Slashdot Mirror

OpenBSD appears to be supported by donations and, drum roll, buying their CD-ROM. Because this is a very real form of support the OpenBSD team does not release an ISO image. The FAQ at openbsd.org has more details. I just installed v2.5 and have to say the sleekness of the complete install is very satisfying. It is running on an old 486 with a 314mb disk which is acting as a firewall and providing ip NAT to my LAN. Sweet! Now on to v2.6 in due time...

Sendmail is really not a bad choice. If you can get over your fear of the sendmail.cf language, it's very servicable on a modern machine.

Sendmail's "insecurity" is largely a myth at this point. I do not recall seeing a root exploit since Sendmail-8.8, which was about three years ago. While qmail and Postfix can legitimately brag about being designed for security from the ground up, the sendmail team has done a pretty good cleanup job.

Doubting Thomases should consider that OpenBSD, the famously "ultra-secure" operating system, ships with sendmail, not qmail. How many people think that Theo de Raadt would put up with shipping software that has known exploits?

We use sendmail to run one of the largest mailing list sites in the world. My experiments with qmail were pretty hideous; qmail has serious problems out of the box with high-volume delivery. The mail queue backed up by several thousand messages, and one big list actually caused the server to crash. (I am told that there are patches available to improve qmail's performance on very-high-volume sites. We have not had the opportunity to try them, but given my experience I am not sure that we want to.)

I'm actually not a big fan of sendmail qua sendmail. But anti-sendmail sentiment is just pretty overblown these days, and the rebellion hype is not convincing. Sendmail is one of the classic open source success stories, it is a fine piece of software with a great future, and an excellent choice for a project to support.

The OpenBSD project is based in Canada.

The Export Control List of Canada places no significant restriction on the export of cryptographic software, and is even more explicit about the free export of freely-available cryptographic software. Marc Plumb has done some research to test the cryptographic laws.

From http://www.openbsd.org/crypto.html.

To answer your question please provide a real world example. In my opinion Microsoft is not an example of this behavior.

No company can 'enforce' anything on any other person unless they can use government or the mafia to coerce that person.

I no of no examples of software firms that can compel any other company to purchase their product. Microsoft is a fine example of this (in my opinion). Other companies can and do provide other operating systems that compete with Windows. I am free to buy BeOS, Linux or OpenBSD to run on my computer if I wish. I don't dispute that Microsoft may attempt to propagate inaccurate information (through third parties] that their OS is better than the competition. I hold that their attempts to poison the information well are ineffective at best and counterproductive at worst.

The ability people choose to buy (or not buy) Microsoft products free from government coercion one way or the other is effective choice. Government intervention the very definition of no effective choice. If government says I shouldn't buy Windows NT I shouldn't have to pay $10 more because Microsoft has to pay for a defense against the vampires at the Justice department, this reduces my effective choice.

I also do not wish to pay $10 less due to government oppression of their competition, should the Justice Department decide that Red Hat Software looks looks small enough to run their protection racket game on them and accuse them of 'monopoly practices'. Ridiculous you say?


I don't know. As any Free Software advocate can tell you, that is such a hypothetical and contrived question in the year 1999 that there probably isn't an answer that makes sense.

> Linux would be definitely easier to use if you
> could just have "massive" kernel, without
> modules, IMNSHO

I'm not sure what you mean by this. How would everyday usage of Linux become easier with a monolithic kernel?

As for Linux adopting a monolithic kernel like the BSDs, the modularity of the Linux kernel was definitely a design feature, not an accident. By allowing you to load modules dynamically, you can keep the size of the kernel down (and extra complexity out of the kernel). If you really want, you could always recompile a kernel with _everything_ enabled.

I could be wrong, but I think that is what the generic kernels are for BSD. I know with OpenBSD one of the first things they recommend (man afterboot) is to recompile a kernel with only what you need.

Just my $.02

- Haplo

Only recently have Microsoft gotten off their butts about security fixes-- but they have, and more power to them.

In answer to 2), no, it doesn't mean they're not interoperable. It just means they're not all using the same source code for everything. The biggest difference is between the *BSD flavours, and the SysV flavours (Linux started out SysV, as I understand it).

Also, OpenBSD is a BSD-based unix distribution that focuses tightly on security, and audits the software they distribute regularly to find and fix security holes before they're exploited.

Would that be: http://www.openbsd.org/faq/log25.txt by any chance?

