Date: Mon, 27 May 2019 17:47:47 -0700 From: Enji Cooper <yaneurabeya@gmail.com> To: rainer@ultra-secure.de Cc: cem@freebsd.org, voidanix@420blaze.it, freebsd-current <freebsd-current@freebsd.org>, owner-freebsd-current@freebsd.org Subject: Re: Disabling COMPAT_FREEBSD4/5/6/7/9 as a default kernel option Message-ID: <3E7C1D63-996E-4AA0-A0A4-455B996BB9D6@gmail.com> In-Reply-To: <2d16a2a9ac5c090f196674d40d0cb398@ultra-secure.de> References: <ff7bfe10b7953d066e0f087b8d422b89@420blaze.it> <eaaf7d3d03dbbee0bebd2769d25fcd54@ultra-secure.de> <CAG6CVpXEixt1Y%2BLAGmKBGRzo3i%2BKYxwSLzh24eLyxtb54Fj_Tw@mail.gmail.com> <2d16a2a9ac5c090f196674d40d0cb398@ultra-secure.de>
next in thread | previous in thread | raw e-mail | index | archive | help
> On May 27, 2019, at 08:27, rainer@ultra-secure.de wrote: >=20 > Am 2019-05-27 17:05, schrieb Conrad Meyer: >> Hi Rainier, >> On Mon, May 27, 2019 at 7:47 AM <rainer@ultra-secure.de> wrote: >>> I have a 32bit FreeBSD 6 binary that I'll need for a bit until the >>> department who is technically responsible for the service gets around >>> redoing that service. >> Even if this proposal is approved, it would only affect 13+. You >> could still run your FreeBSD 6 binary in a 32-bit 12 VM in a 13+ >> Bhyve. But do consider lighting a fire under whatever department >> thinks it's ok to deploy like that :-). >> Take care, >> Conrad >=20 >=20 > I thought so, too. >=20 > I don't really want to run the abandonware of a RADIUS-server any longer t= han necessary (as absurd as that sounds). >=20 > It's also running a recursive nameserver (previously also authoritative) t= hat is still hard-coded in CPE and computers behind firewalls. >=20 > I first wanted to virtualize it (it's not a big problem) - but this way th= e problem is just dragged out: "But it still works, does it and we have no t= ime". >=20 > Everybody now knows that the clock is ticking, literally. >=20 > Oh, I also remember George Neville-Neil talking about a - what - FreeBSD 4= binary that a certain search-engine had lost the sources for and was runnin= g on FreeBSD 7 with compat4. > (We also have a client who literally begged us to leave a decade-old Solar= is box running through 2019 and half of 2020 so they could continue to do th= eir bookkeeping on a home-grown java-app that I suspect they, too have lost t= he sources to...). It's running jdk15 and getting that thing to run under an= ything semi-decent doesn't seem to have worked-out too well. > So, people pray for the best and don't prepare for the worst. >=20 >=20 > Other stuff I can think of: > - very old Netbackup-Clients (like 5-series), though I doubt they still wo= rk on recent releases, because 7.71 (last official version and intended for = FreeBSD 11) stopped working on FreeBSD12, sadly) > - certain pre-compiled VMWare Tools Modules? Pre open-source-tools (I can n= ever make up my mind if it's VMWare-open-Tools or Open-VMWare-Tools or somet= hing different) >=20 >=20 > What ever people do with COMPAT4-9 - it's bordering the pathological. I=E2=80=99ll counter the OP=E2=80=99s suggestion a bit: It would be nice if the compat options were modularized and printed out an E= OS warning when loaded, so the user was aware that the modules are not suppo= rted by FreeBSD, in terms of security and whatnot. Thanks! -Enji=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E7C1D63-996E-4AA0-A0A4-455B996BB9D6>