OpenBSD Journal

j2k25 - OpenBSD Hackathon Japan 2025 (rsadowski@)

Contributed by Peter N. M. Hansteen on from the Puffy in the onsen dept.

Fresh from the just concluded j2k25 hackathon in Nara, Japan, Rafael Sadowski (rsadowski@) has published his report on his blog:
Week 2: The j2k25 Japan Hackathon

We arrived in Nara during the late afternoon. After checking into our hotel, goda@, my wife and I headed straight to the hack room. My initial thought was to finally do some ports hacking to warm up and create a plan for the upcoming week. I hadn't had much opportunity for focused thinking during our busy week in Tokyo.

As soon as I booted OpenBSD, kn@ appeared. I was genuinely happy to see him again, and we spent the first half hour catching up. Then he mentioned we were about to head to the team event. This completely derailed my planned "first day" approach - instead of keyboard and OpenBSD work, the evening was filled with excellent food, beer, and funny conversations.

At breakfast, I met with tb@ and had an interesting conversation. He asked if I could update graphics/blender, which appeared to be broken but was requested by users. I added Blender 4.4 to my (unpredictable) hackathon task list.

I also received 1-2 emails about KDE Plasma during the last weeks. The main issue was that it kept crashing when users entered text in the application launcher. After the first day, I realized the need for a KDE Plasma README that was both up-to-date and more robust for typical use cases and new users. Having used KDE Plasma as my daily driver under OpenBSD, I had become blind to potential user experience issues.

I spent considerable time reading ports@ mailing list entries and reviewing/testing new submissions. I found several interesting new ports, including print/pdf4qt from landry@ and sysutils/piknik from volker@. When ports are well-prepared, the review process is straightforward: review, build, and test.

KDE Development Progress

kn@ was kind enough to review several new KDE ports I had been working on:

- x11/kde-applications/kwave
- x11/kde-applications/kongress
- x11/kde-applications/arianna
- multimedia/phonon-backend/mpv
- kpublictransport,kosmindoormap

We're gradually building out the complete KDE Gear stack in OpenBSD. Some components are still missing, but I don't see a need to port KDE Mobile Plasma-only applications. Itinerary remains on my TODO list.

To address the search-related crashes, I created a fresh KDE user account to ensure no existing configurations were interfering with the testing process. Since I typically have all KDE applications installed, I was able to reproduce the crash quickly.

The issue occurs when entering text in the KDE search menu from the appliction launcher - it attempts to search everything (applications, home directory, etc.) simultaneously. This quickly overwhelms OpenBSD's restrictive default limits, and since no error handling exists for this scenario, the application crashes.

The solution is straightforward: increase the restrictive limits for KDE users. As a result, kde-plasma (`pkg_add kde-plasma`) now ships with a `kde` login class. This can be easily applied to KDE users with `usermod -L kde your-user-name`.

System Tuning Recommendations

I recommend the following system tuning for all KDE Gear/KDE Plasma users: 

You might want to consider increasing the kern.maxfiles tunable. Many services
and applications need to monitor activity of a lot of files.

# sysctl kern.maxfiles=65535
# echo "kern.maxfiles=65535" &bt;> /etc/sysctl.conf

KDE PIM and Akonadi Configuration

A new section has been added to the README for KDE PIM users, based on insights from FreeBSD documentation: 

KDE PIM and Akonadi
===================
KDE PIM applications like Akonadi, KMail, and Kontact use large messages on the
local machine. The default size on OpenBSD is too small, which causes local
connection issues, and Akonadi-based applications will be flaky (e.g. mailboxes
do not display, messages cannot be found).

