Slashdot Mirror
Taking MicroBSD for a Test Run
LiquidPC writes "In this article Jeremy Reed of BSDNewsletter.com talks about installing MicroBSD, what features make it special, troubles and successes I encountered, and the beauty of the BSD license."
← Back to Stories (view on slashdot.org)
What a jerk...this is obviously a post from one of those wanks that wants everyone to have a choice in what license they use, as long as it's the infectious GPL. Yea....choose any license as long as you use THIS one and not THAT one...
Use whatever license you like. If you don't mind that you are going to benefit companies like MS and their closed source products, then by all means, release under BSD. The writeup was just trolling anyway, the article says nothing about the "beauty of the BSD license" only that the MicroBSD people didn't even clearly license their product back under the BSD license, something that is permitted under the BSD license.
The microBSD people claim it was just because they havn't finished cleaning up the code.
From the article, it looks like the microBSD thing is pretty shitty right now, maybe in a few revisions it would be OK, but this guy seemed to have tons of trouble with it.
I've had enough abrasive sigs. Kittens are cute and fuzzy.
I don't see what is 'micro' about the distro. The default installation takes 160M. Back when I have my AT&T 3b1 running, the whole thing fit on a 10M disk with 3M left for my files. No tcp/ip tho, but does that really take 150M?
-dB
"It if was easy to do, we'd find someone cheaper than you to do it."
The BSD license is pretty beautiful, if you are MS and you need a TCP/IP stack to steal.
I think it's great that Microsoft can and does use the BSD stack. At least now they are using something that is well designed and follows the RFCs to the letter. Anything cooked up and "optimized" by M$ themselves would in all likelyhood have brought down the Internet in a catastrophic congestion collapse.
"I have opinions of my own, strong opinions, but I don't always agree with them." -- George H. W. Bush
So?
What you need to understand: it isn't your code, they can do what they want with their code. release your code with whatever license you want.
The developers of code released under BSD style license are just fucking generous. plain and simple.
It's not that they have never considered "Gee, what if someone uses this in a closed source system? Gee, what if someone or some Corp. rips off our code and we get nothing back?". They have considered that possibilty, and they dont care.
Here is the flaming part of this post:
Ideally: "we release completely free source"
Realistically: "People rip off our shit"
BSD style license is Ideals living despite Reality. GPL is Ideals living to confront Reality. You decide what the right lifestyle is for you and let me live the way i want.
We've already established that MS ignored the advertising clause of the BSD license when it used the BSD TCP/IP stack. What makes you think that they wouldn't just ignore all of the clauses of the GPL?
What a waste of an OS and a waste of an article. Why was this even posted on Slashdot?
Well, it's not so much an OS as a 'distribution,' in the sense of RedHat versus SuSE. Same basic kernel- OpenBSD's, in this case- and the idea is to merge all the 'heavy' security features (ACLs, etc) from TrustedBSD et al. onto the fairly 'light' and proven OpenBSD core. It's no worse than Yet Another Linux- and there are quite a few distros in that market that seem wastes of effort to me, but... it's the maintainers' prerogative.
That said, while it's a very nice attempt, I don't think 'Outback' is up to maintainership. He seems like a nice guy with some nice dreams, but from his mailing list posts, it's obvious he doesn't have a lot of familiarity with... anything. I wish him well- and think the project will be a great learning experience for him- but I wouldn't dare run this beast without seeing some 3rd-party audit action, if and when the merged features get running. I think it's his inexperienced perspective that's making it happen at all- it's an "innocent" approach to free software- "Hey, FreeBSD and NetBSD have all *these* great features, while OpenBSD has this really audited and sane-ified base install, let's install X under Y"- but the issues of actually making it run and avoiding stupid problems (overflowable buffers and other holes) in the 'glue' required make it fairly daunting for even the most experienced maintainer. (Theo gets a lot of crap for *his* architectural decisions, and compared to Theo, Outback is a MCSE.)
So... let's see if he gets anywhere. If he does, let's jump in, learn how to properly audit a project, and create the wonderful feature-complete distro that is his intent (or cross our fingers and hope a consultancy or similar does it for us)... No need to knock a man for trying, but no need to put your network at risk with his software based on his good intentions, either.
From their Web Site
:
/bsd: signal 11 received by (qmail-smtpd:13657) UID(1006) EUID(1006), parent (tcpserver:11016) UID(1006) EUID(1006)
/. us this morning which is okay. Though those of you now reading this 0.5 is in two different ISOs the full ISO, and the miniISO. As they say 160megs installed on the Full ISO for 0.5, it is less then 64Megs for 0.6 which is due out soon. Also note that 0.6 contains all the cleanups and additions, fixes for 0.5 and actually is alot more usable. Looks like everyone is going to be about 7 days to early. Wait for 0.6 and then take a look if you really want to see what we are doing. The differences between 0.5 and 0.6 are too large to list but size, configurability and features are the largest points.
