Slashdot Mirror
OpenBSD 3.0 Release, Interview with Theo
mvw writes: "Here is an interview with OpenBSD's Theo de Raadt. Interesting is his comment on Soft Updates and the comparison to the rivaling Journaling file systems technology. Further he links to a very interesting paper by some Soft Updates researchers." And although OpenBSD 3.0 has an "official" release date of December 1 for whatever reason, it seems to be available by FTP or CD already. Lots of changes since 2.9.
As much as I accidently hit the stupid reset button on the front of my computer a Journaling file system would be great. I dont have any exp. with Bsd and was wondering How is the selection of applications for BSD? I dont need alot, A console text editor (Preferably with syntax highlighting), a Graphical Web Browser, an Mp3 player. That is about all I really use on a regular basis.
--
FearLinux.com
SECURITY FIX: fix buffer overflow reading queue file in lpd
For those running OpenBSD, especially as a gateway/firewall/NAT box, this is an important fix. I am running 2.9 with this patch added, and my snort logs tell me (judging from the number of attempts) that this exploit is a fairly commonly tried one. In November alone, there were at least 30 lpd overflow attempts on my machine. Granted, not most people have lpd open to the world, but I can imagine a few people might want to do remote printing from work, etc.
Karma: Excellent Birds (mostly as a result of listening to Laurie Anderson)
Actually, OpenBSD 3.0 was available for download since nov 25th, and a few patches (security fixes) are already available.
Here is the list: http://www.openbsd.org/errata.html
Don't forget to update to OpenSSH 3.0.1
-J
Alexis 'jeriqo' BRET
And although OpenBSD 3.0 has an "official" release date of December 1 for whatever reason, it seems to be available by FTP or CD already.
Probably because they want to avoid a fiasco like the last tremendous release mess that michael caused.
It's not uncommon for "official" releases to be after the initial release. It's like when a large department store has a "GRAND OPENING". In many cases, the GRAND OPENING is about a week after the store actually opens. Or if the store opens during the week, the GRAND OPENING will be on that weekend.
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
If you haven't read them before, it's quite a read, and a good lesson of how personal politics can fragment a collaborative project.
Here's the link: http://zeus.theos.com/deraadt/coremail
Poof! the old vm disappears
I think it is an established habits that releases happen on 1st Dec and 1 June every year.
...
On the plus side, you don't have to answer to the question "when will be the next release"
a) Theo and company (good company) don't need or seek new users just to be popular. They like doing what they do -- I know that. Don't take what I'm about to say as marketing advice to them, so much as a pleasant wish. It doesn't impose an obligation or demand on the OpenBSD guys, and I know it. Still ...
b) I'm surprised (not to say hurt, disappointed and disconsolate) that no one (am I wrong?) has come out with the equivalent of Mandrake to at least one of the BSDs -- and by equivalent I mean in a certain superficial but important way: user-friendly, pretty install, emphasis on user experience, intelligibility.
c) Really, I'm just talking about the install. Something with some graphical flair, built-in help system for new users, and a game or two, or a little slideshow, or some interesting history text files, *something* built in to play while slow parts of the install proceed. No accounting for taste, but I think there are a lot of good graphic artists (all the Ximian stuff, for instance, and many great KDE examples) working in the world of free software. (Hey, I also like the BSD art, so obviously I am open for attack by the art critics;)).
I name Mandrake as my prototype here, just because I happen to like their stuff -- RH also makes a pretty install, not quite as cute, and so do several other distros. But Mandrake is in Walmart, which suits my example ("Walmart: making things accessable to the masses")
Cheers,
Tim
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
What is the status of pf as of now?
Is it stable, secure, and feature complete or is it recommended to install ipf from other sources?
!
^_^
I though they had just released 2.5 ?
Code at the speed of light!
I'm interested in running OpenBSD for my NAT gateway, though I'm left with a lingering issue..
