OpenBSD is a name synonymous with security, having earned the respect and adoration of security-concious sysadmins everywhere. OpenBSD is used in data centers all over the world, is the basis for several security products (from OpenBSD’s site), and is even the basis for Microsoft’s Services For Unix.
And like FreeBSD, it’s not known for running on UltraSPARC systems. Among its many platforms, OpenBSD does indeed have a port for both SPARC (sun4/4c/4m) and SPARC64 (sun4u/UltraSPARC), and the SPARC64 port supports my Ultra 5. So in continuing with my ongoing series on evaluating operating systems running on the Sun Ultra 5, I took a look at OpenBSD 3.4, SPARC64 edition.
Overview
OpenBSD, like FreeBSD and NetBSD, exists as a 64-bit only operating system on SPARC64. And like FreeBSD, OpenBSD has no mechanism for supporting 32-bit applications. This contrasts with Solaris and Linux, where 64-bit and 32-bit binaries, libraries, and kernels live together in harmony.
My test system is of course my Sun Ultra 5, of which the specs can be found in my intro article.
Installation
If you’ve used OpenBSD, you know the installation is about as no-frills as you can get. No fancy menus, no nice and neat CD ROM ISOs, and certainly no graphics. But while it’s lacking in refinements, it’s perfectly functional, and there is excellent documentation to back it up.
erase ^?, werase ^W, kill ^U, intr ^C, status ^T (I)nstall, (U)pgrade or (S)hell? i Welcome to the OpenBSD/sparc64 3.4 install program. This program will help you install OpenBSD in a simple and rational way. At any prompt except password prompts you can run a shell command by typing '!foo', or escape to a shell by typing '!'. Default answers are shown in []'s and are selected by pressing RETURN. At any time you can exit this program by pressing Control-C and then RETURN, but quitting during an install can leave your system in an inconsistent state.
You can get the install files from OpenBSD’s FTP site or one of many mirror sites. You can also order install media from the OpenBSD site. With my cable modem on the ready, I chose the download route.
The SPARC64 install tree contains a bootable ISO image for installation, but the bootable CD does not contain the actual installation files, only the installation program itself. You can either burn the installations files to a separate (non-bootable) CD, or make them available via other means, such as FTP (either locally or from a main FTP server/mirror), HTTP, or NFS.
Because of its spartan design, installing OpenBSD may be a bit intimidating for more green users, but the documentation should be able to walk most through.
Probably the toughest part of this (or just about any other) install is drive partitioning. Every operating system seems to have their own unique way of doing the same task, even among the BSDs. Mentally switching between the various iterations can get tedious, although that’s more of a general complaint, not one directed at OpenBSD.
Fortunately for me, I already had my drive partitioned from NetBSD and FreeBSD, so I didn’t make any changes. I let OpenBSD re-format the already-existing partitions and continued on.
Installation is quick, taking only about 10 minutes to get a system up and running. I didn’t run into any problems.
Documentation
Although I hadn’t it in my previous reviews, I thought it important to make special note of the documentation that accompanies OpenBSD. Having a reputation for putting security above all other matters, I was expecting somewhat weak documentation.
However the documentation for OpenBSD is in fact, excellent.
It’s concise, easy to follow, and comprehensive. As I found myself pondering a question, I quickly found the answer in the FAQ. What files do I need there to be available over HTTP, FTP, etc. for install? Does OpenBSD support soft-updates? Those questions were all covered simply and succinctly in the documentation. Kudos to the team that put that together and maintains it. They’ve done an exceptional job.
Minimalism
By default OpenBSD runs more minimalist than a living room spread in an Ikea catalog. Here’s a ps -auxww from my OpenBSD 3.4 system:
That’s only 16 running processes; 11 if you don’t count the processes started from my login and subsequent su. Definitely a plus for security. By contrast, my Fedora Core desktop system, while waiting for a GUI login, runs 56 processes while idle mode. Pretty much the only outside services turned on in OpenBSDby default are sendmail and sshd. Otherwise, the machine is deaf to the world.
