As mentioned in the release announcement: “Many people have received their 4.6 CDs in the mail by now, and we really don’t want them to be without the full package repository. We are pleased to announce the official release of OpenBSD 4.6. This is our 26th release on CD-ROM (and 27th via FTP). We remain proud of OpenBSD’s record of more than ten years with only two remote holes in the default install.” I really want news like this on the front page, but sadly, the long list of improvements makes no sense to me – I don’t know what’s important and what isn’t. If someone can provide a nice readable summary of the most important improvements, I’ll include it to the item and place it on the front page. There we are.
Thanks to OSAlert reader joku, we now have a summary of the most important changes:
- Simplified installation process.
- Improved documentation and man pages.
- New versions of packages in ports (package management system). Over 5800 packages in total.
- Hardware driver updates: sensors, chipsets, video devices etc. New drivers, functionality and reliability updates.
- Network stack updates: stricter default settings. Wired interfaces are now preferred over wireless ones.
- Firewall changes: enabled by default, stricter checking of package formats.
- Routing daemon updates: mainly BGP daemon updates, fixes few bugs.
- New more secure smtpd (mail server).
- New OpenSSH released (5.3).
Go and download the new release from the download page, or order a CD set.
Can anyone tell me, is OpenBSD just a niche BSD based around security… or is it useful as a Desktop OS too?
Also is it the same case with NetBSD?
Or should I just stick with trying FreeBSD instead? (I did try it a while ago, the ports system is very nice, but not a good idea to compile GNOME on a slow machine…)
Alex.
There are some that use OpenBSD for desktop; it’s possible.
FreeBSD is nice, but having to compile everything takes a lot of time. I wish pacman + repos were available. As an intermediate solution, you could pkg_add -r *desktop-of-choice* and then compile from ports overnight. I don’t know how much speed gain you get from compiling out what you don’t need. I, for once, compile xorg without hal and dbus, and use xorg.conf to have it configured and stripped to a minimum. But it takes a hell of a lot of time to build my regular desktop.
NetBSD I don’t know, never used it.
OpenBSD, NetBSD, FreeBSD, all three provide packages that can be added by pkg_add(1), you MAY compile from ports, but packages are available on all of these systems.
There are even solutions for using only binary packages with FreeBSD:
* the -P and -PP options for portupgrade
* the pkg_upgrade script from the bsdadminscripts port
* using pkg_delete and pkg_add manually
* probably others that I haven’t used yet
Ports offers the most flexibility, but it’s not the only way to install software on FreeBSD.
That’s where Debian FreeBSD is big news.
I don’t see a reason for Debian/kFreeBSD except it provides another kernel should Linus die in a car accident and their lieutenants fight to gain control of it.
What I like about the BSDs is the integration in the base system. Debian doesn’t provide as much as FreeBSD in bringing a coherent system. Another thing I dislike is the tendency to bloat. You install package A and then you get packages B and C (which also depend on packages D, E, F) installed as suggestions or recommendations even if you are not going to use them. I know you can tweak that behavior, but it’s annoying.
Up to date binary packages would be really nice, and pacman would make FreeBSD really rock. I know I’m not the only one asking for it…
I second that…
Of course you can use OpenBSD for desktop, but sometimes you’ll get the feeling of “Linux (over) ten years ago”.
IMHO Linux is much better for the desktop than any of the xBSD systems, and if you need “something Unix-like” for your desktop – you’ll be much more pleased with Linux. Why do you want to switch, anyway? You can always choose “less bloated” distro, like Slackware or Gobo – keeping all Linux’ advantages: many drivers, many different filesystems available to choose from, full internationalization, etc. etc.
And why is that exactly bad? I still remember using Linux 10 years ago and how things were amazing and less bloated/shiny.
Actually Linux is less *nix like than the BSDs. Consider all things added to Linux that set it apart from the *nix tradition and some new stuff that makes it incompatible with the BSDs.
Many drivers are useful only if you have exotic hardware and you need those drivers. Having many filesystems doesn’t mean you get a good filesystem, just lots of limited/mediocre/obsolete ones. From the available selection, you would probably pick ext4. In the future you might picl btrfs, but that’s it. For desktop at least.
In the end, he will choose whatever OS fits the bill. He doesn’t need to use just 1. I use both Arch and FreeBSD, as I like them both.
