Become a fan of Slashdot on Facebook


Forgot your password?
BSD Operating Systems

OpenBSD 2.8 Released 95

I just logged into the OpenBSD ftp server and noticed that OpenBSD 2.8 is up and ready for download. From the Press Release, 2.8 contains improved hardware support for newer Apple Hardware (iMac, G3, G4, G4 Cube), security fixes, AES support, AES/Rindjael encrypted swap, OpenSSH 2.3.0, RSA libraries in base install, and many more ports in the ports tree. According to the project, this release commemorates 5 years of OpenBSD, on October 18, 2000. This is OpenBSD's 9th release. Happy Belated Birthday OpenBSD!
This discussion has been archived. No new comments can be posted.

OpenBSD 2.8 Released

Comments Filter:
  • Who knows?
  • I actually met and talked/listened to Theo at a Open source/Free software convention a few months back. He seemed like a quite OK guy, but perhaps with a very strong view on him beeing right. Read the jargon file on "Weaknesses in the hacker personality" and you will see what I mean. He had a lot of critisicm on other systems, but perhaps it is easier for some people to "slip" into agressive mode in a text based forum. Just witness slashdot...

    And according to Alan Coxs diary, Theo, Paul-Henning Kamp (FreeBSD), and himself at least got along peacefully before and during the convention. By the way, Theo and some local OpenBSD developers sat down right after the convention and got to work at fixing bugs. Now THAT is dedication.

  • I've bought at least one cd per release since 2.4 and that gives me a warm fuzzy feeling.

    I've had the 2.8 CD on preorder since the release date was announced. Now, that's warm fuzzies. :)
  • by rjh ( 40933 )
    The most important thing you can do to secure an OS isn't auditing, it's intelligent design. Windows NT has been pretty heavily audited internally by Microsoft, and it's still a block of Swiss cheese due to its design.

    Auditing is a good step, but no amount of auditing can overcome brain-damaged design.
  • "Oh what a pretty little fishy! Cochie, cochie cooAAAOU! OUCH! He BIT me! And hes ARMED! With NUKES!"

    I definitly like this version of little Ramblo. Much more "alive" and than the previous versions. Tux tends to be drawn in much the same way all the time, except in LinuxFormat (UK).

  • by Mawbid ( 3993 ) on Friday December 01, 2000 @01:35AM (#589941)
    I agree that GNU's move to info is not helping, but I'd like to defend them a little by pointing out that their reasons for switching were valid and that it's "only" the execution that has failed.

    Take a look at man tar (for a non-GNU version of tar) and info tar respectively. Newbies complain that man pages are hard to understand, being primarily references rather than teaching tools. I've read man pages that described in detail every option available, but neglected to say what the program was for! Very few (Linux) man pages explain how the program fits into the grand scheme of things or include a tutorial. Most don't even include examples. Furthermore, there's no toplevel man page or any man page equivalent to, say, the Shell Utilities info page, which are very useful for learning about how to use the system rather than an individual program (which you may not even know exists or is appropriate for the task at hand).

    Now, mostly this can be fixed by writing more man pages and adding explanation and tutorial matter but if you're going to do that, you start wanting more structure and navigation than man provides and thus info was born. So, I disagree that man is superior to info. Info solves real problems with man.

    The problem is that info hasn't been widely adopted and most people just end up using man (at least I did -- I don't even think to check info most of the time). When that happens, stubbornly refusing to write proper man pages and saying "use info, it's much better!" does no good.

    (Plus, the standard info viewer sucks entirely too much, but at least there's pinfo.)

    I suspect that whether it's info or man isn't the key point though. If you want really good documentation with examples, a tutorial, descriptions of concepts and common work procedures, links (navigatable or "see also") to related programs and so forth, then you're talking about a major effort in writing the documentation and that, I think, is the main reason such documentation doesn't exist in info or man for most programs.

  • This is OpenBSD's 9th release.

    I would like to know how were the OpenBSD releases numbered after the split from NetBSD. The reason I ask is because NetBSD is at 1.4.3 and OpenBSD at 2.8, and NetBSD is older. So how did it work ?

    Thank you.

    P.S. This is a genuine question not a flame.

  • OpenBSD has just had more releases than NetBSD. I guess Theo must have played with OBSD 0.1->1.9 on his own computer instead of releasing it to the public.
    No matter what the version I'm very excited to order my copy of the CD.

