Your message?

Notice: To avoid posts by spam, a message body without the word '#FuguIta' is rejected.
Please include the word in your message text.






Desktop environment demo of FuguIta

kaw? (2022-01-13 (Thu) 23:30:46)

I have created a desktop environment demo of FuguIta on a trial basis and uploaded it to the "test" directory of mirror servers.

How to use
Download the file FuguIta-7.0-amd64-202201101-demo.img.xz and write it to a USB flash drive with a size of 8GB or more.

xz -dc FuguIta-7.0-amd64-202201101-demo.img.xz | dd of=/dev/rsdXc bs=1m

When you boot from this USB stick, you will get a desktop environment without authentication.

You will need a minimum of 2GB of memory on your PC.
Installed applications are as follows

audacious-4.1p0 emacs-27.2p3-gtk3 evince-40.4-light firefox-95.0.1
libreoffice-7.2.1.2v0 noto-cjk-2.001 noto-emoji-20200408
noto-fonts-20171024 pv-1.6.6 rlwrap-0.43p0 rsync-3.2.3p0
vim-8.2.3456-gtk3 vlc-3.0.14p1 xfce-extras-4.16

Technical topics

  • non interactive boot with noasks file in d partition
  • automatic login with xenodm
  • additional mounting of a partition with /usr/fuguita/etc/fstab.tail file
  • automatic network configuration with gennetconfs utility and chnetconf utility (in /etc/rc.local)

Call for Testers - Major Changes in Distribution Images (amd64, LiveUSB)

kaw? (2021-12-26 (Sun) 00:49:48)

The FuguIta LiveUSB distribution image for the amd64 platform uses a disk partitioning method called "Hybrid MBR" to support both legacy BIOS and UEFI boot mechanisms.

This is a convenient method as it allows a single device to boot both legacy BIOS and UEFI, but it is a non-standard method and furthermore, the partition table is difficult to change later.

Therefore, I am planning to change the partitioning of the LiveUSB distribution image for amd64 platforms from Hybrid MBR to a regular MBR with a UEFI bootloader built in.

We currently have a test image uploaded to mirrors.

I would appreciate it if you could let me know if you can boot FuguIta LiveUSB using this image.

Based on the results, I would like to decide whether to change the format of the distribution image or not.

Reference: FuguIta's UEFI/GPT support


日本語デスクトップ環境構築の記事

kaw? (2021-12-21 (Tue) 00:54:01)

エンジニアの情報共有サイト Qiita に記事を投稿しました。

OpenBSDライブシステム「河豚板」の日本語デスクトップ環境を構築する
https://qiita.com/ykaw/items/ca008a34d73d5f1f6dd8

日本語デスクトップ環境に的を絞って説明していますので、網羅的な説明を行っている「河豚板ガイド」よりは見通しのよいものとなっていると思います。
また、FirefoxやLibreOfficeなどの日本語設定については、現行バージョン用の具体的な説明を行っていますので、この部分も有用かと思います。


How to use new network configuration tool

kaw? (2021-11-19 (Fri) 21:15:04)

#FuguIta's new network configuration tool, mentioned in the previous article, is currently being tested, but here is how to use it.

gennetconfs generates configuration files for your network. The configuration done when FuguIta is started is also done by this gennetconfs, so please follow the instructions below.

Usage: gennetconfs [-b] [-q] [config_name]
  -b: Suppress the display of banners
  -q: Suppress description of configuration items

If a config_name is specified, configuration files will be created in the directory /etc/netconfs/config_name . If it is not specified, it will be created in the current working directory. When you run gennetconfs, you will be prompted to enter various configuration values. If the prompt is

[foo] -> 

the default value is foo, and entering only ENTER will cause foo to be entered as the configuration value.

1. Entering the Host Name
Enter the host name with domain (FQDN: Fully Qualified Domain Name). You can omit the domain part if you do not need it, for example, when using it in a closed network.

Hostname with domain part (FQDN):
only host name without domain part is also OK.
-> fugu-demo.localnet


2. which IP protocol version to enable
The default is "64" (enable both IPv6 and IPv4, but give priority to IPv6 for name resolution).

IP protocol version(s) to be enabled: 4, 6, 46, 64 or "none"
  4: enable only IPv4
  6: enable only IPv6
  46: give priority to IPv4 name resolution
  64: give priority to IPv6 name resolution
  none: operate as standalone
[64] ->

If "none" is specified, the device will operate as a standalone device that does not use the network, and the configuration by gennetconfs will be completed.

