Slashdot Mirror
OpenBSD 3.0 Release, Interview with Theo
mvw writes: "Here is an interview with OpenBSD's Theo de Raadt. Interesting is his comment on Soft Updates and the comparison to the rivaling Journaling file systems technology. Further he links to a very interesting paper by some Soft Updates researchers." And although OpenBSD 3.0 has an "official" release date of December 1 for whatever reason, it seems to be available by FTP or CD already. Lots of changes since 2.9.
SECURITY FIX: fix buffer overflow reading queue file in lpd
For those running OpenBSD, especially as a gateway/firewall/NAT box, this is an important fix. I am running 2.9 with this patch added, and my snort logs tell me (judging from the number of attempts) that this exploit is a fairly commonly tried one. In November alone, there were at least 30 lpd overflow attempts on my machine. Granted, not most people have lpd open to the world, but I can imagine a few people might want to do remote printing from work, etc.
Karma: Excellent Birds (mostly as a result of listening to Laurie Anderson)
Most things that compile for Linux will work under BSD.
So vim and emacs work, mozilla works, and whatever MP3 player you want will work.
Gentoo Sucks
Actually, OpenBSD 3.0 was available for download since nov 25th, and a few patches (security fixes) are already available.
Here is the list: http://www.openbsd.org/errata.html
Don't forget to update to OpenSSH 3.0.1
-J
Alexis 'jeriqo' BRET
And although OpenBSD 3.0 has an "official" release date of December 1 for whatever reason, it seems to be available by FTP or CD already.
Probably because they want to avoid a fiasco like the last tremendous release mess that michael caused.
It's not uncommon for "official" releases to be after the initial release. It's like when a large department store has a "GRAND OPENING". In many cases, the GRAND OPENING is about a week after the store actually opens. Or if the store opens during the week, the GRAND OPENING will be on that weekend.
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
If you haven't read them before, it's quite a read, and a good lesson of how personal politics can fragment a collaborative project.
Here's the link: http://zeus.theos.com/deraadt/coremail
a) Theo and company (good company) don't need or seek new users just to be popular. They like doing what they do -- I know that. Don't take what I'm about to say as marketing advice to them, so much as a pleasant wish. It doesn't impose an obligation or demand on the OpenBSD guys, and I know it. Still ...
b) I'm surprised (not to say hurt, disappointed and disconsolate) that no one (am I wrong?) has come out with the equivalent of Mandrake to at least one of the BSDs -- and by equivalent I mean in a certain superficial but important way: user-friendly, pretty install, emphasis on user experience, intelligibility.
c) Really, I'm just talking about the install. Something with some graphical flair, built-in help system for new users, and a game or two, or a little slideshow, or some interesting history text files, *something* built in to play while slow parts of the install proceed. No accounting for taste, but I think there are a lot of good graphic artists (all the Ximian stuff, for instance, and many great KDE examples) working in the world of free software. (Hey, I also like the BSD art, so obviously I am open for attack by the art critics;)).
I name Mandrake as my prototype here, just because I happen to like their stuff -- RH also makes a pretty install, not quite as cute, and so do several other distros. But Mandrake is in Walmart, which suits my example ("Walmart: making things accessable to the masses")
Cheers,
Tim
jrnl: http://tinyurl.com/c2l8yr / foes: http://tinyurl.com/ckjno5
sigh, its been well explained that you don't need a journaling filesystem to be safe with transfering data to the harddrive. In fact, if you're clever enough, you can even get away safely writing without having to hold the entire system up (hence, softupdates). If you actually look through the interview, you'll find Theo actually pointing you to resources that quite seriously make this point (journaling not needed).
take a look at this
it can be frustrating being right, all journaling really seems to do is attempt to fix the problems ext2fs has by laying another piece of code on top of it, instead of fixing the primary problem, that is that ext2 is broken as far as the BSD hackers are concerned.
Is waiting for fsck to finish really that much of a problem for you?
Lemure, wtf! Don't you mean Lemur?
There is very little that linux runs that won't run on *BSD. Those that won't run are most likely baddly written programs that you don't want on your comptuer anyway, if you need those features write a new program without all the bugs. The exceptions are there might be a few closed soruce apps which don't work right in linux emulation (most of them work), programs which deal directly with the kernel on a low level (which should not be portable, though there should be an equivelent for your OS), and programs that reqire hardware or hardware access. (Wine for instance requires user access to LDT, whatever that is, which isn't enabled, in this case easy to enable, though there might be others)
By and large though a program that runs on linux that won't compile and run for *bsd is not a program you should allow on linux. Any programer who can't write portable code, has probably made a lot of other stupid errors what will bite you. Be careful to seperate unportable code from portable code that hasn't been ported yet. A program that only runs on one OS is likely the former and you shouldn't touch it, while a program that runs on several OSes but hasn't been ported to yours could be well written and just in need of minor adjustments to work right.