    If you think you know what the hell is going on you're probably full of shit. -- Robert Anton Wilson
  • Hmmm, I think what he really meant was to substitute "foo" for something else. Like:

    man ifled
    No man page for ifled.

    Meaning that you have a small number of man pages in Linux. But maybe I'm wrong.


  • what crap is this? BSD is very sick? did you have magic mushrooms for breakfast or something?!
  • Paypal may work in other countries but there is a "processing" fee everytime the money enters or leaves the US. It gets quite expensive if the recipient and sender are not in the US. I have 1-day couriered a certified check for less.

  • I don't mean to excuse the way you were treated. Failing to ship you something you bought is not excusable. However, if I were in your shoes (which I'm not -- my OpenBSD CD and t-shirts arrived) I'd think of it this way: My main goal was to support OpenBSD. I've done that even if I didn't get the CD and I can legally get the CD some other way (copy some one else's, download disk images).

    Again, you have every right to be upset that you didn't get your stuff (and probably some sort of legal remedy is available, though the cost and hassle of it is no doubt too high to be worth it). But you could choose not to be. That's all I'm saying.

  • So you want them to put effort in to deal with
    your own problems?
  • I kind of like this new artwork [], kind of hope it ends up on a poster or sticker or something.
  • Having read what's been written so far...
    1. I bought a CD of 2.6 from It arrived about 10 days later (regular mail, it was sent from Canada, so that's a reasonable length of time to wait.) I don't see any reason to assume the delivery problems of other posters here is anything but the usual postal problems.
    2. While I'd played with Linux for 4 or so years before getting OpenBSD, I'm not sure that changed the fact that it was very easy to install, even on pretty dire hardware.
    3. The Ports collection is not audited, but OTOH I got the distinct impression that the selection of Ports is influenced heavily by security issues. So you end up with situations where a known hole-ridden release isn't there, but an obscure bug in a release that has made it there takes a bit longer to get fixed. Perhaps the confusion here is a misunderstanding of the philosophy of the project: all OS's require some prioritisation of how issues are fixed. In OpenBSD the focus is on the default installation, then the tools that come with the operating system. Ports are very much 'at your own risk.'
    4. The security audit generally helps with reliability, but not always. I found OBSD works fine on 'good hardware'. On hardware where I/O faults happen on occasion, such as a Wide-SCSI device attached to a SCSI-2 bus, OpenBSD has a tendency to get upset and suspend processes without providing a way to shut them down (which in turn means that you can't do anything other than reboot - without dismounting your disks. Urgh) Which is "ok" I guess, but to a certain extent the occasional hardware problem is a fact of life in computing. kill -9 should kill a process, whatever state it's in.
    5. On the other hand, it's the only OS to recognise my crap ISA PnP MSS soundcard right off the bat...
    6. Emulation of other operating systems is good. The only stuff that wont work tends to be in the administration department. I ran Linux, BSDI and FreeBSD stuff without a hitch, including third rate bug ridden crap would-never-get-away-with-it-if-it-opened-its-prot ocols like RealPlayer.
    Overall, it's a good, high quality, operating system. I personally ended up plumping for it on my firewall, and Slackware Linux on my main machine - given OpenBSD is handling the security issues anyway I'm happy running Slackware which has the edge on the hardware and is slightly more tuned to how I like to work - but if Slackware didn't exist, OpenBSD will be on all my machines.

    YMMV, of course.

  • >Since Theo and a few others are highly competent
    >and heavily dedicated, the BSDs have as active a
    >developer community as they need.

    Theo has said that he'd continue to work on OpenBSD even if he was the only user. He started it as a one man show, and if he had to, he'd go back to that.
  • Not to reply to your .sig, but my power animal is a blowfish.

    I may just have to buy a G4 just to see in run a real OS, be it OS X or OpenBSD 2.8 (I preordered it 3 weeks ago, for my SPARCClassic X.)

    IMHO, there are two things left for OpenBSD to do for now:
    1. SMP code for SMP-capable machines, and
    2. UltraSPARC port.

    Something to look forward toward in OpenBSD 3.x.
    Thus sprach DrQu+xum, SID=218745.
  • Get a clue. You need to download files from one. As an example, [] contains less than 95Mb of data. Why would you rather download ~600Mb?!
  • I just want to know: If the BSD license doesn't qualify as free software, THEN WHAT THE HELL IS FREE SOFTWARE? Aside from Public Domain, BSD is probably the most liberal license out there, much freer than GPL in the true sense of the word? I'm not terribly familiar with the FSF, so I would appreciate it if you would clarify.
  • It's the big reason I put Linux on my BP6 home server instead of OBSD.. Had the 2.7 disk and everything..