Rather than buying from cheapbytes, why not buy a bootable cd from OpenBSD's website and support the project?

> Stop playing hippie counterculture wannabe and unite the 'nix community

BSD is hippie counterculture?
I wouldn't say the BSD has a "not invented here" syndrome either.

Maybe you should do some reading.
BSD.org
FreeBSD
OpenBSD
NetBSD

I'm upgrading my A3000 to potato this weekend, whoohoo! For more info on these UNIX's, check out:

• MINIX Information Sheet (the Amiga disk images are here).
• Installing Debian GNU/Linux 2.1 For Motorola 680x0
• NetBSD/amiga news
• OpenBSD/amiga info

There is a huge difference between any other *ix out there and OpenBSD: the fact that OpenBSD only allows completely free source code in it's base -- that's how I understand it. That means GNU is discouraged, and so is Berkeley w/ the advertising clause; their FREE means FREEDOM, No Restrictions.

For embedded system developers (don't underestimate this market; it is the next big wave), that means OpenBSD is "completely" (to what extent I do not know) embeddable and licensing or funny GNU/Berkeley clauses are not a problem. Developers can embed the source, add proprietary extensions, and sell the result without releasing the source.

This is clearly stated in the OpenBSD philosophy (OpenBSD Project Goals):

Integrate good code from any source with acceptable copyright (Berkeley style preferred, GPL acceptable, NDA not). We want to make available source code that anyone can use for ANY PURPOSE, with no restrictions. We strive to make our software robust and secure, and encourage companies to use whichever pieces they want to.

I am only stating a huge difference in the Goals of OpenBSD. Do not argue that their philosophy is better or worse than GNU/Berkeley licensed O/Ss.

To my knowledge, no other Open Source *ix has this same Goal.

I asked him to elaborate on this compatibility thing, and he said "Well... I think... OpenBSD can run C++ programs." Instantly I lost all respect for him. I inquired further, and he said "yes, it can run Microsoft C++ programs, and the other BSD's can't."

Perhaps he had it backwards; OpenBSD is the BSD that concentrates on security, and, as for the Microsoft programs, the "About Wine" page on the Wine Web site mentions Linux, FreeBSD, and Solaris (presumably meaning Solaris x86) as platforms on which Wine can run Windows x86 binaries, but doesn't mention openBSD.

That may, of course, just be because they didn't mention it, not because Wine can't run on OpenBSD; the "emulators" section of the OpenBSD ports status page mentions Wine, so there may be a working port.

Yes, I agree the Linux scene has in fact devolved. There are other better alternatives

The OpenBSD project produces a FREE, multi-platform 4.4BSD-based UNIX-like operating system. Our efforts place emphasis on portability, standardization, correctness, security and integrated cryptography. OpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX.

hppa Developers Resource Page

OpenBSD/hppa

hppa@openbsd.org

Probably not be too difficult. OpenBSD has already ported to the Sega Dreamcast.

A few weeks ago when OpenBSD announced its method of solving this problem, as best they could, some users on my LUG began talking about (if I understood correctly) emulatting OpenBSD's approach (except non-US citizens must do it).Thank Daily Daemon News for covering that tidbit.

GNOME and KDE will run on it just fine.

In fact, the FreeBSD ports collection has both ports and binary packages for KDE 1.1.2, and binary GNOME packages as well.

The KDE news page also announced the availability of KDE 1.1.2 packages for NetBSD (as well as for Solaris - interestingly enough, the announcement said that Solaris x86 was available, and that SPARC would be available shortly; x86 first?).

The OpenBSD ports status page mentions KDE; I don't see any mention of GNOME other than the libghttp GNOME HTTP client library

The poster above is correct, Canada's crypto export laws are *MUCH* different than those of the US. The OpenBSD project, which is based in Canada, has excellent resources on this subject, viewable here.

If you're interested in an OS that will scream on a SPARC, try OpenBSD. A friend of mine installed RH6 on an LX and was amazed at the dog-slowness of the system. We installed OpenBSD, and the system was snappy as hell.

Good stuff.

--Corey

There is a FAQ on OpenBSD installation linked to from the main page of openbsd.org. There's also an install walkthrough which steps you through a typical OpenBSD 2.5 install.

There is a FAQ on OpenBSD installation linked to from the main page of openbsd.org. There's also an install walkthrough which steps you through a typical OpenBSD 2.5 install.

There is a FAQ on OpenBSD installation linked to from the main page of openbsd.org. There's also an install walkthrough which steps you through a typical OpenBSD 2.5 install.