OpenBSD is surprisingly useable as a desktop system, The ports system is a bit frightning, but always check the packages directory first before starting to compile the ports, because there is big chance that precompiled package is already available.
Just set the PKG_PATH=ftp://...
and then type pkg-add <the-package> (or was it installpkg…)
And look as all the dependencies and all gets installed. Really wonderful for a secure BSD.
PS: Well I’ve been using Slackware for too much that I consider automated dependency tracking a wonderful feature
With little effort and patience, yes.
But even if the whole system was designed to run a desktop, don’t expect it to be Ubuntu.
PC-BSD ( http://www.pcbsd.org/content/view/12/26/ for the ‘About’ page) and FreeSBIE ( http://www.freesbie.org/ homepage) are both FreeBSD and are designed to be very usable desktop systems. So, technically, you could switch AND stick with FreeBSD. Plus I believe they both come as live CDs so that you can try/test them and see if it looks like something you are interested in. But I didn’t find anything about PC-BSD being a live CD so that may turn out to be a VirtualBox, Parallels, VMware, QEMU, Bochs thing (I haven’t figured out how to use XEN or kvm yet) to see if you like it if you aren’t committed to installing right off the bat.
They mention dual-booting but nowadays there are few reasons to run just one OS at a time in order to research one. YHMDO (Your hardware may dictate otherwise.)
Olive used to be a system based on OpenBSD, don’t know how useful that would be as a Desktop OS. You could also try PC-BSD in case you are interested in FreeBSD, it’s a pretty good Operating System for Desktops.
Well, the mail server is more secure and network routing has been improved quite a bit. Those are the major “new features”.
Refinements all over and a few “newer” version of some package. For exmaple X ( OpenBSD uses http://xenocara.org/ ) Others are still quite old (KDE 3.5.10)
But when you look at what the Linux distros add in 6 months the list is pretty pathetic (IMNSHO).
Pretty much of all things added to Linux are useless to me and to many other people out there who use it. So that’s no argument. Of course, it doesn’t prevent me from running Linux as my main desktop.
OpenBSD doesn’t focus on adding as many new features as possible. It is a system written by developers, for developers. They include features they need and spend a lot of effort on code quality and security.
If you consider how small the OpenBSD development team is, as well as the amount of time spent on quality and security, the new features in OpenBSD 4.6 are not “pathetic.”
The Linux community uses a number of tools that the OpenBSD team develops. You should have a little more respect for the hard work of these developers.
No one is forcing or begging you to use OpenBSD. If it doesn’t offer what you want in an operating system, don’t use it.
As a developer, I’d like to emphasize that I like OpenBSD’s high quality of documentation. In opposite to most Linusi, the BSDs pay as much attentioj to proper documentation as to features they add. Manpages (very important!), FAQs and Handbooks are not left to be implemented by the users.
Personally, I say “thank you” to them nearly every day – for providing such excellent software that keeps my systems running and saves me lots of trouble.
Heh.
If you really tried, you could see the irony here since many people consider it a problem that Linux distros just keep adding and adding every 6 months. It is also pretty pathetic that someone here at OSAlert is actually seriously comparing adding and software development.
Yes, and Linus Torvalds told us the result.
He also said that it is unacceptable, but also unavoidable.
AND in the Floss Weekly interview he said that the whole comment was blown out of proportion and that Linux is at least not a “fat ugly pig that should have been shot 15 years ago”
That is what he thinks about other OS kernels.
Edited 2009-10-19 18:32 UTC
I think this is not specific to Linux. Linus may have applied this statement to the Linux kernel, but the tradition for bloating and complicating things seems to be everywhere. Even in BSD world.
Don’t get this statement wrong and let me first clarify: The developers of the BSD operating systems do an excellent job. With every release, the OS runs faster in the same (!) hardware. No problem here.
The problem starts when you want to add additional software. As it has been mentioned earlier, if you install package A, it will install B, C, D, E, F and G as dependencies, even if it just contains “suggested” stuff you don’t use or even require (to run A).
Instead of centralized means of configuration, things get scattered among many files and subsystems. For example, if you’re using HAL and DBUS for X (the “new” way), setting up a non-english keyboard is complicated, especially if you’re not rinning one of the two big desktop environments that keep such things internally. Even starting X now takes much longer.
