OpenBSD 3.0 Release, Interview with Theo 307
mvw writes: "Here is an interview with OpenBSD's Theo de Raadt. Interesting is his comment on Soft Updates and the comparison to the rivaling Journaling file systems technology. Further he links to a very interesting paper by some Soft Updates researchers." And although OpenBSD 3.0 has an "official" release date of December 1 for whatever reason, it seems to be available by FTP or CD already. Lots of changes since 2.9.
As much as I (Score:1)
Re:As much as I (Score:2)
So vim and emacs work, mozilla works, and whatever MP3 player you want will work.
Re:mozilla not so happy at the moment (Score:2)
If you check Mozilla Releases [mozilla.org], you will find releases for Free and Net BSD builds, but no OpenBSD builds.
Re:As much as I (Score:5, Funny)
take a look at this [theaimsgroup.com]
it can be frustrating being right, all journaling really seems to do is attempt to fix the problems ext2fs has by laying another piece of code on top of it, instead of fixing the primary problem, that is that ext2 is broken as far as the BSD hackers are concerned.
Is waiting for fsck to finish really that much of a problem for you?
Re:As much as I (Score:4, Funny)
Yes, actually, when you're dealing with servers with 100's of gigs.
Re:As much as I (Score:2, Informative)
Re:As much as I (Score:2)
You just pull the plug when you need to reboot? Or this "vital" server doesn't have a UPS?
If you're running OpenBSD, is it safe to assume you know to shut the machine down cleanly and to have UPSes on servers?
Isn't this whole discussion related to the fact that power suddely dies or the like? If only the drive fails you're screwed anyways (but this server does have a fault-tolerant RAID card right?).
Re:As much as I (Score:2)
The expert opinion: http://kt.zork.net/kernel-traffic/kt20000814_80.ht ml#1 [zork.net]
I've been excited about the TUX2 filesystem ever since I heard of this. I hope this is the default for 2.5 - 2.6 barring some unforeseen problem.
-l
Re:As much as I (Score:2)
Where in my post did I say "Linux has this right now, go and download it you BSD whore"? Did I not take care to mention that I hoped this would happen in 2.5?
^chuck^ writes:
all journaling really seems to do is attempt to fix the problems ext2fs has by laying another piece of code on top of it, instead of fixing the primary problem, that is that ext2 is broken as far as the BSD hackers are concerned.
The point of my post was to respond that problems with ext2 have been understood and taken into account and are not being ignored. Duh.
-l
Re:As much as I (Score:2)
Journalling is one solution to the problem, and soft updates is another. Each is worthwhile within its own contexts.
A solution analogous to soft updates is coming with the tux2 file system from Daniel Phillips, which uses ordered writes to ensure the integrity of a file system, as soft updates does. BTW, I'd find it REALLY interesting if a BSD filesystem hacker ACTUALLY said ext3 was broken because it used journalling and not ordered writes. I think you are just creating controversy where none exists.
Journalling keeps a near synchronous log of inconsistencies between the file system on disk and the one in the VM. This allows crashes to be reconstructed to a consistent state. Soft updates simply groups the inconsistencies and writes them in a particular order that ensures the consistent state can be restored after a crash. Each is faster under sets of circumstances, each can be slower under others. Linux will have both fairly soon. I personally think ordered writes is a more elegant solution, but either seems to solve the problem reasonably.
Re:As much as I (Score:2)
But with clustering and a journaling filesystem its not a big deal.
ahh yes it is (Score:2)
Re:As much as I (Score:2)
There is very little that linux runs that won't run on *BSD. Those that won't run are most likely baddly written programs that you don't want on your comptuer anyway, if you need those features write a new program without all the bugs. The exceptions are there might be a few closed soruce apps which don't work right in linux emulation (most of them work), programs which deal directly with the kernel on a low level (which should not be portable, though there should be an equivelent for your OS), and programs that reqire hardware or hardware access. (Wine for instance requires user access to LDT, whatever that is, which isn't enabled, in this case easy to enable, though there might be others)
By and large though a program that runs on linux that won't compile and run for *bsd is not a program you should allow on linux. Any programer who can't write portable code, has probably made a lot of other stupid errors what will bite you. Be careful to seperate unportable code from portable code that hasn't been ported yet. A program that only runs on one OS is likely the former and you shouldn't touch it, while a program that runs on several OSes but hasn't been ported to yours could be well written and just in need of minor adjustments to work right.
Re:As much as I (Score:1)
It's really a non-issue.
PS: Plus, FreeBSD has a really decent Linux emulation which works around all cases where you can't find the native stuff for some reason (proprietary vendor binaries etc).