Increasing the buffer size is recommended:

# sysctl net.unix.stream.recvspace=65536
# echo "net.unix.stream.recvspace=65536" &bt;> /etc/sysctl.conf

# sysctl net.unix.stream.sendspace=65536
# echo "net.unix.stream.sendspace=65536" &bt;> /etc/sysctl.conf

Unfortunately, several Akonadi modules continue to crash when loading models:

- akonadi_followupreminde
- akonadi_ical_resource
- akonadi_maildispatcher_
- akonadi_mailmerge_agent
- akonadi_sendlater_agent

I've submitted a bug report but haven't received a response yet. I'm considering temporarily disabling these modules in our ports while continuing to investigate the root cause.

KDE session Management Improvements

Another insight from the hackathon is that we can continue to clean up our KDE related `.xsession`, but should add a dbus-launch to it. The following is now recommended until sddm is ported and does it all for us. 

export XDG_RUNTIME_DIR=/tmp/run/$(id -u)
if [ ! -d $XDG_RUNTIME_DIR ]; then
    mkdir -m 700 -p $XDG_RUNTIME_DIR
fi

if [ -x /usr/local/bin/dbus-launch -a -z "${DBUS_SESSION_BUS_ADDRESS}" ]; then
    eval `dbus-launch --sh-syntax --exit-with-x11`
fi

${LOCALBASE}/bin/ck-launch-session ${LOCALBASE}/bin/startplasma-x11

This setup has worked well and received positive feedback from other users.

ck-session-notify - ConsoleKit session notifications

Since I brought a new notebook (ThinkPad T14 AMD Gen5) to the hackathon, I spent time configuring KDE Plasma. I particularly enjoy the tiling functions in KDE6, along with customizing various shortcuts and features.

I had an idea to display hotplugd(8) notifications in KDE Plasma and began writing a shell script that could be called from `/etc/hotplugd/{attach,detach}`. Here's the resulting concept: 

#!/bin/sh

# Send notifications to all active ConsoleKit sessions

# XXX
# You have to allow root access to all session buses. /etc/dbus-1/session.conf:
# <busconfig>
#   <policy context="mandatory">
#     <allow user="root"/>
#   </policy>
# </busconfig>

# Usage: ck-session-notify [app_name] [icon] [title] [message] [timeout_ms]

# Examples:
# ck-session-notify "hotplugd" "emblem-important" "Attached" "New fido dev" 8000

PATH="/usr/bin:/bin:/usr/local/bin"

if [ "$(id -u)" -ne 0 ]; then
	exit 1
fi

if ! command -v ck-list-sessions >/dev/null 2>&1; then
	echo "Error: ck-list-sessions not found" >&2
	exit 1
fi

if ! command -v gdbus >/dev/null 2>&1; then
	echo "Error: gdbus not found" >&2
	exit 1
fi

ck-list-sessions | grep -G7 -A9 "active = TRUE" | while read -r line; do
	case "$line" in
	*"unix-user = "*)
		user_id=$(echo "$line" | cut -d"'" -f2)
		;;
	*"x11-display = "*)
		display=$(echo "$line" | cut -d"'" -f2)
		username=$(id -nu "$user_id")

		dbus_socket=$(find /tmp -name "dbus-*" -user "$username" \
			-type s 2>/dev/null | head -1)

		if test -n "$username" && test -S "$dbus_socket"; then
			USER=$username \
				DISPLAY="${display:-:0}" \
				DBUS_SESSION_BUS_ADDRESS="unix:path=$dbus_socket" \
				gdbus call --session \
				--dest org.freedesktop.Notifications \
				--object-path /org/freedesktop/Notifications \
				--method org.freedesktop.Notifications.Notify \
				"${1:-System}" 0 "${2:-dialog-information}" \
				"${3:-Message}" "${4:-Broadcast}" "[]" "{}" "${5:-3000}" \
				>/dev/null
		fi
		;;
	esac
done

YubiKey Integration Example

To access my YubiKey from Keepasscx (security/keepassxc), my user needs access to the usb devies. I also use ck-list-sessions to determine the current user. This should work under all WM that are started with ${LOCALBASE}/bin/ck-launch-session.

