it's really not comparable. SystemD is an init system (and you're conflating systemd with CGroups in Linux, which would be part of the kernel and not related to systemd at all) and a Hypervisor.
More comparable comparisons could be: bhyve for FreeBSD, xhyve for OSX, virtualbox for... everything. Or QEMU/KVM on Linux.
Perl's rand() is not a great way to generate values that should be unpredictable. It is seeded with only 4 bytes from /dev/urandom and is an LFSR like rand(3).
The consequence is that the range of possible passwords is probably smaller than was intended, and furthermore seeing previous passwords (or the random MAC) may help in predicting passwords. Of course without seeing their entire setup it's hard to say to what extent that is the case here.
Was thinking the same. Then remembered that OpenBSD's rand(3) actually returns result from arc4random() now. Then went to check and it seemed like Perl doesn't actually use rand(3) from libc? At least Perl's srand(N) and then rand() returned deterministic results, which shouldn't happen if it was using rand(3)...
Yes good point. I was careful not to say that perl actually uses rand(3) because I think it may not for portability reasons. Also, I think this may have changed at some point so might be different depending on perl version.
OpenBSD's carrying some local patches, Perl rand appears to be using the libc drand48(3) on OpenBSD, which uses arc4random_buf(3) internally, unless Perl srand is called, then it uses srand48_deterministic(3)? Not sure precisely as it's also using arc4random(3) directly to seed something.
This is slightly different from how it's handled outside the Perl software ecosystem, as all the srand* functions effectively became nops on OpenBSD in favour of strong random numbers, and userland ports had to be patched to use the deterministic variants if needed. I guess that would be hard with things like CPAN.
I have one of these instances (thanks Roman and team), and I have to say it's been a lot of fun re-acquainting myself with OpenBSD.
That said, I would consider this mostly a place for experimentation and hobby work, as I routinely am unable to connect or find that my VM has been unexpectedly rebooted.
Now THAT said, I think they are figuring things out, because the issues have been a lot less frequent since the big hard drive failure a month or so ago.
Anyway, if you want to learn you some OpenBSD, I highly recommend it as a place to experiment, and you help the OpenBSD community as well through their donation.
20 comments
[ 3.4 ms ] story [ 44.4 ms ] threadMore comparable comparisons could be: bhyve for FreeBSD, xhyve for OSX, virtualbox for... everything. Or QEMU/KVM on Linux.
But still. Docker is containers, vmm is full virtualisation.
Docker can be compared to FreeBSD jails, Solaris Zones or.. actually, cgroups in linux (for masochists).
The consequence is that the range of possible passwords is probably smaller than was intended, and furthermore seeing previous passwords (or the random MAC) may help in predicting passwords. Of course without seeing their entire setup it's hard to say to what extent that is the case here.
This module may be useful (it even uses the same alphabet by default): https://metacpan.org/pod/Session::Token
This is slightly different from how it's handled outside the Perl software ecosystem, as all the srand* functions effectively became nops on OpenBSD in favour of strong random numbers, and userland ports had to be patched to use the deterministic variants if needed. I guess that would be hard with things like CPAN.
https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648dd...
https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648dd...
https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648dd...
Looks like upstream Perl also uses drand48 from FreeBSD, with its own internal RNG. But I guess this can be overridden with build options.
I'd imagine something like pwgen would be better, but I doubt it matters here.
That said, I would consider this mostly a place for experimentation and hobby work, as I routinely am unable to connect or find that my VM has been unexpectedly rebooted.
Now THAT said, I think they are figuring things out, because the issues have been a lot less frequent since the big hard drive failure a month or so ago.
Anyway, if you want to learn you some OpenBSD, I highly recommend it as a place to experiment, and you help the OpenBSD community as well through their donation.
[1] https://mwl.io/nonfiction/os#ao2e