This is a very good thing! (Score:3, Informative)
For those running OpenBSD, especially as a gateway/firewall/NAT box, this is an important fix. I am running 2.9 with this patch added, and my snort [snort.org] logs tell me (judging from the number of attempts) that this exploit is a fairly commonly tried one. In November alone, there were at least 30 lpd overflow attempts on my machine. Granted, not most people have lpd open to the world, but I can imagine a few people might want to do remote printing from work, etc.
Re:This is a very good thing! (Score:4, Flamebait)
Re:This is a very good thing! (Score:2, Interesting)
yum. sorry, I can't resist.
1) logging to paper; so the cracker can't totally erase his trail
2) backup to paper; so you have some recourse if your system config is massively hosed AND your magnetic media is toast
and, wait for it...
3) SWAPPING to paper; because you can! (just point your swapfile at
Re:This is a very good thing! (Score:3, Informative)
1) logging to paper; so the cracker can't totally erase his trail
That doesn't require lpd. Just add the line printer's device name as an additional target in syslog.conf.
Or run a teletype console, and log everything important to the console. (I've actually seen a setup that used that. In production. In 1996.)
Even if you do use the Unix print spooling subsystem on your firewall, you should not have the lpd port (515/tcp) open on the public network interface(s).
Re:This is a very good thing! (Score:2)
Isn't it a bit disingenuous to say this? Yes, it's true that the default install doesn't start lpd, but it certainly installs it.
Re:This is a very good thing! (Score:2)
Re:This is a very good thing! (Score:2)
Hence why I said "a bit disingenuous", not "incorrect".
And even if you do start it, it's a local hole.
No, it's not.
Fixes (Score:3, Informative)
Here is the list: http://www.openbsd.org/errata.html [openbsd.org]
Don't forget to update to OpenSSH 3.0.1
-J
Release Date (Score:3, Interesting)
Probably because they want to avoid a fiasco like the last tremendous release mess that michael caused [slashdot.org].
It's not uncommon for "official" releases to be after the initial release. It's like when a large department store has a "GRAND OPENING". In many cases, the GRAND OPENING is about a week after the store actually opens. Or if the store opens during the week, the GRAND OPENING will be on that weekend.
Re:Release Date (Score:1, Offtopic)
And I see that yet again, criticism of slashdot is modded into oblivion.
GET_A_CLUE_SLASHDOT.TXT (Score:2)
Slackware 7.2 is NOT released.
Is this in the slackware-current, or slackware-7.2 directory?
Looks like slackware-current to me.
Wake up, do some REAL reporting (like, ask someone on our team), and stop trying to get "fp!".
...should be about a month for the actual release.
- Pat
(I wish I could find the reply to michael's ascertation of it being a beta, aptly named "THIS_IS_NOT_A_BETA_EITHER.TXT, but that seems to have been lost in the sands of time.)
The origin of OpenBSD (Score:5, Informative)
If you haven't read them before, it's quite a read, and a good lesson of how personal politics can fragment a collaborative project.
Here's the link: http://zeus.theos.com/deraadt/coremail [theos.com]
Re:The origin of OpenBSD (Score:4, Insightful)
He's got a right to be an asshole, and god knows I'm the pot calling the kettle black, but to link to those emails and think they provide vindication is heavily disconnected from reality.
Re:The origin of OpenBSD (Score:3)
I think Theo's abrasive nature is just that--his nature. He isn't willing to change his way of dealing with people.
Often I'll wish people would just simply way what they think, with no prevarication; and when somebody (like Theo) does exactly that, I get squeamish all of a sudden. "Ooh, I can't believe he said that..."
Theo has a habit of speaking his mind. Dealing with him is probably a chore, but a worthwhile one.
Re:The origin of OpenBSD (Score:2)
I run OpenBSD and I'm not trying to put Theo down in any way. I'm only making an observation off of what I have been reading.
Re:The origin of OpenBSD (Score:2, Insightful)
Well, an asshole with a good gift for programming (at least to my uneducated eye). The work Theo and the other OpenBSD team members have done is good stuff. I, too, am an OpenBSD user.
I went back and re-read the whole mail archive again, and I don't see from where you derived this label as an asshole. A significant portion of the archive were messages from Theo exclaiming or proclaiming some bit of hackery he had done to further the sparc port. These were interspersed with messages from core members asking again and again, "will you promise to do items 1, 2, and 3", with Theo replying again and again, "yes, I will, can I have cvs access again?" to, apparently deaf ears. There were plenty of dirty sphincters to go around; I wouldn't be so quick as to fling one on Theo's back.
Actually, I'll give Theo some credit here: I would have left in much less time and found other diversions. I have less patience (if more tact) than Theo does.