Pretty impressive reading. It reads as a bunch of guys on the NetBSD front being pretty reasonable and just wanting him to stop behaving like a prat. His response is to throw his toys out the pram and storm off in a huff.
Full credit to him for getting this sort of stuff done, but I hope he has grown up since then.
An Eye for an Eye will make the whole world blind - Gandhi
pf seems to be very stable so far. Just don't forget to apply the related errata if you're planning to use IPv6.
Another great feature of OpenBSD 3.0 regarding network filtering/routing is the integration of AltQ, that brings quality of service to your IP traffic. It basically has the same (but very flexible and efficient) algorithms and class system that Linux has. But it's very nice to see it in OpenBSD.
{{.sig}}
As Theo says himself in his interview, people who don't like his model of selling the ISOs are free to make their own. This will hopefully quiet the stupidity that usually follows this announcement:
As usual, ISO images here.
Here's the text from that file:
Slackware 7.2 is NOT released.
Is this in the slackware-current, or slackware-7.2 directory?
Looks like slackware-current to me.
Wake up, do some REAL reporting (like, ask someone on our team), and stop trying to get "fp!".
...should be about a month for the actual release.
- Pat
(I wish I could find the reply to michael's ascertation of it being a beta, aptly named "THIS_IS_NOT_A_BETA_EITHER.TXT, but that seems to have been lost in the sands of time.)
-- Give him Head? Be a Beacon? :P)
(If you can't figure out how to E-Mail me, Don't.
We use OpenBSD exclusively for our web servers. We moved our database servers from OpenBSD to Linux. I look foward to migrating our systems (some 2.8, some 2.9, one that I broke trying to do a fancy 2.8->2.9 upgrade...) when our CDs arrived. We figured that we use OpenBSD a lot, owning a bunch of CDs was worth it. Alas, it is is still cheaper than the copies of RedHat that we pick up.
:)
OpenBSD has a real problem that I was never able to resolve, this makes it worthless for a database server. The machine is quite "efficient" with memory, which let it run with very little memory. However, with a lot of memory (our db servers normally have 1.5GB -> 2GB, I LIKE giving PostgreSQL lots of buffers and sortmem) there is little documentation on tweaking the system. I even contacted the developers in charge of the SysV memory support, etc., and they thought I hit the crack rock a little to hard.
For web servers, however, I'm quite comfortable with our OpenBSD servers sitting open on the Internet. I'm terrified of a RedHat box not being hidden. As a result, I keep the database nice and hidden.
Linux blows OpenBSD's performance away. This is a matter of Linux focusing on performance. However, for web servers (that for us just run PHP, mod_rewrite, and some other toys) I don't care... When I need more web serving power, I buy another web server for $2K. Having SSL built in to Apache is nice, and the ports is too fucking slick.
BTW: OpenBSD seems to run quite nicely on my Penguin Computing 1U servers...
Alex
I expect to keep our production servers on 2.9 for 2-3 months, but move development to 3.0.
Ooops.
If you check Mozilla Releases, you will find releases for Free and Net BSD builds, but no OpenBSD builds.
Gentoo Sucks
> Is waiting for fsck to finish really that much of a problem for you?
Yes, actually, when you're dealing with servers with 100's of gigs.
Read the interview. PF has everything IPF (plus more) has already.
http://www.usenix.org/publications/library/procee
http://www.osnews.com/story.php?news_id=153
http://www.freebsd-fr.org/docs/fr/others/systeme-
http://www-106.ibm.com/developerworks/linux/libra
http://docs.freebsd.org/44doc/smm/05.fastfs/paper
I understood the article that part of the repair work can be done after mounting the soft updates fs.
The expert opinion: http://kt.zork.net/kernel-traffic/kt20000814_80.ht ml#1
I've been excited about the TUX2 filesystem ever since I heard of this. I hope this is the default for 2.5 - 2.6 barring some unforeseen problem.
-l
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
it can be frustrating being right, all journaling really seems to do is attempt to fix the problems ext2fs has by laying another piece of code on top of it, instead of fixing the primary problem, that is that ext2 is broken as far as the BSD hackers are concerned.
