OpenBSD Drops Support For Loadable Kernel Modules

jones_supa writes: The OpenBSD developers have decided to remove support for loadable kernel modules from the BSD distribution's next release. Several commits earlier this month stripped out the loadable kernel modules support. Phoronix's Michael Larabel has not yet found an official reason for the decision to drop support. He wagers that it is due to security or code quality/openness ideals.

If they're doing it, it's correct.

As far as I'm concerned, the OpenBSD developers are as close to infallable as software developers could ever hope to get.

If they've decided to do this, then it's just the correct thing to be doing.

Re:If they're doing it, it's correct.

[ZorkZero]

That sound you just heard in the distance? The puckering of a million Linux fanboys' butts.

Re:If they're doing it, it's correct.

[ThePhilips]

As far as I'm concerned, the OpenBSD developers are as close to infallable as software developers could ever hope to get.

If they've decided to do this, then it's just the correct thing to be doing.

HP rep - a HP-UX sales guy - once told me that their kernel doesn't support loadable modules to prevent even the remote possibility of a malicious driver.

But why OpenBSD choose to do it, I have no idea. Frankly, I was under impression that OpenBSD didn't support loadable kernel modules at all.

To some the kernel drivers might seem a norm, but even 15 years ago they were still considered a novelty. And everybody was still making jokes about Microsoft's Plug-n-Play.

Re:If they're doing it, it's correct.

[__aaclcg7560]

Frankly, I was under impression that OpenBSD didn't support loadable kernel modules at all.

That bug will get fixed soon. One less thing to worry about.

Re:If they're doing it, it's correct.

[afairch]

Actually that was more than 15 years ago. Dynamically Loadable Kernel Modules (DLKM) have been available in HP-UX since version 11.0, released in 1997.

Re:If they're doing it, it's correct.

As in puckering up to get ready.

Re:If they're doing it, it's correct.

Yeah - it's probably also the reason why HP used to sell consoles as an option on their PA/RISC systems - as a security measure in case someone gained physical access to the serve and did bad things.

Re:If they're doing it, it's correct.

[metrix007]

No, what they are is excellent OpenSSH maintainers.

The security of OpenBSD is often overrated by people who don't actually understand security.

For all their hyperbole, they were still vulnerable to Heartbleed.

Re:If they're doing it, it's correct.

They were vulnerable because openssl took specific measures to counteract the defense mechanisms present in openbsd. See this writeup.

Even Coverity could not detect the problem.

Re:If they're doing it, it's correct.

And everybody was still making jokes about Microsoft's Plug-n-Play.

Shouldn't that read BUTT-Plug-n-Play?

Re:If they're doing it, it's correct.

OpenBSD tends to take some very conservative security choices (see OpenSSH) but then turns around and does stuff like LibreSSL forks of OpenSSL, instead of fixing the problem, they make their own version of the problem.

You know OpenSSH was written (or sponsored, or whatever) by the OpenBSD group, don't you? Sure it's been around a long time now and everyone and his dog uses it, but fundamentally it's OpenBSD software. So OpenBSD writing LibreSSL is exactly the same thing. They wrote OpenSSH partly because security, partly because openness and maintainability. OpenSSL didn't have the openness issue but it did have the maintainability (and therefore security) issue. The approach is the same, they're producing a cleaner, more verifiable codebase. Sure, every new fork or every new piece of software has a glut of initial defects, just like OpenSSL did back in the day, but by having a simpler codebase the defects get reduced faster and to a lower level than you would get by keeping the original mess and "fixing" it a bit.

Re:If they're doing it, it's correct.

[gweihir]

For different values of "the norm". I usually run Linux kernels without loadable modules as well. It increases stability and security.

Re:If they're doing it, it's correct.

[the_B0fh]

They had in the past, but they really really didn't like it. So I guess they finally fixe it.

Re:If they're doing it, it's correct.

[the_B0fh]

Why is it that the individual words seem to make sense, but when reading them together, it's all nonsense?

Do you normally just ramble on all over the place in real life as well?

Re:If they're doing it, it's correct.

[mysidia]

No... that was just Theo's excuse. He called OpenSSL's memory allocation strategy an "exploit mitigation countermeasure."

Actually, that was just a side effect, and what OpenSSL does that "counteracted" the defense is extremely common in software and software libraries.

It's also generally a good idea as far as performance is concerned ---- and with a library such as SSL which needs to process network traffic (HTTPS, for example); adequate performance is pretty darned important.

Re: If they're doing it, it's correct.

I wouldn't let you within throwing distance of any security critical code. you clearly have no idea what you're talking about. come back when you've learned that writing your own malloc is a terrible idea and often makes systems slower not faster. gotta love slashdot. lots of opinions. no facts.

