Slashdot Mirror
OpenBSD 2.9 Released
Well, the mirrors have had overnight to update, so I suppose we can announce that OpenBSD 2.9 is available. The release notes and changelog contain details of what has changed and improved. For our newer readers, OpenBSD is a BSD flavor that concentrates on security - they aim to be the most secure server operating system.
Exactly, "done corectly".
OpenBSD is all about being done corectly, and from that, comes it's security. SMP is extremely hard to do completely corectly, they have only so much man power, so they haven't bothered.
Plato seems wrong to me today
I find this hard to blieve, given the charismatic leader of the project . . .
hawk
Are you suggesting that Theo *is* charismatic? I thought it was pretty clear that I wasn't referring to specifics, but the notion that he and anyone might not get along . . .
hawk
>os's from. we had to toggle the instructions in >by hand on the front of the system t give the >thing enough smarts to talk to the paper tape >drive which
for crying out loud, if you're going to try to make these kind of comments, at the very least don't use those moronic microsoft characters . . .
besides, you're still claiming to be a newbie. Toggle switches indeed. And *paper* punched tape? An unreliable replacement for stone tablets.
hawk
Now I know you're only 13, but man are you naive. Most trivial programs will compile without too many problems, and some non-trivial programs as well. However, unless they're written with portability in mind (and the vast majority of programs aren't), porting can involve a considerable amount of work. Many of the problems come from non-POSIX/SUS interfaces that have the same name, but different arguments (or worse, the same arguments but different semantics) between OSes. getmntent() is a good example. Other problems come from the use of system specific interfaces, such as doors on Solaris.
"The invisible and the non-existent look very much alike." -- Delos B. McKown
Sorry, forgot it is less then a year old. Try the 1999 paper Soft Updates: A Technique for Eliminating Most Synchronous Writes in the Fast Filesystem, I think you can get that one.
I don't really think the Usenix membership is worth $50/year to get the lame newsletter, access to the proceedings is pretty valuable, and their conferences are quite good. In addition to learning about soft updates the 1999 conference taught me a lot about how select sucks, how to make it suck less, and that not all of CA is a warm paradise.
Sure they did. They write-back cached data writes to disk. They write-through cached metadata disk writes (and blocked other writes until metadata writes completed). That would leave your filesystem in a mostly consistent state, and not suck too hard in the event of a power failure. The other choices are ignore the possibility of filesystem damage from power failures (or panics), I think Linux's EXT2 did that, or maybe just did it by default, or to log metadata changes (XFS does that, and I heard EXT3 does too, but I'm not sure).
Softupdates carefully orders disk writes, and can if needed reconstruct the proper intermediate state for a metadata block. It has the performance of a totally async filesystem (i.e. somewhat higher then a logging system), but the stability of a logging system (i.e. better then the previous sync filesystem). It is also the major foundation for filesystem checkpoints and in-the-background fscks (possibly coming in FreeBSD 5.0).
The other change they made (dirperf) had to do with directory block placement, I think the old algo attempted to put them close to the datafiles, and with larger caches this is no longer a win, and has become a loss. I haven't read any papers on it or anything, so I don't know a whole lot about it.
OpenBSD is secure in part because they are conservative in adopting new features. Two years ago softupdates was pretty new, and leaving it out let FreeBSD, BSD/OS, Solaris, and NetBSD experience the teething pain (as a BSD/OS beta user at the time softupdates was rolled in, I felt some of the pain, but it wasn't too bad, never had any data loss from it, unlike soft-read-only which I think was killed).
I doubt that number was. For some real benchmarks you can look at Journaling Versus Soft Updates: Asynchronous Meta-data Protection in File Systems from the 2000 Usenix Procedings. In addition to having useful info in and of itself it has references to other information. You can also try McKusic's home pages he may have newer info that, and does have some info about the experimental checkpointing.
I don't know about dirperf though. Never seen a paper on it.
I though Theo dumped ipf, but from the release notes:
So, is all forgiven, or what?
Potato chips are a by-yourself food.
And, nothing prevents anyone from downloading IPF and compiling it on OpenBSD in the future - it just won't be on the CD anywhere.
That was a joke, please adjust your satire detection threshold...
You could download all the code and make your own ISO's, which you could post on the internet. But that would undermine the project's support.
It's already being done. Does OpenBSD feel undermined?
In any event, Linux manages to thrive despite it. RedHat manages to make money despite it. Perhaps it's time for Theo to quit saying "it would kill the project" in light of the body of evidence that it'd do the exact opposite.
ftp://ftp.zedz.net/pub/varia/OpenBSD.iso/
-
"OpenBSD is great for a firewall/Nat machine, or high security nfs/web/mail server, but it ain't no workstation for the rest of us."