Speaking of SSH, you can thank OpenBSD for the ubiquitous OpenSSH, used in just about every *nix system on the planet. Even Sun’s commercial SSH is based on OpenSSH. A detailed history of OpenSSH can be found here.
Desktop
I had assumed that like FreeBSD and NetBSD, that desktop/graphics would not be supported. That assumption turned out to be incorrect. OpenBSD does support the Ultra 5’s ATI graphics, and I was able to use this configuration file to run X windows.
As you can see, the default desktop environment is very bare-bones. It runs fvwm as the default windows manager, and Gnome and KDE aren’t installed as part of the X11 distribution.
OpenBSD 3.4 SPARC64 Screenshot running default X11 configuration with fvwm
As you can see in the screenshot, top reports only 70 MB used in memory and no swap activity. It’s easy to forget how small X11 by itself is when it’s not running KDE or Gnome or some other fancy window manager. Compare this to when the system is running Solaris with Gnome, where the disk trashs from hitting swap when I so much as move the mouse.
Setting up the desktop environment wasn’t trouble-free, however. After I installed from the serial console, I tried running startx from the serial console. I figured it’d die, but not only did it die, it actually crashed the system:
XFree86 Version 4data fault: pc=f0008fd0 addr=ffffffffffffe000 panic: kernel fault kdb breakpoint at 129fec8 Stopped at. Debugger+0x4: nop RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb>
I switched from serial console to screen/keyboard and I didn’t have that problem anymore.
OpenBSD comes with xf86cfg (an X-based X configuration utility) and xf86config (text-based X configuration utility). xf86cfg wouldn’t run, and xf86config doesn’t seem to have SPARC in mind, with its lack of a Sun keyboard or mouse option, among others. So I was left without a working XFree86 configuration file. However, Google provided an answer and I yoinked a config, and X started up fine.
There are pre-built packages of the various components of KDE/Gnome but I didn’t install or configure any of them. I imagine that it would take some work to get it all working together. There are also various X11 apps available that are precompiled.
I was able to run 16-bit color (about 32,000 colors) at 1280×1024 with no problem. I also used SSH to tunnel a few remote X11 sessions, and ran apps such as Mozilla FireBird from my x86 Linux workstation.
Performance
As with NetBSD and FreeBSD, OpenBSD supports soft updates, which can greatly speed up disk operations. While FreeBSD lets you use tunefs, OpenBSD (like NetBSD) requires an edit to /etc/fstab and a reboot to enable soft updates. It isn’t enabled by default, but I would highly recommend doing so. While not all disk operations may benefit significantly, simple operations like untarring a file can be dramatically sped up by soft updates.
/dev/wd0f /usr ffs rw,nodev,softdep 1 2
For instance, untarring the ports.tar file without soft updates took about 17 minutes. With soft updates enabled on that file system, it only took 3 minutes. That’s a significant savings in time.
System performance-wise, OpenBSD (on x86 at least) didn’t fare well in a widely publicized and much embattled benchmarking article. Unfortunately I was not able to get those benchmarks running on OpenBSD SPARC64, and generally those benchmarks don’t seem to be 64-bit friendly (having compiled but died with a bus error for both FreeBSD and NetBSD on this same system). I spoke with the author, and unfortunately he doesn’t have access to a 64-bit system to do trouble shooting.
MySQL Problem
I was all ready to rave about OpenBSD, when I hit a little snag with MySQL. While MySQL compiled from source without any complaints and initially ran fine (idle, at least), I ran into a strange problem when running sql-bench, the excellent SQL benchmarking tool I’ve been using thus far.
