Due to scheduling conflicts, I didn't get the May 2025 status report out. This status report will cover both May and June 2025.

A large portion of both May and June was spent on two things: pkgbase and the build infrastructure. FreeBSD has been working on providing packages for the base OS for a few years now and they're getting close to launching it experimentally. Their goal is to release FreeBSD 15.0 with support for packaged base.

I updated our build scripts to also create a pkgbase repo for those who want to give HardenedBSD with pkgbase a try. Note that the only officially supported way to update HardenedBSD with pre-built artifacts is via hbsd-update. These new pkgbase repos are experimental and should NOT be relied on for production use.

I also spent some time researching descriptor randomization, a Syd Linux feature that helps mitigate descriptor re-use attacks.

In the src tree:

1. 0x1eef taught hbsd-update about the new BSD.hardened.dist mtree file.
2. Shawn Webb fixed a regression with the RTLD.
3. Shawn Webb enabled netlink support for userland.
4. Shawn Webb disabled the security.bsd.see_jail_proc sysctl node by default.
5. Shawn Webb fixed the HardenedBSD pkg config for use with Tor.
6. Shawn Webb added optional pkgbase repo config files, including support for Tor.

In the ports tree:

1. Fabien Amelinck fixed the emulators/virtualbox-ose port.
2. Shawn Webb disabled fortify source for:
   • devel/got
   • devel/kBuild
3. Shawn Webb fixed the build of databases/redis.
4. Shawn Webb fixed up the ftp/curl patch that re-enables support for Tor.
5. Shawn Webb updated the net-p2p/heartwood (and related) ports.
6. 0x1eef disabled the installation of sysutils/screen as setuid.

Our electric bill was $477 USD last month. I'm working on getting some quotes for a mini-split heat pump HVAC unit for the server room. I plan to announce an official call for donations once we settle on a quote. It's looking like somewhere around $7,000 - $9,000 USD right now. We have one quote so far, which can be viewed here.

The cooling problem is the last problem to solve for our server room. Once we have adequate cooling, I can power on additional servers. FreeBSD plans to branch 15-CURRENT into 15-STABLE later this year, so we need to bring another server online to support the new 15-STABLE branch (so we would support 16-CURRENT, 15-STABLE, and 14-STABLE).

If you have the means to donate, please do. We appreciate every penny that comes our way. All donations go directly to hardware and infrastructure support. Self-hosting enables us to provide unique methods for accessing our infrastructure, but it comes at an ever growing financial cost.

We're on the following platforms: