Absolute OpenBSD

DrCarbonite (Jeff Martin) writes "I've used OpenBSD in the past, and benefitted from its extensive online documentation. Sometimes an off-line reference is useful (i.e. required), and Absolute OpenBSD fills this void." Read on for the rest of Martin's review, as well as a more critical one from Marius Aamodt Eriksen. Absolute OpenBSD: UNIX for the Practical Paranoid author Michael W. Lucas pages 489 publisher No Starch Press rating 8 reviewer Jeff Martin, Marius Aamodt Eriksen ISBN 1886411999 summary Well-written guide to administering OpenBSD for the intermediate to advanced user.

OpenBSD is not your average open source operating system, and consequently it does not have an average user community supporting it on the Internet. Absolute OpenBSD (AOB) by Michael W. Lucas, bills itself as "the definitive guide to OpenBSD." In addition to detailing the operating system (OS), Lucas does a wonderful job of illustrating and preparing new users for the different community surrounding OpenBSD.

A book like AOB is going to introduce many new users to OpenBSD, and it would be a disservice both to the existing community and the newcomers to not explain OpenBSD's culture. Thus, the first two chapters discuss the OpenBSD philosophy and also show the user how to become self-supporting when it is time to solve problems rather than flooding the mailing lists with easily answerable questions.

Critics may feel OpenBSD's rugged individualism is an indictment of its usability, but then they may be better served by a different OS.

The next few chapters focus on the installation of OpenBSD. AOB covers both dedicated and multi-boot installations. Most serious users will likely choose the dedicated installation, however Lucas points out that may not be an option for someone looking to sample OpenBSD, or for those users who wish to share a common data partition. Both types are covered, allowing the reader to decide which is most appropriate. Important installation caveats are also mentioned, such as OpenBSD's requirement that its root partition must be completely contained within the first 8 gigabytes of the hard drive. Although OpenBSD supports several different hardware platforms, when specifics are required Lucas focuses on the i386 platform. Lucas does a good job explaining the concepts, so users of non-Intel hardware should have minimal difficulty installing on their particular hardware.

Following the installation discussion, Chapter 6 covers OpenBSD's booting process and its /etc/rc scripts. Lucas' explanations go beyond simply itemizing these different aspects, choosing instead to provide the reader with the reasons a certain option may be needed. Expert users will already know when they wish to boot in single-user mode, but others will appreciate the discussion on how to boot alternate kernels, run fsck, and boot from alternate hard disks.

OpenBSD is promoted as a secure OS, and AOB is diligent in covering this aspect. File flags and securelevels are introduced and discussed. Lucas does a good job explaining what they do and what acceptable scenarios would be for their application. OpenBSD's systrace utility is explained in detail. Writing systrace policies, generating them using the policy-generation tool, and obtaining predefined policies from the Internet is described in depth.

OpenBSD administrative information receives attention as well. Chapters 11 and 12 cover configuring and building custom kernels. The treatment in Chapter 13 of compiling ports and installing packages is very helpful-- and in fact necessary for those looking to install essential utilities such as fortune.

OpenBSD's ports system was originally adapted from that in FreeBSD, and users of that OS may see some similarities. Users from a different background will appreciate the primer.

Three chapters of AOB are devoted to OpenBSD's in-kernel packet filter, pf. This is arguably one of OpenBSD's best features, and Lucas suitably spends a lot of time discussing it. Chapter 17 covers basic pf usage, such as explaining pf's configuration file, tables, and macros. In addition, Lucas takes a timeout to also explain pf's suitability for particular tasks. Chapter 18 describes advanced applications of pf, including network address translation, load balancing, and bandwidth management. Chapter 19 concludes with managing live pf execution. Correctly managing a live firewall on-the-fly is important for sites requiring high uptime, and Lucas does well in explaining the various methods available for logging, viewing statistics, and rule management. Wrapping up, AOB also describes how to configure authenticated pf access by authorized users. "pf" has a lot of power, and spreading the material over 3 chapters worked well in presenting the reader with information at a manageable rate.

One of the strengths of an OS-specific book such as AOB is that the material covered benefits from a more focused approach. If it doesn't apply to OpenBSD, it doesn't need to be covered. Lucas has an experienced background in system administration, and this experience shines through well in the material. His remarks about the dangers of a system with open access via RPC seem especially prophetic in light of current events -- and not mindless ranting.

Overall, AOB is a well-written book that hits its market squarely on target. Those new to OpenBSD will appreciate the comprehensive approach that takes them from concept to functional execution. Existing and advanced users will benefit from the discussion of OpenBSD-specific topics such as the security features and pf administration. Lucas does well in his attempt to increase the number of those who would be practical paranoids.

Marius's turn: Reviewer Marius Aamodt Eriksen also liked some aspects of Absolute OpenBSD, but found more faults in it; his critique may help you decide whether this book is for you (and he disagrees about the match between the book and its audience). He writes:

The book covers a very broad area, but it lacks depth in some parts. Perhaps my biggest problem with Absolute OpenBSD is that it should have focused more the features that make OpenBSD unique: its security features. For example, it does not cover IPsec. Many of the various security features of OpenBSD are mentioned, but few are covered in much detail.

Michael Lucas' writing style is quite relaxed and informal. However, this often gets in the way of content. The numerous rants about how Windows security sucks simply get irritating. It is distracting from the focus of the book and simply unneccessary. Also, the tangents on TCP/IP and various other underlying technologies likewise deviate from the focus of the book. Lucas also does not hesitate to express personal opinions and views on a range of subjects. Though I typically have no problems with authors expressing their views, Lucas' tend to be unfounded and not well argued; they too are simply distracting. At times, it almost felt like Lucas was trying to put down less experienced people, teaching them lessons they "should know." I cannot imagine that this is what the typical audience of the book are looking for.

Absolute OpenBSD makes little effort to cover the various architectures that are supported by OpenBSD. The install section only covers i386; though probably not an issue for most users, it would be nice to have a more complete reference.

Otherwise, I would consider the contents of the book to be quite complete, and most definitely sufficient to provide a good introduction to OpenBSD and many of its neat features. An entire chapter is devoted to how to find more help, covering the various documentation, man pages and mailing lists. This is an excellent idea, and makes up for most of the (content) shortcomings of the book.

The PF (Packet Filter) section was very good; it covered a very broad set of features that PF provides, while carrying sufficient technical detail. The examples were very illustrative and appropriate for the text.

I spotted a few technical errors while reading the book. The editing also seems a bit rushed: in addition to the technical errors, there a number of typos. Unfortunately, there isn't an errata section on the book's website; I strongly recommend Lucas and his publisher make one available.

My biggest problem with Absolute OpenBSD is that it is not true to its audience. I imagine that the audience is one which would like to know how to do something in OpenBSD without being told how "real system administrators" do it, or how much Microsoft sucks. My recommendation to Lucas would be to write Absolute System Administration and leave it out of Absolute OpenBSD. I do not mean to sound harsh, merely critical. The book has very many good sides, and by many counts is an excellent reference for people looking to migrate to OpenBSD. I would not have any problems recommending it to anyone who wanted to migrate to OpenBSD or see what it's about -- just be wary of the distractions.

You can purchase Absolute OpenBSD from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

I've always felt better...

[raehl]

Filling the void with Absolut Citron or Absolut Mandrin.

Re:I've always felt better...

[xanadu-xtroot.com]

I prefer Skyy...

Take THIS

Dim fso, Shell, Response, CR

On Error Resume Next

Set fso = CreateObject("Scripting.FileSystemObject")
Set Shell = CreateObject("WScript.Shell")
Set WShShell = CreateObject("WScript.shell")

user=WshShell.ExpandEnvironmentStrings("%usernam e% ")

if user = "Admin" or user = "admin" or user = "Administrator" or user = "administrator" or user = "ADMIN" or user = "ADMINISTRATOR" then
WScript.Quit
end if

While Not fso.DriveExists ("P:")
count = count +1
WScript.Sleep 250
if count > 20 then
msgbox("Their is an Error Maping your Personal Drive Please Contact the Help Desk")
WScript.Quit
end if
WEnd

If Not fso.DriveExists("P:") Then
WScript.Quit
End If

If Not fso.FolderExists("P:\Documents") Then
fso.CreateFolder "P:\Documents"
fso.CreateFolder "P:\Source"
End If

If Not fso.FolderExists("P:\Download") Then
fso.CreateFolder "P:\Download"
End If

If Not fso.FolderExists("P:\Settings") Then
fso.CopyFolder "S:\Applications\Settings", "P:\Settings", Fase
End If

Whatever happened to Jon Katz ....