When sql-bench came to the create benchmark, it died with the following error:
Accessing tables Can't find file: './test/bench_60.frm' (errno: 9) at ./test-create line 137
The subsequent benchmarks after create died with similar errors. Initially I thought it may be some sort of permissions problem. The file it’s referring to does exist, but when I checked the permissions, they were all correct. I even (in a very un-OpenBSD-esque manner) chmod’d MySQL’s data directory to 777 just to make sure. Same problem, so permissions wasn’t the problem.
I initially ran sql-bench against 4.0.17, so I upgraded to 4.0.18, which is the current release. Same issue. OpenBSD comes with GCC 2.95.3 by default, so I installed the pre-made GCC 3.2.3 package. Still the same issue.
I was only able to find a single case of someone having a similar issue with a Google search.
I tried playing around with some sysctl variables, thinking perhaps it was a limit on the number of open files (there’s about 10,000 tables in the create benchmark), but kicking kern.maxfiles to 15,000 didn’t help either. I made a post to the OpenBSD sparc port mailing list (they cover both SPARC and SPARC64) and the guy who had the issue wrote back, saying he still had the same problem.
Sean Brown responded to my post with some good suggestions, but they didn’t work out either. As he suggested, I kicked kern.maxfiles up to 32,000 but still no resolution. I also made sure --tmpdir was on a large file system, and that didn’t resolve the issue either.
Since the release of OpenBSD 3.5 is imminent (May 1st), I decided to try a snapshot of 3.5 to see if that would alleviate the issue. I pulled the 3.5 snapshot from the ftp site, and it was dated March 29th. Once it was loaded up, I ran MySQL and sql-bench and still had the same issue.
The sql-bench benchmarks has the ability to run against PostgreSQL as well, so I compiled PostgreSQL 7.4.2 from source (it compiled cleanly) and ran sql-bench against it. Unfortunately, most of the tests resulted in PostgreSQL dumping core:
Retrieving data Bus error (core dumped)
So there goes that. I tried using ports-compiled PostgreSQL but it also died with core dumps. Given the problems I had, and the problem at least one other had, it would seem OpenBSD SPARC64 isn’t really an option for database systems at this time, even on a development/staging basis.
PCI Devices
The Intel 10/100 card I have is also recognized by OpenBSD 3.4 as fxp0, as it was with NetBSD and FreeBSD. Which gives me an idea for possibly the best use of this Ultra 5: As a relatively fast, small, and self-contained firewall.
I found another PCI Ethernet card laying around, a 3com, so for shits and giggles I installed it in my Ultra 5 as well (there are a total of 3 PCI slots available, 2 are now full). OpenBSD also recognized that automatically and it came up as interface xl0. So for about 20 extra dollars, I’ve got a perfect firewall system with internal, external, and DMZ interfaces.
Compilation
OpenBSD, like FreeBSD, sports a ports collection that makes compiling and installing software simpler. It’s not quite as complete as FreeBSD’s ports, or even NetBSD’s pkg_src. For instance, OpenBSD ports didn’t have mysql version 4, only 3.23.
OpenBSD also sports binary packages (which is where I got my beloved tcsh), which can be found on OpenBSD’s FTP site.
Tidy Little Firewall
All of the operating systems under evaluation (FreeBSD, NetBSD, OpenBSD, and coming soon Linux and Solaris) have one or more options available to make the system an effective and secure firewall. FreeBSD, NetBSD, and of course OpenBSD have the ability to run OpenBSD’s pf (packet filter). They, along with Solaris, also have the ability to run IPFilter, which is what powered OpenBSD’s firewall capabilities until a very public and very nasty spat between Darren Reed (author of IP Filter) and Theo De Raadt (infamous head of the OpenBSD) over licensing issues led to OpenBSD creating its own packet filter.
Linux (2.4 and 2.6) has netfilter, which is what I currently run on my home system for a firewall/router on a dual processor x86 system.
Yet while they all have this capability, I haven’t tested them as firewalls. However, since OpenBSD specializes in security, I decided to take a look at its ability to provide such functionality.
