Slashdot Mirror
OpenBSD 2.6 released
Lots of you wrote in with this -- we've been holding back at Theo's request until the CDs were available, but OpenBSD 2.6 is now released and available from the FTP sites, or by ordering CDs. There are lots of technical enhancements to this release (which are detailed below), and if they don't grab you, check out the very cool CD cover art.
The complete list of changes to 2.6 is too long to list here. However, some of the highlights are:
- Add ssh (OpenSSH) to the base system
- Reliability patches for the PowerPC port
- Improved support for ext2fs
- Perl 5.005_03 in the base system
- Support Joliet filesystems
- More security fixes
- USB support
- Fixes to the ATAPI support
- Speed up the install process
- Many manual page updates
and much more.
BSD and Solaris are both offshoots of the original (v7?) Unix source, one side developed by Berkeley, the other side by AT&T, with a lot of cross-pollination. Linux was independently developed to be compatible, without the original source.
Read about the history of unix by one of the original dudes... (dmr).
FreeBSD, NetBSD, and OpenBSD should have no proprietary source left, they've been cleaned up so they could open the source. OpenBSD is a latecomer, basically a distribution/offshoot (of NetBSD?) designed for security, both by hopefully fixing security problems before they are exploited in the code and having a secure default configuration.
I've messed more with SunOS, Solaris, and Linux than I have with any of the *BSD's, tho...
---
pb Reply or e-mail rather than vaguely moderate.
pb Reply or e-mail; don't vaguely moderate.
Um... maybe it's just me, but the image of a cat rampantly having it's way with the fish in the bowl doesn't convey the notion of "security" very well IMHO. Admittedly, the picture is quite cool, but just incongruent with the rest of the cover :)
This is only vaguely on topic...
I've been using Linux for a while now, but I know very little about *BSD. But I am becoming very intersted in getting into it as well. What would be the ideal BSD for me to start with? I have no real security needs, nor do I need to run on anything but x86 hardware. So, should I just go with FreeBSD then? Or would Open or Net be the ideal choice for a beginer?
--Nuintari
slashdot : where an opinion can be wrong.
I been wanting to check out this BSD for sometime. But I'm curious as to what games are available for the console? Someone told me that I can't use the regular games, such as Pokemon, from my N-64. Can this be true? Why would Nintendo create a game console that is incompatible with earlier systems?
By the way: I've been coding lisp for about twenty years and I've just switched to Python. For some reason I'm not more productive. I've been thinking about buying a new mouse with one of those twirly gadgets in between mouse buttons. Would this speed up my Python coding? I sure hope there aren't any compatibilty problems with the N-64 and the new mouse!
Will the twirly gadget work with BSD?
W S BWSB
The SB Live stuff just came out and wasn't ready in time for 2.6. The Vortex is not publicly documented at all, as part of Aureal's continuing efforts to not have UNIX customers.
Not sure about the sound cards ... All I've ever used is SB16.
/usr directory. Go into the /usr/ports/www/netscape (something like that) and type "make" then "make install". It will automatically ftp, install it and apply the 128bit SSL patch. Very cool. Check out all of the other things in the ports collection too.
OpenBSD does have linux emulation (along with SCO, SunOS...) but I've never used it. I understand that you can get MEsaGL and Glide going so you can play Q2 & Q3. Not sure about UT.
You can deffinitely get Nescape going. It's actually very easy. If you go to Netscape's ftp site, download the BSDi version. The easiest way to get with 128bit encryption is through the OpenBSD ports collection. Download ports.tar.gz from ftp.openbsd.org and untar/zip it in your
Hope this helps.
Dave M
Be smart and work to create. Don't ride on the backs of others.
As OpenBSD has been a lesser-known OS for a while, I am writing this post to tell any newcomers what it is all about. While to many this may seem like just another software release, anyone who has watched cryptography and security in general and OpenBSD in particular knows that this will have major significance throughout the industry. It may not be immediately apparant, or even obvious, but it will be important for the follwing reasons: 1. With the recent anti-cryptography crackdowns by the US government (see the article below this one on the investigation of William Simpson), having a complete system of VERY strong cryptography coming from outside our national borders, such as OpenBSD, will significantly weaken our government's efforts to stop cryptography. 2. OpenBSD is apparantly the only major OS that truly follows the saying, "Security is a process, not a product." Personally (and I know there will be much debate on this, possibly even flames), I believe that everyone from the Linux contributors to Sun (makers of Solaris) to, of course, Microsoft, could learn from the example of the OpenBSD team. For those of you unfamiliar with OpenBSD, here are a few examples of how the emphasis in this OS is almost entirely on security: A. Line-by-line security audit of *everything* that goes on the CD. B. Strong cryptography is built in on the most basic system level. C. All aspects of the default setup have undergone rigorous security testing. OpenBSD is, to the best of my knowledge, the only OS that can legitimately claim to be secure right out of the box. All of these factors combined have set a standard that the rest of the industry has yet to meet. Eventually, security will be seen as something not to be expected, but demanded in a product, and the OpenBSD philosophy will serve as a model for this shift. 3. Because many security flaws (such as potential buffer overflows) can cause security-unrelated crashes, the line-by-line audit also resulted in remarkable stability beyond just the security. I think we can all think of a certain software company that could learn from this example. 4. The overall view of the OpenBSD team that security as not just something that happens over time and numerous patches, but rather something to get right the first time, must be adopted by the rest of the industry as soon as possible. Anything less will hold back the advance of the Internet unacceptably. I hope that this has helped some newcomers to the OpenBSD world understand the underlying philosophy of this wonderful OS.
"Cause there's 40 different shades of black, so many fortresses and ways to attack, so why you complainin'?"
There's probably more detailed information on the FreeBSD web site, but basically what happened was:
- USB released a bunch of UNIX code that was supposedly "free". This formed the basis for 386BSD, which begat FreeBSD.
- AT&T sued USB (and also BSDi, I think) for infringement of copyright, claiming that some of the code in the original release was under AT&T copyright.
- The case was settled out-of-court, and the FreeBSD team threw out all the AT&T-tainted code and rewrote those sections.
Unfortunately, the AT&T lawsuit made corporations wary of BSD-based products, thinking that what had happened once could happen again. Luckily, most people aren't bothered by any of that now.
We are a small Internet development shop, running a few servers and a mixed bag of development stations. Currently, there are three Linux boxen on our network, running the latest RedHat releases. We are looking to put in three more systems, for a total of 5 running some Linux/UNIX like OS.
When we perform this upgrade, we are willing to change operating systems if there is a demonstrable benefit. Due to recent slashdot postings we have started looking at OpenBSD as our server OS. Now, we do understand that RedHat is not the only Linux distribution available, but we don't really want to get into a Linux/Linux war here. We don;t mind changing if we should for technical reasons - but the Linux world seems more hip and vibrant, and we really like the penguin T-shirts we have... so if we can stay on Linux then we want to.
So far, we like what we hear about OpenBSD - but we don't know if the things we like are inherent in the relative designs of OpenBSD or if they are results of policy choices by the OpenBSD team. If they are the results of policy decisions, then with any luck a Linux distribution could be found that exhibited the same characteristics?
Features we like about OpenBSD:
Assumptions:
These systems will be running the server software they need, and X11 + (Gnome||KDE) for administration and so on. They will not be running the latest stuff from Linuxberg or a bunch of things that would be on a desktop OS. So we are going to try very hard not to introduce any instabilities. We aren't going to be compiling running games, sound drivers and the like that integrate directly into the kernel.
The questions are:
Thanks for taking the time, and hopefully we can keep the flames down to nothing and talk about technical issues this time.
--> Fight tyranny and repression.... read
It's impossible to say since you haven't specified which models they are. There are devices in each of the categories you metioned listed in the release notes for the i386 port, though, at http://www.openbsd.org/i386.html
BLEH. It's much easier to just type:
pkg_add -v ftp://sunsite.ualberta.ca/pub/OpenBSD/packages/i3Packages are your friend (right next to the ports being your friend ;)
Without a doubt. Use RedHat as an example - out of the box, it is shamefully exposed.
It is perfectly reasonable to assume that a linux distribution could be made as secure as OpenBSD, if the effort was made
2.Is OpenBSD more stable than a well maintained Linux distribution?
Generally speaking, both are considered stable enough to not make it a significant issue, although the increased competition in the linux distro market will force more frequent releases and less testing. Look at the flack Debian is catching for their slower release schedule.
3.Will the OpenSource software we normally need (firewall, Apache, PHP4, Perl, Python) and so on probably compile on OpenBSD?
Of course. There is no question that the packages you mention will work well on OpenBSD. Some of the packages you mention are developed on a BSD variant.
4.Does OpenBSD have something like clustering support (Beowulf) and failover?
No.
5.Is the performance of a well maintained OpenBSD system better than a well maintained Linux distribution?
This really depends on what you are doing. For network performance, I put my chips on BSD. For other system functionality (disk throughput, etc.), linux may be better. It really depends on the type of application.
6.Does Linux have anything like the one time use password system?
No.
7.Does OpenBSD support multiple CPU's
The BSD's are making some inroads with SMP, but linux is out ahead.
WTF: the artwork is the #2 issue about OpenBSD? How the fuck did this get to where it is? Come on people, this is an OPERATING SYSTEM, not an advanced form of cosmetology (sp?). Besides, I think the cat/fishbowl thing rocks regardless.
Hehehe...The cat is a 'Script Kitty'! :D
(Really. It mentions it in the T-Shirt section...)
--Kevin
=-=-=-=-=-=
"I think the P-Funk Mothership just landed in my back yard!"
Well, I just finished installing OpenBSD 2.6 Nov. 30 snapshot (which would probably be pretty damn close to the release if not identical. OBSD developers can chime in if I'm wrong.
Here's what I have.
With a few minor adjustments to BIOS (i.e., changing from the settings I had with Linux and FreeBSD on the same machine to switch IRQs for my serial devices, PCMCIA was supported by the default install floppy.)
I had installed OpenBSD 2.5 and gave up on it, because I needed a working system in short order and did not have time for the learning curve, so I was used to the partioning scheme.
Here's my secret recipe for OpenBSD's partioning scheme: Go download kern.flp and mfsroot.flp from FreeBSD's site and boot those. Pick the 'Novice' install, which will then lead you to FreeBSD's partitioning which is automatic. Then after FreeBSD is done doing the newffs on your HD, pop out the floppy, pop in the OpenBSD install floppy and reboot.
Then when OpenBSD asks you for partioning, it's already done, and you can just change the labels and mount points with 'p' to see your partitions and 'n' to rename them.
boom bam bing... *woop* there it is. Reboot.
X11R6 was easily configured now that Neomagic is well supported in 3.3.5. APM is well supported in both BSDs.
Brief performance review.
In a nutshell, OpenBSD is slightly slower than FreeBSD on the same hardware, which was slightly slower (but not much) than Debian GNU/Linux on the same hardware. Here are the applications I run always. I'm a law student, so my main needs are text editing, archiving and searching.
Whenever I test a system, I always use my laptop b/c it's what I like to use most, and my goals are to have X, pcmcia, and apm running flawlessly.
In Debian, X and pcmcia worked great, but when I would suspend my box I would have problems with pcmcia modules and would have to insmod them or rmmod them and re-insmod them. This was an annoyance. I eventually got a hold of a script that allowed me to disable pcmcia before suspending. I would then have to run the script again to reinitialize pcmcia; I quickly grew tired of this.
Enter FreeBSd 3.3. Went and bought it, and downloaded the PAO install floppies and the PAOBIN pcmcia drivers. This was very nice and great, I loved everything about FreeBSD except for one thing, the pcmcia drivers seemed to treat my pccard as a 10baseT rather than 100. That kind of sucked. I knew eventually my legal work would require an IPSec network so I moved on (I highly recommend FreeBSD). It suspended and resumed like a breeze, the clock had not lag upon resume, and the pcmcia daemon reinitialized all pccards excellently. Very Nice. And FreeBSD has the best collection of applications for GNUstep of any Unix I've seen (much better than the Linuxes I've used).
Enter OpenBSD 2.6.
