siideynta bilaashka ah, nidaamka qalliinka ee UNIX u eg . Mashruuca OpenBSD waxaa aasaasay Theo de Raadt 1995, ka dib iyada oo la socota horumarinta NetBSD, taas oo keentay in Teo loo diido inuu galo kaydka NetBSD CVS. Taas ka dib, Theo de Raadt iyo koox isku mid ah ayaa abuuray nidaam cusub oo furan oo ku salaysan geedka NetBSD, kuwaas oo ahdaafta ugu muhiimsan ee la qaadi karo ( 13 aaladaha aaladaha), jaangooyada, hawlgalka saxda ah, amniga firfircoon iyo aaladaha cryptographic isku dhafan. Cabbirka rakibaadda buuxa Nidaamka saldhigga ee OpenBSD 6.5 waa 407 MB.
Marka lagu daro nidaamka qalliinka laftiisa, mashruuca OpenBSD wuxuu caan ku yahay qaybihiisa, kuwaas oo ku faafay nidaamyada kale waxayna isku caddeeyeen inay yihiin mid ka mid ah xalalka ugu amniga iyo tayada sarreeya. Iyaga ka mid ah: ( OpenSSL), , filter baakad , daemons-ka wadida , NTP server , mail server , text terminal multiplexer (la mid ah shaashadda GNU) , daemon Iyadoo la fulinayo nidaamka aqoonsiga, beddelka BSDL ee xirmada guud ee GNU - , borotokoolka abaabulka nidaamyada u-dulqaadashada khaladaadka CARP , utility synchronization file .
Waxaa ka mid ah isbeddelada ugu caansan: nooca la qaadan karo ee bgpd ayaa la soo bandhigay, oo loo habeeyay inuu ka shaqeeyo OS-yada kale, adeegsiga Xenocara iyo mudnaanta xididka tcpdump waa la tirtiray, xiriiriyaha LDD wuxuu awood u leeyahay si toos ah amd64 iyo i386, taageerada MPLS waa la joojiyay. si weyn ayaa loo hagaajiyay, waxaana la xoojiyay ka hortagga ka faa'iidaysiga farsamooyinka dib-u-socodka ah.Barnaamijka oriented (ROP) , ka ugu fudud ee DNS server unwind ayaa lagu daray, dabeecad aan la qeexin ayaa lagu dhex daray kernel-ka, iyo hirgelinta noo gaar ah ee utility rsync ayaa lagu daray. la soo bandhigay.
Main :
- Marka la dhisayo amd64 iyo i386 naqshadaha, iskuxiraha LDD ee uu sameeyay mashruuca LLVM ayaa si caadi ah loo isticmaalaa. Qaab dhismeedka mips64, taageerada dhismaha isticmaalka Clang ayaa lagu daray;
- Dareewalada pvclock cusub ee saacada KVM paravirtualized iyo ixl ee Intel Ethernet 700. Dareewalka uaudio waxaa lagu bedelay hirgelin cusub oo taageero u ah USB Audio 2.0.
- Waxqabadka la hagaajiyay ee darawalada aaladaha wireless-ka bwfm, iwn, iwm iyo athn. Taageerada farriimaha RTM_80211INFO ayaa lagu daray xirmada bilaa-waayirka ah si loogu gudbiyo macluumaadka gobolka interface faahfaahsan ee amarrada dhclient iyo jidka. Dabeecadda aamusnaanta ah marka lagu xidho shabakadaha wireless waa la bedelay - haddii aad leedahay liiska isku-xidhka otomaatiga ah, OpenBSD mar dambe kuma xirna shabakadaha furan ee aan la garanayn (si loo soo celiyo habdhaqankii hore, waxaad ku dari kartaa shabakad madhan liiska);
- Xirmada shabakadu waxay soo bandhigaysaa bpe cusub (Bixiyaha Bixiyaha Laf-dhabarka) iyo mpip (MPLS IP lakabka 2) darawalada qalabka beenta ah. Taageero lagu daray habaynta xayndaabyada dariiqa beddelka ah ee is-dhexgalka MPLS. Darawalka vlan waxa loo sahlay in uu ka gudbo habaynta safka oo uu si toos ah ugu soo saaro is dhexgalka shabakada waalidka. Habka txprio oo lagu daray ifconfig si loo xakameeyo codaynta mudnaanta ee madaxyada baakadaha tunneled (oo lagu taageeray darawallada vlan, gre, gif iyo etherip);
- Hirgelinta shaandhada bpf, waxay suurtogal noqotay in la isticmaalo habka dhibicda iyada oo aan la qabsan xirmooyinka. Habkan waxa loo isticmaalaa tcpdump si loo shaandheeyo heerka bilowga ah ee baakidhka uu helayo qalab;
- Ku rakibuhu wuxuu bixiyaa taageero si loogu daro sawir saxan kernel RAMDISK Xaqiijiyay ka saarida qaybo ka mid ah siidaynta hore inta lagu guda jiro habka cusboonaysiinta;
