Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Operating Systems Unix BSD

OpenBSD Marches Toward 5.0 Release 112

badger.foo writes "OpenBSD-current just turned 5.0-beta, providing us a preview of what the upcoming release (slated for November 1st) will look like. Peter Hansteen takes us through the main new features and explains the development process that has consistently turned out high-quality releases on time, every six months for more than a decade."
This discussion has been archived. No new comments can be posted.

OpenBSD Marches Toward 5.0 Release

Comments Filter:
  • *Post that makes a joke about the Firefox release schedule*
    • by Lennie ( 16154 )

      Actually, if people think OpenBSD's release schedule is a good thing, then I have no idea why people would complain about Mozilla trying to mold their release cycle in a similair fashing.

      Because OpenBSD has been doing what Chrome did from the start: a timed release cycle. Take the features that are done and only release those.

      The Mozilla folks still need to learn a bit I'm sure. They'll probably get the hang of it soon.

  • by jellomizer ( 103300 ) on Tuesday July 19, 2011 @02:46PM (#36815228)

    If it wasn't for the fact that most System Administrators are more comfortable with Linux or Windows (And many of the new ones are not too willing to expand that much on the command line). I would have all my servers running OpenBSD. You get it set it up to do the Job you want and let it work.

    • I would have all my servers running OpenBSD. You get it set it up to do the Job you want and let it work.

      And this is different from Linux how exactly?

      • by TheRaven64 ( 641858 ) on Tuesday July 19, 2011 @03:21PM (#36815622) Journal

        The other poster already pointed out that it's got documentation. The OpenBSD team will actually back out commits that don't come with updates to the relevant man pages. Try this on OpenBSD: go through /dev, and look up every device that's listed there. Then go through /etc/ and look up every file that's there. Now try it on Linux (or FreeBSD or OS X, for that matter). OpenBSD is the only system I've used where you will actually find documentation on every device and every config file that's part of the standard install.

        More importantly, you only need to read the documentation once. Unlike Linux, OpenBSD does not replace admin tools with functionally equivalent ones with a new interface every six months. If you learn how to use OpenBSD, then you know how to use OpenBSD, on any architecture. If you learn how to use Linux, then you know how to use one version of one distribution of Linux, probably on one architecture.

        • by tokul ( 682258 )

          The other poster already pointed out that it's got documentation. The OpenBSD team will actually back out commits that don't come with updates to the relevant man pages.

          Oh really. check setlocale return values, BSD manuals and supported locales.

        • More importantly, you only need to read the documentation once. Unlike Linux, OpenBSD does not replace admin tools with functionally equivalent ones with a new interface every six months. If you learn how to use OpenBSD, then you know how to use OpenBSD, on any architecture. If you learn how to use Linux, then you know how to use one version of one distribution of Linux, probably on one architecture.

          scrub in all reassemble tcp
          nat pass on $ext_if from $home_network to $internet -> ($ext_if:0)

          • Ugh. I went through the OpenBSD 4.7 upgrade torture test last weekend. For those who don't know what we're talking about, the firewall config file syntax change in a backward-incompatible way between OpenBSD 4.6 and 4.7. It wasn't possible to boot into the new system without largely rewriting the file, which is kinda inconvenient when the machine in question is your primary firewall.

            It was a good upgrade and I like the new version better, but it wasn't exactly painless.

            • Ugh. I went through the OpenBSD 4.7 upgrade torture test last weekend. For those who don't know what we're talking about, the firewall config file syntax change in a backward-incompatible way between OpenBSD 4.6 and 4.7. It wasn't possible to boot into the new system without largely rewriting the file, which is kinda inconvenient when the machine in question is your primary firewall.

              It was a good upgrade and I like the new version better, but it wasn't exactly painless.

              I fortunately have been generating my pf.conf from an XSLT on an XML file for a few years now, so it was a relatively simple matter of changing a single line in the file that is generating the XSLT*, and then using make. So, it was relatively pain-free for me.

              *: Why am I using a file to generate the XSLT? Have you SEEN the XSLT language? It's horrible and designed for machines. The file I'm using adds a layer of abstraction that makes XSLT a useable language for human beings.

              • Um, if pf.conf so bad? :-D Seriously, I just edit it with vim. It's the easiest firewall system I've dealt with.

                Oh, I also got nailed by the old nat and rdr rules having an implicit "quick" and I had "block all" at the end of the file. The new syntax rules with pass aren't automatically quick, so I had to rearrange the rules a little.

                • Um, if pf.conf so bad? :-D Seriously, I just edit it with vim. It's the easiest firewall system I've dealt with.

                  No, pf.conf isn't bad at all. But the XML file holds more than just my firewall rules. It holds all the information necessary to produce my named lists (forward and reverse), as well as my dhcpd.conf. Oh yeah, as well, it produces an HTML "netinfo" file which has all the network information in pretty print format, with links and all.