Re:If they're doing it, it's correct.

[metrix007]

OpenSSL did not take specific measures to counteract "defense" mechanisms in OBSD. That implies intent, and is downright disingenuous.

OpenBSD was famous for auditing all code in the base system. The famously deny they need any advanced security measure such as MAC, file signing, or even an ACL.

NetBSD tends to be a much more secure system, without any of the hype. Less reported vulnerabilities, veriexec, PaX (similar to W^X) and TrustedBSD extensions.

Re:If they're doing it, it's correct.

[imac.usr]

I call shenanigans, nobody in their right mind would claim to be interested in selling HP-UX. /shudder.

Re:If they're doing it, it's correct.

[ThePhilips]

Hey! My past employer willingly bought it!

...Oh. That's probably why they are "past".

Re:If they're doing it, it's correct.

Err -

http://book.soundonair.ru/hall2/ch10lev1sec1.html

HP-UX has module support, they call them DLKMs.

Re:If they're doing it, it's correct.

Hahah... I read that as [tednugent.com]. Had to check twice before clicking :D :D

Re: If they're doing it, it's correct.

It's probably so secure because it can't actually boot anything. Even one of the founders of NetBSD said its no longer as relevant. Anyway I think you're mistaken about net being more secure than open. Hard facts please...

Re: If they're doing it, it's correct.

How do you know there was no intent? That's a serious question.

Re: If they're doing it, it's correct.

[metrix007]

What basis is there to assume there was?

Re:If they're doing it, it's correct.

[chriscappuccio]

Instead of making vague fucktard analogies, why not actually explain what is wrong with LibreSSL ?

Re:If they're doing it, it's correct.

[david_thornley]

I don't see that this is the base problem. Heartbleed worked because the custom malloc() allocated memory that was not initialized, allowing the bad guys to read whatever happened to be in that buffer. Ideally, SSL would have wiped memory when freeing it, but if the attacked buffer had simply wiped its memory when allocated there would have been no way to exploit this. In other words, calloc() rather than malloc() would have prevented Heartbleed.

I saw some arguments that it showed that security software shouldn't be implemented in C, but it seems to me that a defect that could have been removed by using one standard and widely used call rather than another doesn't suggest that C is at fault.

Re:If they're doing it, it's correct.

[jmcvetta]

OpenBSD tends to take some very conservative security choices (see OpenSSH) but then turns around and does stuff like LibreSSL forks of OpenSSL, instead of fixing the problem, they make their own version of the problem.

Maybe (pure speculation) the OpenBSD team considered the human processes around the OpenSSL code to be the real security problem. Heartbleed did seem a tad bit too convenient to be an accidental bug...

Yet another bombshell.

Community is beleaguered.

Re:Yet another bombshell.

Linux or OpenBSD?

BSD seems to be strengthening (all BSDs). More and more serious businesses I know are considering FreeBSD. I used to run 6 BSD/OS servers and short of HW issues, never had an issue. In fact, we got to work about 9, went to lunch at 1130, hung out wherever until about 1330, came back smoked on the loading dock and left for home by 4. Rarely had issues. The Windows and Linux guys? Always something wrong.

Re:Yet another bombshell.

mod parent up

same experience here. BSD if you just want something that works(tm).

Not Your Typical Loadable Kernel Modules

It's probably because OpenBSD's "LKMs" are so ancient, limited, and inflexible that nobody bothers to use them. I imagine if there were demand they would have adopted a more modern loadable module system, more akin to what's found in FreeBSD, NetBSD, Linux, etc.

This isn't news. It's more Phoronix spam.

Re:Not Your Typical Loadable Kernel Modules

You appear to have cross-posted - you meant to post on the systemd discussion obviously.

Re:Not Your Typical Loadable Kernel Modules

bzzt. wrong. clearly you've never used openbsd. I actively switched to openbsd from linux because some updated packages were only available on openbsd MONTHS before being available in packaged format that works on linux distros i tried. As OP mentioned, BSD just works. For eveything else where you want to spend hours tweaking before it works... there's Linux.

Re:Not Your Typical Loadable Kernel Modules

Fuck you. You don't understand English or anything, really. OpenBSD is extremely modern and always has been. It's Debian stable that's always behind everything else and not even truly stable, whereas OpenBSD is rock solid and not very far behind the latest upstream releases.

In other words, you deserve to die.

Phoronix, why?

"...Michael Larabel has not yet found an official reason for the decision to drop support. He wagers that it is due to security or code quality/openness ideals."

I know Phoronix is infamous, but, wow...

The OpenBSD mailing lists are right there. You're already reading them! Many developers frequent them daily. All you need to do is post a question! Hell, send an email to Ted himself if you're that shy. Why bother writing this article without doing the most basic of research?

Re:Phoronix, why?

[Mister+Liberty]

Sez Larabel: "security or code quality/openness ideals". As if, aside from these three, any other signifcant ideals remain in programming.

Re:Phoronix, why?

[NoImNotNineVolt]

Ted? The text editor? Or did you mean Theo?

Re:Phoronix, why?

Presumably, AC meant Ted Unangst, the OpenBSD developer who authored the lkm removal commits.

Re:Phoronix, why?

[NoImNotNineVolt]

Well that's no fair, you must've RTFA!

Re:Phoronix, why?

...who authored the lkm removal commits.

Is that like being the author who wrote the lkm removals?

Re:Phoronix, why?

Because Phoronix is a pro-Linux site and disparages anything not Linux. Their benchmarks are notorious for bad research. Years ago they did some benchmarks against Solaris using the Solaris C compiler and did no tuning of it. The Solaris developers offered their support and were met with silence. Phoronix is not objective and they simply do not care.

Re:Phoronix, why?

worse, he read the commit history ...

OpenBSD!

I hope OpenBSD becomes much more popular. I remember nearly 15 years ago when BSD was being touted for its performance and media capabilities. Now I want more alternative, free, and open-source OSes that tout security and privacy. Privacy while using technology has become practically extinct, well, at least so it seems to me.

Re:OpenBSD!

[eneville]

Lightweight Portable Security, http://www.spi.dod.mil/lipose.... perhaps? Might be a good place to start, but I don't know if you're aware of this one already.

Re:OpenBSD!

I hope OpenBSD becomes much more popular. I remember nearly 15 years ago when BSD was being touted for its performance and media capabilities.

Funny that, I remember back in '95 that one of the reasons we veered to using Linux was that *BSD was rather deficient in both categories.
We loaded one poor machine up with SCO, NetBSD, Slackware and Caldera and carried out a number of tests, both in performance and code portability (we were moving from running a whole load of machine vision stuff running on Sun workstations with over expensive video capture cards to higher performance cheaper PC based stuff).
The NetBSD install was the worst performer in these tests.
Another use case we tested was a migration of our main fileservers away from Sun to either Linux/BSD, from what I can recall of that experience, the overall performance of the Linux system was best, Sun second, and BSD bringing up the rear (but, as the Sun system wasn't broke, we kept using it anyway..).
Don't get me wrong here, I like the BSDs, and have OpenBSD running on a couple of my machines (and NetBSD on one of my Indys and a SPARCstation Classic).
 

Re: OpenBSD!

You are confusing this with beos.

Re:OpenBSD!

I hope OpenBSD becomes much more popular. I remember nearly 15 years ago when BSD was being touted for its performance and media capabilities.

I think you may be confusing this with beOS.

Re:SYSTEM-D SUCKS!

"amazingly customizable kernel with"

Clearly you've never used OpenBSD before. Kernel hacking is one thing they explicitly frown upon. Too easy to break important things and compromise security.

Djeezus

[MrCoke]

The name braindamaged, the link to goatse on the front page, 1 branch, 1 fork and 9 followers. How does this even compute as real?

New low?

Re:Djeezus

[BenLutgens]

wat

Re:Djeezus

[ndato]

The official changelog also says they removed LKM http://www.openbsd.org/faq/cur...

Re:Djeezus

[X0563511]

I'm more alarmed that procfs is going away.

Re:Djeezus

[tibit]

Exactly. The editors should be ashamed. The post was carefully engineered to promote someone's private fork. OpenBSD uses WebCVS for crying out loud! How stupid can people be?!

Re:Djeezus

[tibit]

What wat? Just look at the link in the fine article. It's not to any official openbsd repo, because it's not even CVS, and OpenBSD uses CVS (yes, they do). That's wat. Again, how stupid can one be?

Re:Djeezus

[brynet]

Why? It mostly used for compat_linux(8) anyway, which is i386 only. Nobody was using mount_procfs(8) without the ancient -o linux option. It was broken for months before anyone noticed.

Re:Djeezus

[Noryungi]

Well, I was surprised by the bitbucket link as well, but a lot of developpers (OpenBSD or not) use git these days. The repo linked to seems to be a copy of the official OpenBSD CVS.

A better link could be, for instance:

http://cvsweb.openbsd.org/cgi-...

Or:

http://cvsweb.openbsd.org/cgi-...

The interesting thing is that the diff just before Ted Unangst is more than 11 years old -- which means LKMs really haven't been used for a long time in OpenBSD...

Re:Djeezus

[Noryungi]

See my answer above: OpenBSD dev also use git. LibreSSL - portable is maintained on Github, for instance.

Then again, you probably don't know a lot about OpenBSD... Do you? A simple Google search could have given you the links I included in my previous answer.

To Dice: Please fire SoulSkill

Reason: he trolls more than he posts.

kthxbye

Re:When was the last time you compiled a kernel?

[seepho]

I'm compiling one right now!

Wait, it just finished. Shit, someone give me something else to compile!

Re:SYSTEM-D SUCKS!

[basketcase]

And OpenBSD's init system (rc) is about as non-modular as it gets.

Re:When was the last time you compiled a kernel?

[preaction]

I use ports all the time, and I've never compiled my own kernel. From what I recall, everything available in the OpenBSD kernel is always enabled by default. The only reason to compile a new kernel is to remove something from the default kernel.

Removing the LKM means someone can't maliciously load a module that screws everything up. The malicious entity would have to replace your kernel and then force a reboot.

Keep up the good work..

[0dugo0]

Now if they could also drop support for shared libraries I might consider upgrading my warezed copy of NetBSD 0.8.

Re:Keep up the good work..

I'm surprised no one else caught this astoundingly funny piece of work!

freebsd?

kernel modules offer a level of flexibility when certain things are needed. this just makes FreeBSD more attractive.

Not Your Typical Loadable Kernel Modules

[chriscappuccio]

This is it. Old implementation, low quality, and NOTHING USES IT. Bye bye!

Re:SYSTEM-D SUCKS!

[eneville]

Since it's a script, you can do what you want with it. run-parts style, if you like. It's a script, bring your own fun. Quite the opposite of systemd, if you will.

Code compression

[Theovon]

The OpenBSD developers are so awesome that they've found a magical way to make modules unnecessary: Magical code compression with zero runtime overhead. As a result of this new approach, every possible kernel module (including ones that haven't been written yet) is stored in less space than an otherwise completely stripped kernel from the prior revision.

Re:Code compression

Oh, and check out android libc (aka bionic). It is almost completely copied frmo openbsd, with some smatterings from the other BSDs.

Re:Code compression

[Theovon]

Holy crap, dude. It was a joke. Things like "magical" and "zero runtime overhead" and "including ones that haven't been written yet" didn't clue you in?

Maybe there is a simple answer

[aglider]

Once you know why loadable kernel modules have been introduced.
But this requires you to turn your brain on first.

But that's not all

[Minwee]

They also removed Sendmail and BIND. Where's the outcry there?

Re:But that's not all

This is a joke, right? Both were removed for being old, crusty and horrible. They are being replaced with shiny new replacements (opensmtpd and unbound).

Re:But that's not all

People still want sendmail?

Oh right, masochists.

Re:But that's not all

... not to mention that they weren't removed. they were moved from base to ports. anyone that wants to use sendmail and/or bind is still free to do so.

Re:But that's not all

Simplification is good. I would imagine that the eventual goal is to end up with only a single application/utility program that does nothing whatsoever.

Oldtimers unfortunate enough to have experienced IBM's OS/360 JCL -- once described as the world's first syntax free language -- will probably suggest that said program be called IEFBR14.

Re:But that's not all

[unixisc]

What's the replacement?

Holy crap...

[Andy+Dodd]

https://bitbucket.org/braindam...

These are some of the worst and most uninformative commit messages I've ever seen...

1) Why are there so many commits to achieve the same thing?
2) Any commit message that is only a single line other than "fix typo" is a bad commit message

Seriously, even some of the worst/most incompetent Android kangers have written better commit messages than the shitpile of LKM removals I'm seeing there.

Re:Holy crap...

[tibit]

That's just someone's private repo. You've fallen for clickbait. Nothing to see here.

Re:Holy crap...

it's probably because unlike linux, the openbsd tree consists of multiple components (i.e. a kernel, libc, and full userland in one tree). so the commits might have been done in pieces for each part of the tree at a time instead of doing one humongous commit.

Re:Holy crap...

[tlhIngan]

Any commit message that is only a single line other than "fix typo" is a bad commit message

"Fix typo" is a bad commit message. After all it doesn't explain what it was. Did it not build (in which case it would be "fix broken build"? Was a variable renamed because its name had a typo (in which case it should be mentioned in case it broke something)? Was it merely a typo in a comment?

Was it a bad #define that suddenly works and exposes new code?

Re:Holy crap...

[x0ra]

The OpenBSD repo is just one big repo, but unlike Linux, OpenBSD devs don't care about the integrity (and bissectability) of the tree between commits.

Re:Holy crap...

I would generally assume "fix typo" would be a typo in a comment (or other documentation) as any other typo related fix is likely to result in broken code of some sort.

Re:Holy crap...

yeah. total FUD. I bisect openbsd source routinely. are you just making facts up as you go?

Re:Holy crap...

[Bert64]

It's a perfectly good commit message, look at the actual diff to see what the typo was...

Re:Holy crap...

[TheBilgeRat]

This.

Re:Holy crap...

[idontgno]

You clearly have no use for or expectations of commit messages at all, if your blanket answer is "look at the diffs".

That tells exactly as much as no commit message at all.

You probably don't comment code, either; I mean, the code's right there, amiright? Or else, your comment is a mindless regurgitation of the code, like "add 1 to pointer".

Complete waste of time, attention, and bytes. Don't insult the intelligence of the community with such brainless drivel. Add some value or don't use the thing at all.

Not surprising.

They have been moving towards that direction for some time now. I am not saying that they are wrong but it will make building and testing OpenBSD a bit tougher and will raise the bar for new comers a bit. Recompiling your kernel every time can get somewhat tiring.

It could also be that they do not have enough resources to allocate for this support or to develop a "fix" for their security concern surrounding hot loading mods.

All and all, good to know, no big deal.

Re:Not surprising.

[Noryungi]

Yes, yes, little troll, you just demonstrated your total lack of knowledge when it comes to OpenBSD.

Straight from the horse's mouth: http://www.openbsd.org/faq/faq...

And I quote the aforementioned:

Why do I need a custom kernel?

Actually, you probably don't.

The only time you need to recompile OpenBSD kernel is when a major security issue has been found and your system is vulnerable.

Re:SYSTanyEM-D SUCKS!

Real man don't load modules, they hack the kernel itself. The compressed binary. Using dd with the proper offset.

Pussies like you can use slack, porteus or the runit based voidlinux, or other "fuck you systemd" distro.

Puzzling

[DaMattster]

As an avid OpenBSD user and fan, this puzzle me because it would seem like a giant step backwards. Yes, loadable kernel modules do weaken the security some but it makes adding hardware drivers difficult. I really like OpenBSD as the OS does so many things very well but the team members are far from fallible. The community isn't as supportive and tends to be very exclusive, responding with RTFM sometimes a little too often. I can understand RTFM, but I cannot understand being told to read when I've read it already and I'm still unclear.

Re:Puzzling

[Narcocide]

For whatever its worth, I've been using OpenBSD primarily for firewalls for the past 15 years and in that time I have never once needed to either add a module not already installed on the system to a running system or load a module at any time other than at boot time. For me and the entirety of my use cases (and, I suspect most other people as well) the only effects this change will have will be to increase theoretical security significantly and increase performance slightly.

Re:Puzzling

[Noryungi]

As an avid OpenBSD user and fan, this puzzle me because it would seem like a giant step backwards. Yes, loadable kernel modules do weaken the security some but it makes adding hardware drivers difficult.

Again: compiling the OpenBSD kernel is an emergency measure only. Most of the time, patches distributed by the project require you to compile the userland only.

As for adding device drivers, you usually do not need to: the standard kernel works very well with most hardware configurations.

I have motherboards burn on me, restarting the OpenBSD server usually was a question of taking the drive out of the machine, connecting it into a new machine and powering the system. The kernel just picked up and accepted whatever new hardware was in the replacement machine. Much, much easier than Linux.

Re:Puzzling

[TheNinjaroach]

The kernel just picked up and accepted whatever new hardware was in the replacement machine. Much, much easier than Linux.

Wow. That seriously sounds too good to be true.

Re: Puzzling

Actually I do something pretty similar. I use Soekris boxes for custom-built firewalls. For ease of use, I do my installs on generic i386 desktop hardware, then swap the SDD into the Soekris box. All new hardware components (such as NIC's) are detected and supported on the fly.

Re:Puzzling

[the_B0fh]

What nonsense. Name me one kernel module you have loaded. OpenBSD discourages rolling your own kernels and I'm unaware of 3rd party modules. If you are a true fan, you should know that. Why would you claim to be a fan, when you obviously don't use it?

Re:Puzzling

[Nikademus]

kqemu. But that's about the only one I can think of. And it's old and deprecated nowadays.

Re:Puzzling

Sangoma's A101 kernel module -- prior to integration in the kernel proper. Worked like crap, too.

Poor moderation.

Do slashdot moderators click on any of the links for stories before sticking them on the slashdot front page? I'm thinking not in this case.

Devel/Debug

[bradgoodman]

I shutter to think of how this would impact the development/debug cycle of an otherwise simple device driver.

Re:Devel/Debug

[Narcocide]

I think you meant shudder, and if you've only ever compiled Linux kernels I think will find that the recompile time of the OpenBSD kernel when applying patches is shockingly quick; quick enough to make you wonder why they'd have ever bothered with loadable modules in the first place.

Re: Devel/Debug

[bradgoodman]

But then you'd need to reboot to load it, I'd assume.

Re: Devel/Debug

Which is almost always needed anyway to ensure the hardware is in a good state first

Re:Devel/Debug

[the_B0fh]

Since it's typically the kernel developers who write these device drivers, I'm not sure why you would be so worried for them. I mean, it's the kernel developers who are ripping this out.

Am I missing something here?

Re:Devel/Debug

Bugs in device drivers often put the hardware and/or kernel in an unsupported/invalid state such that you need to reboot to recover anyway. Heck, I once did a bit of driver work where I had to disconnect power to actually reset the hardware because I was working with a power management register that didn't reset except on a power-on reset.

Re:Devel/Debug

[iggymanz]

it doesn't, running "make" to compile a changed .c file or two then link a 10MB kernel is freaky fast. Modules typically are how device drivers were written

In other news.

[Truekaiser]

OpenBSD market share drops as it no longer supports third party hardware. Former OpenBSD users migrate FreeBSD and DragonflyBSD where they can load the drivers for their raid cards and other server hardware that is not yet in the BSD mainline kernel.

This decision is almost as dumb as the unquestioned adoption of SystemD in linux..

Re:In other news.

[brynet]

If any vendor has proprietary drivers for OpenBSD, they would undoubtedly be using better kernel interfaces directly. Especially for something like a driver for a hardware RAID controller. LKM(4) support has mostly been only "compile tested" for years. Nothing uses it seriously, at the time of it's removal.. the ports tree contained a single port making use of it.. a firmware flasher for some Dell systems.

Re:In other news.

Why do you bother commenting in such a hostile way when you clearly don't understand how the OpenBSD project works? As brynet said, lkm is cruft. No one uses it. This affects nobody, and yet you're here crying out that this is the end of OpenBSD as we know it. Slashdot comments these days remind me more and more of Youtube comments.

Re:In other news.

[drinkypoo]

OpenBSD market share drops as it no longer supports third party hardware.

That's basically already the case, their hardware support is pisspoor. Which is okay if you're building a machine around openbsd, who cares? But it's a bummer if you want to use what you have lying around.

Re:In other news.

[the_B0fh]

Are you shitting me? You think the various hardware vendors actually write drivers for OpenBSD? *ARE YOU SHITTING ME?*

Seriously?

Re:In other news.

OpenBSD market share drops as it no longer supports third party hardware.

OpenBSD is a niche OS and does not have any meaningful market share anyway.

Re:In other news.

[Anne+Thwacks]

I don't know where you get your hardware from, but I dont recall any serious problems with OBSD hardware support. The only kit I have personally owned that was not supported was an Sbus SCSI card used in Sun Enterprise servers, and I had an alternative card anyway.

I have had more hardware support problems with Windows and Linux.

I regularly have uptimes of over a year, and bug reports generally produce a next day response. Try getting that elsewhere.

Re:In other news.

[drinkypoo]

I regularly have uptimes of over a year, and bug reports generally produce a next day response. Try getting that elsewhere.

Back when I ran obsd I had panics and problems with network card drivers that almost cost me a job. The machine was rock solid under Linux and the NICs were bog-standard eepro100s. Now I have a netbook and a laptop I can't use because of a lack of NIC support. Linux supports both NICs without ndiswrapper. I want to use these machines for low-end servers, but I can't without adding a NIC (dongle hell) or in one case, swapping out minipci. And I could do that, but it was cheaper to install Linux.

obsd lacks support for common hardware which everyone else supports. That's simply not arguable.

Re: In other news.

My experience is the opposite. I have hardware that only works on openbsd and not elsewhere. Also wifi and suspend resume knock the pants of other OS on this laptop.

Re:In other news.

You are replying to a person with little BSD experience and think netbooks and laptops should be used in a server environment.

once every three years we get a story

[Thud457]

WTF /. !!! The url says bsd.slashdot.org, but the theme isn't red anymore. Just another casualty to OMG beta! I presume.

Re:Every hardware component?!?!?

Are you trolling, or do you genuinely not know the difference between OpenBSD and FreeBSD?

Re:When was the last time you compiled a kernel?

Ah - to load a malicious kernel module they would need root.

If they have root there are plenty of other things they could do which would be far simpler.

Re:Every hardware component?!?!?

Yes, the Linux kernel will now have to be statically compiled with support for every piece of hardware out there, you are completely correct. Yes, it's completely idiotic and unfortunately not a joke :(

Re:OpenBSD is dead

Wait, i don't get it. Mac is based on FreeBSD. What does it matter which of the BSDs is run on the world's greatest hardware that was exclusively designed for BSD.

jealous much?

In other news.

OpenBSD's niche has always been those looking for near absolute stability and security. Features just about always take a backseat. The limitations it puts on hardware support are regrettable, but given their focus on stability and security, it doesn't seem as crazy. And that it's being done in one distribution, with the aim of specifically better achieving said distro's specific goals makes it a far cry from the madness that is systemd's march to pervade anything that someone can be duped or coerced into installing it on with the aim of, well, fostering hegemony.

This is more just like if only Redhat were rolling out systemd...a questionable decision, but not entirely without reasoning behind it, and all in service to that distro's particular personality, while systemd is more like the remilitarization of the Rhineland.

Re:OpenBSD is dead

[x0ra]

OS X is not "based" on FreeBSD. At best, some parts of OS X are at best close relatives of FreeBSD, but the similarity stops there.

Re:When was the last time you compiled a kernel?

you are absolutely discouraged from compiling your own custom OpenBSD kernel. The docs say this, and you will be laughed off the mailing list if you show up with a custom kernel and try to get help.

Re:SYSTEM-D SUCKS!

[basketcase]

I didn't say it wasn't good I said it wasn't modular.

BSD sucks

yup.

Re: BSD sucks

Don't be a playa hater. Come over to the dark side. You'll like it here.

Re: BSD sucks

says the windows8.1 power user who uses netbooks as servers :/

your mom sucks cock, yup. simple isn't it?

Re:OpenBSD is dead

OS X Is not based on BSD. They have common ancestors ( OSX through NEXTSTEP on UNIX TSS from which 386BSD and later modern BSDs sprang), much like humans and chimps have.

Plus, jealous of what? I was just stating that *BSD users use Macs, not their own operating system. BSDs are just experimental, hobbyist distros (yes distros, that's what D stands for in BSD) that are becoming increasingly irrelevant in modern computing. Yeah, yeah, Netflix blah blah blah.

Re:OpenBSD is dead

[Eravnrekaree]

The OS X kernel code is taken from FreeBSD and Mach, It is a hybrid of both kernels. So part of OS X does come from FreeBSD.

Re:OpenBSD is dead

That is generally the case with FreeBSD, which is why basic shit like suspend/resume and the ability to use any fucking Intel graphics card since mid-2007 still doesn't function properly (example: try switching to the console from X and back...whoops kernel panic).

OpenBSD devs OTOH use Thinkpads almost exclusively. Try running OBSD on any recent Thinkpad and it will work flawlessly, better than the stock operating system or any Linux distro. Suspend/resume, even with the wifi running, is instantaneous. Has to be seen to be believed. All hardware/brightness/sound keys will work out of the box without some ugly hack. It really is night and day.

Re:OpenBSD is dead

And much of the userland originally came from FreeBSD as well.

Re:SYSTEM-D SUCKS!

[0100010001010011]

To expand. If it's a script it has a script handler. If it has a script handler it can be rewritten.

There's no reason they couldn't add a few features from newer scripting languages to enable forking of functions or "own fun". If the kernel (the one running said script with said script handler) supports multiple cores/threads it could easily be the more modularized, etc.

All still from one script.

Re:OpenBSD is dead

Wut?? XNU comes from Mach and FreeBSD. OS X userland is totally FreeBSD. NeXTSTEP? Sounds like you're thinking about objective C, a programming language. That's not OS X.

And yes, there's a reason netflix uses BSD. The network stack is so much better than linux. Why do you think facebook is jealous too?

Re:OpenBSD is dead

Wut?? XNU comes from Mach and FreeBSD. OS X userland is totally FreeBSD. NeXTSTEP? Sounds like you're thinking about objective C, a programming language. That's not OS X.

"Wut??" yourself. XNU originated at NeXT when Steve Jobs used to work there. It had parts added from FreeBSD later in development, but it by no means "comes from" there. People saying OS X is "just" FreeBSD are making a gross over-simplification. FreeBSD, for instance, didn't have Core Image, Quartz, Aqua, Finder, Grand Central Dispatch, Mach-O, Cocoa, etc. Some of these were backported from OS X to FreeBSD, MidnightBSD, and others.

OpenBSD - Android

[emil]

http://undeadly.org/cgi?action...