3. Specifying the network interface
Next, a list of network devices will be displayed, and you need to specify only one device that you want to configure.

Network Interfaces: Choose one

  NIC	 type	   Name
-------- ----- ------------
    bge1 ether Broadcom BCM57766
    ure0 ether Realtek USB 10/100/1000 LAN
    run0 wifi  Ralink 802.11 n WLAN
[bge1] ->

The device that appears at the top of the list will be the default. If you specify a Wi-Fi device, you will be prompted to enter the SSID and encryption key.

[bge1] -> run0

Wi-Fi settings:
  SSID -> OUR-WIFI-NETWORK
  WPA Key -> OUR-WIFI-SECRET

If you press only ENTER with the WPA key, you will be prompted to enter WEP.

  WPA Key -> 
  WEP Key -> OUR-WEP-SECRET

If you press only ENTER with the WEP key, it means that you specify the connection without encryption.

4. IPv6 Settings
If you have enabled IPv6, the following configuration input will appear. Set the address to "auto" or manually, as described in the description. In most cases, "auto" will work. If "/prefixlen" is omitted, it is assumed that "/64" is specified.

IPv6 - address and routing:
  Enter "auto" or "IPv6_address[/prefixlen] [default_gateway]"
  "auto" is an automatic setting by SLAAC.
  The "/prefixlen" part can be an integer between 0 and 128.
  If there is no default gateway, set the second field to "none" or leave it blank.
[auto] ->


5. IPv4 Settings
If you have enabled IPv4, you will be prompted to enter the following settings: "auto" for DHCP, as described in the description; otherwise, set the address manually. If you omit "/mask", a netmask that seems appropriate will be assumed.

IPv4 - address and routing:
  Enter "auto" or "IPv4_address[/mask] [default_gateway]"
  "auto" is an automatic setting by DHCP.
  The "/mask" part can be specified in either format, such as "/255.255.255.0" or "/24".
  If there is no default gateway, set the second field to "none" or leave it blank.
[auto] -> 192.168.1.147/24 192.168.1.254


6. DNS Server Settings
If you have configured IPv4 or IPv6 addresses manually, you will be prompted to enter DNS server settings. If you want to communicate directly by specifying IP addresses, you do not need to use DNS servers, so enter only ENTER.

DNS servers: up to 3 IP addresses, separated by spaces
-> 192.168.1.253

Finally, configuration files reflecting the configuration values you have entered will be written to the directory "/etc/netconfs/config_name".

writing configured values:
  /etc/netconfs/default/myname
  /etc/netconfs/default/mygate
  /etc/netconfs/default/hosts
  /etc/netconfs/default/hostname.bge1
  /etc/netconfs/default/resolv.conf


gennetconfs only generates the configuration files, it does not activate the configuration values.
To activate the configuration values, use the chnetconf command. This chnetconf is also executed internally when FuguIta is started.

Usage: chnetconf [-d config_name| -r| -f config_name] | [config_name].
   -d: don't perform /etc/netstart, link/copy files only
   -r: reset all network interfaces
   -f: force reconfiguration even if current conf doesn't exist

chnetconf actually does the following.

  • clear the files in /etc that hold the current configuration
  • deactivate all network interfaces
  • After linking/copying the configuration files with the specified config_name under /etc/netconfs/config_name, run /etc/netstart to activate the network configuration

Using chnetconf, you can switch between multiple configurations generated by gennetconfs on the fly.


New network configuration tool for #FuguIta

kaw? (2021-11-16 (Tue) 13:24:17)

OpenBSD 7.0 has changed how IP addresses and DNS autoconfiguration works.

In response to this, FuguIta is pre-publishing a test version with changes to the network configuration part of the boot (= gennetconfs utility).

  • In the normal case, except for the hostname, the configuration items can be used with the default settings by simply entering the ENTER key.
  • The protocol version to be used is "64" (both IPv6 and IPv4 can be used. IPv6 has priority in name resolution) is now the default.
  • IPv6 and IPv4 can now be configured separately.

If you want to try the LiveUSB version, you can either remaster it from LiveDVD or use the fiupdate tool to update from the current version.

For more information about the changes in the tool, please refer to the CVS development repository, a copy of which is available on GitHub.


#FuguIta 7.0 ISO files

arfian? (2021-11-11 (Thu) 08:01:15)

I think it is a better idea when release a collection of new ISO we also provide the SHA256 or better SHA512 for better integrity and clarity.
Thanks...