    (OK, that and HPT366 support, but I would have just gone with SCSI except that I noticed that SMP was not yet supported as indicated on the CDROM case :( )

    Your Working Boy,
  • As with any major system upgrade, I'd recomend backing up anything that you can't replace.

    I've personally taken one box from 2.6 -> 2.7 -> pre 2.8 (and soon to the newly released 2.8)
    and 3 other from 2.7 -> 2.8 with out any major problems. I'm not sure of the Right Way [tm] for upgrading from 2.6 -> 2.8. I'd recomend checking the FAQ and the mailing list archives. The biggest problem AFIK is updating /etc and the fact that if you have bind 8.2.2Px installed you will need to do a pkg_add on bind again because the upgrade contains bind 4.9.7 (? not sure of the exact version)
  • "from the three-years-without-a-hole dept."
    "2.8 contains ... security fixes ..."


  • I buy a fair number of CD releases, and also occasionally purchase t-shirts from OSS organizations. I have no problem with forking over cash for the CDs, even if they are coasters after a few months. These folks must be making a better return on their CD sales than on things like t-shirts, since the cost of making CDs is chicken-feed. Buying the CD, I suspect, it a much more direct way of supporting folks like OpenBSD, Debian, etc.

    Besides, I'm a bit of a completionist, so I like collecting the pre-fab CDs :)

    Mind you, if you are a student or somesuch, I can see the value in getting the freebee.
  • Actually, I don't think it has anything to do with OpenBSD vs. ThingsFallingFromSky. Ever notice that the more technical the original article, the few people that post responses?

    Things that make you say "hmmmm..."
  • Consider yourselves lucky these Belgian dudes didn't use one of their alternate names. Koeieuier is pronounced approximatively "Coup-Ya-Ey-Yer" (say that 0xA times fast.).
  • I've seen/heard on the mailing list that many people had trouble receiving shipments of previous disks, because of the stringent U.S. (if you're in the U.S. or your order passed through it) encryption import/export laws. I'm not saying that excuses how you were treated, but you might want to reconsider blaming Theo (a very busy guy) and the computer store, because there may be more to the story than meets the eye.
  • Paypal now works in a bunch of other countries, including much of Euroland... Almost sure that NL is included in the new coverage.
  • Oh, man, why did I spent my last moderator point yesterday? This deserves to be moderated all the way up to 5! :-)
  • This is a catch 22. The bigger it is, the more bugs it will have. Obviously Windows is larger, and it has more bugs (security ones, etc.). This holds true for Linux and *BSD as well, the obly reason the security bugs aren't as prevelant is because it is build top down, with administrators (security, robustness) in mind, rather than bottom up (features, overall cuteness).

    Windows was initially coded to be a desktop item, and that's where they have suceeded, the fact that we are finally starting to see them all blur together is simply an inevibility.
  • ... the most powerful processor.

    I couldn't see an Axp directory on the ftp site I went to.

  • Well, what other reason can there be for the lack of Finnish FTP site mirrors? I'll have to snarf it from Sweden or Russia instead...

  • Some people say that the BSD license isn't totally free because the code can be put into a closed source product so long as it is credited. The analogy they use is slavery -- assuming that you are in some sort of modern democracy, you are probably "free", although you do not have the freedom to become a slave (i.e. renounce your freedom).

    OTOH, the GPL imposes a huge restriction by saying that anything derived from the source must be free (as in speech). However this is because RMS's view on software is that it is immoral to provide binaries without source, hence the GPL enforces that moral standpoint to prevent anybody from doing the immoral act of keeping the source closed.

    Personally I'm not sure which one is more free, since the slavery analogy is pretty strong. What it comes down to though is that with the BSD license you are allowing others to make their own moral decision about what they will do with your source, but with the GPL you are forcing them to uphold your moral views.

  • BSD license you are allowing others to make their own moral decision about what they will do with your source, but with the GPL you are forcing
    them to uphold your moral views.
    That's the heart of the matter. By definition, when you force some one to uphold YOUR moral views, then you are restricting freedom. The BSD license gives you freedom, while the GPL license takes away some of that freedom in order to provide something Good(TM). The freest society possible is anarchy. Democracy, however, trades some of that freedom in order to provide the Good thing of keeping people from killing each other. My point is that neither license has a clear advantage, but that each is a personal choice. If you feel that people have every right to use your code without releasing their own, then by all means use the BSD license. If you feel that the overall-good (which is usually CONTRARY to freedom) is best served by other people OSSing their code, then go ahead and use the GPL. Neither person is wrong, they just have different views.