                  Basically, the XML file describes my whole network, and keeps things consistent so I don't have to keep things consistent by hand.

              • by renoX ( 11677 )

                > *: Why am I using a file to generate the XSLT? Have you SEEN the XSLT language?

                Yes, unfortunately I had to understand why some files were incorrectly generated, which made me debug XSLT scripts, the horror!

                I'm still wondering how XSLT was created..
                Maybe the creator was a sadist?

        • by jgrahn ( 181062 )

          More importantly, you only need to read the documentation once. Unlike Linux, OpenBSD does not replace admin tools with functionally equivalent ones with a new interface every six months. If you learn how to use OpenBSD, then you know how to use OpenBSD, on any architecture. If you learn how to use Linux, then you know how to use one version of one distribution of Linux, probably on one architecture.

          Version: is it unfair to expect things to actually *change* between versions? I don't think so.

          Distribution: surely you cannot expect RedHat EL, Debian, Slackware etc to all be exactly identical!

          Hardware: you described upthread your problems with Yellowdog Linux on x86 and PPC. I cannot explain that experience. Yellowdog Linux must suck, because I'm using Debian on x86 and PPC, and there are *no* unreasonable differences. The only ones I can think of is the bootloader and the disk partitioning scheme, and

      • And this is different from Linux how exactly?

        With Linux, you know there will be a totally new gui config utility that you have to use with each major release. And the userland will shift around, depending on the mood of the aggregator who puts together whichever 'distro' you happen to use.

        With a BSD, you set it up to do the job you want and with a few minor tweaks of /etc files for major updates you just keep on keeping on.

      • OpenBSD is the operating system, Linux is kernel.
      • by SirCyn ( 694031 ) on Tuesday July 19, 2011 @03:35PM (#36815822) Journal
        OpenBSD: Two remote vulnerabilities in the default install in ~12 years. None in the last 2 years.
        Running a 2 year old copy of OpenBSD still safe (unless you make it otherwise). Your Linux ISO from 2 weeks ago is already vulnerable.
        • True:

          But then this is usually what happens : http://xkcd.com/349/ [xkcd.com] [XKCD post, obligatory]

        • It is funny that there was nothing in -current serious enough to be a security/errata patch yet with 4.9; with most releases there would be a few by now. Maybe it'll be known as the "golden release" if that turns out to be true for another couple months.
        • by Anonymous Coward

          I run OpenBSD and I appreciate how (relatively) maintenance free it is, but that claim has *always* bugged me.

          Two remote vulnerabilities in an install that leaves no services running in ~12 years, huh. Fascinating. Nevermind that almost nobody actually runs a system without services, or that a glance at the errata page shows that basically any non-root bug on OpenBSD can be escalated to give root privs. I dunno where you've been, but Linux distros stopped shipping with every service under the sun running a

        • by arose ( 644256 )
          And how many people use just the stock install? How many use it for a workstation?
    • I find that the problem is with going from windows to anything else. If you know one flavor of Unix the others aren't fairly easy to pick up. On any given day I may work on Linux, AIX, Solaris, OpenBSD, HP-UX, or windows. I prefer any of the others to windows even with their own idiosyncrasies and I was a windows user for a long time. I got my feet wet on *nix with X and now prefer the good old command line for a lot of what I do.
    • by david.given ( 6740 ) <dg@cowlark.com> on Tuesday July 19, 2011 @03:53PM (#36816044) Homepage Journal

      The OpenBSD technology is amazing; I'd recommend that any Linux user gives it a try to see how a Unix is supposed to work. Simple, flexible, consistent, robust, and superbly documented (there are man pages for everything, including the internal kernel APIs needed to write device drivers!). I just wish it had apt, that's all. (And better non-PC support. My main server's an ARM.)

      It's even more amazing if you've ever interacted with the OpenBSD community, who are basically dickheads. Admittedly, it's been a while since I gave up on the -misc, but the last time I was there there was some poor guy trying to discuss virtualisation and the lead developers (including Theo) were simply hurling childish abuse at him rather than, say, actually trying to communicate. And of course all their groupies were joining in. It was incredibly unpleasant.

      I suppose it's possible that they've grown up since then. I really wish they would; OpenBSD deserves a lot more attention and use. But I was so turned off by the total lack of anything resembling professionalism in the community (which is weird, because the actual docs are brilliant) that I haven't felt like going back.

      • Well, as much as I love OpenBSD, not much has changed on the mailing list. The misc@ list has a very low tolerance of people whom they percieve as stupid or even newbies. Remember, we were all newbies once.
        • ... low tolerance for stupidity -- absolutely. ... newbies, you need to be more specific. It's lazy newbies who don't RTFM (that's F as in fine) or provide appropriate information in a problem report that get roasted.