Yesterday I downloaded and installed OpenBSD. Everything that applies to FreeBSD applies to OpenBSD except in OpenBSD my pcmcia card is supported better (I have full bandwidth on my LAN). APM, etc are excellent.
Drawbacks. I miss my FreeBSD WMaker desktop! But I think the FreeBSD ports I want will work on OBSD so that I can have the best of both worlds.
OBSD's ports collection is not as vast as FreeBSD's, and it's package collection is no where near that of a Debian or Red Hat. But that is for a reason. What you get is secure, and they have everything you *really* need. All the applications I mentioned above that I use on a daily basis are all in OBSD with the exception of Midnight Commander, which I will try to make use of FreeBSD's port. I will also try to make wmapm, wmnet, and wmmon from FreeBSD work in OpenBSD, then I will be quite satisfied.
Speed. There is a noticable speed reduction with OpenBSD. It is not as optimized for my hardware as FreeBSD was. But my hardware is not all that spectacular anyway so it was never all that fast to begin with. Compile times are roughly the same. However, for some reason X has never performed better, even with FreeBSD. Opaque moves have no hint of jerkiness
Bonus. OpenBSD recognized my sound card! This is new. If I can make that work, I'll really be an OpenBSD fanatic. Another added bonus is mount_ext2fs. This allows floppy transfers from Linux to OBSD, something that FreBSD does not have yet.
In sum, OpenBSD is perfect for a Desktop OS if data security is really really important to you (i.e., if you carry confidential material on your laptop around with you). There's enough applications for document creation that you could need, and with linux_lib all things linux are possible. And binary compat with all other BSD's is there as well. OpenBSD is solid, super secure, and I'm breathing easier now that I know my client materials are under the blowfish
Later y'all.
My Toshiba notebook loses its sound interrupt after suspending, but it's not too hard to set up apmd to rmmod stuff that doesn't handle suspend well, and then modprobe for it when you come back from suspend. Give it a try - worked fine for me.
I ordered OpenBSD at the beginning of October (then at version 2.5) and it still hasn't arrived. When I sent an email to see what the problem was, I was sent a reply stating they were have "production problems" and that they were 2 weeks behind schedule. I sent that email at least 2 weeks ago and still no software. This is somewhat understandable, but now they have released v. 2.6. This makes me more than a little angry considering that 2.6 seems to be a considerably better product. Yeah, I know that this release would still be out even if I had my 2.5 release right now, but it just adds to the adjitation a little. Oh well.
.ISO?? I tried to find one of 2.5, but it was virtually impossible. I know about helping to support the developers by purchasing. No problem with that. They have my $45 and change (I also bought one of their cool shirts) but, I still have no software. Wo is me :-(
Anyone know where I can get an
----------------
"Great spirits have always encountered violent opposition from mediocre minds." - Albert Einstein
Co-founder and designer at Music Nearby: http://musicnearby.com
The only quirk is that Xfree86 support for USB mices has been added after the 2.6 freeze, so you'll have to CVS upgrade and recompile your xserver to use those funky M$ ballless mices...
We don't have to waste -core's time with having them review each and every update to the kernel sources (though there are obvious cases). Basically we have to use our own judgement. If it's something simple, like ripping out unused declarations or whatever, it doesn't need -core review.
You probably either misunderstood the way review works with FreeBSD, or who -core is.
In any case, hopefully this clears it up.
My reasoning? The quality of design in packaging conveys to me the amount of effort that was put into the whole of the product. Not just the coding, but other things like support, interface design, etc... It's possible that this might cause me to misjudge a product. Oh well, their loss. Most of the stuff I use is Open Source anyway, and in those cases there usually isn't any cover-art to speak of.
-----------
"You can't shake the Devil's hand and say you're only kidding."
Not completely true!
Only the OpenBSD OS and a portion of the Ports & Packages that are on the CD are audited. The majority of the Ports are just that: working Ports of the respective Software. Just want to make sure that people (new to OpenBSD) installing third party software (like Ports) are not left alone with a false believe of security. :)
However, running insecure software on a secure OS could potentionally reduce the effect, but it remains dangerous, nevertheless.
Major Kudos to the OpenBSD team - a job very well done!
-----------
"You can't shake the Devil's hand and say you're only kidding."