    PS> I'm pretty sure, that if you feel that slavery is right, you have every right to sell yourself into it.
  • The BSD license without the advertising clause qualifies as non-copyleft free software, according to this [] page here. I'm not entirely sure if BSD-with-advertising-clause qualifies too. Anyhow, in this document the fsf states that the XFree86 license is the preferred non-copyleft free license out there.

  • I've been running 2.7 since the day it was released, and it's been nothing short of amazing. I wonder if I should install it on a G4 Cube, to tide me over until OS X comes out? ;-)

    Even with the RSA patent expiration, I still think OpenBSD is one of the best OS's around. It's just tight code, with quality man pages, and a great user base.

  • Sounds good, sounds very good.

    I wonder, though if they'll install for these new Macs, or if it's strictly hardware support. I'd hope they'd install, I could sure use some more security than the Mac's current state. Why would anyone want OS X when they've got the security of OpenBSD?
  • I have OpenBSD 2.7 installed on another of my computers. I think it's a great OS. Unfortunately, I find it's ports selection somewhat lacking. I'm glad to hear that there are more available in the new version... And always more on the way, no doubt.

    I'm hoping that the people at OpenPorts [] are successful in unifying the ports collections. OpenBSD could really benefit from a selection of ports like FreeBSD...

  • Aww, isnt' the 2.8 blowfish adorable?
  • I had my SO order me a couple o' shirts from the OpenBSD folks for my b/d last year (by phone to the Calgary store you mention)... they got to me just fine (in Canada). I purchased my copy of OpenBSD 2.7 from the University bookstore so didn't run into any snags there.

    Since I completely support the OpenBSD philosophy (proactive auditing and full disclosure) and am very satisfied with the OS I certainly will be placing an order for the 2.8 CD's next week, even tho I could just download the updates (support what you believe in).

    I guess I might have exactly the same attitude if I had the same kind of experience you had, but I have nothing but good to say about the OpenBSD ordering, it's a shame you got such a rough ride. I've never met/corresponded with Theo but from what I've been able to gather he can be kinda ascerbic from time to time. Maybe bury the hatchet & give them another chance? Whatever your choice, remember there are many others working hard on the project that I'm sure regret hearing of incidents such as yours.

    Many kudos and thanks to the entire OpenBSD team, keep up the great work.

  • Firstly, OpenBSD achieves most of its security becausethe majority of daemons don't run by default. Remember, OpenBSD has gone 3 years without a hole in the default install - this is only because the default install is more or less too crippled for practical use.

    *cough* Speaking of utter bullshit.

    As soon as you start turning daemons on, it has the same level of security as any other Unix.

    Okay, provide exploits. Go on, we'll wait.

    Personally, I'm not going to be upgrading my OpenBSD 2.7 box, because in my case the old phrase "if it ain't broke, don't fix it" seems like a good idea. And no, I'm not going to buy a CD anyway.

    Uh. It's broke. Fix it. There was this small matter of format string vulnerabilities and the resulting jumbo patch. If you've been patching right along, great, but if you're running stock 2.7 release I would really get with the times, and if rebuilding the system would be as big a pain for you as it would for me, the efficient way to do that is install the new release.
  • by Shoeboy ( 16224 ) on Thursday November 30, 2000 @10:19PM (#589976) Homepage
    from the three-years-without-a-hole dept
    You have my pity.
  • Been running it for a bit now.. looking good..

    BTW.. the stickers are great.... especially the deep sea diver Daemon...
  • ... is as always to BUY THE CD (one or more, and possible additions to your wardrobe) at

    Regardless if you install over ftp are updating an earlier installation from CVS or just don't bother to upgrade.

    BUY THE CD to support on of the worlds most secure operating systems.

    Remember the wise words of RMS:
    Free software has not to be free as in free beer.

    I've bought at least one cd per release since 2.4 and that gives me a warm fuzzy feeling.

    The people in the OpenBSD team are doing the most important thing to secure an OS: Auditing. They need support in time and hardware to be able to debug and audit new code. Time is money.

    If you work on a company that needs a driver or a port of a package to a secure OS, then don't hesitate to pay for development of free software.