I've been using OpenBSD on my desktop exclusively since the mid-2.7 cycle after having it on other machines since 2.3.
It's secure, robust, and stable. My 104 day uptime on my main machine with ~25 users capable of using X and VNC through an SSH tunnel will be gone today for the 2.9 update. Quite stable indeed.
It's Linux compatibility works very well, it's ports collection is growing fast (if a port doesn't exist yet, try a freebsd port, it will likely work)
I sleep very well knowing that if I missed something, Theo and the boys have very likely covered my backside.
grubTrolling is a art,
I find this hard to blieve, given the charismatic leader of the project . . .
Character assassination is silly. Just because someone tells you to RTFM when you ask "why does backspace print ^H?" doesn't make it any less friendly. Conversly, it helps you become less dependent on others and helps keep the lists S/N ratio quite managable.
grub
Trolling is a art,
I find this hard to blieve, given the charismatic leader of the project . . .
Character assassination is silly. Just because someone tells you to RTFM when you ask "why does backspace print ^H?" doesn't make it any less friendly. Conversly, it helps you become less dependent on others and helps keep the lists S/N ratio quite managable.
grub
Trolling is a art,
"obviously you haven't read much of Theo's postings..."
Yes I have, but I can be as big an asshole and think it's great that he calls a spade a spade.
grub
Trolling is a art,
Granted I'm a linux user, but I have been interested in using BSD as a secure webserver for work. What should one look out for with this new release? is there any pitfalls or caveats that I should keep an eye on?
Do not look at laser with remaining good eye.
Oops! Slashdot seems to have eaten my tags.
Caution: Now approaching the (technological) singularity.
I think we've pushed this "anyone can grow up to be president" thing too far.
I think that fully utilizing multi-processing might, indeed, pose debugging problems that haven't been addressed sufficiently for the OS kernel to use them. There are, however, alternatives.
E.g.: Run the OS on one CPU, and have it task user (non-superuser) jobs to whatever processor is less busy. Keep all jobs decending from one particular process on the same CPU (e.g., forking would not be allowed to spill-over from one CPU to the next). A few similar restrictions.
Now it is true that this would prevent the full capabilities of a multi-CPU processor from being used (on any one login stream). On the other hand, it would drastically simplify analysis. Most of the problems have already been thoroughly addressed. Etc. (If I said any more, I'd start showing how thoroughly ignorant I am, buy my guess is that the real reason for missing multi-pu support is that fixing the multi-processor issues requires a lot more time and effort than is available.)
Caution: Now approaching the (technological) singularity.
I think we've pushed this "anyone can grow up to be president" thing too far.
How is that any different from using the GPL and programming for Redhat without pay?
I don't like Microsoft. I don't like Windows. But if OpenBSD being under the BSD license keeps some Windows users from being cracked, then that alone is worth all of the FUD and SHIT from the "freedom==restriction" GNUzis.
A Government Is a Body of People, Usually Notably Ungoverned
With the BSD-license you don't have to distributed the source, so companies can take the source easier.
Absolutely wonderful! That's the whole beauty of unrestricted licenses like the BSD and MIT.
You see, information has a special nature. It wants to be free. It can be infinitely copied. It costs nothing to reproduce. IT CANNOT BE STOLEN!
Let the companies take the source! Nothing they can do it can possibly harm it. Fold, spindle, mutilate and relicense your copy. Let them charge $1200 a copy, and have 20 page EULAs. My copy is right here! Unchanged! Still Free! Ha ha!
A Government Is a Body of People, Usually Notably Ungoverned
>Web support sucks. The FAQ, etc. provides some
>help, not much. Even USENET isn't THAT helpful.
>You need need to get used to reading man pages...
>a LOT.
That's intentional. The idea is that all OpenBSD documentation should be available from the man pages instead of scattered over man pages, info pages, FAQs, and HOWTOs.
Opinions vary, to me that's a "feature", but I freely concede that some consider it a "bug".
One correction to your otherwise excellent post: there is a LOT of commercial support, more than I expected. Check out the page at OpenBSD dedicated to listing the support by country
John 17:20
Er, no.
Firstly, you really think that BSD source could just be dropped into Windows with its totally different internal architecture?
Secondly, free coding for Microsoft implies that you wouldn't be getting anything more than satisfaction out of it. Even if somone does use your source, though, the community still has it! A major argument against limiting software distribution seems to be that it's creating artificial scarcity - well, you'd only lose that code if there was real scarcity. There isn't.
Thirdly, I don't care. If I help a fellow programmer then I'm pleased. Heck, I spent _ages_ trawling code archives earlier today to find some odd function and it's the same principle here. I want to help others... If I help improve the experience of normal users through my code, same again.