I will be brief:

Linux.
FreeBSD.
NetBSD.
OpenBSD.

They are all free (beer and speech). They are all Unix-like. Three of them are descended from the same code. Two of them were the same code four years ago. All of them, the last I heard, have growing user bases.

Stupid article, would probably have been ignored on Usenet, not worth mentioning on Slashdot.

No, not really. Despite the recent dabblings with the Alpha, the focus of the FreeBSD group has always been on getting it to work well on Intel hardware. Look to the other BSDs for PowerPC support:

• http://www.netbsd.org/Ports/macppc/in dex.html
• http://www.netbsd.org/Ports/ofppc/inde x.html
• http://www.openbsd.org/powerpc.html

Assuming you're not already using OpenBSD, there's a port of their ftpd to Linux. Get it at http://www.eleves .ens.fr:8080/home/madore/programs/#prog_ftpd-BSD. There's been some patches from the OpenBSD folks for their ftpd since the port, but they apply pretty cleanly. My only beef is that the Linux port doesn't include 'ls' in the ftpd binary. I'm trying to fix that, but it's not turning out to be as simple as planned.

It doesn't have all the bells and whistles that ProFTPD has, but it's probably a lot more secure.

To give you some idea of the features, the man page is here.

• http://www.netbsd.org/
• http://www.openbsd.org/
• http://www.freebsd.org/

Seriously, all three contain a lot of information and links. Have fun!

If I remember correctly, the 470 is one of the very first SPARC servers? That might be a problem, don't know. It is not explicitly on the "compatible" list, you see? (sun4: 4/100, 4/200, and 4/300 // sun4c: SS1, SS1+, IPC, SLC, SS2, IPX, and ELC // sun4m: at least the LC, LX, 4, 5, 10, 20, and 600MP)

You can find hints for the installation of the Debian port of Linux for Sparc at:
http://www.debian.org/releases/s link/sparc/install

But you could try OpenBSD, too (http://www.openbsd.org/sparc.html) or NetBSD (http://www.netbsd.org/Ports/sparc/inde x.html) as operating system for your box.

OpenBSD is developed in Canada and incorporates strong encryption right into the kernel. The OpenBSD folks state, and this is essentially hearsay mind you, that encryption technology may be freely exported from Canada provided that the technology itself is free, or for academic purposes. It is in this sense that they claim to be able to allow OpenBSD to be exported to any country.

I found info on the RAID support. Check their FAQ page like I should have. :)

Never used OpenBSD before, but this is from their faq:

8.3 - I forgot my root password, what do I do now?

A few steps to recovery

1.Boot into single user mode. For i386 arch type boot -s at the boot prompt.
2.mount the drives.
bsd# fsck -p / && mount -u /
3.If /usr is not the same partition that / is (and it shouldn't be) then you will need to mount it, also
bsd# fsck -p /usr && mount /usr
4.run passwd
5.boot into mulituser mode.. and remember your password!

Hmmm, I wonder what else comes from Canada?

Linux Network Address Translation is a really good explanation of what's available for Linux and how NAT works in general. (Or, at least, links to those things.)

I think the package offered at Linux IP NAT Forum is the one I tried to use. There's nothing wrong with it, but Linux's arp is inherently broken to my eye and it had become too great an irritation to make Linux do what I knew I could do in an hour in...

OpenBSD, using ipf and ipnat (the real and original way to do this, also available on Solaris, I believe).

Hi,

Couldn't help but notice that you feel somewhat... dissatisfied with the current versions of Debian Lignux. I tried installing it a while back, and encountered a ton of problems in dependencies (dselect is a REAL BITCH) and the like.

I tried RedHat, and couldn't stand that (it is the antithesis of proper, clean Unix design). FreeBSD was somewhat cleaner, but still had install problems. It also had "it worked fine yesterday, but it's hopelessly broken today, and I changed *NOTHING*" problems and is, therefore, not a product I care to run.

I tried OpenBSD, and stuck. It is tight, clean, consistent, and secure. Everything just *works*, and works *well*.

Give it a try: OpenBSD

--Corey

The Export Control List of Canada places no significant restriction on the export of cryptographic software, and is even more explicit about the free export of freely-available cryptographic software. Marc Plumb has done some research to test the cryptographic laws.

Will it run OpenBSD?