Journalling is one solution to the problem, and soft updates is another. Each is worthwhile within its own contexts.
A solution analogous to soft updates is coming with the tux2 file system from Daniel Phillips, which uses ordered writes to ensure the integrity of a file system, as soft updates does. BTW, I'd find it REALLY interesting if a BSD filesystem hacker ACTUALLY said ext3 was broken because it used journalling and not ordered writes. I think you are just creating controversy where none exists.
Journalling keeps a near synchronous log of inconsistencies between the file system on disk and the one in the VM. This allows crashes to be reconstructed to a consistent state. Soft updates simply groups the inconsistencies and writes them in a particular order that ensures the consistent state can be restored after a crash. Each is faster under sets of circumstances, each can be slower under others. Linux will have both fairly soon. I personally think ordered writes is a more elegant solution, but either seems to solve the problem reasonably.
Most relevently is that int's only really in the month or so after a release (rather, the month starting a couple of weeks after a release) that Theo gets a holiday.
With that in mind, the Dec 1st release date was obvious.
see my top-level post with some links to Linux hacker commentary:6 32 739
http://slashdot.org/comments.pl?sid=24290&cid=2
-l
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
FreeBSD. And life is a lot easier if you use PCI peripherals.
If you've got the time give 'em all a go.
Dave
I write a blog now, you should be afraid.
Where are my mod points when I need them?
Dave
I write a blog now, you should be afraid.
You can run Linux binaries on FreeBSD if you install support for it, but since the underlying system is different you can't configure BSD that way. The FreeBSD equivalent of linuxconf would probably be sysinstall. It is pretty easy to use.
Here is the supported hardware list for x86. I have FreeBSD 4.2 running on my Toshiba laptop with a Xircom NIC for God's sake. It supports plenty.
In the beginning were file systems. A file system took what you wanted it to write and put it on the disk for you. And it was good.
But the users moaned "speed, we must have more speed" and indeed their call was echoed by the admins. So write ahead caching was invented so the users calls would return sooner, and once again all was peaceful with filesystems.
But then one day someone tripped over the power cable and the OS died. On recovery it was discovered that the filesystem was completely borked (due to some of it being in the write ahead cache when the power died) and lots of data was lost. There was much wailing and gnashing of teeth so the journal was invented. A journal writes a list of things that the file system will do when it gets around to it, but writes this list to the drive so it doesn't get lost when the power is lost. Because the list is all in one place the journal is fast and once again there was peace.
Over the years slowly everyone, even Microsoft and even the Linux kernel made themselves journals but the BSD hackers (Greg Lehey?) realised you didn't really need one if you were careful about the order in which you wrote to the disk. And hence softupdates were invented, and are (arguably) very slightly faster. But mostly just different. Like Reiser, but that's another story entirely.
Gottit? Synchronous writes good, but slow. Async writes bad, but fast. Journaled writes good, and fast. Softupdates good and fast without a journal.
Dave
I write a blog now, you should be afraid.
why bother? the varia ISOs are for x86, which the vast majority of people use. to most people, the official CDs are pretty much worthless (now, folks that want to make an Amiga firewall or something, yeah, they need the official CDs).
I wish the OpenBSD guys had some sort of "pick-an-arch" system where you could get X number of arches for Y dollars (like $10 for an x86 cd, $10 for a macm68k/macppc cd, $10 for a combo of the smaller arches, or something like that).
This would provide the most utility/choice to the end users, and probably increase CD sales by lowering the cost barrier (I mean, $40 is enough for most folks to notice, $10 is almost an impulse buy). Also, a minor side effect, the cd insert could be (more extensively) tailored with installation hints for the arch in question (not a big issue because the instructions are on the cd, but sometimes it's nice to have paper to follow along with while you're typing).
News for Geeks in Austin, TX
They all have good points and bad points. If you do not have a strong reason to use one, you can narrow it down.
4. Which one supports the most x86 hardware
NetBSD supports a wider range of non-x86 hardware than any other OS. This is an advantage you probably will not need.
1. Which is the easiest/best to get started with?
It depends on when you consider the box "set up". If you are going to use it as a firewall / router, OpenBSD is hands down the way to go. Thats just the way it is. You want to spend as little time as you have to installing bug fixes.
If you are going to use the machine as an all purpose "learn about stuff" box, go with Free. Its used by the most people of the three, so there is a good community as far as dlists and howto's.