/etc/hotplug/attach: 

#!/bin/sh

DEVCLASS=$1
DEVNAME=$2

case $DEVCLASS in
0) DEVCLASS_NAME="generic" ;;
1) DEVCLASS_NAME="CPU" ;;
2) DEVCLASS_NAME="disk drive" ;;
3) DEVCLASS_NAME="network interface" ;;
4) DEVCLASS_NAME="tape device" ;;
5) DEVCLASS_NAME="serial interface" ;;
esac

case $DEVNAME in
uaudio*)
	pkill -HUP sndiod
	;;
fido*)
	/etc/hotplug/ck-session-notify "hotplugd" "" \
		"Attachment" "$DEVCLASS_NAME: Yubico YubiKey OTP+FIDO+CCID" 5000
	USER="$(ck-list-sessions | grep -B7 "active = TRUE" | grep "unix-user" |
		head -1 | sed "s/.*unix-user = '//; s/'.*//" | xargs id -nu)"
	if test -n "$USER"; then
		chown $USER /dev/ugen*.*
		chown $USER /dev/usb2
		chown $USER /dev/usb1
		chown $USER /dev/usb0
	fi
	;;
*) ;;
esac

/etc/hotplug/detach: 

sh
case $DEVNAME in
uaudio*)
	pkill -HUP sndiod
	;;
fido*)
	/etc/hotplug/ck-session-notify "hotplugd" "" "Detachment" \
		"$DEVCLASS_NAME: Yubico YubiKey OTP+FIDO+CCID" 5000
	chown root /dev/ugen*.*
	chown root /dev/usb2
	chown root /dev/usb1
	chown root /dev/usb0
	;;
*) ;;
esac

Security Note: Anyone who uses this useful approach should be aware that there is also a risk here if USER applications have unrestricted access to the USB stack. Another possibility would be to create a group for this and set the group rights to the corresponding devies. This has the tradeoff that it has to be renewed with every sysupgrade. Choose your heavy, the risk remains.

Hardware Fixes: AMD ThinkPad Power Button

I haven't found the time to write a blog post about my new Thinkpad T14 AMD Gen5 yet. In short, it works more than it doesn't work. What unfortunately doesn't work is suspend/resume (S0ix) or and the power button doesn't work either (so that you can shutdown the system if you press it longer and the kernel handles the corresponding interrupt). During the hackathon mlarkin@ found out the corresponding gpio interruptand kettenis@ had a patch ready in no time. In the meantime the patch has been committed and the power button works as usual under OpenBSD.

Port Updates: Blender and Dependencies

The graphics/blender update mentioned by tb@ turned out to be manageable. I appreciate working on CMake ports - they're generally well-structured and straightforward to handle for me.

The missing brotli support for woff2 in our Xenocara FreeType version wasn't problematic. My pragmatic solution was to decompress the fonts and force blender use TTF fonts directly. This required tools that weren't available in our archivers/woff2 package.

The Blender port modification was implemented quickly:

makefile

post-install:
        ${MODPY_COMPILEALL} ${PREFIX}/share/blender/
        # Replace woff2 with ttf
        find ${PREFIX}/share/blender/4.4/datafiles/fonts -name '*.woff2' \
                -exec ${LOCALBASE}/bin/woff2_decompress {} \;
        rm ${PREFIX}/share/blender/4.4/datafiles/fonts/*.woff2

I updated the entire Blender dependency chain to the current state and ran it through an amd64 bulk-build to ensure no negative impacts before committing.

Port Maintenance: Taglib2 Update

Last but not least I worked on the taglib2 update. Also not a big deal if it wasn't our really badly maintained ports audio tree. If you have the time and desire you should update the ports in audio. There is so much old stuff in there. Spooky old!

If you want to read the whole thing go ahead to Three Weeks in Japan: Ultramarathon, Hackathon, and Sightseeing over at Rafael's site!

Reply

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]