Does OpenBSD include any support for decent irc connection tracking like what is available in iptables for linux? I have people behind the gateway that use DCC within IRC, and without good connection tracking, I'm not sure how to go about securely allowing one or more people to use IRC and have DCC work.
Everything else I plan on using this system for (software RAID, NIS+, samba PDC and fileserver, NFS) seems to be fine, but this one little nitpick of mine may keep me off of OpenBSD.
Also, how is the raid implementation as far as moving the array from one openbsd install to another, and is there any semblance of lvm there? The volume management stuff w/ resizable partitions would be nice, but by no means necessary..
XML is like violence. If it doesn't solve the problem, use more.
The blurb on /. home makes it sound like SoftUpdates are something new, which is just being introduced. That stuff's been around for a bunch of years now.
Poof.
Under OpenBSD, at least, mozilla doesn't work, and never really has. Somebody's working on it. Konqueror apparently works just fine.
You trolls are slacking off! It took you almost 30 minutes to post the *BSD is dead troll on a blatantly obvious BSD article!
Better start beefing your trolls up. You're gonna get overrun by a buncha girly geeks!
-DFW : Jamie banned.
Pretty impressive reading. It reads as a bunch of guys on the NetBSD front being pretty reasonable and just wanting him to stop behaving like a prat. His response is to throw his toys out the pram and storm off in a huff.
Full credit to him for getting this sort of stuff done, but I hope he has grown up since then.
An Eye for an Eye will make the whole world blind - Gandhi
pf seems to be very stable so far. Just don't forget to apply the related errata if you're planning to use IPv6.
Another great feature of OpenBSD 3.0 regarding network filtering/routing is the integration of AltQ, that brings quality of service to your IP traffic. It basically has the same (but very flexible and efficient) algorithms and class system that Linux has. But it's very nice to see it in OpenBSD.
{{.sig}}
I think you have a good point on that -- BSD License (I'm not about to argue what form of license is the One True Sense of Freedom) would allow just that. I think it would be great if MS came out with an OBSD based OS -- good competition for other OSes ;) And if, as you say, they tout it also as Linux Compatible, then the embrace phase of the dance at least would be good for nearly any *nixish OS. (Then comes extend, extinguish, etc, but ... that's another issue.)
If they make good, high-quality software, that part is good. Bad, intrusive, petty licensing issues are still annoying and a good reason to avoid MS software, but any good stuff they make is still good stuff.
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
could somebody explain, or point me to a site that explains, diferent filesystems. perferable at a 5,000 foot perspective. I want to know about them, and there advantages/disadvantages but I own't be coding them. I would like to make a informed decsion in this matter.
Thank you.
"Don't like my spelling? blame a teacher"
The Kruger Dunning explains most post on
As Theo says himself in his interview, people who don't like his model of selling the ISOs are free to make their own. This will hopefully quiet the stupidity that usually follows this announcement:
As usual, ISO images here.
Here's the text from that file:
Slackware 7.2 is NOT released.
Is this in the slackware-current, or slackware-7.2 directory?
Looks like slackware-current to me.
Wake up, do some REAL reporting (like, ask someone on our team), and stop trying to get "fp!".
...should be about a month for the actual release.
- Pat
(I wish I could find the reply to michael's ascertation of it being a beta, aptly named "THIS_IS_NOT_A_BETA_EITHER.TXT, but that seems to have been lost in the sands of time.)
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
We use OpenBSD exclusively for our web servers. We moved our database servers from OpenBSD to Linux. I look foward to migrating our systems (some 2.8, some 2.9, one that I broke trying to do a fancy 2.8->2.9 upgrade...) when our CDs arrived. We figured that we use OpenBSD a lot, owning a bunch of CDs was worth it. Alas, it is is still cheaper than the copies of RedHat that we pick up.
:)
OpenBSD has a real problem that I was never able to resolve, this makes it worthless for a database server. The machine is quite "efficient" with memory, which let it run with very little memory. However, with a lot of memory (our db servers normally have 1.5GB -> 2GB, I LIKE giving PostgreSQL lots of buffers and sortmem) there is little documentation on tweaking the system. I even contacted the developers in charge of the SysV memory support, etc., and they thought I hit the crack rock a little to hard.