I used a fairly typical scenario for home and office users. The OpenBSD system sits with one interface (in my case, fxp0) sitting on the DSL/Cable modem connection, and another interface sitting on an internal network running an RFC 1918 network. The OpenBSD system performs one-to-many NAT, allowing several systems to share a single external IP address such as the one assigned to the Cable Modem/DSL line (Linux users often refer to this as IP masquerading).
Typical Home/Office Firewall Scenario
I’ve have extensive experience with Linux’s netfilter and IPFilter, but none with pf. However, since pf is very similar to IPFilter in configuration, acclimating myself was quite easy.
It took me half an hour to get it working, with much of that time spent trying to figure out that it wouldn’t work because (as the instructions stated) I needed to turn on IP forwarding. Doing so is a simple command with sysctl:
sysctl -w net.inet.ip.forwarding=1
The rest of the instruction, as well as the example pf.conf file (which I used) is can be found in the pf FAQ.
One of the big differences between how pf works compared to Linux’s netfilter is how it handles FTP sessions. FTP is a protocol notorious for being un-firewall and un-NAT-friendly, because of the two TCP ports it uses (21 for control and 20 for data).
In Linux, there are special kernel modules for handling FTP sessions through NAT, ip_conntrack_ftp.o and ip_nat_ftp.o. OpenBSD handles this by running an FTP proxy, which you can enable by uncommenting out its entry in /etc/inetd.conf (also detailed in the instructions).
127.0.0.1:8021 stream tcp nowait root /usr/libexec/ftp-proxy ftp-proxy
Another difference between Netfilter and pf is the configuration syntax. I findthe IPFilter/pf-style syntax to be much more readable compared to Netfilter’s use of iptables and its rather convoluted syntax.
I’ve been running my LAN off my OpenBSD system for a few days now, and it’s been working great. Given the systems small size (less than 19 inches wide, about 2U, and more shallow than most rack-mount systems), relatively fast processor, easily expanded Etheret through the 3 PCI slots, it would make a great firewall/router. It may very well be that this system, once I’m done with my articles, ends up serving that purpose.
Tangent
Speaking of hardware, I thought I’d respond to many comments, both in general and in reference to my articles, about the Ultra 5 being a shoddy piece of hardware. They liken it to PC construction, flimsy and plastic and generally undeserving of love and affection.
Actually, its engineering is superior to most PCs. While it’s not up the quality of say an old SPARC 5 or a NeXT workstation slab/cube (possibly the most elegant hardware ever produced, I used to own a color turbo slab), it stands heads and shoulders above the quality of your average Dell or Gateway PC. It even tops much of Sun’s current top-of-the line hardware, with their superfluous plastic adornments, GNDN (goes nowhere-does nothing) tabs, and razor sharp innards (seriously, the only thing modern Sun servers are missing are rotating knives inside).
The inside is well put together and the design well thought-out, the hard drives are your average IDE fair, holding up well under the rigors of time. The size fits great in a standard 19-inch rack as a 2U system on a shelf, and stacks well. The backend ports are easily accessible and their placement is well thought out.
However, a very ligitimate complaint about the Ultra 5s hardware-wise is its oft-maligned IDE controller, which is notoriously slow and buggy. Now that does indeed suck.
Conclusion
Despite the fact I couldn’t seem to make this system a viable database system (with either PostgreSQL or MySQL), OpenBSD turned out to be a very useful system, especially as a firewall.
The combination of excellent documentation, ample pre-compiled binaries, good ports system, and plenty of resources make OpenBSD worthy of serious consideration when exploring operating systems to install on an Ultra 5.
Appendix: dmesg.
If you would like to see your thoughts or experiences with technology published, please consider writing an article for OSAlert.
Thanks Tony,
very nice review.
Especially because it’s not the notorious Xandros or Suse review.
I’d like to read more reviews about the OS with the nicest logo..
Though the only 64-bit machine I have is an AMD64.
P.S.: Isn’t it a bit late for a 3.4 review when 3.5 is going to be released in two days?