Re:The origin of OpenBSD (Score:2)
Dealing with him is probably a chore, but a worthwhile one.
Are you volunteering?
Re:The origin of OpenBSD (Score:4, Insightful)
Then I guess you are just stupid.
That made me laugh like mad. I love it. Sounds like me. Sounds like my friends. Hey, he cycles. He caves. He founds OpenBSD. He speaks his mind. He has a sense of humor. He sounds cool, not like an asshole at all.
Some of the other people I was reading... Like the guy who kept on about professionalism and representing your organization, even in private e-mail... sound like pricks/assholes to me. I've had to deal with people like that -- people who feel like the dollars and the "drive to succeed" are all that matter and that individuality and honesty have no place in America.
But then, I will never sell me soul to my employer or anyone else, no matter how much cash or recognition it would get me. Guess that makes me a commie.
Rant, rant, yaddah, yadda...
I dig Theo. OpenBSD just scored personality points in my book.
Re:The origin of OpenBSD (Score:2)
You know, I agree completely. I'd been wary of Theo, for a lot of the reasons that most everybody else is - he seemed like a jerk, uncompromising, and so on, all because of the attitude the community [Slashdot] takes toward him.
But that article, and interview, really puts him in a new light. He doesn't take any crap, but he seems like a nice guy, he seems like he's got a sense of humor, and he certainly does live the coding life he wants to. I especially liked the Rock-Star Operating System lifestyle comment.
This was a great interview to post.
Re:The origin of OpenBSD (Score:3, Insightful)
That made me laugh like mad. I love it. Sounds like me. Sounds like my friends. Hey, he cycles. He caves. He founds OpenBSD. He speaks his mind. He has a sense of humor. He sounds cool, not like an asshole at all.
This sort of social stuntedness is what you find novel, fresh, and daring? Cripes, it's just the typical petulance one normally comes to expect from this guy. Churchill could be quite an asshole, but he had style (e.g. "when I wake up, I'll be sober") Theo's an organizational genius, not a half bad coder, he's probably even nice to his own team
There are a lot of stupid people out there. Most of them aren't even worth dealing with. But it certainly doesn't make one an iconoclast to throwing around petty insults to prop up one's feelings of superiority. It makes for a pathetic maladjusted loner
WOW the Ego has landed.... (Score:2)
Pretty impressive reading. It reads as a bunch of guys on the NetBSD front being pretty reasonable and just wanting him to stop behaving like a prat. His response is to throw his toys out the pram and storm off in a huff.
Full credit to him for getting this sort of stuff done, but I hope he has grown up since then.
Re:The origin of OpenBSD (Score:5, Insightful)
Basically, Theo had a history of being abusive and petty to anyone who didn't meet his standards of cluefulness. He pretty much admits this himself in the interview. This was alienating a large number of NetBSD developers who ended up leaving the project (I was one of them.)
The Core team repeatedly asked him to tone it down; their feeling seemed more of a "anyone who wants to help with NetBSD will be welcome," instead of "You must be this elite to code NetBSD." Theo maintained that he was doing nothing wrong.
Eventually, they shut Theo down, which is where the email thread starts. A large part of the thread deals with Theo's requests to regain CVS access. The Core group was willing to submit his code as patches themselves, but Theo would only submit code if he could have CVS write access. Core was worried that Theo might decide to get "revenge" by damaging the CVS tree; This might seem worry-warting, except they all knew that Theo had been previously fired from a SysAdmin job at the U of C for doing something like that.
Eventually, Theo started OpenBSD and now has his own sandbox where nobody can tell him what to do. In the end, I guess that's good, because both OpenBSD and NetBSD regularly crib from each other's trees anyways and people now get the choice of whether they want to deal with Theo or not.
Re:The origin of OpenBSD (Score:2)
So YOU were the one that took your toys and went home, and HE was the one you consider PETTY. I think that was a very telling statement on your part.
If they were worried about him destroying the CVS tree, then why were they all very willing to give his CVS access back? It's all in the archives, there was not a single objection to giving him full CVS access after it had once been revoked.
Secondly, if you wish to claim that Theo had done something similiar, I would expect proof to back it up.
If you want my oppinion on the matter, after Theo had be thrown out, he was being told to jump through hoops, several of which he did, only to be told to jump through more. If I was in his situation, I would have gotten fed-up with the political crap as well.
Finally, I believe his story completely because he has documentation of it, publicly available evidence (discussions on NetBSD mailing lists) supported it, and personal experiences of mine have shown him to be perhaps blunt (this report will be ignored until you learn how to properly report a bug, etc) but never abusive. Of course, reality has a tendency to bruise gigantic egos.