  • SHA256 has been placed on each mirror site; MD5 will remain for a while for compatibility, as it is currently used by the update tool, fiupdate, to check for corrupted files. Currently, these files are only used to check for corruption of #FuguIta files, for example during download. To verify the legitimacy of the files, these message digests need to be signed with a private key and the public key needs to be distributed, but we are not prepared for that at this stage. This will be an issue for the future. -- kaw? 2021-11-12 (Fri) 16:50:54

I have found [ command.

m3th? (2021-11-07 (Sun) 05:41:01)

#FuguIta-7.0-amd64-202111011.img.gz

$ ls -l /bin/[
-r-xr-xr-x  2 root  bin  123320 Oct 17 13:25 /bin/[

$ /bin/[
[: missing ]
  • Curious! I have found same file other *BSD. Sorry for my post. #FuguIta -- m3th? 2021-11-07 (Sun) 12:30:46
  • /bin/[ is equivalent to /bin/test.
    Let's see their inode numbers and link counts.
    $ ls -li /bin/[ /bin/test
    16207 -r-xr-xr-x  2 root  bin  123320 Oct 17 22:25 /bin/[
    16207 -r-xr-xr-x  2 root  bin  123320 Oct 17 22:25 /bin/test
    And note that ksh has same built-in commands.

    In FuguIta's scripts, i.e. /boottmp/rc, /boottmp/usbfadm and so on, [ command is used frequently.

    #FuguIta -- kaw? 2021-11-07 (Sun) 18:59:08


Video/Audio transmission over VPN by FuguIta

kaw? (2021-11-02 (Tue) 15:43:48)

The plan

I received a request to send video and audio from a studio to a venue using IP transmission equipment for an event.

And there were two limitations to this job as follows.

1. a pair of IP transmission devices work well when directly connected, however, due to a problem with the web UI, we cannot change some of the settings, such as the IP address, which means that transmission over the Internet is impossible as it is.

2. We can change the settings of the edge router in the studio, but we don't know about the router in the venue. In other words, we cannot confirm whether we can set up port forwarding so that the Internet can communicate with hosts in the venue's network.

L2-Tunnel.png

To solve this problem, we decided to build a VPN between the studio and the venue, and connect the IP encoder in the studio to the IP decoder in the venue using Layer 2. Once the VPN line is established, communication is possible from either direction. And the two ends of the VPN can be thought of as being pseudo-directly connected by LAN cables.

Of course, we use OpenBSD and FuguIta to solve this kind of problem.
To build a VPN, WireGuard, or wg(4), which appeared in OpenBSD 6.8, seemed to be useful.
Using WireGuard in practice, we found that it was very easy to build a VPN circuit.

Settings for WireGuard at the studio site is as follows:

---- hostname.wg1 --------------------
wgkey PRIVKEY-OF-THIS-PEER
wgport 7501
wgpeer PUBKEY-OF-HIS-PEER wgaip 172.16.54.1/32 wgpka 0
inet 172.16.54.254 255.255.255.0
mtu 1380
up

The reason the wg number is 1 is to account for the possibility that other peers may connect in the future.
The reason why wgpka is 0 is because the Nat router on the other side is not forwarding the port, so keep alives will not occur.

Next, we look at the venue.

---- hostname.wg0 --------------------
wgkey PRIVKEY-OF-THIS-PEER
wgport 8501
wgpeer PUBKEY-OF-HIS-PEER wgendpoint 153.246.158.51 7501 wgaip 172.16.54.0/24 wgpka 5
mtu 1380
inet 172.16.54.1 255.255.255.0
Network.png

There was one more problem that we had to solve in using WireGuard.
That is, WireGuard is a Layer 3-only VPN.
This time, we want to connect the IP encoder and the IP decoder pseudo-directly, so we need to connect them on Layer 2.

Therefore, I now decided to use etherip(4) to flow Ethernet frames into WireGuard VPN.
This seemed to achieve our goal.

Here is the configuration of the physical devices on the studio side.
bge0 is connected to LAN, and axe0 to the video encoder.

---- hostname.bge0 ------------------
inet 192.168.1.193 255.255.255.0 NONE
up
---- hostname.axe0 ------------------
up

And here is the endpoint of the etherip tunnel.

---- hostname.etherip1 --------------
tunnel 172.16.54.254 172.16.54.1
up

Then we build a bridge(4) between the L2 endpoint and the physical device.