Remember my statement of the “new dependency hell”? Install things you don’t really need? It gets worse. Very often, programs shift from one library version to the next one, e. g. X-Chat from Gtk 1 to Gtk 2. The functionality is quite the same, but the overall operation speed (as it feels to the user) is reduced. Even worse: Usability gets lost; things like using the middle mouse button for tranfering the edit buffer to an input field, or selecting a list entry by double clicking don’t work anymore.
A famous statement reformed: “What OS giveth, applications taketh away.”
I have been told here at OSAlert that this tendency of bloat as a good reason and is needed: For faster software development. But I’d rather use software that is implemented good insteaf of fast, and I would be willing to wait for a good release.
The circle closes here: That’s the main reason I have selected the BSDs as my main operating systems (next to Solaris, and Linux mostly for entertainment and education): They pay attention to deliver good software. It’s a way to benefit from the development and get a faster, more stable and more feature-rich system without actually upgrading the hardware.
“That’s the main reason I have selected the BSDs as my main operating systems (next to Solaris…): They pay attention to deliver good software”
It is your opinion that Solaris is not of high quality??
OF COURSE NOT! While BSD is my main OS, I also use Solaris (and OpenSolaris).
I just wanted to point out that paying attention to overall quality is a thing that I (as a developer) do often miss with Linux; that’s why I do not use it very often anymore. Searching for documentation about kernel interfaces, file formats or library calls can be a troublesome journey, especially because there are different Linux distributions that handle things differently. Furthermore, there’s often the situation that there is either no man page at all, or just an outdated info page, some notes in a file burried deep in some arbitrary directory, or documentation is just scattered around the web, placed in forums, wikis, or left to the users in another way. The kernel source is not as tidy, well documented and enlightened by meaningful identifiers as it is found in the BSD kernels.
Of course, that’s just my very individual point of view, so please nobody feels attacked.
Commercial operating systems usually do come with good documentation, too, allthough it might not be for free.
Actually the things in a base install can be easier then Linux, because they build the whole operating system, much more integrated. Linux distributions, take things more from different places.
I may point this out: In opposite to the various Linux distributions, BSD systems like OpenBSD or FreeBSD consist of “a core operating system” maintaned by a development group, and “everything else”, such as third-party software that has been ported to the specific platform and made available as sources or precompiled packages. That’s why BSD always has a consistent OS that is fully functional, even if no other ostware is installed. You can easily run “rm -rf /usr/local” and get rid of all the extra stuff, and your system will still boot. The OS is well structured (see “man hier”) and gives you a solid base of tools you can rely on. There’s no arbitrary choice like “we put this in the OS, and this, but not this”. Finally, this high quality standardisation keeps a high grade of compatibility to other UNIX operating systems, especially the commercial ones.
Have you ever really used the system? Takes time to learn but it time well spent.
Package System is incredibly easy to use and has flavors for each package so you don’t have to install unnecessary dependencies. Ports system is incredibly easy to use.
I can do Play Music, Watch Video, Use Skype, Browse the web, program etc etc etc. With no problems.
There isn’t any pretty GUI wizards or any other fluff that gets in the way … using the man pages properly and a bit of reading will let you configure the system correctly for whatever you wish to use it for.
I used to run it a few years ago. As a desktop it sucked.
I wanted to try the new version, but it isn’t even installing in Virtualbox.
Because VirtualBox is buggy…
http://www.virtualbox.org/ticket/639
Works fine in Virtual PC.
I used to run Linux few years ago. It sucked.
Wow, it worked! You managed to drag me into your level of infancy.
I don’t want to read man pages anymore to configure stuff.
Linux (xubuntu) is finally clever enough to figure out everything itself.
Tried pc-bsd recently and it couldn’t even find the cdrom it started from during the install proces.
You sound like the avg joe with no clue. Not for whom this OS is designed for.
The tragedy of computing.
I thought the whole point of computers was to make things easier? Do more, faster…not spend all your life reading manuals just to get the friggin thing to boot up.
No, you are caught by the fallacy of idiot box.
For “consumer computers”, the idea of a “playstation-like computer” may be ideal, but otherwise it just demonstrates the common click-click-click-big-warning-click-click-click -culture that so well describes the Windows world and its flaws.
(This is not to state that Windows would not have documentation — it has, and people of all ages actually take courses to read and learn such tools as Windows Word; the idiot box equivalent would be to just click-click-click and your document would somehow magically be ready.)
