ideas
Matthew Dillon
dillon at apollo.backplane.com
Fri Jul 23 10:36:00 PDT 2004
:..................................................................
:
:1) Please choose the complete and official project name: "DragonFly",
:"DragonFly BSD" or "DragonFlyBSD" ?
:
:Browsing the website I see all of them and also "uname" is not what I've
:expected.
It's a matter of context. For programming purposes we just use
DragonFly. E.g. the compiler predef is __DragonFly__, not
__DragonFlyBSD__. Internally we just call it DragonFly.
But for publishing and 'nametag' purposes... any situation where
the target audience might not be familiar with what DragonFly
is, we tend to stick the 'BSD' onto the end to make it more
clear.
:..................................................................
:
:2) I think that it could be a good idea to include a package with (src tree +
:cvsup + cvsup.conf) in the ISO, so that you install it during the
:installation process and then you are ready to update the src tree with
:cvsup.
No, this would put us in the same situation that FreeBSD is in,
which is that the distribution is spread out over 4 CDs and getting
everything together and properly tested for a release takes four
times as long as it does for us.
But there are several other very good reasons to not include packages
(beyond the half dozen that the installer needs and things like cvsup),
ports, and source on a release-CD... the reasons are: (*) Because the data
becomes obsolete virtually the day after it is released and (*) Because
these days anyone capable of downloading the ISO is also going to have
sufficient network access to get the other pieces they want, (*) Because
we have to be more careful about our download bandwidth resources.
:..................................................................
:
:3) I think that it could a good idea providing privacy by default, using 750
:permissions for every user home directory.
I think this is simply inherited from FreeBSD. Real privacy is 700,
though. I wouldn't mind it if someone made that change to adduser.
:..................................................................
:
:4) If I'm not wrong DMA for CD drives is disabled by default. This means that
:the installation from the CD takes more time than it could. I think that
:setting somewhere in the installer sysctl hw.ata.atapi_dma="1" could improve
:the CD drive throughput and reduce the time needed.
As Joerg indicates, ATAPI DMA is fraught with compatibility issues and,
besides, I really doubt that that turning on DMA would make the CD go
any faster. CD transfer rates (even on 50x drives) are quite slow and
the real bottleneck is track seeking, which is ultra slow on any CD
drive.
:..................................................................
:
:5) I've read that some developers are working on amd64 platform. If I'm not
:wrong amd64 CPUs let you use the NX bit even in 32bit mode if they're used
:via PAE. I think this could be a good way to introduce a memory protection
:system, without waiting for a complete release for 64bit.
It is our intention to use the NX bit on both 32 and 64 bit platforms.
I don't know when it will happen, but it is definitely our intention.
We will not be doing segment tricks to get stack execution protection on
machines without NX, though.
:..................................................................
:
:6) I would strongly suggest to disable every network service by default.
:The better way is that the installer asks you what you want to enable (sshd,
:sendmail, ...) and if you don't select anything because you don't know, your
:box will be secure. Maybe.
Well, I think sendmail defaults to localhost mode by default. sshd should
probably be turned off on the disk installation by default but as with
a few other things on the CD we want it on for 'CD' boots to make it
easier for a sysop to boot a CD, slap in a root password with passwd on
the console, and login remotely via ssh.
:..................................................................
:
:7) Do you plan to use a different filesystem ID ?
:165 for FreeBSD, NetBSD, 386BSD
:166 for OpenBSD
Probably not, though perhaps our extended disklabel structure warrents
it.
:..................................................................
:
:8) Is there any plan to choose one packet filter as the official one ?
:PF, IPF or IPFW ?
:
:..................................................................
:
:Next time I'll write the rest ;-)
:
: Ed
We would like to consolidate on one packet filter, probably OpenBSD's.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
More information about the Kernel
mailing list