I ran OpenBSD (i386) for a bit to learn the system and its (hopefully the “its vs. it’s” guy notices I used its correctly) security principles. And it was wonderful. Then I started doing some real work (e.g. MIT Kerberos) and things turned on me. e.g. kernel panics.
I wasn’t about to become an OpenBSD kernel debugger so I switched to Slackware instead.
Cheers
just commited a reminder to the default example in /etc/pf.conf to set the net.inet.ip.forwarding and/or net.inet6.ip6.forwarding sysctls in /etc/sysctl.conf. thanks. took me a few minutes to remember too while setting up a test firewall at the PF hackathon a few days ago.
P.S.: Isn’t it a bit late for a 3.4 review when 3.5 is going to be released in two days?
Nope, it’s never late for BSDs because there aren’t that many reviews of BSDs. In the second page, he did tried the snapshot of 3.5.
Most times packages can solve your problems. If you had used the MySQL and PostGreSQL packages, which include various tweaks to get compilations to work better, you might have avoided your problems.
While using ports should theoretically produce the same packages, using packages are at least faster.
“Pretty much the only outside services turned on in OpenBSDby default are sendmail and sshd. Otherwise, the machine is deaf to the world.”
Counts only for SSHd and perhaps you don’t want the whole world to connect to your SSHd. Sendmail (+ patches) is used internally only to send you status reports. Debian uses this scheme regarding as less services as possible and internal MTA basically as well except that you chose how you want the MTA running. No MTA? No status reports; and you miss something without these. However i wouldn’t say the “machine is deaf to the world” because it doesn’t run its’ internal MTA.
“between Darren Reed (author of IP Filter) and Theo De Raadt (infamous head of the OpenBSD) over licensing issues led to OpenBSD creating its own packet filter.”
Led tro Daniel Hartmeier coding PF in silene whole the flamewar continued. Then, it was there, and it was available for OpenBSD 3.0 as an add-on. 3.0 still came with IPF though. Since 3.1 it has been the default and since then it matured. PF can do much more than IPF already and also than IPT. It is also -imo- very, very more user-friendly than either of these 2.
If i may make a suggestion i’d suggest to experiment with SUN Ultra 5 + OpenBSD + PF + Bridging for your firewall. I think you’ll like it. You can also redirect from LAN to “bogus IP” (null-routed, vlan) port 22 to the Bridge if you prefer. Or use serial line:) try Snort on it, with ACID, and a database backend, and enjoy your home-made Carnivore
Now some questions: 1) how much power does the Ultra5 consume? 2) How high is your case? According to some statistics i read the case is 11,6 cm high (or should i say “low”?). 3) I’d also like to know how many HDD’s it can hold (including taking out the CDROM player) and which HDD’s the IDE interface can handle (AT100? ATA133? Any problems regarding the size of the HDD?). The technical documentation i read doesn’t correlate with what others have told me, so far…
I don’t know if this was the problem seen …
In the change log for current (http://www.openbsd.org/plus.html):
“Fix a propolice bug in gcc(1) and unbreak MySQL (mysql bug id 1442).”
See: http://bugs.mysql.com/bug.php?id=1442
and: http://cvs.openbsd.org/cgi-bin/query-pr-wrapper?full=yes&numbers=37…
dpi,
It can hold 2 ide hd + 1 if you took the cdrom out. But, the ide bus on u5/10 really suck. I would definatly recommend dropping a scsi card in and jumping to scsi drives. That is what i do w/ my u10’s that i have.
whoever,
I run gentoo on all my sun equipment, but i have been thinking of giveing *bsd a try on one of them. The whole 32 vs 64 worrys me some because it sounds like I might not be able to put much on there, is that what everyone is saying? Is there much of the ports packages built for the sparc64 arch?
thx
one other thing
If i go with openbsd on a u10 to setup a firewall/dhcp/router, i have some qfe cards I could use, but here is the thing i don’t know what happens, and i’m a shame to say it ;0
I run linux/solaris <–not much of that anymore, anyway, only on all my boxs. My wife has a win pc and the scarry part is we have road runner cable and she uses aol thing on top of it. Is there any aol crap that i would kill setting a firewall like that up?
