Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenBSD 5.4 Released

Posted by timothy on from the they're-not-in-it-for-the-money dept.

An anonymous reader writes "The release of OpenBSD 5.4 has been announced. New and notable advancements include new or extended platforms like octeon and beagle, moving VAX to ELF format, improved hardware support including Kernel Mode Setting (KMS), overhauled inteldrm(4), experimental support for fuse(4), reworked checksum handling for network protocols, OpenSMTPD 5.3.3, OpenSSH 6.3, over 7,800 ports, and many other improvements and additions."

61 of 102 comments (clear)

  1. Re:But ... by Anonymous Coward · · Score: 1

    Wouldn't that be a little unsafe for OpenBSD's standards?

  2. Re:But ... by billcarson · · Score: 5, Informative

    Why, yes, yes it can. There is linux binary emulation available.

  3. OpenBSD Rocks. by grub · · Score: 5, Informative


    Rather than slagging OpenBSD, set up a small VM and try it there for a while. It's a fantastic OS, I use it on my gateway/firewall/VPN, other edge-facing devices and a llaptop.

    It's a bit minimal but what you get works.

    --
    Trolling is a art,
    1. Re:OpenBSD Rocks. by jones_supa · · Score: 1, Interesting

      What are the benefits over using Linux?

    2. Re:OpenBSD Rocks. by jawtheshark · · Score: 5, Informative

      Look into the syntax of pf, then look into the syntax of iptables. Then look back again. If I can, I damn well avoid having Linux firewalls, and I'm a Linux system administrator.

      --
      Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
    3. Re:OpenBSD Rocks. by gagol · · Score: 4, Informative

      OpenBSD focus on code stability rather than features, uses encryption everywhere it benefits and consider documentation as critical. Overall, it is very stable and secure.

      --
      Tomorrow is another day...
    4. Re:OpenBSD Rocks. by BitZtream · · Score: 1

      Are you a masochist? If you aren't, just use FreeBSD instead. You'll get roughly the same result, minus the pain and suffering Theo inflicts on others who listen to his rants as well as use his code.

      --
      Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
    5. Re:OpenBSD Rocks. by grub · · Score: 5, Informative


      I'd suggest starting here as a beginning: 9 - Migrating to OpenBSD
      One thing I find OpenBSD is head and shoulders above other *nix OSs at: the documentation. Virtually every service, binary, config, library, /etc/*, what-have-you has a thorough manpage included. The emphasis on security and "correctness" shows everywhere: pf is fantastic (iptables is a cancer by comparison), the built-in IPSec is great, it's OpenSSH's "home OS", etc.

      Everything fits very well together (as is also the case with FreeBSD and NetBSD). All the OpenBSD users could post replies to your question but the only way to see for yourself is to try it out.

      Enjoy!

      --
      Trolling is a art,
    6. Re:OpenBSD Rocks. by drinkypoo · · Score: 1

      Last time I used it, it was a very long time ago, and I had to throw it away because the intel NIC driver that I was using (some kind of 10/100 cards) would choke eventually if you had more than 1 in the system, and I had 4.

      Now I shall try it again on my olde timey original Atom netbook (Acer Aspire) which I've been putting off installing with anything for lack of anything modern that I wanted to run on it. This is close enough. I ought to have one machine I can kind of trust.

      --
      "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
    7. Re:OpenBSD Rocks. by K.+S.+Kyosuke · · Score: 4, Funny

      What, iptables has a syntax? I thought it only had command line options.

      --
      Ezekiel 23:20
    8. Re:OpenBSD Rocks. by Mitchell314 · · Score: 1, Funny

      In other words, boring and lame. :p

      --
      I read TFA and all I got was this lousy cookie
    9. Re:OpenBSD Rocks. by Anonymous Coward · · Score: 5, Interesting

      To me it is having a UNIX system that just works.
      Sound, graphics, networking, documentation. Everything is just damn stable. I can update to the next version with no fear that it will break my system. Every new feature is a well thought and all over improvement on the previous version.
      With Linux, it is always chasing a moving target that has many attractive features, but each fighting with each other and against the user. Today my WiFi won't work, tomorrow it will work but my headphones will be mute for no good reason. The day after tomorrow the apt database will get corrupted. Don't get me started on RPM.
      I do have to renounce to some features and software that will only work in Linux, but in the end, it fits my needs the best.
      As a programmer, I also find that when both systems solve a similar problem, the Linux solution usually feels more hackish and ad-hoc while the OpenBSD one(assuredly often in hindsight) feels like a real improvement.
      I do always keep a Linux partition with the latest cool distro(currently Mint) but in the end I spend most of my time on OpenBSD.
      As for FreeBSD, it is somewhere in a middle ground between Linux and OpenBSD, but, at least for me, that middle ground feels even less comfortable than either one.