I studied the three a bit before making a choice for myself, and found that the FreeBSD deamon had a slightly more developed look than the netbsd logo. Objectively, I found the deamon logo more interesting than the blowfish in general. Don't get me started on penguins.
Troll Like a Champion Today
was that the cd's were available earlier than expected, according to this message from Theo at the OpenBSD Journal.
/. preferences.
... OpenBSD :-)
Btw, the headlines from this site are available as a slashbox, just check the box in your
Snake_dad (who runs Linux, Winedose, Novell 3.12 and
karma capped
British Telecom?
-l
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
Where in my post did I say "Linux has this right now, go and download it you BSD whore"? Did I not take care to mention that I hoped this would happen in 2.5?
^chuck^ writes:
all journaling really seems to do is attempt to fix the problems ext2fs has by laying another piece of code on top of it, instead of fixing the primary problem, that is that ext2 is broken as far as the BSD hackers are concerned.
The point of my post was to respond that problems with ext2 have been understood and taken into account and are not being ignored. Duh.
-l
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
This news (both Theo interview and others) has been up for a few days on OpenBSD Journal.
Slashdot readers who have made an account and are logged in can customize their display to add the headlines from OpenBSD journal and other sites to their main slashdot page, and catch news like this as it happens. It's a neat feature. ;)
o/~ Join us now and share the software
So this server with 100's of gigs...
You just pull the plug when you need to reboot? Or this "vital" server doesn't have a UPS?
If you're running OpenBSD, is it safe to assume you know to shut the machine down cleanly and to have UPSes on servers?
Isn't this whole discussion related to the fact that power suddely dies or the like? If only the drive fails you're screwed anyways (but this server does have a fault-tolerant RAID card right?).
I'm getting sick of this constant stream of freshmeat-like announcements of Linux-specific junk. You know there's more in the world than just Li... oh, you said OpenBSD! ;-)
-Aaron, who has seen too many serious posts that began with similar statements
Use tircproxy in transperant mode. I have found it to work better then either the linux or OpenBSD irc modules. As an added advantage you can tie it in with auth/identd to work with IRC servers that require it. I run OpenBSD identd with the -h option to hide users which works quite well.
The problem with them is that they make basic assumptions about your hardware.
Every Intel box in the universe is capable of putting up characters on the screen. Anything past that, you're making assumptions.
The *BSD installers can be setup on a box with a Hercules graphics card.
And you wonder why you'd want to do that? Well, let's say you're setting up a server. The normal way I have of getting a server going is to plug in a video card - any video card, junk is great - get FreeBSD going on it, get a telnet or ssh daemon running, and then compile a custom kernel with no video card driver & rip that sucker out of there. Because there's no GUI, I can do that.
my old sig used to be funny, but then slashcode ate it and now it's not funny anymore
Definitely FreeBSD.
Use FreeBSD 3.x for old boxes, 4.x for new boxes. (Especially use 3.x if you have old, weird, cranky proprietary CD-ROMs and other hardware from that era.)
Here's the breakdown:
my old sig used to be funny, but then slashcode ate it and now it's not funny anymore
Wow, what a persistent troll.
-l
Help cure AIDS, cancer, and more. Donate your unused computer time to worldcommunitygrid.org. Join Team Slashdot!
From the interview:
You gotta love comments like these! Well, you might not, but I do anyway. I say, why hide behind glossy, laminated marketing? (By the way, I'm not trying to say anything against the NetBSD team. They're good folks and NetBSD is a great product, as is OpenBSD.) All I'm saying is that people should say things as they are. If you can't read a man page, you shouldn't be using a computer! It's as simple as that.Oh well.
Theo included a good link in his interview...
I just finished reading it and it is some wonderful information. Seriously, everybody who runs any of the BSDs or Linux should read this paper. It will give you a much deeper understanding of what's going on and why, and this will lead to better choices when you configure your next box (or maintain those you're running right now). As always, reliable operation of any machine (be it a computer, a car, or a nuclear power plant) depends heavily on knowledgeable use and proper maintainence.
Oh well.
But with clustering and a journaling filesystem its not a big deal.
http://saveie6.com/
softupdates were first invented as theory by Ganger & Patt and the idea was published as a paper. Kirk McKusick then took their idea, and coded it for *BSD.
I dont *want* to wait, I want my computer booted *now*. I dont want to wait for it to power down. I dont want to wait for it to power up. When the trivial bit of code main() { while (1) fork(); } run from userland can cause me to need to hit the reset switch I dont wanna lose data and I dont wanna have to wait for 15 minutes for it to boot back up.
How we know is more important than what we know.