    Check out to find out how to support the project.
  • majority of the readership uses (or pretends to use, there's a difference) Linux

    that's a hefty statement... makes you sound like the it's-my-treehouse zealot you purport to dislike.

  • According the this [], the CD is powerpc bootable. Built binary support isn't so great, but you can have fun building your own. I'm thinking of installing this on an iMac...should be an interesting experiement.

    #cd /
  • "The number of posts on Usenet"??? I'd say that your chain of reasoning has a fatal flaw right from the start. Very little technical BSD discussion is conducted via Usenet.

    Frankly, OpenBSD gets discussed more often on Usenet due to emotional, not technical reasons. That's not to say that the issues discussed aren't technical, just that things like security and encryption tend to elicit vocal opinions.

    Of course, you're probably the same FUD-meister who shows up in any BSD discussion that appears on the Slashdot front page. Or perhaps there are several of you who make posting the same drivel some sort of hobby. In any case, your anonymous status suits your overall lack of credibility. Not sure why I bother...

  • Question: - Does OpenBSD provide an ISO image available for download?

    Answer: - You can't. The official OpenBSD CD-ROM layout is copyright Theo de Raadt, as an incentive for people to buy the CD set. Note that only the layout is copyrighted, OpenBSD itself is free. Nothing precludes someone else to just grab OpenBSD and make their own CD.
  • (I don't really know why I care to followup on trolls. I guess I just don't want to do any real work today.)

    Anyway, it's kind of funny that a ``Linux site'' like this cares to include a whole section just for such esoteric software as BSD. And as for the posts that usually goes into more detail of why OpenBSD claims to be the most secure, they usually end up as being viewed as Linux-bashing, and subsequently modded as flamebait or troll.

  • When you look at Window$ it's not hard to see that features dominate and security is an after-though. With OpenBSD, features are not the highest priority. May not seem like a big deal to most but not having to constantly check cert (to make sure your system doesn't have a gaping security hole) is in itself the single best feature I could ever ask for.
  • Ever notice that the more technical the original article, the few people that post responses?

    What you said! When you filter out the trolls and the dogmatists (you know, license lawyers and such who spout the same canned opinions every chance they get), most technical articles have maybe 20-35 responses. Even such solidly technical Linux-oriented stuff like ReiserFS vs. ext3 gets maybe 50 technically relevent responses, with the rest being hearsay or worse.

    I'm not complaining, really. The chatter is often what makes Slashdot interesting. Even the trolling is useful to me; it helps prepare me for when my son reaches age 15 or so, and is trying to extend a childhood interest in fart jokes to the ultimate level of sophistication. ;-)

  • Actually, 2.8 seems to have a much better port selection than 2.7 I did a ftp install last night, and as usual, OpenBSD installed smooth and quickly. And I don't have to spend a couple of hours after the install to secure it up :)
  • I don't agree with this either. A small OS like OpenBSD isn't going to be able to brag about "we sell more t-shirt than any other Os" :) They need cd sales to help track an accurate amount of users. I don't have the link, but earlier this year, a Slashdot post mentioning OpenBSD claimed that there were an estimated 1,500 OpenBSD users worldwide! T-shirt sales won't counter claims like that.
  • I'd hope they'd install, I could sure use some more security than the Mac's current state.

    If you mean more security than the classic MacOS, you won't get much from OpenBSD. The MacOS doesn't listen on any ports and doesn't provide a way to manipulate the rest of the operating system. Arguably, if its security you want, you can't really do better than the classic MacOS.

    Mind you, its not security by design, its security by lobotimization. And the performance isn't great. But of all the things one can harp on the MacOS for, network security isn't one of them.

    As to why someone would want MacOS X, well... There's those tiny little details like Quartz and Cocoa (aka: probably the best imaging model and one of the best APIs, respectively). But if you're going to run a server, those don't really matter, do they?

  • man on my Debian machine doesn't clear the screen on exit* so this must be configurable.

    man hands the page to the program specified by $PAGER (or /usr/bin/pager) for viewing so your pager's configuration would be the one to look at.

    BTW, I just checked less's man page and found the --quit-at-eof and --quit-if-one-screen options. Not the thing you're looking for but I was happy to discover them.

    * at least not when I just checked it over ssh with ttssh. I can't recall if it behaves differently in the console or an xterm.

  • I've been running 2.6 for about a year now and I'm considering upgrading to 2.8. Has anyone ever tried the "Upgrade" function of the install procedure? My goal is to minimize my downtime and I don't want to end up with a crippled system after I've done my upgrade.
  • If you track the OpenPackages lists a bit more closely, you'll observe that all sides are indeed co-operating.

