# Unbound unable to read root zone

After upgrading various ports on my FreeBSD system and days later a full world and kernel, a reboot showed me that unbound didn't start. The system reported that:

error: reading root hints
/usr/local/etc/unbound/named.cache 88: Empty line was returned


It turns out that from ldns 1.6.13 to 1.6.14 there is an API change that caused problems for unbound. After upgrading ldns you also need to recompile unbound to pick up on these changes. If you do not, you will run into the problem above.

# FreeBSD and pkgng

I am really impressed with pkgng. On the mebsd website there's a handy explanation and tutorial that's really worth reading to get up to speed.

# FreeBSD, p0f, and USB pcap

If, like me, you had a working FreeBSD system with amavisd-new and p0f set up, you might find that p0f suddenly stopped working at some point. The cause for this is that it tries to use pcap on the USB bus, which it cannot do. The solution is to put hw.usb.no_pf=1 in your /boot/loader.conf.

# Mercurial 1.7, cacerts, and FreeBSD

So with recent Mercurial 1.7 releases HTTPS support was tightened, so you are bound to encounter a warning in the form of: warning: bitbucket.org certificate not verified (check web.cacerts config setting).

Now, http://mercurial.selenic.com/wiki/CACertificates there are details on what to configure for certain operating systems. Given I use FreeBSD, I altered my $HOME/.hgrc as follows: [web] cacerts = /etc/ssl/cert.pem For OpenBSD this should be in the same place since release 3.8. But apparently NetBSD does not have such a file in base. # Slow Terminal with xfce, alpha channel issues I recently switched to using xfce on my FreeBSD desktop. Window Maker is nice but it was starting to feel a bit dated. Thus far I like xfce, but I had one problem with Terminal. Whenever I tried to resize it or switch desktops to one with Terminal open in it I could see it painstakingly render the window. Xterm and aterm didn't exhibit this behaviour, my 3d was accelerated, and other screen drawing didn't show problems either (do note I am using NVIDIA's binary driver for my GeForce 8800, the nv driver from X.org is unusable at this point). Someone pointed me at the environment variable XLIB_SKIP_ARGB_VISUALS=1. Once added to .zshenv, properly exported on my shell and an X restart later I find Terminal to zoom along as expected. It turns out that the NVIDIA driver doesn't properly accelerate alpha channels. # src.conf on FreeBSD 7 for the average installation If we consider common available technology and the average use of a FreeBSD installation as desktop or server then I think these are sensible defaults for /etc/src.conf under FreeBSD 7. WITHOUT_ATM=yes  How many of you run ATM to your FreeBSD box? WITHOUT_BIND_DNSSEC=yes WITHOUT_BIND_ETC=yes WITH_BIND_LIBS=yes WITHOUT_BIND_MTREE=yes WITHOUT_BIND_NAMED=yes  Do you really need a full installation of BIND on your machine? In most cases you simply need a caching, recursive resolver. For this just install unbound (found in ports/dns/unbound). Do note that I did not specify WITHOUT_BIND_UTILS so tools like dig and nslookup will still be installed. Only if you need an authoratative nameserver might you want BIND. On the other hand, you might prefer to install NSD (ports/dns/nsd). WITHOUT_BLUETOOTH=yes  Most systems will probably not use Bluetooth at all. WITHOUT_I4B=yes  Do you even use ISDN? WITHOUT_IPFILTER=yes  Most people I know use either ipfw or pf, so little need for ipf. WITHOUT_IPX=yes  You seriously still use IPX? Even NetWare is IP-native nowadays. WITHOUT_NIS=yes  I would hope most systems are using some sort of LDAP lookup nowadays. NIS seriously doesn't scale. WITHOUT_SENDMAIL=yes  Given the ease of configuring Postfix, why would one want to bother with the archaic syntax of Sendmail? It has served faithfully for many, many years, but its design and configuration are archaic. # And while we're at it According to [a post by Keith Packard on the Linux kernel mailinglist](http://marc.theaimsgroup.com/?l=linux-kernel&m=115536806403908&w=2 "Re: Announcing free software graphics drivers for Intel i965"): This module contains stuff which Intel can't publish in source form, like Macrovision register stuff and other trade secrets. It's optional, so if you don't want to use a binary module, you don't get to use code written by Intel agents for these features. And, we also haven't figured out how and when to release this binary blob, so there's no way you can use it today. The driver remains completely functional in the absense of the binary piece, and in fact has no reduction in functionality from previous driver releases.  So much for that idea eh? # screen, 256 colours and termcap mixed with PuTTY and FreeBSD I have a 256 colour xterm set up on my DragonFly box. Works perfectly. Especially for vim. Now, I use FreeBSD 5.x as a gateway box to ssh into and have irssi and likewise programs screened. Now, I was surprised to learn that I had only 16 colours. Outside of screen I had a full 256 colour palette (make sure to fix your PuTTY configuration by the way), but inside I was stripped of my colour scheme. So I set off to find what was causing this. Interestingly enough one of the first emails encountered was from Jeremy Chadwick who had the exact same problem. Turns out that screen needs to be compiled with 256 colour support (a knob should be in your ports Makefile now). Since FreeBSD's and DragonFly's termcap is bereft of any 256 colour definitions for xterm apparently, you need to add the following to$HOME/.screenrc:

termcap xterm* 'Co#256:AB=E[48;5;%dm:AF=E[38;5;%dm'
terminfo xterm* 'Co#256:AB=E[48;5;%p1%dm:AF=E[38;5;%p1%dm'

This overrides your termcap settings with the appropriate definitions.

If you now start screen from a shell that has TERM exported as xterm or xterm-color (xterm* wildcard actually) it will fork off to a screen with 256 colour support.

You might need this in \$HOME/.vimrc:

if &term =~ "xterm" || &term =~ "screen"
set t_Co=256
if has("terminfo")
let &t_Sf=nr2char(27).'[3%p1%dm'
let &t_Sb=nr2char(27).'[4%p1%dm'
else
let &t_Sf=nr2char(27).'[3%dm'
let &t_Sb=nr2char(27).'[4%dm'
endif
endif

# strmode() function declaration buglet fixed

Was converting files to proper ANSI C function declarations and a user tripped over the fact that old 4.4 BSD's function prototype of strmode() had int as a parameter, whereas it has been mode_t for a long, long time (read 1994 at least).

This broke buildworld of course.

NetBSD is fixed (as was to be expected to be honest).

And OpenBSD made the parameter int everywhere with a XXX comment in the strmode.c file that it should be mode_t actually. Weird.