Re:The origin of OpenBSD (Score:2)
That's like calling an abused wife who leaves her husband a quitter.
He got tired of being abused, and he left. Theo was asked to do something pretty damn simple; promise not to abuse people anymore. If you can't promise not to do that, there's something wrong with you.
Re:The origin of OpenBSD (Score:2)
I have never run into a developer (or core member) that seeks out other developers to abuse them. If that developer thought Theo was abusive, then he simply should have avoided contact with Theo.
Interestingly enough, it is mentioned in the article that it wasn't until recently that Theo discovered the 'real' reason he was kicked out. I would a) be interested in knowing what he believes the reasons are, and b) how he found out this supposedly secret motivation.
If I ever had secrative action taken against me (access instantly revoked without warning, punished based on charges that I could not challenge, made by an accuser I was not allowed to face) I wouldn't even do as much as Theo did... So I suggest you get off your 'Theo is evil' kick unless you really want to discuss who was really being the ass.
Re:The origin of OpenBSD (Score:2)
As far a Theo's comment, I wish all the idiots that don't know how to read a FAQ or a manual would all go away too. When dealing with a dumb question that is in the FAQ, Theo will say something like if you read the FAQ you wouldn't be wasting my time (yadda yadda yadda). While that's very much paraphrased, he shows a good deal of tact. That's a far cry from what such a question deserves, and is humane enough that anyone should be able to endure.
No matter how nice anyone is, people will be ofended and go home. That's the only downside to being honest, people's imaginary worlds tend to get crushed. If all developers were so honest, they would spend much more time developing, and much less answering stupid questions.
Sounds like Linux (Score:1)
Why 1st December ... (Score:1)
On the plus side, you don't have to answer to the question "when will be the next release"
Holiday... (Score:2)
With that in mind, the Dec 1st release date was obvious.
MandrakeBSD? (Score:5, Insightful)
b) I'm surprised (not to say hurt, disappointed and disconsolate) that no one (am I wrong?) has come out with the equivalent of Mandrake to at least one of the BSDs -- and by equivalent I mean in a certain superficial but important way: user-friendly, pretty install, emphasis on user experience, intelligibility.
c) Really, I'm just talking about the install. Something with some graphical flair, built-in help system for new users, and a game or two, or a little slideshow, or some interesting history text files, *something* built in to play while slow parts of the install proceed. No accounting for taste, but I think there are a lot of good graphic artists (all the Ximian stuff, for instance, and many great KDE examples) working in the world of free software. (Hey, I also like the BSD art, so obviously I am open for attack by the art critics;)).
I name Mandrake as my prototype here, just because I happen to like their stuff -- RH also makes a pretty install, not quite as cute, and so do several other distros. But Mandrake is in Walmart, which suits my example ("Walmart: making things accessable to the masses")
Cheers,
Tim
Re:MandrakeBSD? (Score:1)
I think if the unix trend continues and Microsoft (/.'s favorite punchingbag) wants to dip their toe into the market they may do exactly as you say.
They have a BSD licenced code base to build off, can claim it's "Linux compatible" and would be able to say its one of the safest OS cores around. Make it a little pretty, make some changes to intergrate their products and they're in business.
Pie in the sky thinking of course, but I wouldn't doubt if there's a skunkworks somewhere in Redmond playing around with one of the BSDs in such a fashion, just in (the one in a billion) case.
Re:MandrakeBSD? (Score:1)
Re:MandrakeBSD? (Score:4, Insightful)
VMS is the original anti-UNIX. It later added some general POSIXy behaviour simply because everyone was using UNIX. Windows NT also had the stated goal of becoming "a better UNIX than UNIX," but they certainly haven't spent much time actually trying to be Unix compatible. Their POSIX layer is a joke, and they don't even have a decent way to fork() for crying out loud.
Besides, while Microsoft almost certainly is looking into "borrowing" portions of BSD code (which will then magically become innovative), they aren't ever likely to actually release an OS that is Unix like. Part of the fun of the BSDs, Linux, and Commercial Unixen is that it usually isn't too much trouble to port your software from one of these platforms to a different one. This is precisely what Microsoft wants to avoid. Microsoft wants the equivalent of a one way valve when it comes to software portability. They want for it to be easy to port from Unix to Windows, but they want it to be impossible to port from Windows to Unix. Clearly shifting to a BSD based OS would work against them.
Re:MandrakeBSD? (Score:2)
Someone please MOD THIS UP!
Re:MandrakeBSD? (Score:3, Insightful)
Re:MandrakeBSD? (Score:2)
And yet, the other OSes that aim at those same users, such as Solaris, AIX, and HP/UX, do have GUI installs.