As an example, OpenBSD is strong in the professional networking world (as a router, gateway, firewall, and so forth). It would be very scary if one configures such a system without reading nor without understanding what is being configured.
EDIT: clarify the point with Windows.
Edited 2009-10-20 07:26 UTC
But how to you in fact know how to configure stuff? Stuff doesn’t configure on its own. Well… X for example does, but a mailserver doesn’t, a webserver doesn’t, and programs don’t create theirselves – the last statement is quite general, I know, and I’m intentionally excluding RPG here.
Everything? It configures Thuderbird for you? With your mail address and password? And it creates an IPv6 gateway automatically? Must be a great OS that makes every sysadmin, network tech and operator completely useless for the end of his life.
Yes, PC-BSD is really a fine thing. It requires quite recent hardware to run at an acceptable speed and is not as flexible as a FreeBSD installation you create yourself, but it is not intended to be that way; it’s a very convenient system for Joe Q. Sixpack and Aunt Mary.
Honestly: I know several friends who use PC-BSD for some years now and are completely happy with it. The advantage of this OS is that it is a real FreeBSD OS “under the hood”, so things that do not work out of the box can be made working – by the means of reading man pages and editing files.
As long as everything is new, runs fast and autodetects everything (usually due to conforming to existing standards), things are fine without manpages. But when problems arise, you are happy about their presence. I know it’s possible that you can’t understand such a statement because it comes from a developer and not from a user, but it is the truth. Remember that it is the developers who make the software that does “everything” for you. You shouldn’t insult them by bitching out about “stupid manpages”, it’s unfair. Keep in mind that you are are given the privilege to use the result of their hard work for free.
– Simplified installation process
– Improved documentation and man pages
– New versions of packages in ports (package management system). Over 5800 packages in total
– Hardware driver updates: sensors, chipsets, video devices etc. New drivers, functionality and reliability updates.
– Network stack updates: stricter default settings. Wired interfaces are now preferred over wireless ones.
– Firewall changes: enabled by default, stricter checking of package formats.
– Routing daemon updates: mainly BGP daemon updates, fixes few bugs.
– New more secure smtpd (mail server)
– New OpenSSH released (5.3)
Edited 2009-10-19 11:57 UTC
If OpenBSD is more secure than most OS, then maybe it would make sense to run it inside VirtualBox, and only access internet via OpenBSD? Then a hacker has to break through OpenBSD and then also the underlying OS?
Or is this pointless? What do you say?
Since VirtualBox uses NAT redirection for the virtual network, your system’s security would depend on VirtualBox being secure, not just OpenBSD. Also, OpenBSD does not run well on VirtualBox.
This may be a good idea in theory, but in practice I think it would just be a pita. There are much better ways to safely browse the web.
VirtualBox supports a range of network types – NAT being just one of them.
Personally I prefer the ‘host interface’ setting as I can then get my DHCP server to assign an IP number to the virtual machine in exactly the same way as any other physical machine would.
I agree that there are easier ways to secure a desktop though
Edited 2009-10-19 14:22 UTC
Virtualbox 3.0.8 added many fixes that made NetBSD, which had a horrible time even installing, work. I wonder if the same fixes apply to OpenBSD.
Just installed OpenBSD 4.5 onto Virtualbox-OSE 3.0.8 last night. Host machine is Fedora 11. Running fine so far.
Edited 2009-10-23 03:34 UTC
Since you asked, I’d say this is pointless, regardless of the guest operating system and the host operating system, the latter perhaps to a lesser extend.
Given the context, I’ve understood that the OpenBSD team quite firmly believes that no real security can be achieved via virtualization. Many agree with them and others who argue similarly, but this is a big open debate of course.
Pile of x86 crap on pile of x86 crap can not make a pile of secure crap.
EDIT: odd sentence.
Edited 2009-10-19 14:44 UTC
If you have all your ports closed (no services running) and or pf active and configured then no hacker can get in exploiting services. So virtualization doesn’t help here.
Other risk is in data handling by applications you run. If there’s an exploit for your browser/flash/p2p/etc, then there’s risk that a specially crafted data be used to allow remote execution by an attacker. OpenBSD implements many ways to prevent that, virtualization doesn’t.