    10. Re:OpenBSD Rocks. by cptnapalm · · Score: 4, Informative

      I have this truly bizarre UltraSparc laptop. The only two operating systems which will support it are Solaris, obviously, and OpenBSD. Solaris was extremely sluggish whereas OpenBSD with Awesome is quite spry.

    11. Re:OpenBSD Rocks. by Anonymous Coward · · Score: 1

      Hahaa! Straight into the trap!

    12. Re:OpenBSD Rocks. by Waffle+Iron · · Score: 2

      With Linux, it is always chasing a moving target that has many attractive features, but each fighting with each other and against the user.

      That's been the continual story of personal computing since the 1970s. *Somebody* has to go through the pain of integrating new capabilities into common use.

    13. Re:OpenBSD Rocks. by ISoldat53 · · Score: 1

      Has it changed much since 2003? That's the last time I tried to use it and that's when my manuals are dated. Not a dig, it's just I haven't tried it since.

    14. Re:OpenBSD Rocks. by Burz · · Score: 2

      OK. I'll set one up in a Qubes VM... that way the system will stay secure. :D

    15. Re:OpenBSD Rocks. by eudaemon · · Score: 1

      Well you can find out for yourself at the OpenBSD home page, which explains their approach to security: http://www.openbsd.org/security.html OpenBSD is definitely an educate yourself then ask questions sort of OS. I'm not slagging on you, just saying it makes more sense for me to post a link than try to recreate the contents of the webpage it goes to. Check it out. Decide for yourself.

    16. Re:OpenBSD Rocks. by jones_supa · · Score: 1

      Reading the comments above and reading some material, my impression now is that it is more robust than Linux, but requires more effort to set things up.

    17. Re:OpenBSD Rocks. by VortexCortex · · Score: 1

      Right. I use Debian Stable and OpenBSD. I find that for the most part they're quivalent in the "Damn, they broke shit again" department... Seriously.

    18. Re:OpenBSD Rocks. by Teckla · · Score: 1

      If you prefer crashy and insecure, you know where to find it.

    19. Re:OpenBSD Rocks. by Bengie · · Score: 1

      Just the way sysadmins like it.

    20. Re:OpenBSD Rocks. by Anonymous Coward · · Score: 1

      No one had mentioned Windows until you just brought it up.

    21. Re:OpenBSD Rocks. by grub · · Score: 1

      They release a new version every 6 months, so your last info is about 20 versions behind...

      --
      Trolling is a art,
    22. Re:OpenBSD Rocks. by Anonymous Coward · · Score: 2, Informative

      You mean like ASLR, drive encryption, stack canaries, W^X? None of these were invented there but they were common and integrated into OpenBSD long before any Linux.

    23. Re:OpenBSD Rocks. by armanox · · Score: 1

      Is it a Tadpole computer? I don't know of too many UltraSparc laptops. I'd consider buying one if they were still available.

      --
      I'm starting to think GNU is the problem with "GNU/Linux" these days.
    24. Re:OpenBSD Rocks. by Anonymous Coward · · Score: 1

      Debian Stable is comparable to OpenBSD in that there is a group of people(and that includes users) making sure the changes won't destroy people's systems before rolling out updates. QC, crazy, huh?
      Similarities end here.
      Debian Stable is effectively dead on arrival. By the time you upgrade to the next version, your software has only been getting back-ported "security" fixes for more than five years. It wouldn't be a bad choice if civilization ends tomorrow and that's the system you are stuck with. But it is hardly optimal.
      Debian is also affected by the Linux feeping creaturism(It's not as if they aren't just pulling stuff from sid) and, after half a decade, the shock is much worse. You will have to reconfigure any customization from scratch. Today you were using alsa, X11 and iptables, tomorrow you get to deal with PulseAudio, Wayland and whatever they call that.

    25. Re:OpenBSD Rocks. by larry+bagina · · Score: 1

      OpenBSD wasn't developed by the NSA.

      --
      Do you even lift?

      These aren't the 'roids you're looking for.