Re:MandrakeBSD? (Score:2)
Besides, adding GUI doesn't necessarily represent a "dumbing down" of the product. The installer can still ask the same questions, but in a more user friendly manner.
Re:MandrakeBSD? (Score:2, Interesting)
Why does a "more user friendly" installer have to be a GUI? What is there about a GUI that makes things easier? I've asked this question before in other forums, but I've never gotten a straight answer.
To be sure, there are many advantages to a GUI, but I don't see where "user friendly" has anything to do with it.
Re:MandrakeBSD? (Score:2)
To be sure you can royally screw up a GUI and make it as nasty as you want, but if done sensibly it does make installation more pleasant.
Re:MandrakeBSD? (Score:3)
While I see where you are coming from, you need to understand that some people do not feel this way for good reasons. Lowering the barrier for entry decreases the signal to noise ratio.
Imagine a super hard to use OS where only five people can use it. Any conversation about it among the five users would most likely be useful banter. Now imagine they lower the barrier for entry. Now joe bob idiot is asking "How do I use my printer?" "Why do I need to login?". Conversations devolve into hand-holding sessions and the original five now can't spend the time doing what they used to do: be productive.
It really comes down to the question of "Do you want your OS to be useful to you or useful to others?" and if you choose the latter, who are the others? Joe PhD engineer, billy high school smartkid, or grandma who thinks TV's are new fangled devil boxes? As far as OpenBSD is concerned, I got the impression Theo wanted to make it for himself (and his group of developers). If other people wanted to use it, great, but they are on their own if they don't take the time to delve into the nitty gritty like Theo and company do (not the extent obviously, but you get my point)
psxndc
Re:MandrakeBSD? (Score:2)
Re:MandrakeBSD? (Score:2)
We're talking about unix here. If someone can't handle using the tab key, then perhaps, just perhaps, *BSD is not for them.
I've never seen an OS that was truly one-size-fits-all, and I don't ever expect to.
Re:MandrakeBSD? (Score:2)
I wanted to know what made a GUI "user friendly" and you answered basically "readability". Thank you. I will agree that readability is a big factor. I've seen some GUI installers that weren't readable, but a GUI done right can be more readable than a console program done right.
Re:MandrakeBSD? (Score:3, Interesting)
I see that as being a pointless waste of effort.
Why would it be good to work on a graphical installer (which entails difficult and failure-prone things such as video device detection) that does exactly the same think as a console installer?
The only benefit is that it would look prettier - installation would still remain just as "difficult"[1].
The utilitarian console installer works fine, and I see no reason waste man-hours on changing it, when that same time could be spent improving important things.
Cute graphical installers are just frippery.
C-X C-S
[1] Difficult in quotes because I've done several OpenBSD installs and never found it to be any more difficult to install than Linux or NT.
Re:MandrakeBSD? (Score:2)
And that is why the *BSDs are an "also-ran".
Cute graphical installers are just frippery.
The same can be said of cute ncurses-based installers. Why not just make everybody edit a text file on the boot floppy?
Or of EMACS; why not just use ed? All that extra functionality is just frippery.
Re:MandrakeBSD? (Score:3, Insightful)
Believe what you like.
I'm not even sure the OS race has started yet, let alone ended.
Besides, not everyone is after "world domination", some people just want a secure, reliable OS.
The same can be said of cute ncurses-based installers. Why not just make everybody edit a text file on the boot floppy?
Some things (NIC detection, for example) are better when interactive, and a console-based installer provides that capability with a minimum of work on the coder's end, and maximum compatibility for the user.
(But in some cases (like setting up a bunch of identical boxes) a text install config file can be
Or of EMACS; why not just use ed? All that extra functionality is just frippery.
Where'd that come from? The original post was talking about making a GUI installer
that had no more inherent functionality than the console installer.
Your analogy is bogus, as it misses my original point.
C-X C-S
Re:MandrakeBSD? (Score:2)
Where'd that come from?
The C-X C-S in your signature.
Re:MandrakeBSD? (Score:2)
Um...yeah. I figured.
I was wondering where the EMACS/ed comparison itself came from...
C-X C-S
Re:MandrakeBSD? (Score:2)
An example of how one person's frippery is another's functionality.
GUI administration interfaces make the difference between me getting paged in the middle of the night and telling an Operator "do this", and me getting paged in the middle of the night and having to get up, log in, and do it myself. I actually got paged during sex last night, with a mandatory 7-minute response time, so I really appreciate shorter calls.
GUI installation interfaces serve similar purposes, but more importantly, they sell CDs. More people using the software leads to more hardware vendors supporting the software, which is A Good Thing. Since OpenBSD sometimes puts sales ahead of proliferation (otherwise they'd make their ISOs downloadable), clearly this is a goal that's not on the bottom of the priority scale.