- Wacitaanka nidaamka oo la hagaajiyay , kaas oo bixiya nidaamka faylalka gelitaanka go'doon. Nooca cusub wuxuu ku darayaa ogaanshaha tabarrucyada marka loo eego hagaha shaqada ee habka hadda socda marka la kala saarayo waddooyinka qaraabada ah. Isticmaalka xogta iyo gelitaanka qaybaha dariiqyada faylka xaddidan waa mamnuuc. Codsiyada ospfd, ospf6d, rebound, getconf, kvm_mkdb, bdftopcf, Xserver, passwd, spamlogd, spamd, sensorsd, snmpd, htpasswd iyo haddii la sheego, ilaalinta isticmaalka daah-furka ayaa la hirgeliyay;
- Clang waxa uu hagaajiyay qalabka lagu joojinayo isticmaalka farsamooyinka barnaamijka dib u soo celinta (ROP), kaas oo si weyn hoos ugu dhigay tirada qalabka polymorphic ee laga helay faylalka la fulin karo ee i386 iyo amd64 architectures;
- Clang wuxuu hagaajiyay waxqabadka iyo amniga marka la isticmaalayo
habka ilaalinta , loogu talagalay in lagu adkeeyo fulinta ka faa'iidaysiga la dhisay iyadoo la isticmaalayo qaybo ka mid ah koodhka amaahda iyo farsamooyinka barnaamijka dib u soo celinta. Si loo dedejiyo hawlgalka, xogta waxaa lagu dhejiyaa diiwaanka halkii la isku dhejin lahaa mar kasta oo ay suurtogal tahay, iyo kaydiyaha processor-ka ayaa si hufan loo isticmaalaa marka la soo laabanayo. RETGUARD ayaa sidoo kale hadda loo istcimaalaa meeshii ilaalinta xirmooyinka dhaqameed ee nidaamka amd64 iyo arm64; - Utility-ka laxidhiidha xirmada shabakada waa la hagaajiyay: Taageerada shaandhaynta baakadaha MPLS ayaa lagu daray pcap-filter. Awooda lagu hagayo mudnaan marineedka ayaa lagu daray ospfd, ospf6d iyo ripd. IN
jeexjeex ku daray habka ilaalinta ku salaysan . Waxaa lagu daray qaababka sff iyo sffdump si loo helo macluumaadka ogaanshaha ee gudbiyaasha indhaha; - Siideynta ugu horeysa ee xalinta cusub ayaa la soo bandhigay , kaas oo ka baaraandegaya weydiimaha DNS ee soo noqnoqda oo aqbala xidhiidhada kaliya interface 127.0.0.1.
Unwind waxaa loogu talagalay in loogu isticmaalo nidaamyada macmiilka, sida laptops-yada, isaga oo u kala gooshaya shabakadaha kala duwan ee wireless-ka. Haddii ay ogaato xannibaadda taraafikada DNS ee shabakadda maxalliga ah, ka fur furaha adeegsiga cinwaanka server-ka DNS ee soo noqnoqda ee lagu wareejiyo DHCP, laakiin waxay sii waddaa inay isku daydo inay si madaxbannaan u xalliso isla marka codsiyada tooska ah ay bilaabaan inay gudbaan, waxay ku soo noqotaa si madaxbannaan Adeegayaasha DNS; - Bgpd gudaheeda, shaqo ayaa la qabtay si loo dhimo isticmaalka xusuusta, hab fudud oo fududeeya qawaaniinta ayaa lagu daray (isku daray xeerarka shaandhaynta ee ku kala duwan kaliya shaandhada), habka qaabaynta BGP MPLS VPN waa la bedelay, taageerada IPv6 BGP MPLS VPN ayaa lagu daray , iyo "as-override" shaqeynta ayaa la hirgeliyay si loogu beddelo deriska AS si loo beddelo AS gudaha waddooyinka, lagu daray awoodda lagu waafajinayo dhowr bulsho oo hal xeer ah, lagu daray astaamo cusub oo isbarbardhigaya "*", "maxalli-sida" iyo "deris -as", shaqada la wanaajiyay oo leh xeerar waaweyn, ayaa lagu daray amaro cusub oo lagula shaqeynayo kooxaha deriska ah nidaamyada ismaamulka ("bgpctl group deriska", "bgpctl show kooxda deriska", "bgpctl show kooxda deriska ah"), awoodda lagu daro shabakadaha Miisaska BGP VPN ayaa lagu daray bgpctl. Markii ugu horeysay, nooca la qaadi karo ee OpenBGPD-la qaadi karo ayaa la diyaariyey, diyaar u ah inuu ka shaqeeyo nidaamyo aan ahayn OpenBSD;
- Doorashada lagu daray si loo ogaado kiisaska dabeecadaha aan la qeexin ee ku jira kernel OpenBSD.