---- hostname.bridge1 ---------------
add etherip1
add axe0
up

Finally, we configure sysctls.

---- sysctl.conf --------------------
net.inet.ip.forwarding=1
net.inet.etherip.allow=1

The configuration of the venue side is almost the same as the studio side. Overall, the configuration is symmetrical.

---- hostname.msk0 ------------------
inet 192.168.1.193 255.255.255.0 NONE
---- hostname.axe0 ------------------
up
---- hostname.etherip0 --------------
tunnel 172.16.54.1 172.16.54.254
up
---- hostname.bridge0 ---------------
add etherip0
add axe0
up
---- sysctl.conf --------------------
net.inet.ip.forwarding=0
net.inet.etherip.allow=1

The Result

With the combination of WireGuard+EtherIP, we were able to transmit video and audio in good condition.

We transmitted a stream of about 25 Mbps on a line with a bandwidth of over 100 Mbps.

However, we found that the video and audio transmissions were very sensitive to fluctuations in the time axis.
In addition to the VPN line, we had an SSH connection for maintenance purposes, but when a certain amount of data was transmitted over this SSH line, the VPN packets would wait, causing the video to freeze for a short time.
In order to solve this problem, we will need to use pf(4) to control packet priority.
This will be an issue for next time.

Video encoder+VPN endpointVPN endpoint+Video decoder
pix-encoder.jpgpix-decoder.jpg
The venue
pix-venue.jpg

Lastly, I would like to discuss the benefits of using FuguIta.
At each stage of designing, building, and deploying a VPN, we had multiple network configurations and needed to quickly switch between them or migrate the configurations between devices. FuguIta's usbfadm and gennetconfs/chnetconf tools made it possible for us to do these tasks quickly.

  • Could you share your WireGuard's hostname.if(5) and pf.conf(5), for others to learn the setup? #FuguIta -- Alex? 2021-11-02 (Tue) 21:41:36
  • Okay Alex, wait please. #FuguIta -- kaw? 2021-11-02 (Tue) 22:47:07
  • added description for setup. pf.conf(5) doesn't have been modified. I left it default. #FuguIta -- kaw? 2021-11-03 (Wed) 12:04:43

English version of FuguIta Guide

kaw? (2021-11-02 (Tue) 11:41:34)

English translation of #FuguIta Guide is now available.
This was made possible by the generous effort of Alfredo Vogel.

I would like to express my gratitude to him for his great contribution.


FuguIta 7.0

vanitarium? (2021-10-27 (Wed) 20:54:43)

#FuguIta I had a kernel panic because it did not find the wifi firmware: it returned that firmware folder was empty. Maybe it is the wrong URL? #FuguIta
Correct URL is firmware.openbsd.org/

  • #FuguIta solved... dns name server error -- vanitarium? 2021-10-27 (Wed) 21:39:35

FuguIta 7.0

kaw? (2021-10-19 (Tue) 23:30:02)

#FuguIta-7.0-{i386,amd64} are currently under testing. They are available in the test directory of the download mirror.

We look forward to your trial reports.

  • Should I use /mnt/livecd-config/7.0/amd64/noasks or copy it in /mnt directory? #FuguIta -- m3th? 2021-10-31 (Sun) 03:57:29
  • #FuguIta : You should locate noasks at either /mnt or /mnt/livecd-config/7.0/amd64 . -- kaw? 2021-11-01 (Mon) 13:31:18

Translate and host user guide help

Vanitarium? (2021-09-13 (Mon) 18:46:22)

#FuguIta I am offering you to translate and edit the Japanese version into English and host it on my server. I can set it up as a wiki or a website. If you are happy with that let me know so I can let you proofread it and ok it.

  • Thank you #FuguIta for replying. I am working at it now -- Vanitarium? 2021-09-14 (Tue) 17:23:33
  • Thank you for starting to work on it. I'm sure it will be beneficial to many #FuguIta users.
    So please let me know when the translation is all done and ready for review.-- kaw? 2021-09-14 (Tue) 19:03:28
  • Thank you#FuguIta for replying.I am working at it now -- Vanitarium? 2021-09-14 (Tue) 23:41:06

login prompt

m3th? (2021-08-10 (Tue) 03:32:55)

Without typing anything, can I see the login prompt like OpenBSD?
This is my request. Without my help, mum can use Fuguita.