    There are sufficiently difficult architectural questions to be answered (depend on perl or not? netbsd doesnt have it in-tree, openbsd does), that it's not going to be a particularly smooth road.
  • by rent ( 66355 ) on Friday December 01, 2000 @03:42AM (#589992) Homepage
    I know it sucks when another OS (besides Linux) is mentioned on Slashdot, but all of us Linux fans can deal with it. So please keep your anti-BSD propaganda to yourself..!
  • Fuck you anonymous coward.
    "Cute"? Get a fucking life.
    Stickers? Stickers? I thought this was a Bloody OS, not a god damn window decoration!

    (Not at karma-cap any more...)
  • Yeah, I've had my issues with Theo, but we've both mellowed out over a few years time. at once point I got kicked off #openbsd because of some lack of donation fundage or something....

    However last summer at USENIX, I had an interesting conversation with him, and at the bottom of it, he's intelligent, civil, insightful, and slightly moody. Gee, like every single one of the "hacker geniuses" I know.

    Let the guy do his job. He does it pretty well.
  • > FreeBSD documents *everything* - commands, file formats, even man style which documents the bsd style for formatting c code. You also have info pages as well as original papers on ipc, sendmail, etc, etc

    And on drivers.

    Installed a debian yesterday. Wanted to use generic scsi. Looked for /dev/sg*. Nothing man sg. Nothing. man scsi. Nothing. vi /dev/MAKEDEV. Oh, great, let's try ./MAKEDEV sg. Then randomly use /dev/sg0, /dev/sg1, etc (because the doc I had said that sg devices were numbered from sg[a-z]. Something may have changed somewhere. Who knows ?)


  • No, there just aren't any finish mirrors because nobody from finland has bothered to do anything about that. Check ftp.html [] if you'd like to fix that.
  • Actually there is FreeBSD Inc. So, I think the validness of that statement is gone. I know the site says "Copyright The FreeBSD Project," but look at the FreeBSD Copyright...
  • I'd rather field this in the alt.os.xmach newsgroup, if you don't mind posting _every question you can think of_ there. I mean it - I'd like you to come up with like 20 questions - you're obviously thinking about it - I want to hear everything you can think of, and I'll answer any and all questions, and I'll add to our FAQ - sound good? Thanks in advance, jmallett.
  • Sorry, a bad joke is easily taken as a dumb comment.


  • they don't allow ports with any type of security problem into their /usr/ports. that's why you see less in openBSD then in freeBSD or netBSD. they simply have different standards
  • Just to get things straight. OpenBSD goes for Security. NetBSD tries to run on everything. FreeBSD is what?
  • The existance of "FreeBSD, Inc" is to protect the name "FreeBSD"'s independant of the Project.
  • I just ordered my CDs yesterday (I know...I was stalling, what can I say). Hopefully, they will come soon. I can't wait. Not such a big fan of the anime guy, even with all the guns, etc., but I will manage :-). OpenBSD rules.

    #cd /
  • It qualifies, but it is depricated. The Original BSD license, with the advertising clause is a workable license, but not workable as a model for other licenses.

    XFree86 is recommended as a model for a non-copyleft (GNU) but still "free" license. This is not for legal or philisophical reasons, but because the popularity of the XFree86 project is most comparable to that of the BSD projects.

  • Yes, Theo de Raadt has a reputation for being rather antisocial online, look up the FreeBSD mailing lists archives if you want to. But, in person I'm sure he can/could be a pretty nice guy, I have no proof, but how many of us have actually met Theo de Raadt? Anyway, despite his behavior online, his contributions to NetBSD in the past, and OpenBSD now, have shown that he is a wonderful hacker.

    Oh, and one last thing, come on, stop writing these posts about Theo being a jerk. Someone always brings this up every time there's a post that barely has anything to do with Theo. Let him be, I think he really doesn't deserve all these insults and attacks, and after all he probably reads /. too...
  • by Anonymous Coward
    Not really. The ports are a major security concern. They do not go through nearly as much (in some cases none) security auditing simply because there is too much source code to audit all the ports.

    If you want lots of ports, use FreeBSD. You should try to stick with only the base install + a few other badly needed ports if you want OpenBSD to remain effective and secure.

    Remeber, they only heavily audit the base install. Anything you install besides that is just like installing any other OS. You're taking the security out of it.
  • Quoth the poster:
    The licensing is ... BSD-style, which qualifies ... not as free software ... as defined by [the] FSF.

