Saint Aardvark writes
If, like me, you administer FreeBSD systems, you know that (like Linux) there is an embarrassment of riches when it comes to filesystems. GEOM, UFS, soft updates, encryption, disklabels — there is a *lot* going on here. And if, like me, you're coming from the Linux world your experience won't be directly applicable, and you'll be scaling Mount Learning Curve. Even if you *are* familiar with the BSDs, there is a lot to take in. Where do you start? You start here, with Michael W. Lucas' latest book, FreeBSD Mastery: Storage Essentials. You've heard his name before; he's written Sudo Mastery (which I reviewed previously), along with books on PGP/GnuPGP, Cisco Routers and OpenBSD. This book clocks in at 204 pages of goodness, and it's an excellent introduction to managing storage on FreeBSD. From filesystem choice to partition layout to disk encryption, with sidelong glances at ZFS along the way, he does his usual excellent job of laying out the details you need to know without every veering into dry or boring. Keep reading for the rest of Saint Aardvark's review.
FreeBSD Mastery: Storage Essentials
author
Michael W. Lucas
pages
240
publisher
Tilted Windmill Press
rating
9/10
reviewer
Saint Aardvark
ISBN
0692343202
summary
FreeBSD Mastery: Storage Essentials takes you on a deep dive into FreeBSD’s disk management systems.
Not for new users of FreeBSD
By dmoen
•
2015-Jan-19 15:46
• Score: 3
• Thread
Now that ZFS is the default operating system for new installs of FreeBSD 10.x, it sounds like this book documents a lot of hard won technical insights that have been made obsolete by ZFS. Why would I configure RAID 10 for UFS when ZFS provides superior data protection? And so on. It's probably useful for people who have parachuted in and now must maintain a legacy FreeBSD system. It doesn't sound particularly useful for someone who is migrating from Linux to FreeBSD right now, since this is all about how people *used* to configure FreeBSD storage.
Re:Not for new users of FreeBSD
By agshekeloh
•
2015-Jan-19 15:48
• Score: 4, Informative
• Thread
ZFS is NOT the default in FreeBSD 10. UFS is still the standard.
(I try not to comment on reviews of my books, but a technical statement merits a technical answer.)
==ml
UFS vs ZFS
By agshekeloh
•
2015-Jan-19 16:03
• Score: 5, Informative
• Thread
PC-BSD is built atop FreeBSD, but it's unquestionably a different thing than FreeBSD.
There are reasons to use ZFS, and other reasons to use UFS. Sometimes you really DO want UFS on raid-10. It depends entirely on the workload.
UFS has been around for decades now. I can't say it's bug free--nothing is--but most of the code paths have been quite well exercised. ZFS is newer and more complex than UFS, and more actively developed.
UFS is likely to remain the default in mainstream FreeBSD, for licensing reasons if nothing else.
Re:204 pages or 240? - both are correct
By agshekeloh
•
2015-Jan-19 16:11
• Score: 4, Informative
• Thread
The book contains 204 numbered pages. Add in the index, Table of Contents, preface, copyright page, etc, and it hits 240 pages.
I did not do this in an effort to screw with people.
Had it occurred to me beforehand, however... yeah, I would have totally done that to screw with people.
==ml
Re:What a crock
By mlts
•
2015-Jan-19 16:15
• Score: 4, Interesting
• Thread
In real world cases, this scenario happens:
1: Person loses their laptop/USB flash drive/storage media.
2: Someone finds it and examines it, or hands it to someone who can.
3: Stuff is found on there.
4: Front page news.
Just by having some form of disk encryption, preferably something that protects the entire machine (like geli)... that adds a large amount of security. A lost laptop goes from being a major corporate panic to becoming "just" a hardware loss, especially if the laptop has some mechanism like a removable USB flash drive or a TPM chip (which locks out for longer times the more failed guesses are attempted), and not just a passphrase that can be brute forced.
For most people, encryption is a no brainer. Turn it on, set a passphrase, forgot about it, except when after a reboot.
Now when people start mentioning rubber hose decryption (xkcd.com/538), this is generally not something everyone faces. However, there are other tools for that for plausible deniability, such as TC and its successors.
FDE encryption on a laptop that goes places should be considered a must, regardless of OS. Laptops and external media need some protection, and in most cases, the thief will boot the laptop up, see a FDE prompt, shrug, format the box, install a Windows variant, and pass it to another fence somewhere else to be sold.
As always, backups go without saying. Disk encryption and SSDs make this more important, because a TRIM means that the data isn't just marked as gone... it is -gone-, as in the physical cells has been zeroed out by the background garbage collector, and nobody is going to recover them. There are many ways to effectively back data up securely, and that is something left as an exercise to the reader.
Common sense says turn disk encryption on with a laptop, plain and simple.