We are going to give you all a little preview of exactly where we are with the 0.6 release and whats been going on here. Right now our tree is current as on 9/06/2002 and all code/updates/patches have been applied, and our modifications integrated. These include fixing up of some erroneous errors in the documentation, up to date Network Port ACL code, File Systems ACL code provided as of 9/6/2002. This also includes the stripping of all uneeded system binaries, the framework of integration of packages installed during the installation process as you desire. The base system is now below 25 Megs installed so we can now fit nicely on a 32Meg CompactFlash with room to spare. The first packages in the server installs will be IPSec, PPP, PPTP, IDS, MySQL, HTTP, DHCP, and Sendmail with other additions to follow. We are also testing now an AutoUpdate/Binary Upgrade process to centralize this for users. More will show up on that later. Our Downloads will be alot smaller for the full and mini versions of the ISOs. We may even drop the mini and create a combined for those that wish to install a compiler. This release does include the previously mentioned major code updates and functionality like TCP/IP mods, further privacy protection, the non-exec stack modifications and systrace functionality updates, GCC compiler mods of Stack Smashing protection, restarting of the TCP/IP counter at 0 for each new connection. plus fixes for the reported problems with file system ACL binaries. We are moving forward with this build and are looking for testers to pound out the bugs before the release.
We have gotten further additions for the 0.6 release integrated into the system along with the previously mentioned fixes and updates. If you are interested in joining the testing phase email us @ dingo@microbsd.net
FTPD Security Hardening
This makes ftpd run 99% non-root, while remaining 100% functional. Root privileges are dropped immediately after a successful authentication, and never regained later.
Human-time Resource Limitations
Traditional Unix semantics defines inheritable per-process resources limitations : memory usage, CPU time usage, stack size, file size, descriptors, max subprocesses and core dump size. It lacks something that can be really useful : human-time, ie. the real (not CPU) number of seconds a process is allowed to run. So even if the process is waiting forever without taking CPU time (dead lock, something waiting for data that nobody sends, etc), it can be automatically killed after a maximal time.
Signal Logging
With this the kernel will log important uncatched signals sent to processes. It will help to track down hardware and software bugs, processes that mysteriously crashed, and possible attacks.
Output in the log files looks like
Sep 5 20:26:46 mserver
Seems someone decided to
This is a Size preview for the full Release for 0.6, other additional packages will include IDS, PostFix, MySQL, and a couple of others. Base install less then 64 Megs, and a heavily modified installation system.
641 Sep 2 15:33 CKSUM
36654 Sep 2 15:33 INSTALL.ata
37658 Sep 2 15:33 INSTALL.chs
21797 Sep 2 15:33 INSTALL.dbr
125042 Sep 2 15:33 INSTALL.i386
24017 Sep 2 15:33 INSTALL.linux
12465 Sep 2 15:33 INSTALL.mbr
22558 Sep 2 15:33 INSTALL.os2br
14522 Sep 2 15:33 INSTALL.pt
1155 Sep 2 15:33 MD5
9376463 Sep 2 15:49 base06.tgz
4432422 Sep 2 15:33 bsd
4252465 Sep 2 15:33 bsd.rd
2949120 Sep 2 15:33 cdrom06.fs
184670 Sep 2 15:49 dhcp06.tgz
128796 Sep 2 15:49 etc06.tgz
1474560 Sep 2 15:33 floppy06.fs
1474560 Sep 2 15:33 floppyB06.fs
1474560 Sep 2 15:33 floppyC06.fs
558766 Sep 2 15:49 ipsec06.tgz
440998 Sep 2 15:49 ppp06.tgz
37500 Sep 2 15:49 pptp06.tgz
424264 Sep 2 15:49 sendmail06.tgz
Thats a great idea. I have been thinking along the same lines of using the BSD or MIT license for codecs as a way of spreading the codec to the largest market with perfect interoperability but the hijacking ala divX of the codec before it is complete and before large penetration irked me. This idea of making it gpl while it is being completed and after completion turning it into bsd for consumer penetration is a great idea. Prhaps slighly modified bsd to make sure it is mentioned in the documentation to make it easy for people check for compliance to the standard.
Out of curiosity, would that necessarily have been a bad thing? Granted, it would have meant that today's world would look quite different from the way it does now, but would it necessarily have been a change for the worse?
quidquid latine dictum sit altum videtur.
It agree on all three counts. OpenBSD could be easier for first time users, but is simple and fast the second and nth time around. FreeBSD and its menus can be confusing. You need the Handbook right in front of you. Even then I seem to install something a little different each time. Haven't used NetBSD recently. I had trouble with the installer, but that was a while ago I hope things have changed.
:-) The installer is not friendly to the first time user. My first install was wiped in about 3 minutes as I started my second install. My second install worked well. My third and nth installs are great. The install is very quick. The defaults are sane and not a lot of questions are asked. There are only a handfull of packages that I install from precompiled instead of ports. When I need a *nix I install OpenBSD.
OpenBSD is my favorite *nix. It is perfect. It is a simple clean install that comes with everything that should be in a default unix install. (Except BASH!
OpenBSD may be for a more advanced user. Anyone willing to learn, read a little, make some mistakes, should have no trouble working with OpenBSD. I encourage any *nix admin to make some time and learn OpenBSD. Call it professional development. I am sure that you won't turn around and install OpenBSD everywhere. However I am confident that you will find uses for OpenBSD where its quick and simple install will save you time and stress.