BSD code is good.
Greg
(Inside a nuclear plant)
Aaaarrrggh! Run! The canary has mutated!
If you really think that people should be forced (whether legally or socially) to compensate developers for copies of their code, you should not be advocating Free Software. The idea behind Free software is that by copying something, you don't take anything away from the person from whom you copy, thus there is nothing wrong with being a "leech". If you disagree, then don't pretend to support the ideals of "Free Software". If developers expect to receive monetary compensation on anything other than a voluntary basis, they should not be developing Free Software.
I had to walk uphill, both ways, in waist deep snow.
Best Slashdot Co
If it's so secure, then why is it called OpenBSD?
;-)
SCNR
EagerEyes.org: Visualization and Visual Communication
To clarify some people's missinformation...
IPF was removed from 2.9-CURRENT. This DOES NOT effect 2.9-RELEASE, from which CDs were mastered a month ago.
You haven't ever compiled an OpenBSD kernel, have you? To get tweaks, you need to change some settings. Some of these are in the options file you edit, some are not. The ones that are not require you to learn about them from obscure postings to mailling lists or in random performance tuning sites for various packages.
Compiling an OpenBSD kernel isn't fun, but is necessary. For example, OpenBSD only uses 5% of memory for cacheing the drive. Now if you have obscene amounts of RAM, this is adequate. If you have little RAM, this is important so you have memory for your applications.
IF you have a moderate amount, say 256MB or 512MB, you probably want to have more space for disk caching, so you need to recompile your kernel.
More specific issues requrie more tuning.
Alex
I hammered off a quick slashdot post on a threat discussing the kernel and other stuff.
However, don't be an asshole.
I didn't mean what it sounded like.
The buffer cache is set too low. I realize that the page cache grows, but the buffer cache at a higher level does a tremendous affect on performance. I don't know why exactly, but I know that each server has a sweetspot, and you want to get a decent chunk of your RAM reserved for this process.
The default is too low for a machine with moderate memory amounts. The O'Reilly book covered this.
Personal attacks whenever you catch someone in a brain fart isn't really polite, is it?
Alex
I switched from Linux to OpenBSD... not considering going back. However, really think carefully about the change, it is non-trivial.
There are no binary patches. If there is a security whole, you can patch the source tree and rebuild. Alternatively you can shut down the services. There are patches to OpenBSD, and applying them requires more knowledge.
Web support sucks. The FAQ, etc. provides some help, not much. Even USENET isn't THAT helpful. You need need to get used to reading man pages... a LOT.
Init: rc style. I think that that the rc system is infinitely more manageable and sane in a BSD environment than a SysV environment, but YMMV.
Community support. The mailling lists are key, but they are much less friendly. Advocacy isn't a priority. If there is a question answered somewhere in the documentation, you'll get told RTFM. If the docs aren't what you are looking for and need a different level of help (more/less tech than the man pages) you may or may not get it.
Apache and mod_ssl are built in. The ports collection is solid. It may not be huge, but I've found just about everything I want there. Keeping ports up with the snapshots is a nice way to get up to date userland code.
Kernel compilaton IS necessary for a server. If you put real iron on the box, or little iron, you'll need a custom kernel. The settings for OpenBSD are reasonable and will run all but the weakest machine. However, getting it to take advantage of more memory, etc., may require some tweaks.
I love OpenBSD, but it is NOT Linux. There is no community bent on global domination. Lots of "Open Source" projects are Linux specific... fortunately its just the crappy ones. However, you'll find annoying issues like cronolog not compiling, no PHP Cache, etc. There is no commercial support.
Unlike a Redhat, OpenBSD is not corporate, it's Theo's toy. As a result, they do what they want, not an attempt to appease customers. With a Redhat box, while some of your code is "scratching an itch," corporate coders can code what is needed.
Realize that the Linux comforts will be lacking.
If you are a sysadmin, check out OpenBSD. If you have a Linux box at home for playing with and think that you are l33t, stay away from OpenBSD with a 10' pole.
Alex
Molog
So Linus, what are we doing tonight?
So Linus, what are we going to do tonight?
The same thing we do every night Tux. Try to take over the world!
It looks like the trolls are out in full force this morning. Any any rate, I have for y'all a very legit question... how do the *bsd's (especially FreeBSD) stack up to Linux and other x86 OS'es in terms of performance on 1 and 2 CPU machines? I did the usual search with Google, DejaGoogle, and Altavista and only came up with a few biased "application x: FreeBSD vs Linux" bakeoffs. Does anyone have any comments or URLs that could be of use in my quest to compare FreeBSD to Linux. Please forgive me and this trollish / flameish post... I come from a NeXT/Sun/SGI background and have at best only dabbled with x86.