    26. Re:OpenBSD Rocks. by celle · · Score: 2

      Are you a masochist? If you aren't, just use open source instead. You'll get roughly the same result, minus the pain and suffering Steve inflicts on others who listen to his rants as well as use his code.

      FTFY

      PS Steve Ballmer is still at Microsoft and Steve Jobs hasn't been dead that long so most of his decisions are still being used so it works for both Windows and Mac OSX.

    27. Re:OpenBSD Rocks. by tlhIngan · · Score: 1

      One thing I find OpenBSD is head and shoulders above other *nix OSs at: the documentation. Virtually every service, binary, config, library, /etc/*, what-have-you has a thorough manpage included. The emphasis on security and "correctness" shows everywhere: pf is fantastic (iptables is a cancer by comparison), the built-in IPSec is great, it's OpenSSH's "home OS", etc.

      Technically, documentation is required to ensure correctness - because if it's not documented, how do you know it's working correctly?

      The fact that OpenBSD has excellent documentation is not because the project cares about documentation, it's that correctness demands it, and you cannot verify correctness if you don't know what the correct thing to do is.

      It's a case of where the documentation describes the intentions of the program, while the source code is the implementation of those intentions. Those who argue that "source code is the ultimate document" ignore that fact because source code is just one possible implementation. Who knows if a bug in source code is really a bug (doesn't meet intentions), or is designed to be there (bug is in the intention itself)? Without documentation, you cannot be sure.

      It sounds a lot like a specification, right? Well, a specification is just one type of documentation. But there are often more detailed documents you need - configuration files are also a specification and have to be documented to verify behavior. It's not enough to say "option foo mirrors command line option -F" without saying how to enable or disable it (do I do "foo=on", "foo=y"? Or just "foo" and comment it out to disable?).

      And since OpenBSD prides itself on its code audits, part of it is to ensure the code mirrors the docs.

  4. Re:Yawn. by d33tah · · Score: 4, Funny

    You actually woke up just to see the article?

  5. Re:But ... by Anonymous Coward · · Score: 1

    If BSD is dead then I wouldn't be typing this on my BSD machine.

  6. Re:Yawn. by jones_supa · · Score: 1

    :D

  7. This is the year... by JosefSit · · Score: 1, Funny

    Yay, this is the year of the BSD-Desktop!

    1. Re:This is the year... by kthreadd · · Score: 1

      It could very well be. I just tried it on one of my desktops. Gnome 3.8 worked really nice on it and even had accelerated 3D graphics.

  8. Re:But ... by Anonymous Coward · · Score: 1

    GNU is dead; BSD will live forever

  9. Re:But ... by Mitchell314 · · Score: 1

    I'm disappointed nobody made a BSD parody of that Black Sabbath song.

    --
    I read TFA and all I got was this lousy cookie
  10. Linux on my servers, NO WAY. by eshaw · · Score: 5, Informative

    There's only one solution when it comes to my network and servers, that's OpenBSD. It's secure, stable and correct coding making it an easy choice. I run a VPN, Web and redundant Firewall servers and OpenBSD gives me a piece of mind, ensuring it's stability. Stability and security are paramount for my network. PF is the king of firewall rules and iptables is an absolute mess. It's simple folks. If you want a serious OS for internet facing infrastructure, why choose anything else. OpenBSD is the obvious answer!

    1. Re:Linux on my servers, NO WAY. by Burz · · Score: 1

      I run a VPN, Web and redundant Firewall servers...

      Great. Welcome to 1999!

    2. Re:Linux on my servers, NO WAY. by fisted · · Score: 1

      Dear fanboy, take a look at what ISPs run. No, it's not OpenBSD, but it sure as hell isn't Lunix* either

      (*) The losers' unix

      --
      CLI paste? paste.pr0.tips!
    3. Re:Linux on my servers, NO WAY. by eshaw · · Score: 1

      Obviously you have to hide yourself, posting anonymously! Only COWARDS speak in hiding!!!

    4. Re:Linux on my servers, NO WAY. by eshaw · · Score: 1

      Thanks. I've probably been supporting servers before you were born, but thanks anyway juvenile.

    5. Re:Linux on my servers, NO WAY. by eshaw · · Score: 1

      Yeah, plenty of ISP's use OpenBSD, BSDs generally.

