful.

Thus we're switching to the sanely-licenced, widely used pkgconf, which is actively maintained, written in a sensible dialect of C, and does not suffer from these performance issues.

Work that should happen in tree during this cycle:

• see what we want to do with our old manual and pkgconf's
• add pledge and unveil.

Initial work done by espie during or right after p2k23, support from many.
ok semarie

The old pkg-config implementation has now been unlinked from the build, but not yet removed from the tree.

tb@ modified src/usr.bin/Makefile: switch from pkg-config to pkgconf

leave the old pkg-config in the tree for now.

BSD Now 609: Toe-Dipping in Amsterdam

https://discoverbsd.com/p/e2c3f09fc3

David Gwynne (dlg@) has imported a new daemon to #OpenBSD -current, not yet linked to the build.

lldpd(8), a new LLDP (Link Layer Discovery Protocol) agent daemon.

This daemon uses the newly added AF_FRAME socket protocol type.

dlg@ modified src/usr.sbin/lldpd/*: lldpd(8): a daemon that acts as an LLDP agent on Ethernet interfaces.

lldpd uses the recently added AF_FRAME Ethernet sockets to listen for LLDP packets on all Ethernet interfaces in the system, and stores them so a lldp(8) client connecting to the control socket can fetch and display the packets.

AF_FRAME means we can avoid BPF for receiving LLDP packets, which has a couple of benefits.

firstly, BPF needs to look at all packets entering an interface so it can filter for the ones you're interested in, which is annoying for low packet/data rate protocols like LLDP. AF_FRAME is handled late in ether_input, and only after other protocols (like ip) are handled, so it's lower overhad compared to BPF listeners.

secondly, attaching a BPF filter to new interfaces relies on having access to and the privileges to open /dev/bpf, while AF_FRAME provides a wildcard listener that is able to receive LLDP from all interfaces on a single socket, like how binding to on 0.0.0.0 with an AF_INET socket let's you receive packets for all the IPs on your system from a single socket. lldp can create and configure this socket when it starts up just use it from then on. this means lldpd is simpler and needs fewer privileges to operate than if it went the BPF route.

at the moment lldpd only handles LLDP packet reception on all interfaces, you can't disable reception on interfaces yet. it also doesn't transmit LLDP packets (yet).

there is no intention of implementing any protocol other than LLDP in this daemon either.

ok djm@ deraadt@ general enthusiasm from many

#FOSS

Signal groeit flink, meer dan 2 miljoen gebruikers in Nederland! 🥳

👉 https://signalapp.nl/signal-app-nieuws/signal-meer-dan-2-miljoen-gebruikers-in-nederland/

#signal #signalapp #signalmessenger #whatsapp #privacy #nieuws #tech

Hi everyone at BSD Cafe,
I’d like to start by thanking everyone for being part of this community - your presence and support truly mean a lot!
This message will appear across all my BSD Cafe social accounts, as I’d like to make sure it reaches everyone. Apologies for the duplication, but I genuinely believe it’s important.

Lately, there have been some discussions and questions surrounding content moderation on our instance, and I wanted to take a moment to offer some clarity and reaffirm the spirit of our community.

As you know, BSD Cafe was founded as a space primarily focused on technology, with a special place for *BSD and open source. More importantly, though, I want it to be a positive, welcoming, and constructive place for everyone. Our community guidelines, especially principles like "Promote Positivity" and "Be Kind", are central to this vision.
I've seen questions arise, sometimes involving accusations of political censorship from different perspectives, regarding why certain posts might be moderated. I want to be very clear on this: My moderation approach focuses primarily on the tone and manner of communication, not the specific topic itself.
I don't intervene simply because a post discusses politics, a particular tech company, or any potentially divisive subject. I do step in when a post, regardless of the topic or the viewpoint being expressed, adopts a tone that is:
* Provocative or intentionally confrontational.
* Aggressive or disrespectful towards other users or groups.
* Overly negative without constructive intent.
* Contrary to our core principles of kindness and mutual respect.
This standard applies equally to everyone and every "side". If someone were to post something like "Users of X software are idiots", I would address that just as readily as any other topic presented in a hostile way, even if I personally dislike software X.
The goal isn't to "censor" opinions, but to preserve an environment where discussions, even critical ones, can happen civilly and respectfully, without descending into flame wars or personal attacks. We aim to be a space that is pro-constructive dialogue and pro-positivity, not anti-anyone.
BSD Cafe is our shared digital home. Let's continue working together to keep it a pleasant and rewarding place where we can share ideas, learn, and connect over our shared passions (tech and beyond!), feeling comfortable and respected.

Thank you sincerely for your understanding and for everything you contribute to making BSD Cafe a special community!
Let's keep building this positive space together.

#BSDCafe #Community #Moderation #Fediverse #InstanceAdmin #CommunityGuidelines #TechCommunity #Positivity #BeKind

Call for testing and comment: Make the installer prefer >1G disks https://www.undeadly.org/cgi?action=article;sid=20250502060000 #openbsd #installer #disks #storage #softraid #keydisks #partitioning #development #configuration

✨ The rebellion will be federated & self-hosted ✨

On Dec 5, 2024 I published this blog post https://elenarossini.com/2024/11/the-rebellion-will-be-federated/ on @ele@elenarossini.com

On Dec 17 I signed up for a #VPS.

On Dec 22 I installed #GoToSocial and began personalizing my little corner of the #Fediverse: @elena

On Jan 14 I installed #Pixelfed on my server: @ele@photos.elenarossini.com

Yesterday I installed #LinkStack on https://elena.social

All this feels really empowering and I wanna help others do the same! 🚀

#selfhosting #FOSS

@h3artbl33d Darn it..