- Utility tcpdump wuxuu si buuxda u baabi'iyaa isticmaalka mudnaanta xididka;
- Waxqabadka malloc ee la hagaajiyay ee codsiyada badan ee xadhigga;
- Nooca hore ee barnaamijka ayaa lagu daray halabuurka iyada oo hirgelinteeda gaarka ah ee utility synchronization file rsync;
- Nooca server-ka boostada ee OpenSMTPD waa la cusboonaysiiyay, kaas oo isbarbardhigga cusub ee "rdns" lagu daray smtpd.conf, kaas oo kuu ogolaanaya inaad doorato fadhiyo ku salaysan xallinta DNS-ka (go'aaminta magaca martida loo yahay ee IP). Markaad raadineyso shaxanka, awoodda isticmaalka tibaaxaha caadiga ah ayaa lagu daray;
- Xirmada OpenSSH 8.0 waa la cusboonaysiiyay, dulmar faahfaahsan oo ku saabsan hagaajinta ayaa la heli karaa ;
- Xirmada LibreSSL waa la cusboonaysiiyay, dulmar faahfaahsan oo ku saabsan hagaajinta ayaa laga heli karaa ogeysiisyada sii deynta ΠΈ ;
- Mandoc waxa uu si weyn u wanaajiyay wax soo saarka HTML, waxa uu hagaajiyay samaynta miiska, waxa uuna ku daray calan "-O" si uu u furo bog leh qeexida ereyga la cayimay;
- Awoodaha xirmooyinka garaafyada ee Xenocara waa la ballaariyay: server-ka X uma baahna in lagu rakibo calanka setuid si uu u shaqeeyo. Darawalka radeonsi Mesa waxaa ka mid ah taageerada dardargelinta qalabka ee Jasiiradaha Koonfureed (Radeon HD 7000) iyo Jasiiradaha Badda (Radeon HD 8000) GPU-yada;
- Dekadaha C++ ee dhismeyaasha aysan taageerin Clang ayaa hadda laga soo ururiyay GCC ee dekedaha. Tirada dekedaha ee naqshadaha AMD64 waxay ahaayeen 10602, aarch64 - 9654, loogu talagalay i386 - 10535. Codsiyada ku yaal dekedaha, kuwan soo socda ayaa lagu xusay:
- Asterisk 16.2.1
- Audacity 2.3.1
- Samee 3.10.2
- Chromium 73.0.3683.86
- FFmpeg 4.1.3
- GCC 4.9.4 iyo 8.3.0
- GNOME 3.30.2.1
- Tag 1.12.1
- JDK 8u202 iyo 11.0.2+9-3
- LLVM/ Clang 7.0.1
- LibreOffice 6.2.2.2
- Lua 5.1.5, 5.2.4 iyo 5.3.5
- MariaDB 10.0.38
- Daanyeer 5.18.1.0
- Mozilla Firefox 66.0.2 iyo ESR 60.6.1
- Mozilla Thunderbird 60.6.1
- Node. 10.15.0
- FurLDAP 2.3.43 iyo 2.4.47
- PHP 7.1.28, 7.2.17 iyo 7.3.4
- Postfix 3.3.3 iyo 3.4.20190106
- PostgreSQL 11.2
- Python 2.7.16 iyo 3.6.8
- R 3.5.3
- Ruby 2.4.6, 2.5.5 iyo 2.6.2
- Miridhku 1.33.0
- Soo dir 8.16.0.41
- SQLite3 3.27.2
- Meerkat 4.1.3
- Tcl/Tk 8.5.19 iyo 8.6.8
- TeX Live 2018
- Vim 8.1.1048 iyo Neovim 0.3.4
- Xfce 4.12
- Qaybaha saddexaad ee lagu daray OpenBSD 6.5:
- Xirmooyinka sawirada Xenocara oo ku salaysan X.Org server 1.19.7 oo leh patches, freetype 2.9.1, fontconfig 2.12.4, Mesa 18.3.5, xterm 344, xkeyboard-config 2.20;
- LLVM/ Clang 7.0.1 (oo leh balastar)
- GCC 4.2.1 (oo leh balastar) iyo 3.3.6 (lambarro leh)
- Perl 5.28.1 (oo leh balastar)
- NSD 4.1.27
- Furan 1.9.1
- Nacalada 5.7
- Binutils 2.17 (oo leh balastar)
- Gdb 6.3 (oo leh balastar)
- Awk Aug 10, 2011
- Baahinta 2.2.6
Source: opennet.ru