--Corey

One word, errr, acyronym:

OpenBSD

The Wassenaar treaty says that a person/company needs a permit to export weapons. Some crypto is also covered. It does not explicitly restrict crypto export. In Canada they give the permits away (check out www.openbsd.org). I suspect the same is true for Germany as they want to get their companies in the crypto bussiness.

Canada made a similar announcement Fall 1998 regarding crypto.

As a crack proof OS, OpenBSD has my support. It encorperates Blowfish, kerbos (old version), and several other types of encryption right into the kernel.
I myself haven't started using OpenBSD yet, but the literature at their website www.openbsd.org is rather exstensive. I recommend you check it out.

OpenBSD is probably the least used BSD Unix.

See this page for an errata listing. Just because crypto and 'n' (strncpy, snprintf, vsnprintf ...) calls are used does not make it the most secure.

Ok, FreeBSD is cool. Buth the ONLY pro-actively secure unix is OpenBSD .

Look at TOP security sites. They run it (SNI, L0pht, Defcon, etcetcetetc).
FreeBSD is cool anyway. Jut security isn't in their top commitments.

Excerpt from http://www.OpenBSD.ORG/policy.html

The GNU Public License and licenses modeled on it impose the restriction that source code must be distributed or made available for all works that are derivatives of the GNU copyrighted code.

While this may be a noble strategy in terms of software sharing, it is a condition that is typically unacceptable for commercial use of software. As a consequence, software bound by the GPL terms can not be included in the kernel or "runtime" of OpenBSD, though software subject to GPL terms may be included as development tools or as part of the system that are "optional" as long as such use does not result in OpenBSD as a whole becoming subject to the GPL terms.

As an example, some ports include GNU Floating Point Emulation - this is optional and the system can be built without it or with an alternative emulation package. Another example is the use of GCC and other GNU tools in the OpenBSD tool chain - it is quite possible to distribute a system for many applications without a tool chain, or the distributor can choose to include a tool chain as an optional bundle which conforms to the GPL terms.

So a GPL part only have to be optional, XFS qualify.

ftp.openbsd.org, for a start.

Don't forget that there are lots of new T-shirts availible as well! There is the new 2.5 graphic, as well as the older OpenBSD daemon shots, as well as the blowfish encryption shirt. They're all availible at http://www.OpenBSD.org/orders.html. Adam

• NetBSD : Runs on almost every architecture imaginable
  
• OpenBSD : Based on NetBSD, with high emphasis on security and buglessness.
  
• FreeBSD : Developed mainly for the x86 platform (with ports in the works for sparc and alpha); provides excellent speed and stability.
  

> What can OpenBSD offer over what I already have?

What about a bunch of possible security bugs less?

Buffer overflows, various races and buggy libs.


http://www.openbsd.org/security.html

OpenBSD IPsec has been unofficially ported to FreeBSD, but if you want a better integration and compliance with the latest specs you'd better run OpenBSD directly. I really wonder why /. masses are so ignorant of something that the IETF designs in the public view and that OpenBSD implements for so long.

OpenBSD IPsec has been unofficially ported to FreeBSD, but if you want a better integration and compliance with the latest specs you'd better run OpenBSD directly. I really wonder why /. masses are so ignorant of something that the IETF designs in the public view and that OpenBSD implements for so long.

OpenBSD IPsec has been unofficially ported to FreeBSD, but if you want a better integration and compliance with the latest specs you'd better run OpenBSD directly. I really wonder why /. masses are so ignorant of something that the IETF designs in the public view and that OpenBSD implements for so long.

Might I interject that Apple's primary product is not the Mac OS, but the hardware that it runs on? While MacOS 8.5 and previous versions are very sorry examples of OS design, MacOS X shows a lot of promise. As for "Mac people talking about how good their OS is", this article is written from the context of a Mac zealot...would you expect him to badmouth MacOS?

Also, there are alternative OS's for Macs, both 68k and PPC. Allow me to submit NetBSD, OpenBSD, BeOS, and LinuxPPC for consideration. My Mac Centris (old, I know) runs NetBSD and MacOS...the primary functions of MacOS are, 1. booting NetBSD, and 2. Downloading packages to my Newton MessagePad.

All in all, I found it a nice look into the mind of a Mac addict as he views the Linux phenomenon.

is that the site is connected to the Internet on a
small link (128 Kbps). The line was maxed out during the entire day, serving every possible visitor. Throwing in graphics would have ment
serving less visitors.

The limit here money. If Theo could get a cheap T1 he could sure use it.