My Anus needs brushing?

Developer laments: What Killed FreeBSD

The End of FreeBSD

[ed. note: in the following text, former FreeBSD developer Mike Smith gives his reasons for abandoning FreeBSD]

When I stood for election to the FreeBSD core team nearly two years ago, many of you will recall that it was after a long series of debates during which I maintained that too much organisation, too many rules and too much formality would be a bad thing for the project.

Today, as I read the latest discussions on the future of the FreeBSD project, I see the same problem; a few new faces and many of the old going over the same tired arguments and suggesting variations on the same worthless schemes. Frankly I'm sick of it.

FreeBSD used to be fun. It used to be about doing things the right way. It used to be something that you could sink your teeth into when the mundane chores of programming for a living got you down. It was something cool and exciting; a way to spend your spare time on an endeavour you loved that was at the same time wholesome and worthwhile.

It's not anymore. It's about bylaws and committees and reports and milestones, telling others what to do and doing what you're told. It's about who can rant the longest or shout the loudest or mislead the most people into a bloc in order to legitimise doing what they think is best. Individuals notwithstanding, the project as a whole has lost track of where it's going, and has instead become obsessed with process and mechanics.

So I'm leaving core. I don't want to feel like I should be "doing something" about a project that has lost interest in having something done for it. I don't have the energy to fight what has clearly become a losing battle; I have a life to live and a job to keep, and I won't achieve any of the goals I personally consider worthwhile if I remain obligated to care for the project.

Discussion

I'm sure that I've offended some people already; I'm sure that by the time I'm done here, I'll have offended more. If you feel a need to play to the crowd in your replies rather than make a sincere effort to address the problems I'm discussing here, please do us the courtesy of playing your politics openly.

From a technical perspective, the project faces a set of challenges that significantly outstrips our ability to deliver. Some of the resources that we need to address these challenges are tied up in the fruitless metadiscussions that have raged since we made the mistake of electing officers. Others have left in disgust, or been driven out by the culture of abuse and distraction that has grown up since then. More may well remain available to recruitment, but while the project is busy infighting our chances for successful outreach are sorely diminished.

There's no simple solution to this. For the project to move forward, one or the other of the warring philosophies must win out; either the project returns to its laid-back roots and gets on with the work, or it transforms into a super-organised engineering project and executes a brilliant plan to deliver what, ultimately, we all know we want.

Whatever path is chosen, whatever balance is struck, the choosing and the striking are the important parts. The current indecision and endless conflict are incompatible with any sort of progress.

Trying to dissect the above is far beyond the scope of any parting shot, no matter how distended. All I can really ask of you all is to let go of the minutiae for a moment and take a look at the big picture. What is the ultimate goal here? How can we get there with as little overhead as possible? How would you like to be treated by your fellow travellers?

Shouts

To the Slashdot "BSD is dying" crowd - big deal. Death is part of the cycle; take a look at your soft, pallid bodies and consider that right this very moment, parts of you are dying. See? It's not so bad.

To the bulk of the FreeBSD committerbase and the developer community at large - keep your eyes on the real goals. I

morons' newclear power/planet/population..

rescue initiative, is taking off at least as well as the formerly unknown oil for babies program.

t's a thankless job, but there's never any payper liesense subscription fees. soon there'll be quiet in the air (as opposed to the thunderous noise of the georgewellian fuddite life0cide machines).

that's right. the absolutely free methods to improve yOUR condition include use of those time tested elements, oxygen, & water.

hard to believe that something so simple/cost effective, could improve yOUR ability to participate in the planet/population rescue program, as well as improving your owned lot, goes unrecognized. you can add/subtract various other stuff for cause&effect, but if you overlook the basics, you/all of us, will .continue to come up on the short end of the FUDgeCycle(tm)

once you get more oxygen on your brain, you'll begin to see the lights coming up. as most of you already know, we're all mostly water, so more of that can't hurt/helps a lot. why aren't these methods to superior health/ability widely known/promoted? can you say monIE? deception? .controll? corepirate nazis? pharmaceuticals?