#FuguIta

  • That's exactly what I did for my mother. Please see the following tweets - https://twitter.com/yoshi_kaw/status/1206620780697505792

    To accomplish this, you need to

    1. boot #FuguIta normally and set up an operational environment.
    2. save that environment with usbfadm sync.
    3. set up this environment so that it is automatically loaded at boot time and automatically saved when it shutdown.

    In other words, this is to do everything described in the "Start Guide".

    This will allow you to get to the login prompt without any human interaction.

    In addition, by adding the DisplayManager.*.autoLogin entry in the /etc/X11/xenodm/xenodm.config file, you can start using X without a login prompt.
    For more information on this, see the online manual xenodm(1).

    -- kaw? 2021-08-12 (Thu) 06:04:43


The file layouts of FuguIta

kaw? (2021-05-25 (Tue) 12:41:15)

Now, I will try to describe the file layout structure of #FuguIta.

The first figure shows the file layout in boot mode 0 (Click the figure to enlarge).
As examples, the paths /bin/ed, /usr/bin/vi, and pkg_added /usr/local/bin/emacs are shown.

fi-filesys-mode0.png

The root file system is rd(4). This rd(ram disk) device is attached to the kernel and has been already mounted from the system boot time. Under the root, there is an unfamiliar directory called "boottmp". This is where you will find the commands needed at the very beginning of the system boot, and utilities specific to FuguIta.

The FuguIta device itself, a DVD or USB flash drive, which holds the boot loader, OS kernel, and file system images. It is mounted read-only on /sysmedia.

The filesystem image in /sysmedia is mapped to /dev/vnd4 and mounted on /fuguita. This is the OpenBSD file tree. This is pretty much as it should be, except for a few modifications to fit to the live system. Also, this is read-only. So no files can be created, modified, or deleted under it.

/ram is a memory file system called TMPFS (temporary file system), which is both readable and writable. Files that need to be modified, such as /etc/*.conf, your own data under /home/YOU, and the pkg_added program, are located on this. In addition, files that are rarely modified are replaced by symbolic links towards equivalent files in /fuguita. This will reduce the memory usage of TMPFS.


fi-filesys-mode1.png

Next is boot mode 1. This is the same as mode 0, but /usr is symbolically linked to /fuguita/usr. This makes the boot faster and uses less memory than mode 0 by not copying/linking /usr to /ram. However, /usr/local is not writable, so pkg_add is not possible.


fi-filesys-mode2.png

Finally, there is boot mode 2. This is much simpler than modes 0 and 1. Only / and /ram are mounted, and all external devices are unmounted. Of course, all files can be modified.


Note that usbfadm sync will only save the data that exists in /ram TMPFS at boot mode 0, 1, or 2.


How to change encrypt password

m3th? (2021-05-21 (Fri) 04:40:05)

Can I change password ?
Should I use newdrive command again?
I might lose data, if I mistake.

#FuguIta

  • Use bioctl command with -P option.
    https://man.openbsd.org/bioctl.8

    -- kaw? 2021-05-21 (Fri) 14:19:05

  • I changed password. Now, I can not reply 6.9 thread. I noticed that my /mnt/something directories are deleted when I reboot #FuguIta. Should I create them in /ram/home/m3th directory instead of /mnt -- m3th? 2021-05-23 (Sun) 03:31:35
  • According to hier(7), /mnt is "Empty directory commonly used by system administrators as a temporary mount point".
    usbfadm will only store files and directories that exist in tmpfs mounted in /ram. (excluding /tmp, which is also for temporary use).
    >Should I create it in the /ram/home/m3th directory instead of /mnt?
    Yes, I think that is the proper way. -- kaw? 2021-05-23 (Sun) 23:14:53


Former articles are at FuguIta/BBS/10.


Return to Top


Attach file: filepix-decoder.jpg 85 download [Information] filepix-venue.jpg 82 download [Information] filepix-encoder.jpg 79 download [Information] fileNetwork.png 86 download [Information] fileL2-Tunnel.png 82 download [Information] filefi-filesys-mode0.png 255 download [Information] filefi-filesys-mode1.png 253 download [Information] filefi-filesys-mode2.png 245 download [Information] filefi-filesys-mode0.fig 120 download [Information] filefi-filesys-mode1.fig 120 download [Information] filefi-filesys-mode2.fig 130 download [Information]
Reload  New Edit Freeze Diff Attach Copy Rename  Top Index Search Recent Backups  Help  RSS
Last-modified: 2022-01-13 (Thu) 23:40:05 (3d)