      • but did you ever figure out why virtualization is a bad hack to prop up crappy software?

        • by g8oz ( 144003 )

          Theo?

        • by Bengie ( 1121981 )

          Because implementing failover and live-migration into every piece of software is a great idea? Just do it at the OS level. Applications shouldn't have to worry about hardware, SANs, etc.

          Test environments are greatly simplified.

          Soon you'll be telling us how protected memory is bad, we need to do away with operating systems, and the internet is a failed concept.

          • by mevets ( 322601 )

            wow, way to grab the wrong end of the stick and start beating around the bush with it.
            Good OSes don't need virtualization - it is a crap solution to work around even crappier OSes (windows, I should add since I'm sure discerning subtlety isn't your strong point).

      • (And better non-PC support. My main server's an ARM.)

        It's even more amazing if you've ever interacted with the OpenBSD community, who are basically dickheads. Admittedly, it's been a while since I gave up on the -misc, but the last time I was there there was some poor guy trying to discuss virtualisation and the lead developers (including Theo) were simply hurling childish abuse at him rather than, say, actually trying to communicate. And of course all their groupies were joining in. It was incredibly unple

      • Jack: What if the applicant wants to discuss virtualization?

        Theo: Hurl abuses at him, hit him with the broom, and then threaten to get a shovel.

  • Safer on old systems (Score:2, Interesting)

    by Anonymous Coward

    If your hardware is older, OpenBSD is a safer environment - if your CPU does not implement the NX bit, OpenBSD manages the same functionality with W^X. Many other memory-handling features make the system safer (malloc with mmap, rather than sbrk, for example), although there can be a performance penalty.

    OpenBSD implements privilege separation in many of the daemons of the base system (ftpd, dhcpd, ntpd, sshd), so you can trust them more.

    OpenBSD's alternate daemons for well-known protocols (ntpd, smtpd) give

  • by pr0nbot ( 313417 ) on Tuesday July 19, 2011 @03:57PM (#36816090)

    Sweet! Does it ship with Pulse Audio?

  • tried openbsd before (Score:1, Interesting)

    by Anonymous Coward

    Some things that annoyed the hell out of me:

    1. First install it wouldn't boot. Seems it didn't save the partitions correctly, so tried again. This time it booted.
    2. Home and end keys don't send you to the end or beginning of the command line you're on. Mac also does this. It annoys the hell out of me. One thing windows and linux got right.
    3. It comes with vi by default but trying to install vim was a hassle. And once you get it installed, it's not used by default. Instead you gotta create an alias

    • It uses ksh, not bash. Alternatively, if you like shell functionality "set -o vi" it will blow your mind.
    • by Anonymous Coward

      1: Can't help ignorance, you probably forgot to set something as bootable. I've done it myself.
      2: I agree, but OpenBSD supports so many different architectures that it makes sense that they do nothing out of the box.
      3: vi is not vim. Of course installing vim doesn't replace vi.The vi included with OBSD is OBSD's vi.
      4: You also have to install openssh server on any linux before people can log in. You don't have to jump through hoops to let people log in, you do however need to make sure people are in the rig

    • Re: (Score:1, Interesting)

      by Anonymous Coward

      Some things that annoyed the hell out of me:

      1. First install it wouldn't boot. Seems it didn't save the partitions correctly, so tried again. This time it booted.

      2. Home and end keys don't send you to the end or beginning of the command line you're on. Mac also does this. It annoys the hell out of me. One thing windows and linux got right.

      3. It comes with vi by default but trying to install vim was a hassle. And once you get it installed, it's not used by default. Instead you gotta create an alias on your shell login script. But even then I could not get that working. On linux, when you install vim, it replaces vi. If I use the command vi after I install vim, it'll use vim. On bsd it keeps both, leading to frustrations.

      4. You need to install openssh server after and then go through hoops to allow users to login.

      This really did remind me of linux back in 1995. It's archaic and you must remember work arounds. How hard is it to make these modifications be part of the standard install? Why weren't they done a long time ago? I'm sure if you started making stuff as "easy" as linux, you'll attract more users. But from trying it myself, I can see why it's used by so many few people.

      Whine #1 You screwed it up. Don't blame OBSD. You could have read the install documentation prior to attempting an installation. They are on the web site.

      Whine #2 If this makes your top 5 pet peeves, OBSD must be really great. You could fix the keyboard issue if you were to read the manuals. Is that a problem for you?

      Whine #3 Have you considered that OBSD is multiuser? Maybe others will want to use original vi. You consider yourself competent to critique a Unix based OS and yet you are unable to

One good suit is worth a thousand resumes.

Working...