For web servers, however, I'm quite comfortable with our OpenBSD servers sitting open on the Internet. I'm terrified of a RedHat box not being hidden. As a result, I keep the database nice and hidden.
Linux blows OpenBSD's performance away. This is a matter of Linux focusing on performance. However, for web servers (that for us just run PHP, mod_rewrite, and some other toys) I don't care... When I need more web serving power, I buy another web server for $2K. Having SSL built in to Apache is nice, and the ports is too fucking slick.
BTW: OpenBSD seems to run quite nicely on my Penguin Computing 1U servers...
Alex
I expect to keep our production servers on 2.9 for 2-3 months, but move development to 3.0.
I'm interested in getting started with a BSD, but which one I should use I don't know. I'm not that afraid of having to configure hardware myself, but I'd prefer something that makes a reasonable attempt to do that for me.
So.....
1. Which is the easiest/best to get started with?
2. Which has the best documentation
3. Do any of them have compatability with Linux configuration tools like Kudzu and HardDrake?
4. Which one supports the most x86 hardware
wiredog wrote: " Why? Mandrake is aimed straight at the Desktop. RedHat aims at Windows NT users. The BSD's aim at unix sysadmins who Know What They Are Doing. Open/Free/Net don't need a User Friendly graphical install interface because their current interface is friendly to the users they aim at."
... conservativism has its merits, but there are drawbacks, too. "As it was, so shall it ever be"?
OK. You're right, and that's what I tried to say in the first place -- they don't *need* to do anything, really, this is just an idea I've been wondering about for a while. Then again, no one needs to eat anything besides what they've eaten before. To me, that's an unconvincing argument against not trying new things
Needs are relative and context-dependent. Someone who wanted to use an ultra-secure OS as the basis of a turn-key retail or data-entry system, for instance, might want the good things about OpenBSD, but not the learning curve. "Take it or leave it" is one answer to this, but I see no reason for it to be the only answer.
Sure, the BSDs are (currently) well suited only for people who are used to UNIX, know their way around shells, etc (though there are some good intro books, which would probably turn anyone who's pretty computer literate into a moderate user in not too long a time) -- but there's really nothing inherent that says they have to be. (And a nice counterexample in the case of OS X, too.)
The reason I would like to see this is because I think it's good to have a crowded, robust OS marketplace. Like my comment said, my wish isn't a demand on BSD developers or anyone else; I'm surprised, though, that an ultra-friendly version of at least one of the BSDs hasn't already emerged, but it takes some lucky intersections of interest, ability, time and money which aren't inevitable, only possible.
cheers,
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
what about a quick search on the jargon file?
e el .html
http://www.tuxedo.org/~esr/jargon/html/entry/wh
"conservatism" probably works just as well ;)
... mushy ... need ... sleep ...
Brain
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
TUX2 Phase Tree: Better than Soft Updates
As Levar Burton says in Reading Rainbow, "but don't take my word for it."
-l
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
Most relevently is that int's only really in the month or so after a release (rather, the month starting a couple of weeks after a release) that Theo gets a holiday.
With that in mind, the Dec 1st release date was obvious.
see my top-level post with some links to Linux hacker commentary:6 32 739
http://slashdot.org/comments.pl?sid=24290&cid=2
-l
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
why bother? the varia ISOs are for x86, which the vast majority of people use. to most people, the official CDs are pretty much worthless (now, folks that want to make an Amiga firewall or something, yeah, they need the official CDs).
I wish the OpenBSD guys had some sort of "pick-an-arch" system where you could get X number of arches for Y dollars (like $10 for an x86 cd, $10 for a macm68k/macppc cd, $10 for a combo of the smaller arches, or something like that).