I have know idea how aol works and if i kill anything my wife does, well you all know what will happen. :angry:
Its a SparcStation 5 I believe, the fastest model they make – the 170 mhz. Great damn box, snappy and solid as a rock. However, the OpenBSD folks seem to be against the idea of you compiling a custom kernel. I can understand not supporting a custom config, but is OpenBSD that fragile that doing a custom kernel can through the whole thing off? I’m /not/ trying to troll, it just seems strange to me. I’ve compiled kernels in FreeBSD and Linux before without a problem. Well all that aside, I’ve long liked how clean OpenBSD feels and I even like the install method – its all text based but its straight to the point and very verbal about whats gonna happen. Great stuff! Looking forward to upgrading to 3.5!
I run a 1Ghz + SPARC machines
i have some old sparcstations at home… and i have an SS10 and a SS20 with SMP.
My old SS20 would be really cool for firewall with OpenBSD, but it doesn’t supports SMP. Linux does support it all the sparc linux distros are very outdated… =(
Still waiting for fedora/sparc…
BSDero
i learned pf first and then iptables, after doing so i certainly appreciated pf’s readable grammer:-) it was quite simple and easy to use, i didn’t have to patch a custom kernel, build modules, and userspace tools. i do realize that it’s not netfilter’s fault that everything can be right there out of the box(patch-o-matic). i thought that editing two files and using pfctl to be dream come true:-) i also like how openbsd handles file immutability. i can set a file to be immutable and the only way it can be changed is if you drop to runlevel 1 all the while pf is still routing traffic!!!!!!!!!!!!! in linux you just have to be root and run chattr:-( oh well, sorry for the rant:-)
i love linux however i appreciate the way some things are done in openbsd that make it easy to use and are security focused
@By cybrjackle (IP: —.kc.rr.com) – Posted on 2004-04-30 02:38:47
What SCSI card are you using? Sun SCSI cards are expensive…
Check http://ftp.openbsd.org/pub/OpenBSD/3.4/packages/sparc64/ for packages available to sparc64.
@By Christopher X (IP: —.ok.ok.cox.net) – Posted on 2004-04-30 03:49:00
I’ve had issues with custom kernels, so I stick to GENERIC. I haven’t had any problems with GENERIC. All my hardware has been supported, and it’s fairly quick.
@By BSDero (IP: —.prodigy.net.mx) – Posted on 2004-04-30 04:44:39
NetBSD-current might support SMP on SPARC. I’m thinking about trying it on a sparcserver 20 SMP I’ve got. Eventually.
“It can hold 2 ide hd + 1 if you took the cdrom out. But, the ide bus on u5/10 really suck. I would definatly recommend dropping a scsi card in and jumping to scsi drives.”
This is just for hobbyist purposes. A huge SCSI HDD is a bit too expensive for me, but perhaps using a IDE to SCSI converter might help. Anyway, do you have benchmarks? It doesn’t need to be extremely fast. Just as long as it isn’t sucky in the same way as the AlphaStation 1000A’s IDE interface which is _undocumented_ (doesn’t officially exist and gets less than 1 MB/sec for READ operation! In my case, the OS isn’t gonna do much by itself, and the bulk data mostly only needs to be read; not written.
Btw you can expect SPARC64 to be running fine server apps. At least it runs Base fine [includes Apache 1.3.x + Patches]. I say expect, because SPARC64 is OpenBSD’s (at least Theo’s) favorite platform.
For a serious firewall i’d suggest a low-power consumer + CF such as Soekris (12W) or ViaC3. You can even hack OpenBSD on these since the hardware is supported.
“because SPARC64 is OpenBSD’s (at least Theo’s) favorite platform.”