Re:OpenBSD - Android

Hi Emil, I'm not sure what your link is for? undeadly says that 173 files in Bionic are the same as the OpenBSD ones. But that does not mean that the Bionic libc is descended from OpenBSD at all (as the GP posted).. if you look at their home repository, they have upstream sources for all the BSD libc's.. and actually how many files are there in libc? The NetBSD src/libc directory does contain over 3800 files, and I'm sure that there are many that will be exactly the same as the OpenBSD ones, because you know.. OpenBSD was a fork of NetBSD in the first place, not to mention the amount of cross pollination that has happened over the years.

Re:SYSTEM-D SUCKS!

[the_B0fh]

You don't know how to call a script from inside a script? Also - my openbsd box seems to have an interesting number of rc.d scripts.

$ uname -sr
OpenBSD 5.2
$ ls /etc/rc.d
amd apmd bgpd bootparamd cron ddclient dhcpd dhcrelay dnsmasq ....

76 scripts in total.

Re:When was the last time you compiled a kernel?

[the_B0fh]

bloody nonsense. I've been using OpenBSD for nearly 20 years and never had to recompile the kernel to use anything in ports.

Re:OpenBSD is dead

[the_B0fh]

For someone who doesn't care about OpenBSD, you sure sound off a lot on it.

Troll? Fuck you. Get some experience.

[drinkypoo]

I can't use several of my machines because of lack of drivers for horribly common hardware which is nearly identical to supported hardware and for which a fix has actually been submitted on the mailing list. In spite of it being only some changes in values and not in the basic functionality of the driver, they begged off adopting the changes because of concerns with Linux copyright, which has already been shown to not apply in this case. Just NIH. Well, fuck 'em. I'll use something with some support.

Re:When was the last time you compiled a kernel?

I use ports all the time, and I've never compiled my own kernel.

Seriously?

How do you apply kernel security patches such as this one?

http://ftp.openbsd.org/pub/Ope...

Re:SYSTEM-D SUCKS!

[Anne+Thwacks]

from newer scripting languages

Why would anyone want a newer scripting language? That is like wanting to build a house from new bricks. If you know the old language, you can use it. If you don't, then perhaps you should not be messing with the system initialisation?

Its not like normal admins have to write these scripts - the people who manage ports supply them for you, and have a tool that puts them in the right place.Most people run OBSD because they want to have a system that runs their apps, not so they can experiment with the boot process. OBSD boots really fast. (Unless you screw up your fstab - like I did last week - In which case it might not boot at all).

Do you also complain about the type of pipe clip your car manufacturer uses on the under-bonnet pipes?

If you want to use Java to write a systemd replacement, then go ahead - I wont stop you. Do like Linus, and write your own damned OS.

Re:SYSTEM-D SUCKS!

Do those daemons start in parallel, or do you have to wait 30 minutes for your server to come up while your customer base is pounding on the door?

Puzzling

[funky+womble]

Since there were *no* examples of writing a hardware driver using an LKM on OpenBSD, and there are plenty of examples of new ones being added to the static kernel, I don't think this in any way makes adding hardware drivers more difficult. To my knowledge over the last 16 years or so, the only real uses for LKMs have been kqemu (discontinued upstream) and dellflash (perhaps it works on laptops but it never worked on any poweredge which I tried it on). Note that neither of these are hardware drivers.

Some of the less-helpful "community" members could do with a kick up the arse though, better to not post than to post an RTFM without at least pointing out which bit of TFM to R. I'm sure that often they don't know the answer themselves. (Not to be mistaken with mails from time-starved people that are equally short but do actually point people in the right direction...)

Re:When was the last time you compiled a kernel?

If they have root there are plenty of other things they could do which would be far simpler.

Yep, but ironically loading kernel modules is not one of those things, as root cannot just load a kernel module without taking the machine single-user.
(Yes, the link is about NetBSD's securelevel, but all the BSDs have this/an equivalent 'securelevel' mechanism)

Re:OpenBSD is dead

[Nikademus]

Not that there's anything wrong with that. OpenBSD will remain a niche product run by a handful of users that otherwise run Macs (oh, citation needed? http://assets.keltia.net/photo... ) and other than being primary sources of OpenSSH and hopefully systemd shims, completely irrelevant.

It seems you took a picture of FreeBSD users, which indeed often run Macs. But FreeBSD runs on Macs too...
systemd shim is useful to simplify porting software that idiots thought it was useful to make systemd dependent. The most popular of this software is something I stopped using years ago because the devs were taking bad decisions, so that's not new.

Re:OpenBSD is dead

You're confusing xnu (kernel) with quartz, etc (userland/gui). The next kernel was most definitely derived from Mach and BSD.

Re: SYSTEM-D SUCKS!

my openbsd box boots in about a minute. 2 minutes tops for boxes that are on the heavier side.

Now if only there was a Unity port for OpenBSD...

[jmcvetta]

No, seriously!