Re:MandrakeBSD? (Score:2)
I don't understand the prejudice which a lot of oldster unix guys against graphics. I reject your frivolous argument as insincere, since text based console tricks have a long and rich tradition in unix. Look at the emacs feature that tells you the phases of the moon, gazillions of aphorisms, the names of programs such as fsck or daemon, lots of text based games. People like to have fun with their computers. That's just as important as anything else a home computer or workstation does. What you don't like is graphics. Well, grow up. See that there's no difference between graphics frivolity in this generation and text frivolity in yours.
Re:MandrakeBSD? (Score:2)
Corel LinuxOS: Crashed every time it tried to probe the video card, even though the XFree86 documentation clearly says in unambiguous terms not to probe my video card. I found now way around it, and no obvious textmode installer to fall back to. It's the only Linux distro I have never been able to install. It's was also cited as a model for user friendliness before even the newbies gave up on it. (it wasn't an obsolete card)
SuSE Linux: On a friends computer: His card did not have a standard VGA mode (seriously) but that was the mode that the installer wanted to use. On the bright side, at least it was easy to get to a textmode installer. (it wasn't an obsolete card)
Installers have to be, by definition, a one-size-fits-all program. Unfortunately there is no such thing as a one-size-fits-all graphics standard. The PC video display industry is anything BUT standard. As my friend's computer demonstrated, even the VGA display standard is not standard. The only display that every PC can be assured of having is a textmode console.
I'm not prejudiced against graphics. I love the GUI. But I love reliability more. I have learned through painful experience that setting up XFree86 by hand is more reliable than trusting the installer to do it automatically. Go ahead and make your super-duper works-on-anything GUI installer, but keep a textmode installer around for those that require it.
Re:MandrakeBSD? (Score:2)
GUI Installers (Score:2)
The problem with them is that they make basic assumptions about your hardware.
Every Intel box in the universe is capable of putting up characters on the screen. Anything past that, you're making assumptions.
The *BSD installers can be setup on a box with a Hercules graphics card.
And you wonder why you'd want to do that? Well, let's say you're setting up a server. The normal way I have of getting a server going is to plug in a video card - any video card, junk is great - get FreeBSD going on it, get a telnet or ssh daemon running, and then compile a custom kernel with no video card driver & rip that sucker out of there. Because there's no GUI, I can do that.
Re:MandrakeBSD? (Score:2)
Two words: "serial console".
For me, one of the biggest advantages of OpenBSD is that it can be installed, configured, and maintained over a very low-bandwidth channel. This is very useful when you are building servers to be installed in colocation facilities, where you don't have easy physical access.
It is very easy to do a network install of OpenBSD onto a server with no CD-ROM and no video card. All you have to do is connect a network cable and a serial terminal[1], and add a 1-line configuration file to the standard boot floppy. Then you will be able to do the entire installation over the serial console. Linux can be set up for serial-console operation once it's installed, but I haven't seen an installer that supported it as well as OpenBSD does. I have better things to do with my time than plug a video card in just so I can install an OS (especially on a 1U server like the Intel ISP1100, that comes with no video card and only has one full-size PCI slot).
For my money, OpenBSD _is_ a "niche OS", and that niche is sitting between my network and the outside world. It does that very well - the grouchy, spiky blowfish protecting the soft, naive Penguins on the inside. I would be very annoyed if OpenBSD started adding graphical "fluff". That's what SuSE is for (the 7.3 installer does look very nice, I must admit).
FreeBSD, on the other hand, would probably benefit from a graphical installer. It's more of a general-purpose operating system, and it's already menu-driven. Adding VGA graphics would give it a more modern feel (as long as it was still possible to do a text-mode install).
[1] e.g. a Palm IIIx running a terminal emulator. Yes, I've done it, and it worked just fine.
Re:MandrakeBSD? (Score:2)
As I mentioned, both these OS's are commercial products. The case for a GUI is much stronger for FreeBSD (it's screaming for one), but both could benefit.
Re:MandrakeBSD? (Score:2)
Errrr, FreeBSD is dead easy to install. It's dead easy to get KDE2 going on it too. But not pretty. Just ncurses, sorry.
something built in to play while slow parts of the install proceed
What slow parts of the install? Get a faster computer
How bizarre.
Dave
Re:MandrakeBSD? (Score:2)
The current installer is a piece of junk that they threw together as a temporary measure back in the 2.2 days. It's only now getting replaced - see man sysinstall to see how what happened.
Status of the pf packet filter? (Score:1)
Is it stable, secure, and feature complete or is it recommended to install ipf from other sources?