This would provide the most utility/choice to the end users, and probably increase CD sales by lowering the cost barrier (I mean, $40 is enough for most folks to notice, $10 is almost an impulse buy). Also, a minor side effect, the cd insert could be (more extensively) tailored with installation hints for the arch in question (not a big issue because the instructions are on the cd, but sometimes it's nice to have paper to follow along with while you're typing).
News for Geeks in Austin, TX
I'm running OpenBSD 3.0/macppc on my iMac, and can't get KDE to build from the ports collection. Is anyone else having this problem? I CVSed the 3.0 branch of ports, so I don't think it's some weird update issue.
--saint
was that the cd's were available earlier than expected, according to this message from Theo at the OpenBSD Journal.
/. preferences.
... OpenBSD :-)
Btw, the headlines from this site are available as a slashbox, just check the box in your
Snake_dad (who runs Linux, Winedose, Novell 3.12 and
karma capped
This news (both Theo interview and others) has been up for a few days on OpenBSD Journal.
Slashdot readers who have made an account and are logged in can customize their display to add the headlines from OpenBSD journal and other sites to their main slashdot page, and catch news like this as it happens. It's a neat feature. ;)
o/~ Join us now and share the software
Does Theo frequently act immature online ... sure. But clearly Theo is at least no worse than he was in the past (actually, I think he's matured a bit), and his .. uhm .. social graces aren't exactly a big secret. It makes little sense to reason that this accounts for fewer donations to the project.
... Most of the OBSD core developers are generally pretty civil.
It is too bad that OBSD lists/newgroups are often frequented by impressionable Theo-wanna-be's that are under the misimpression that it is cool to be rude. Theo acting alone would just be a curiousity
As to the lack of SMP support, the OBSD core group's reasoning is pretty sound. They feel that it will introduce security complications, and isn't a big advantage in the roles OBSD generally serves (e.g. firewall; basic web-server; OBSD enthusiast desktop). Since security is their priority, it is ridiculous to critize them for slow progress in SMP support. I believe the official line is the unreligious statement 'if you truely need or want SMP, look elsewhere for now'.
OpenBSD should be able to run Linux Executable's although i didnt try it yet Mozilla should work...
Quazion.
I'm getting sick of this constant stream of freshmeat-like announcements of Linux-specific junk. You know there's more in the world than just Li... oh, you said OpenBSD! ;-)
-Aaron, who has seen too many serious posts that began with similar statements
The problem with them is that they make basic assumptions about your hardware.
Every Intel box in the universe is capable of putting up characters on the screen. Anything past that, you're making assumptions.
The *BSD installers can be setup on a box with a Hercules graphics card.
And you wonder why you'd want to do that? Well, let's say you're setting up a server. The normal way I have of getting a server going is to plug in a video card - any video card, junk is great - get FreeBSD going on it, get a telnet or ssh daemon running, and then compile a custom kernel with no video card driver & rip that sucker out of there. Because there's no GUI, I can do that.
my old sig used to be funny, but then slashcode ate it and now it's not funny anymore
I read that T.Deraadt email thread when I first looked at OpenBSD, and my initial impression was that Theo had a real baaaaadddd attitude. I do know for a fact that a lot of the NetBSD folks were upset to see him leave and fork off his own version of the OS, and to lose him as a developer. But in reading his email he obviously has a problem with taking any criticism, and had no problem with jumping down someone's throat with a flamethrower and foul language. Denial, its not just a river in Egypt...
Not that I wouldn't use OpenBSD, or any other operating system that met my technical needs, whatever the personality of the people involved. I've dealt with enough bad attitudes from commercial OS vendors in my years in the industry to be able to deal with it if I have to. It just seems that *BSD has an extra heaping helping of bad attitudes that make commercial vendors look like pikers.
If you *really* read that email thread, you would see the attitude loud and clear. "We don't think that it helps anything for you to tell someone he's a f**khead when he's posting a message trying to help with the OS development." "F**K YOU, *I* want control of the source and if you don't like it I'll fork my own off!"