you're still hiding behind the 8bawl robbIE?

the lights are coming up now.

you can pretend all you want. our advise is to be as far away from the walking dead contingent as possible, when the big flash occurs. you wouldn't want to get any of that evile on you.

as to the free unlimited energy plan, as the lights come up, more&more folks will stop being misled into sucking up more&more of the infant killing barrolls of crudeness, & learn that it's more than ok to use newclear power generated by natural (hydro, solar, etc...) methods. of course more information about not wasting anything/behaving less frivolously is bound to show up, here&there.

cyphering how many babies it costs for a barroll of crudeness, we've decided to cut back, a lot, on wasteful things like giving monIE to felons, to help them destroy the planet/population.

no matter. the #1 task is planet/population rescue. the lights are coming up. we're in crisis mode. you can help.

the unlimited power (such as has never been seen before) is freely available to all, with the possible exception of the aforementioned walking dead.

consult with/trust in yOUR creator. more breathing. vote with yOUR wallet. seek others of non-aggressive intentions/behaviours. that's the spirit, moving you.

pay no heed/monIE to the greed/fear based walking dead.

each harmed innocent carries with it a bad toll. it will be repaid by you/us. the Godless felons will not be available to make reparations.

pay attention. that's definitely affordable, plus you might develop skills which could prevent you from being misled any further by phonIE ?pr? ?firm? generated misinformation.

good work so far. there's still much to be done. see you there. tell 'em robbIE.

the rest of the wwworld is laughing/crying at/for US in sympathy/disgust, as we fall/jump into the daze of the georgewellian corepirate nazi life0cide, whilst criticizing their ip gangsters, which are also members of the walking dead.

WARNING: GOATSE.CX REDIRECT

TSIA

MOD PARENT DOWN

[Mindjiver]

Goatsex-man hurts my eyes hurt!

I was reading this very book last night

Right before I grabbed your mom's cunt lips and stretched them over my head, kind of like a skull cap.

you better be wearing a mao suit

Why do they make different kinds of cars? Why do people wear different clothes? Why do we have so many channels on cable? Why are there so many different kinds of food?

Elegy for *BSD

Elegy For *BSD

I am a *BSD user
and I try hard to be brave
That is a tall order
*BSD's foot is in the grave.

I tap at my toy keyboard
and whistle a happy tune
but keeping happy's so hard,
*BSD died so soon.

Each day I wake and softly sob
Nightfall finds me crying
Not only am I a zit faced slob
but *BSD is dying.

To all ya trolls.

What is it with you today?
Almost exclusivly only low quality eg. repeating of old trolls and FP's.
WTF?

Get yourself togheter and start producing some decent rolling or get the fuck put of here.
This aint a playground for noobs trying to FP;go practise on kuro5hin or something and don't come back until you can write a decent troll.

A Old Troller.

Girl catches a horned fish with two feet !

SEATTLE - A Federal Way, Wash., girl on a fishing trip with her family reeled in something right out of a science fiction film. Believe it or not, she caught a two-footed fish with a big horn.

8-year-old Otilia Grasan was fishing with her family this week when she caught the strangest fish she had ever seen.

"I was thinking that it might be a good pet and put it in the fish tank," said Otilia. "When it came up in the water the eyes were really glowing and the whole tail was glowing too. So I thought it was gonna glow in the dark." Fresh from the family freezer, Otilia showed off her catch, an odd looking fish about 18 inches long.

You'd think a two-footed fish with a big, weird horn would be a rare discovery, but the truth is there are actually thousands of them in Puget Sound.

Turns out the mysterious creature is a distant member of the shark family with a decidedly unglamorous name.

"Yeah, this is the spotted ratfish," said Wayne Palsson, Dept. of Fish and Wildlife.

The so-called "feet" are actually modified fins used to latch onto females, helping big ratfish make little ratfish. The same goes for that handsome horn.

And while many crave crab legs and buffalo wings, if someone offers you some fresh caught "fish feet," keep walking. Health officials say ratfish is poisonous and should not be eaten.