    Sorry, but this is flat out wrong. The old BSD license with the advertising clause did not qualify as free software, because it required you to mention all the contributors to your software in any advertising you did. Image if all the software in RedHat were covered by such a clause - then redhat would have to purchase a full page any time they wanted to advertise, just for all the credits!

    The new BSD license is Free Software in the FSF sense; You can see an FSF classification of software [], under which the BSD license is classified as Non-Copylefted Free Software. Also see A comprehensive list of software licenses and how they are classified []

  • The problem isn't with the distributions. It's with the GNU Project. GNU has made it very well known that they do not support man pages at all - only their info pages. Check out the top of most any man page from a GNU program and you will see something like this:

    The information in this man page is an extract from the full documentation of the GNU C compiler, and is limited to the meaning of the options.

    This man page is not kept up to date except when volunteers want to maintain it. If you find a discrepancy between the man page and the software, please check the Info file, which is the authoritative documentation.

    The man page then proceeds to only contain a long listing of simple descriptions of the options. Some are even worse. Since the majority of any distribution's software comes from GNU, they have to deal with their lack of supplied man pages.

    In general, man pages come from non-GNU programs or from people who write pages for those GNU programs that lack man pages. In my opinion, man is far superior to info, and I believe that the GNU project is doing everyone a disservice by keeping such poor man pages (or a complete lack of them altogether).

  • That is, if you receive them at all. If I were you, I wouldn't count on it.
  • by trims ( 10010 ) on Friday December 01, 2000 @12:39AM (#590011) Homepage

    Like many others here that run OpenBSD, I've got a collection of CDs from previous releases, and really don't need another CD, since I can just snarf the updates.

    Rather than get Yet Another T-Shirt, I suggest that people wanting to make a donation do it via PayPal. The OpenBSD user on PayPal is: []. This is by far the easiest way to send them money, and it all goes to the project.

    If you're a corporation that uses OpenBSD, I suggest that they make a nice donation - I've usually suggested $1000 as a suitable amount.


  • things falling from the sky get more comments on here then a update to one of the most secure Operating Systems ever invented.

    Just because people don't comment, it doesn't mean they're overlooking the article. Imagine "15,000,000 people are starving in North Korea" versus "10 things you hate about HTML". The latter is easier to chat about, though far less important. Falling satellites are more conversation-worthy than an ultra-secure OS.
  • One more reason not to eat at McDonalds. That is truely discusting....
  • [there are low numbers of BSD users so] BSD is very sick and its long term survival prospects are very dim.

    It doesn't work like that, even supposing your figures are correct. The thing BSD needs to "survive" (i.e. continue being updated) is not a sufficiently big user community; it's a sufficiently big developer community, measured by able-programmer-hours. Since Theo and a few others are highly competent and heavily dedicated, the BSDs have as active a developer community as they need.
  • Unfortunately, in my country we don't use CC, paypal (US only, remember) or so. If I want to donate money, it goes through a bank. That costs muchos euro's. As far as I know there is no easy way to donate money across my border (Netherlands).
  • Unfortunately, I find it's ports selection somewhat lacking

    Feedback as to what is lacking is always appreciated...

    Remember that OpenBSD provides enhancements to the other BSD's ports systems in the form of FLAVORS (which allow multiple options per port, for example in the case of PHP, you can select php-mysql-imap), and FAKE, which installs the port into a separate directory for packaging, instead of directly in the filesystem.

    Right now, I'm tinkering away at a curses (visual) interface to the whole tree, that will allow advanced searching and browsing, instead of just through the command-line interface.

    If it's just volume of packages that you find is bad, then please feel free to read [] and help the team out! Simply port your favourite application up and post it to
  • The PowerPC boot support is from Open Firmware. You enter open firmware and issue a command something like this:

    boot cd:,ofwboot /2.8/powerpc/bsd.rd

    and you're dropped into a text-terminal with all the usual OpenBSD console messages. The console messages appear to be quite slow even on fast machines but the OS itself is quite fast. The only word of warning is that for X to work, you'll need to set the screen to operate at 1024x768 or 800x600.

    The set of documentation for contents that I submitted just prior to the cd being pressed is at: notes/powerpc/contents?rev=1.23 []

    The full INSTALL.powerpc file can be viewed here: ms/openbsd/2.8/powerpc/INSTALL.powerpc [].