    6. Re:Linux on my servers, NO WAY. by Ducho_CWB · · Score: 1

      Dear fanboy, take a look at what ISPs run. No, it's not OpenBSD, but it sure as hell isn't Lunix* either

      (*) The losers' unix

      Windows 2012 R2 LOL Version.

    7. Re:Linux on my servers, NO WAY. by fisted · · Score: 1

      obviously you have replied to the wrong post

      --
      CLI paste? paste.pr0.tips!
    8. Re:Linux on my servers, NO WAY. by dbIII · · Score: 1

      Great. Welcome to 1999!

      Why not? They have cooler spaceships than we have now.

    9. Re:Linux on my servers, NO WAY. by dbIII · · Score: 1

      ZFS
      You say you are literate, try reading where it is up to on each platform.

  11. No signatures, just checksums? by Anonymous Coward · · Score: 1

    From the FAQ:
    "The OpenBSD project does not digitally sign releases. The above command only detects accidental damage, not malicious tampering. If the men in black suits are out to get you, they're going to get you."

    Seems a bit fatalistic not to provide any verification method at all...

    1. Re:No signatures, just checksums? by Anonymous Coward · · Score: 1

      The reason is that you should not rely on any binary release. Download the source code. Audit it. Then build and install it from your own copy.

    2. Re:No signatures, just checksums? by eneville · · Score: 1

      Or buy the cd set from openbsd!

      ... and the men in black suits will deliver your post ...

      --
      Why UNIX?
  12. Re:But ... by Anonymous Coward · · Score: 1

    FreeBSD supports i386 Linux emulation on 64bit

  13. Never mind the features, what are the benefits? by petes_PoV · · Score: 1
    Or, to put it another way:

    What would I be able to do with a box running this that I couldn't do with <operating system X> for any current, contemporary O/S. Let's not talk about potential uses - but real, live, switch it on, press buttons and do stuff type of uses. Things that no other O/S or box running that O/S can do? What are they?

    --
    politicians are like babies' nappies: they should both be changed regularly and for the same reasons
    1. Re:Never mind the features, what are the benefits? by VortexCortex · · Score: 2

      Jail.

    2. Re:Never mind the features, what are the benefits? by Noryungi · · Score: 3, Insightful

      What would I be able to do with a box running this that I couldn't do with <operating system X> for any current, contemporary O/S.
      Let's not talk about potential uses - but real, live, switch it on, press buttons and do stuff type of uses. Things that no other O/S or box running that O/S can do? What are they?

      One word: pf.

      Best. Firewall. Program. Ever.

      Running the latest and greatest version of OpenSSH is also interesting.

      --
      The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
  14. Re:But ... by Burz · · Score: 1

    So now I can run my vulnerable apps on a vulnerable OS. If the emulation layer is enough to fool them. And this is better than just using Linux because? Oh right, you can jail apps now they can't access your video card or your files, that will show them.

    Running apps under a hypervisor in Qubes is safer anyway, and it comes with Fedora. You get (safe) video, but not 3D unless you assign a whole video card to a VM.

  15. Re:But ... by davester666 · · Score: 1

    Maybe now it's undead?

    --
    Sleep your way to a whiter smile...date a dentist!
  16. Re:Doesn't work with Virtualbox by Drinking+Bleach · · Score: 1

    It requires a system capable of VT-x/AMD-v and enabled as well.

  17. Re:But ... by Anonymous Coward · · Score: 1

    Dual-boot? If malware infects your BIOS, NIC, IPMI, or other device with embedded firmware through Windows, then your other partitions are fscked, whether or not they're encrypted, as soon as you boot them.

  18. No luck with GNU/Linux? by Wootery · · Score: 1

    GNU/Linux didn't work?

  19. this summary sucks by Anonymous Coward · · Score: 1

    I don't think most people care about vax moving to elf and fuse is definitely not of any use until at least the next release. for me one of the biggest improvements was in the the rewritten dhcpd/dhclient tools. also some nice incremental performance improvements and lots more posix features added. and as usual the amazing man pages just keep getting better with every release (if that's possible). finally just quoting the number of ports doesn't really give an idea of how current the software collection is. openbsd ports rocks harder than most linux distros by a wide margin which I've always been surprised by since I would have expected linux to be faster moving on that front...

  20. New & extended platforms? by unixisc · · Score: 1

    If they are adding new or extended platforms, instead of octeon or beagle, how about adding Itanium support? B'cos I think they have most others covered - SPARC, POWER, MIPS, and anything still surviving