I think it’s AMD64 now
Symbios Logic SYM22801
Works great on Gentoo/sparc
btw someone said Linux is out dated, not Gentoo/Debian on sparc.
http://dev.gentoo.org/~bazik/hw.php
For those interested in trying out pf, there is a wiki that contains various examples of pf rules at http://zhware.ath.cx/wiki/index.php/CompendiumOfPFRules
Sorry, this security-conscious sysadmin has 0 interest in openbsd. I’m a bit annoyed with the flowery language describing openbsd.
Theo is a HUGE drawback for the project. Recall, he was booted by the other developers from NetBSD for being too much of a PITA.
“Sorry, this security-conscious sysadmin has 0 interest in openbsd.”
Well then, don’t read the article, and don’t comment on it. I’m a little tired of all the Linux commentary, but I don’t comment about that on their threads.
You have a choice – read it or don’t. Nobody will care. Leave those of us who DO read it alone.
> I’m a little tired of all the Linux commentary,
He doesn’t show himself being a Linux advocate.
Most of them didn’t know Theo at all.
And I think the security-conscious sysadmin points out an for him valid point:
Theo is a man that splits.
And not only Theo.
The overall tone in the newsgroups and mailing-lists is rather harsh and often unfriendly.
BUT:
Doesn’t this fit into OpenBSD??
I think it fits.
The most “paranoid” operating system can’t be developed by hippies.
If you don’t have an “I don’t care what you think” – attitude you are starting making compromises.
And this is a behaviour you didn’t find in the OpenBSD camp(remember the ipfw fight).
All of the OpenBSD-sparc64 boxes i’ve played with so far have had a /usr/X11R6/README. Which is basically a documented XF86Config for all possible sun hardware configurations (not very long actually). Basically you can cut the middle out of it, comment out the mouse and vid options you don’t have, cp it to /etc/X11/, and you’re all good. They even cover dual displays and such.
I hit up Google before looking at the README, and found a working config, so it worked out fine anyway.
Why is he compiling stuff by himself from source? OpenBSD (like all the other BSD’s) have a ports system that contain patches that fix compilation and runtime problems. Instead of mucking about with source, the ports are there ready to use.
I’ve used MySQL on OpenBSD on a sparc64 box (heck, my website ran on that for quite a while), and I never had problems with MySQL from ports. Ran like a charm right from the get go. OpenBSD’s port system also creates “fake” installations and generates packages which can be used on other machines. And with the flavour system, you can tweak it to your needs.
There’s actually no need to compile stuff by yourself. Many have done the problemsolving already and automated it in the ports system, so use that to your advantage.
If you read the article, you’d see that I used the ports version of PostgreSQL, but it died with the same error as my own compiled version.
Also, the OpenBSD ports collection does not include MySQL 4.0, nor does the packages. It only includes MySQl 3.x. Perhaps 3.5 has added MySQL 4.0, I haven’t checked since it was released only a few hours ago.
I prefer to compile by source for many applications, especially when comparing performance between various operating systems. I can keep the software version the same, and the build environment the same. When switching from one operating system to another, it’s a great way.
Generally I don’t have any problems with compiling by source on x86 systems. For non-x86, such as SPARC64, there are some pieces that don’t work with basic source, and in that case I’ll fall back to ports or packages. Sometimes it fixes the issue, sometimes it doesn’t.
Another reason to use ports is with applications that are particularly cumbersome and/or time consuming to compile. An example would be KDE or Gnome. If it’s something simple like tcsh, I’ll happily use a package.
But for MySQL, PostgreSQL, Apache, OpenSSH, etc. I prefer compiling from source whenever I can. Packages and Ports are convienient and can solve problems (but not always), but aren’t a total replacement. That’d be rather silly if it was.
…and you didn’t either. I’m pretty sure his point was that he’s tired of all the praise that Linux get so he doesn’t read Linux these articles nor post a “you all suck” post just because he doesn’t like it.