I am really not keen on the way the editing of articles is done around here. You shouldn’t strikethrough a number of rows of text if that part of the text has absolutely nothing to do with the news (ie. you did not make false claims or something like that). Just wipe it. We don’t care.
It’s awful when more than a half of the so called preview is only something that should not exist at all.
Edited 2009-10-19 13:44 UTC
Personally, I’d rather see that the situation was changed. Originally, it was destined to be a page II story, until a thoughtful reader, joku, provided more details; thus the story could be listed on Page I.
I prefer this method of notification, vs. history getting edited and thrown away. From now on, when you see underlined text, pretend it’s not there.
Agreed.
Unfortunately everyone has their own opinion on how something should be done and sometimes there is no “correct” method, only preferred approaches.
In this instance though, I completely agree with yourself (and Thom)
I may be echoing the comments of others who got here sooner… I’d personally rather that the situation hadn’t involved a release of a significant OS release going onto Page 2 by default
Who is ‘we’? I don’t care about such a thing. Maybe you could write a browser plug-in that removes everything encapsulated by (u)(/u)’s if you’re really this annoyed by it.
Underline (u) and strikethough are very different, and serve different purposes.
I am not sure why someone couldn’t briefly look over the 4.6 Release notes and come up with a summary, but since they couldn’t, here is my attempt.
———–
The release of OpenBSD 4.6 was announced today! New features in the release include improved hardware support, an upgraded packet filter, SMTPD privilege-separation, routing daemon improvements, a brand new installer, and much more! For more information, please check out the official release notes: http://www.openbsd.org/46.html.
You can purchase a CD set (http://www.openbsd.org/orders.html) or download from one of the mirrors (http://www.openbsd.org/ftp.html). If you enjoy OpenBSD please consider supporting the project (http://www.openbsd.org/donations.html).
Edited 2009-10-19 14:07 UTC
After look through install documentation, this version of OpenBSD still does not support installation on a logical partition. It is a big disadvantage for me.
This is possible as of the 4.4 release.
Ah, the joy of old-fahioned DOS partitioning…
In fact, every OS should be installable to a “DOS primary partition”. You can get up to 4 operating systems on one disk. The artificial maximum of 4 such installations is a “feature” that is still present from old DOS “partition table” times.
“DOS extended partitions” are just a dirty workaround in my opinion. Inside its own “DOS primary partition”, each OS should be able to do anything it wants, such as creating own partitions. For example, this is how FreeBSD does things. You can have more than 20 partitions within a slice (a “DOS primary partition”), for example to create mountpoints for functional partition separation, e. g. /, /tmp, /var, /usr and /home. Those are all within the same slice, but represent own file systems. I’m not sure if this can be done in Linux, too, or if each functional part would require a “DOS primary partition” or a “logical volume” within a “DOS extended partition”.
There simply is no need to waste more than one of the “precious” 4 “DOS primary partitions” for subpartitioning. “DOS extended partitions” are unneccessary. There’s something better present for some time now, so no need to stick with this outdated legacy stuff.
Maybe things get better when GPT gets widely adopted. This would allow to multiboot from more than 4 operating systems.
But finally, I don’t multiboot, so this is quite not an urgent topic to me.
Why even bother posting a negative comment critical of an outstanding product, simply because it doesn’t have your special widget?
On second hand, why am I even bothering to post this comment?
Am I the only one who read that “many people had received their 4.6 CDs in the mail” and wondered what they’d do with 6/10ths of a CD?
I guess you are the only one.
Oh well. More’s the pity.
I know OpenBSD is only intended to sit and be secure, and performance is not a real world expectation one should have for it, but incremental improvements have been seen before.
http://mauthesis.com/RubyBenchMarksOne.html
This is also new in OpenBSD 4.6:
http://undeadly.org/cgi?action=article&sid=20090619100514
And I forgot, support for “seperate routing domains”. So you can have completely seperated different routing tables and network connections.
I do think OpenBSD is the most advanced and most integrated open source operating system when it comes to networking.
How depressing! I was waiting with baited breath for one of Moulineff’s anti-BSD rants with a side bit about how he uses his own name and is very brave and a spot about BSD thiefs and, after trawling through all the comments…. nothing? Nope, not a sausage. How depressing.
He knows he’ll get banned
Edited 2009-10-20 20:32 UTC
*cries* no hilarious amusement for the day.