That's my impression of it... He sounded like an immature little upset kid to me. The development of any of the O.S. OS's is a group effort, and having one person think they have all the answers and have to be the one in control is dead wrong. So, now he *has* control of his own fork of BSD, and lost the ability to maintain many of the various platform ports because he has no developers. Thus, the OpenBSD page says that for a VAX port, for instance, "support can be easily ported over from NetBSD". Why these problems are so prevalent under FreeBSD/OpenBSD/NetBSD remains something of a mystery. These systems seem to be self selective in their attraction to weirdos and big egos.
The split had nothing to do with the quality of his coding work, and everything to do with his nasty attitude towards people... and NOT just the people of NetBSD Core, but other people who were just civilians trying to help out, or looking for help. No wonder BSD has lost.
the jargon file being of no help...
users in the wheel group can "take the wheel", as it were. if you're not in wheel, you don't get to drive. wheel is still implemented on openbsd and freebsd (dunno about net)
I recently installed 3.0 to replace a 2.8 that I was using as a firewall. At first I didn't want to upgrade due to ipf and ipnat having been removed (ipnat in particular is quite powerful given its simplicity). Fortunately, pf is quite easy to set up, and I managed to do the switch in the course of one work day (most of it spent installing the OS). I noticed the following gotchas, though:
However, those are minor issues, mind. In the end, I'm quite pleased with the changes. It "feels" much more stable, for one. And the installer couldn't be any simpler: it sets up your disklabels, formats the partitions, configures your network connections, and downloads the OS, and you only need one floppy for that.
In Soviet Russia, Jesus asks: "What Would You Do?"
I've been reading misc for the last two years, and yes, there are a lot of flames. 99% of them are responses to someone who didn't bother to try man -k, the FAQ, the mailing list archives, or including relevant information (like what version of Open on what hardware). If you can't be bothered to try to think about it for yourself, why ask other people to think about it for you? If you ask a question that you tried to answer, chances are you wont get flamed. If the entire message is "how do I configure this?" with no clue as to what this you might be refering to, I hope Theo flames you. Having said that, that 1% or so of flames are people being people. It's not pretty, it's not nice, but it's human nature, there are no mailing lists without flames.
itachi
From the interview:
You gotta love comments like these! Well, you might not, but I do anyway. I say, why hide behind glossy, laminated marketing? (By the way, I'm not trying to say anything against the NetBSD team. They're good folks and NetBSD is a great product, as is OpenBSD.) All I'm saying is that people should say things as they are. If you can't read a man page, you shouldn't be using a computer! It's as simple as that.Oh well.
Theo included a good link in his interview...
I just finished reading it and it is some wonderful information. Seriously, everybody who runs any of the BSDs or Linux should read this paper. It will give you a much deeper understanding of what's going on and why, and this will lead to better choices when you configure your next box (or maintain those you're running right now). As always, reliable operation of any machine (be it a computer, a car, or a nuclear power plant) depends heavily on knowledgeable use and proper maintainence.
Oh well.
Silly troll. Your miracle was the solar flare that accompanied the announcement of the release of OS X.1. Apple has put OS X (as a secondary dual-boot OS) on hundreds of thousands of Macs since last May, and will be making it the default OS on all machines shipping starting next March. OS X is the mighty sword with which Apple plans to slice and dice Microsoft's monopoly!
;) Although I firmly believe that OS X has a special place in Mothra's heart due to its role in her divine plan to save us from an evil monopoly ;), I think it is best to have many versions of BSD, Linux, etc. so there is something to fit everyone's needs and preferences. OS X is great as an end user OS with both commercial and open source applications. OpenBSD is good if you need the security. Linux does great things as an embedded OS (and several other things). Etc. As long as they all play nicely with open standards, they can all coexist happily. The only things that needs to die are Microsoft's bad attitudes and their bugs.
In case you didn't even bother to read the title of the parent article (except for the letters "BSD"), OpenBSD 3.0 is going to be released on December 1st. New releases are not a good sign of impending doom.