Re:Status of the pf packet filter? (Score:2)
3.0 already? (Score:1)
Code at the speed of light!
Interested... (Score:1)
Does OpenBSD include any support for decent irc connection tracking like what is available in iptables for linux? I have people behind the gateway that use DCC within IRC, and without good connection tracking, I'm not sure how to go about securely allowing one or more people to use IRC and have DCC work.
Everything else I plan on using this system for (software RAID, NIS+, samba PDC and fileserver, NFS) seems to be fine, but this one little nitpick of mine may keep me off of OpenBSD.
Also, how is the raid implementation as far as moving the array from one openbsd install to another, and is there any semblance of lvm there? The volume management stuff w/ resizable partitions would be nice, but by no means necessary..
Re:Interested... (Score:2)
softupdates new? (Score:1)
Re:Ignorance? (Score:2)
http://slashdot.org/comments.pl?sid=24290&cid=2
-l
pf : an excellent packet filter (Score:5, Informative)
pf seems to be very stable so far. Just don't forget to apply the related errata if you're planning to use IPv6.
Another great feature of OpenBSD 3.0 regarding network filtering/routing is the integration of AltQ, that brings quality of service to your IP traffic. It basically has the same (but very flexible and efficient) algorithms and class system that Linux has. But it's very nice to see it in OpenBSD.
Re:pf : an excellent packet filter (Score:5, Informative)
OpenBSD 3.0 has a transparent ftp proxy called "ftp-proxy". You have to run it through inetd (or any super server. I use it with tcpserver) . It listens to a local port, and you just have to redirect outgoing traffic for port 21 to the local ftp proxy port. It allows active and passive connections to NATed internal hosts.
If it can help, my
rdr on vr1 proto tcp from any to any port 21 -> 127.0.0.1 port 8081
nat on vr0 from 10.1.1.0/24 to any -> 195.132.209.36
I start ftp-proxy like this :
*WARNING*
ftp-proxy has a nice security feature to only accept anonymous sessions (-A). But don't trust it : clients can bypass the restrictions with some buggy servers (the flaw works with proftpd and ncftpd. it doesn't work with pureftpd) .
* For firewalling (without NAT) :
You have to explicitely open some ports for active connections. For the minimum number of ports : choose at least twice the max number of simultaneous sessions you need. Open them on the firewall. Then, force your FTP server to only use these ports. On Pure-FTPd, it's with '-p
pure-ftpd -4 -p 50000:51000 &
(don't forget '-4' for OpenBSD) .
Re:pf : an excellent packet filter (Score:2)
So porting pf to Linux wouldn't be a trivial work.
Actually, Netfilter is really a good packet filter, too. It's very, very, very flexible (especially if you start playing with patch-o-matic patches) . Maybe what could be done is :
ISO download (Score:5, Informative)
As usual, ISO images here [zedz.net].
why bother? Re:ISO download (Score:2)
why bother? the varia ISOs are for x86, which the vast majority of people use. to most people, the official CDs are pretty much worthless (now, folks that want to make an Amiga firewall or something, yeah, they need the official CDs).
I wish the OpenBSD guys had some sort of "pick-an-arch" system where you could get X number of arches for Y dollars (like $10 for an x86 cd, $10 for a macm68k/macppc cd, $10 for a combo of the smaller arches, or something like that).
This would provide the most utility/choice to the end users, and probably increase CD sales by lowering the cost barrier (I mean, $40 is enough for most folks to notice, $10 is almost an impulse buy). Also, a minor side effect, the cd insert could be (more extensively) tailored with installation hints for the arch in question (not a big issue because the instructions are on the cd, but sometimes it's nice to have paper to follow along with while you're typing).
Re:ISO download (Score:2, Informative)
I'm waitting on our 3 OpenBSD CDs (Score:3)
OpenBSD has a real problem that I was never able to resolve, this makes it worthless for a database server. The machine is quite "efficient" with memory, which let it run with very little memory. However, with a lot of memory (our db servers normally have 1.5GB -> 2GB, I LIKE giving PostgreSQL lots of buffers and sortmem) there is little documentation on tweaking the system. I even contacted the developers in charge of the SysV memory support, etc., and they thought I hit the crack rock a little to hard.
For web servers, however, I'm quite comfortable with our OpenBSD servers sitting open on the Internet. I'm terrified of a RedHat box not being hidden. As a result, I keep the database nice and hidden.
Linux blows OpenBSD's performance away. This is a matter of Linux focusing on performance. However, for web servers (that for us just run PHP, mod_rewrite, and some other toys) I don't care... When I need more web serving power, I buy another web server for $2K. Having SSL built in to Apache is nice, and the ports is too fucking slick.
