First off, I want to thank everyone who has taken the time to respond so far. Just when I was despairing of/. as a useful information medium a great set of responses comes along.
So a lot of looking into it and I have definately decided to go with an *BSD for our servers. With the 2.6 OpenBSD release this looks like a good time to plan our move.
Then another issue hit me in private mail from a/. reader....
We are a small Internet development shop, running a few servers and a mixed bag of development stations. Currently, there are three Linux boxen on our network, running the latest RedHat releases. We are looking to put in three more systems, for a total of 5 running some Linux/UNIX like OS.
When we perform this upgrade, we are willing to change operating systems if there is a demonstrable benefit. Due to recent slashdot postings we have started looking at OpenBSD as our server OS. Now, we do understand that RedHat is not the only Linux distribution available, but we don't really want to get into a Linux/Linux war here. We don;t mind changing if we should for technical reasons - but the Linux world seems more hip and vibrant, and we really like the penguin T-shirts we have... so if we can stay on Linux then we want to.
So far, we like what we hear about OpenBSD - but we don't know if the things we like are inherent in the relative designs of OpenBSD or if they are results of policy choices by the OpenBSD team. If they are the results of policy decisions, then with any luck a Linux distribution could be found that exhibited the same characteristics?
Features we like about OpenBSD:
It seems like the release/testing cycle is extremely carefully controlled. While a freewheeling machine with lots of OpenSource code on the desktop is a good thing, for a server it seems that a smaller group exercising testing/release control is a more controlled system.
There are a lot of references to OpenBSD's security and stability - but none with any specific examples or technical backing.
The file layout on OpenBSD seems like a winner, it looks like things live in a well thought out and logical set up - not in a mishmash like RedHat.
Assumptions:
These systems will be running the server software they need, and X11 + (Gnome||KDE) for administration and so on. They will not be running the latest stuff from Linuxberg or a bunch of things that would be on a desktop OS. So we are going to try very hard not to introduce any instabilities. We aren't going to be compiling running games, sound drivers and the like that integrate directly into the kernel.
The questions are:
Is OpenBSD more secure in some fundamental way that a well maintained Linux distribution?
Is OpenBSD more stable than a well maintained Linux distribution?
Will the OpenSource software we normally need (firewall, Apache, PHP4, Perl, Python) and so on probably compile on OpenBSD?
Does OpenBSD have something like clustering support (Beowulf) and failover?
Is the performance of a well maintained OpenBSD system better than a well maintained Linux distribution?
Does Linux have anything like the one time use password system?
Does OpenBSD support multiple CPU's better then Linux?
Thanks for taking the time, and hopefully we can keep the flames down to nothing and talk about technical issues this time.
Why do you let yourself be badgered by RMS into calling the product GNU/Linux? It seems like it was done mainly because RMS wanted to latch onto a rising star after enduring the heretofore failure of the GNU/HURD project.
Good point. There is no doubting the contribution that RMS has made to the free software world... but he is a political radical in his own way.
Trying to stick "GNU" onto the name Linux is exactly in keeping with his philosophy of "virus like" methods of influencing things. It's kind of like he is applying the GPL to even the NAMES of distributions.
"If you use GNU code, I get to tell you what to call yourself!"
I would love to see a version of Linux (maybe Debian) that would be considered as secure as (more secure than) Open BSD.
I wouldn't hold my breath. Linux is a good desktop OS, but too many quick patches add on;s and compromises have already been made to consider it a strong contender for security 'deep down'.
FreeBSD and OpenBSD take great care looking at what code goes into the kernal - it is not just a matter of setting permissions and turning off services. With BSD you knwo you aren't running 'raw' code some 15 year old hacked onto a driver someplace.
I don't know why we should complain about this,/.'s source code is effectively unavailable and won't be for a while. That is pretty hypocritical for the champion of open source I think.
Slashdot Mirror
First off, I want to thank everyone who has taken the time to respond so far. Just when I was despairing of /. as a useful information medium a great set of responses comes along.
So a lot of looking into it and I have definately decided to go with an *BSD for our servers. With the 2.6 OpenBSD release this looks like a good time to plan our move.
Then another issue hit me in private mail from a /. reader....
OpenBSD or FreeBSD ?
This is a question we have been asking ourselves as well.
OpenBSD advantages
FreeBSD advantages
Anything missing?
We are a small Internet development shop, running a few servers and a mixed bag of development stations. Currently, there are three Linux boxen on our network, running the latest RedHat releases. We are looking to put in three more systems, for a total of 5 running some Linux/UNIX like OS.
When we perform this upgrade, we are willing to change operating systems if there is a demonstrable benefit. Due to recent slashdot postings we have started looking at OpenBSD as our server OS. Now, we do understand that RedHat is not the only Linux distribution available, but we don't really want to get into a Linux/Linux war here. We don;t mind changing if we should for technical reasons - but the Linux world seems more hip and vibrant, and we really like the penguin T-shirts we have... so if we can stay on Linux then we want to.
So far, we like what we hear about OpenBSD - but we don't know if the things we like are inherent in the relative designs of OpenBSD or if they are results of policy choices by the OpenBSD team. If they are the results of policy decisions, then with any luck a Linux distribution could be found that exhibited the same characteristics?
Features we like about OpenBSD:
Assumptions:
These systems will be running the server software they need, and X11 + (Gnome||KDE) for administration and so on. They will not be running the latest stuff from Linuxberg or a bunch of things that would be on a desktop OS. So we are going to try very hard not to introduce any instabilities. We aren't going to be compiling running games, sound drivers and the like that integrate directly into the kernel.
The questions are:
Thanks for taking the time, and hopefully we can keep the flames down to nothing and talk about technical issues this time.
Good point. There is no doubting the contribution that RMS has made to the free software world... but he is a political radical in his own way.
Trying to stick "GNU" onto the name Linux is exactly in keeping with his philosophy of "virus like" methods of influencing things. It's kind of like he is applying the GPL to even the NAMES of distributions.
"If you use GNU code, I get to tell you what to call yourself!"
I wouldn't hold my breath. Linux is a good desktop OS, but too many quick patches add on;s and compromises have already been made to consider it a strong contender for security 'deep down'.
FreeBSD and OpenBSD take great care looking at what code goes into the kernal - it is not just a matter of setting permissions and turning off services. With BSD you knwo you aren't running 'raw' code some 15 year old hacked onto a driver someplace.
Hackers is a GREAT book .... a close second is "Soul of a New Machine".
I don't know why we should complain about this, /.'s source code is effectively unavailable and won't be for a while. That is pretty hypocritical for the champion of open source I think.