Yes, fully right, but...
Theo explicitly forbids distribution of the
_original_
CD-ISO-Images. He may do this because they are
copyrighted (by him).
You also can buy unofficial images for $5 or so
(as e.g. you can with debian, too).
But I decided to spend that money cuz I want to help that project.
--
My Karma isn't excellent, damn it! (And
This is just not true and shows how very little you know about Operating Systems strengths and weaknesses. Like Slashdot noted, OpenBSD is designed for security. They actively seek and destroy anything that could be used to compromise the system and the OpenBSD group has been very sucessful with this. That's a strength. Linux runs Q3A and UT, and thousands of scientific applications, those are strengths. IRIX has a superb OpenGL implementation. MacOS X has one of the best GUI's around. FreeBSD is fast.
My point, the differences between Unixes are not in the source, but are much more obvious. Each development team has goals. Each goal shows through in the over all design of the OS and makes it so that each Unix does have a reason for existing in a world of generic Unixes.
Now, on the question of which is better...Well, actually, it depends on your goals.....everyones goals are different. Some people have political agenda's (GPL vs. BSD), some people have specific needs (absolute securty at any price, playing games, or graphics performance), and some people just don't care and get what is easiest for them to use. There is no "best" only what is best for you, cause not a SINGLE unix distrib has an all round strength (though I would argue that if Apple integrated X-Win into Aqua, the combination of default security, Java2, OpenGL, Quicktime, BSD core services, et al would bring it close to being the strongest for all round uses, but hey, thats MY bias)
Burn Hollywood Burn
you kids have it soooo easy now a days....
when i was a kid, we didn't have cd's to load our os's from. we had to toggle the instructions in by hand on the front of the system t give the thing enough smarts to talk to the paper tape drive which then loaded the code to talk to the tape system.....
we didn't have no fancy gui's. We had punch cards, and we liked it. Back in the good days, you actually had to know what you were doing in order to program the machine. We didn't have no "high level" languages like C. And we liked it that way, it kept the wimps off of our systems.
You should be happy that you only have to drive 2 hours to get to a store. When i was a kid, I had to walk.
kids... you think that you have it soooo hard....
Over in the Linux on PS1 forum I posted a responce to a BSD guy saying Linux is pointless then I come and see that there is a BSD story and that a flamewar will probably erupt. This forum is the much more appropriete place for it. I'm going to post my post minus the stuff on the PS1. Of course some idiot moderator will mod me down redundent but...
First of I have nothing against BSD, heck anything I write*, is being released under the BSD licence. The only reason I have RedHat GNU/Linux rather than FreeBSD on my parent's PC is because I live in a small town and the only way to get FreeBSD is to drive two hours away and buy a $110CAN Book and I'm 13 and have no credit card to buy it online.
Now that the disclaimer is out of the way...
Until I got my Macintosh I did all my work in KOffice using XFce as my Window Manager. I found it quite easy to use and powerful for the price of $0. I'm sure I could do just the same on FreeBSD or any UNIX. I really don't see why anyone makes a big deal about which UNIX they run. When someone asks me what I run I Anwser "My Mac for working and gaming and UNIX for Programming."
Arguing over which UNIX is better is pointless because until you get to the source level they look, feel and behave about the same. Most GNU/Linux programs will Compile on BSD/Tru64/AIX/HP-UX/QNX/BeOS or anything that has a POSIX layer, thus making the argument that "My UNIX is better than your UNIX!" worse. I don't see why UNIX people can't get along: vi vs emacs, KDE vs GNOME, GUI vs CLI, BSD vs GNU/Linux...
The funny thing is the only thing UNIX people will agree on is that UNIX is the best.
*All I've got written right now is a dice roller in Perl, I AM only 13...
--Volrath50
Here's how I believe it works.
The *source* is available for anyone to take, change, and otherwise use with the BSD liscence. You can do whatever the hack you want with it.
The *ISO* layout that is sold by the OpenBSD group is copyright to Theo - that means that you have to get his permission to distribute it. Now, that doesn't mean that you can't make your own ISO and distribute that, but you can't distribute the *official* release. In this case it would be the 2.9 release. I believe this distinction is made so that anyone who wants to get an ISO needs to buy the official one, or make their own.
What are the consiquences?
Microsoft is going to be pouring through the new BSD code, and should be sending out a new Windows update anytime now... =)
He's not charging for the code. He puts everything onto a CD and then copyrights the CD layout. Just like a book, the letters and words in it are free to use but the author copyrights their arrangement. You could download all the code and make your own ISO's, which you could post on the internet. But that would undermine the project's support.
;)
When I did my 2.8 install I did FTP, since the computer didn't have a CDROM, and it was completely free (after you pay the cable bill