BTW: OpenBSD seems to run quite nicely on my Penguin Computing 1U servers...
Alex
I expect to keep our production servers on 2.9 for 2-3 months, but move development to 3.0.
The reason for the early release: (Score:3, Informative)
Btw, the headlines from this site are available as a slashbox, just check the box in your
Snake_dad (who runs Linux, Winedose, Novell 3.12 and
Re: (Score:2)
Slashdot bias (Score:2)
-Aaron, who has seen too many serious posts that began with similar statements
Say it like it is. (Score:2)
From the interview:
You gotta love comments like these! Well, you might not, but I do anyway. I say, why hide behind glossy, laminated marketing? (By the way, I'm not trying to say anything against the NetBSD team. They're good folks and NetBSD is a great product, as is OpenBSD.) All I'm saying is that people should say things as they are. If you can't read a man page, you shouldn't be using a computer! It's as simple as that.Oh well.
Good read; Proper maintainance. (Score:2)
Theo included a good link [usenix.org] in his interview...
I just finished reading it and it is some wonderful information. Seriously, everybody who runs any of the BSDs or Linux should read this paper. It will give you a much deeper understanding of what's going on and why, and this will lead to better choices when you configure your next box (or maintain those you're running right now). As always, reliable operation of any machine (be it a computer, a car, or a nuclear power plant) depends heavily on knowledgeable use and proper maintainence.
Oh well.
Re:file systems (Score:5, Informative)
http://www.usenix.org/publications/library/procee
http://www.osnews.com/story.php?news_id=153 [osnews.com]
http://www.freebsd-fr.org/docs/fr/others/systeme-
http://www-106.ibm.com/developerworks/linux/libra
http://docs.freebsd.org/44doc/smm/05.fastfs/paper
Re:file systems (Score:2)
Dave
Re:file systems (Score:3, Informative)
But the users moaned "speed, we must have more speed" and indeed their call was echoed by the admins. So write ahead caching was invented so the users calls would return sooner, and once again all was peaceful with filesystems.
But then one day someone tripped over the power cable and the OS died. On recovery it was discovered that the filesystem was completely borked (due to some of it being in the write ahead cache when the power died) and lots of data was lost. There was much wailing and gnashing of teeth so the journal was invented. A journal writes a list of things that the file system will do when it gets around to it, but writes this list to the drive so it doesn't get lost when the power is lost. Because the list is all in one place the journal is fast and once again there was peace.
Over the years slowly everyone, even Microsoft and even the Linux kernel made themselves journals but the BSD hackers (Greg Lehey?) realised you didn't really need one if you were careful about the order in which you wrote to the disk. And hence softupdates were invented, and are (arguably) very slightly faster. But mostly just different. Like Reiser, but that's another story entirely.
Gottit? Synchronous writes good, but slow. Async writes bad, but fast. Journaled writes good, and fast. Softupdates good and fast without a journal.
Dave
Re:file systems (Score:2, Informative)
Re:Looking to get into using BSD (Score:2)
If you've got the time give 'em all a go.
Dave
Re:Looking to get into using BSD (Score:2)
You can run Linux binaries on FreeBSD if you install support for it, but since the underlying system is different you can't configure BSD that way. The FreeBSD equivalent of linuxconf would probably be sysinstall. It is pretty easy to use.
Here [freebsd.org] is the supported hardware list for x86. I have FreeBSD 4.2 running on my Toshiba laptop with a Xircom NIC for God's sake. It supports plenty.
Re:Looking to get into using BSD (Score:2)
4. Which one supports the most x86 hardware
NetBSD supports a wider range of non-x86 hardware than any other OS. This is an advantage you probably will not need.
1. Which is the easiest/best to get started with?
It depends on when you consider the box "set up". If you are going to use it as a firewall / router, OpenBSD is hands down the way to go. Thats just the way it is. You want to spend as little time as you have to installing bug fixes.
If you are going to use the machine as an all purpose "learn about stuff" box, go with Free. Its used by the most people of the three, so there is a good community as far as dlists and howto's.
I studied the three a bit before making a choice for myself, and found that the FreeBSD deamon had a slightly more developed look than the netbsd logo. Objectively, I found the deamon logo more interesting than the blowfish in general. Don't get me started on penguins.
Re:Looking to get into using BSD (Score:2)
Definitely FreeBSD.
Use FreeBSD 3.x for old boxes, 4.x for new boxes. (Especially use 3.x if you have old, weird, cranky proprietary CD-ROMs and other hardware from that era.)
Here's the breakdown:
Re:TUX2 Phase Tree: Better than Soft Updates (Score:2)
-l
Re:TUX2 Phase Tree: Better than Soft Updates (Score:2)
-l