    I was last working with a snapshot from about 3 weeks ago, so I'll load up the release version in a little while and see how it goes...

    One final thing - FTP install works great, so if you're on a fast connection, I can recommend it. Currently supported drivers in 2.8 release are the gm0 onboard controller in iMac, Blue G3, G4, Cube etc and de0 (DEC Tulip 21x40). The only gotcha is that last time I checked, the gm0 in the dual processor G4's would not operate on 10baseT or 1000BaseT - only 100BaseT Half Duplex or 100BaseT Full Duplex. Dale @ OpenBSD has been looking into it.

    (who couldn't be bothered getting an account let alone signing in)

  • I don't understand why either is still in use...
    We have lynx... we have html... why are we using man and info...

  • OpenBSD does not have point releases.

    Major.Minor.N vs Major.Minor

    It's pretty clear.
  • How can a software project go out of business? FreeBSD is an OS project, not a company. You might be thinking of Walnut Creek, which merged with BSDI to become BSDi.

    And FreeBSD wasn't "taken over". WC was the largest benefactor and supporter of FreeBSD, but it didn't own it, and neither does BSDi.
  • >Remember the wise words of RMS:
    Free software has not to be free as in free beer.

    Ah, but OpenBSD, like all BSD's, is *not* free software. The licensing is (surprise, surprise) BSD-style, which qualifies as open source, but not as free software in the notion defined by RMS / GNU / FSF.

    Stallmanism aside, I greatly respect OpenBSD as a project and I agree wholeheartedly that it should be supported.

    I think I'll buy a T-shirt rather than a CD, though...

  • I just have a few questions about xMach, it sounds like an interesting project.

    1) Could you explain its benifets as compared to other Linux distros?

    2) Does it use 2.4, or 2.2?

    Seriously though, here are the real questions:

    1) How do you justify using Mach as opposed to something like L4? In other words, what do you have to say about xMach that refutes the claims that Mach is slow? (Not, microkernels, Mach specifically.)

    2) What versions of the BSD's are you working off of?

    3) What are you doing other than merging Mach and 4.4BSD to make the system as fast as you say?

    4) What benifets does Mach provide as opposed to traditional BSD's?

    5) What does xMach have that something like Darwin doesn't?

    I'm ecstatic to see another OS, especially one designed to be light and fast, on the scene, I just want to know some of the details. Thanks in advance.
  • Has anyone had any problems installing 2.6/2.7 on large (80 gig) disks, or does anyone know if 2.8 maybe fixes some issues with this?

    I could never get 2.6 or 2.7 to install on my home server box, because it would puke when it tried to make the filesystems. Just wondering if, with 2.8, I ought to give OpenBSD one more try.

    FWIW, I got a little 2.6 box running at work (with a much smaller disk) offering a couple of minor services (DHCP and Squid+Sleezeball proxy) and it's been running fine. Nobody except me even knows where it is; it's hidden in a dark corner behind a Netware box. Like Netware, it just runs forever without ever needing any maintenance, and people forget all about it.

  • installation last night on my Rev B iMac went fine, the only problem was in fdisk and disklabel (because i had no idea what i was doing) but everything went fine... except that i seem to have to unplug then replug the mouse before i can type anything. X works right off the bat. wicked.
  • >When you filter out the trolls and the dogmatists ... most technical articles have maybe 20-35 responses.

    That's a very *good* thing. Sort of a meta-moderation concept that works quite well. It of course works just as well in real life. If somebody is blabbing on at you, just say something like "Also included is sshd which is the server side of the package, and the other basic utilities like ssh-add, ssh-agent, and ssh-keygen." This shuts them up immediately. :)
  • Ask and you shall receive [] :)
  • The ISO images are copyrighted by Theo de Raadt as a benefit to those who buy a CD.
  • Oh really ? I don't think they look at ports all that closely. LOOK at the 2.6 errata []. Look at RZSZ snooping. I can't believe they actually looked at the source for this and let it get by!
  • Believe me, this isnt a flame. I do wish linux distrubtions took man pages a little more seriously:

    # man foo
    No manual entry for foo

    #info foo
    This (the Directory node) gives a menu of major topics ...
    (but no foo)

    #cd /usr/doc/foo/
    No such file or directory

    #cd /usr/share/foo
    #cat README.txt
    Documentation for foo is available at

    Then there's things like

    #apropos bar
    bar: nothing appropriate
    man bar
    (man page for bar appears)


    Really, you dont see that shit on any BSD.


Air is water with holes in it.