"Mothra, you are Life Eternal! Hear the prayers of your servants. Come back to us from out of the legend. Come and save us with your power of Life!"
- From the US release of "Mothra"
15 days until Mothra returns!
That's a crock. Unless you have some statistical facts you've done on mailing stats, to back this statement up, you are making mistaking opinion for research. I decided, for fun, to look at the flames, then research them in the OBSD FAQ and mailing archives. The result? OBSD mailing lists are overwhelmingly a symptom of juvenile venting, they bear no relation to the content of the FAQ's, or mailing list threads, and are simply self-righteous chest-beating by folks who never learned manners.
In that case You simply let the system make a "snapshot" of your dirty filesystem. Mount the filesystem ... and simply let FSCK do the cleanup in the background ... FreeBSD-5.0-CURRENT already has this functionality WORKING for (if i recall correctly) several months by now .... so don't be surprised if this starts to creep up into e.g. NetBSD/OpenBSD as well.
I dont *want* to wait, I want my computer booted *now*. I dont want to wait for it to power down. I dont want to wait for it to power up. When the trivial bit of code main() { while (1) fork(); } run from userland can cause me to need to hit the reset switch I dont wanna lose data and I dont wanna have to wait for 15 minutes for it to boot back up.
How we know is more important than what we know.
> we don't care if you use OpenBSD :)
as Theo says, he does it as a hobby and doesn't want to force anyone to use OpenBSD.
The fewer users, the more the developers have time to hack (which is joy for him).
Even I got an answer
> journalling is for linux weenies
I liked fewer fsck time, but I have let me persuade by the team. Softupdates are ok.
See the thread on linux-kernel@ (yes I follow l-k, misc@, tech@, source-changes@ and few others) on "Journalling pointless with today's hard drives?"
> what did you do before
4.2BSD FFS
4.4BSD LFS
check it out - LFS is still in the tree (escept for newlfs), albeit defunct.
I tried to get it running, but won't compile.
> bit performance boost on SMP
A Pentium-133 with 64MB RAM can easily saturate a 100Mbps line as web- and fileserver at up to 30% load.
My Pentium-100 (OC'ed 90) with 24MB additionally acts as Samba server and router/NAT/firewall,
and as IPv6 native router + tunnel endpoint.
This box using a Hercules gfx card (oh yes, this thingy at 720x348x1) and a self-built snapshot by anoncvs. It is rock solid, and I regularily hit the power switch by accident.
And my Windoze user profiles are stored on it, and it's my companion on almost any LAN I attend.
> Security
Prove an exploit.
My Karma isn't excellent, damn it! (And
ipfwadm syntax was soo straightforward...
once I read an article in my native language
covering firewalling concepts in general,
and the englisch manpage of ipfwadm, I was able
to set it up.
Ok, pf has (thanks do dhartmei@) a nice manpage,
and an even better howto, but it is soo complex...
Not that I'd complain, I've just get tused to it.
My Karma isn't excellent, damn it! (And
itachi wrote: "It's been out for a while, in fact. It's got a BSD core, it's very user friendly (to the point that it is always criticized on /.), it has the simplest, cleanest install I've ever seen, and it's all about the user's experience. Mac OS X. I'm running 10.1.1 and OpenBSD (respectively) on my two primary machines, and if I could throw the two of them into a blender for a 3rd machine... "
heh, OS X is pretty nice, though my esperience has been slightly buggier than yours, it sounds like.
Solaris I've used (slightly) but not myself installed.
NetBSD is the closest to what I'm suggesting probably, simply for licensing reasons. It's true I didn't get this specific when I said "Mandrake Linux" but the thing which rules out Solaris and Mac OS for that role is that Mandrake produces free / Free software. So does OpenBSD -- Mac OS is a cool example of the way the *BSD license is flexible enough to branch proprietary as well as non-proprietary software, but I'd *prefer* (not kill puppies for, just prefer) an OS of the non-proprietary variety.
timothy
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5