OpenBSD 5.2 Released 141
An anonymous reader writes "OpenBSD 5.2 has been released and is available for download. One of the most significant changes in this release is the replacement of the user-level uthreads by kernel-level rthreads, allowing multithreaded programs to utilize multiple CPUs/cores."
Good News! (Score:5, Informative)
Yeah, Netcraft confirms it is dying, yadda, yadda, yadda, etc... Linus said they were masturbating monkeys, the 1990s called, and they want their rthreads back, etc... etc...
Seriously, folks, if you haven't tried OpenBSD before, give it a spin, you might like it. Sure, it ain't no penguin, but that nice pointy fish is stable, solid, secure and quite a nice little beast to work with. I have had nothing but good experiences with that OS.
Just my US$ 0.02.
Re:LOL (Score:2, Informative)
Everyone can learn from that real world-class asshole... he totally dissed a friend of mine in a semi-professional environment, and I figure that a man *that* amazingly, butt-clenchingly unprofessional is just not worth the time of day. To hell with them.
i miss openbsd (Score:5, Informative)
i used to use it a lot
it doesnt' have much going for it, in the scheme of modern unix-like operating systems.. it's a bit of an underdog. it doesn't have fancy high-performance schedulers, its io layer is slow.. it's missing drivers for lots of commodity hardware, some of them because of principles.. theo is an asshole sometimes, with his constant 'im always right and you're always an idiot' thing.. but..
for one, the documentation is beautiful. whoever maintains the documentation should get a medal. there are few typos, everything has a man page, and every man page has EXAMPLES and is easy to understand. better than any other operating system out there. and that's a big plus: if you try any linux distribution and find an unfamilar file in /etc, you have a 50/50 shot of it being documented properly. with openbsd, it's garunteed
because their entire mission is based on thorough auditing, they make sure their code is very well documented and easy to understand. that's a big bonus too. modifying and developing on openbsd, as a platform, is a very nice experience
openssh is a very beautifully written piece of software. it's nice to use, and it's nice to read the source code. when is the last time it gave you any problems? openbsd is an entire operating system written with the same standards.
give it a try if you haven't, it wont hurt you.. virtual machines don't cost anything..
Re:LOL (Score:5, Informative)
Have you looked at the power usage of that thing recently? It's a 15 year old system that has less processing power than my cellphone & probably draws a few hundred watts with minimal power saving features. It's probably costing you $10-15/month to run that beast - how long would it take for a modern, low-power ARM or Atom box take to pay itself off?
Re:LOL (Score:5, Informative)
I'd equate it to the difference between being a Windows Admin, and a Unix Admin... The two are worlds apart.
First off, PF syntax is heaven compared to all else. Linux's IPTables syntax is a utter nightmare. Cisco's NAT and ACL syntax is ugly, very limited, so abstracted in syntax and terminology from what it's really doing that it can be impossible to understand without a book of Cisco's own reference material, etc. Juniper's Netscreens are even worse. If anyone tells you otherwise, start asking a few questions about setting-up multi-homed internet service, multicast routing, or trying to determine whether/why a certain connection is being rejected by that 2,000-line ACL rule-set (or failing somewhere else). And this black-box isn't an issue of amateurs who just don't read enough... There really aren't any publications detailing more complex use-cases, and I've exchanged many words with Cisco support managers after multiple level-2 technicians put in explicit writing that some specific multihoming scearios were NOT POSSIBLE on their gear, only to try it out and find it does, in-fact, work exactly as it should.
This isn't something you're likely to hear network admins complain about, because using something better like OpenBSD is never an option they've had, and they know they MUST learn the insane ways of Cisco, to be able to support routers, switches, etc., anyhow.
PF's syntax for ACLs and NAT is dead simple, and as flexible as it can get. What's more, you edit it locally, with your choice of text editor, can syntax check it with a short command, and atomically apply it with all changes (no down-time at all). You've also got unlimited options for commenting it as you choose, making backups, generating it from some dynamic system, including dynamic lists of IPs in a rule that are added/removed by, say, a mail server tracking spammers, or having entire rulesets that are applied only when someone SSHes in to the box, to allow specific services or whatever you want. These are things that network admins DO bemoan on a continual basis... Some network software won't let you insert ACL rules above others (line editing), instead requiring erasing everything below where you want it, then inserting the ACL, then restorting the previous. Others may allow line-editing, but only for permit/deny rules, tossing-out the option of using remarks to properly comment your ACLs.
Network monitoring, debugging, and packet tracing is unimaginably easier. You can run tcpdump, pktstat, or any other utilities RIGHT ON YOUR FIREWALL, telling you EXACTLY what's happening, and where. Easy to filter down to what you want to see, yet can be focused to the point giving you complete packet headers and payloads if you so desire. Cisco pretty recently saw that omitting this functionality can make certain scenarios absolutely impossible to get through, and ASAs now allows generating a pcap/tcpdump/wireshark file, but it must by transferred off to a real computer for analysis in delayed, non-real time.
Anybody using a firewall "appliance" is PROBABLY also using a Unix box to support it in real-time as well... On either side of that ASA / Sonicwall / etc. is a switch configured for "port mirroring", to duplicate ALL that traffic to a Linux box, running SNORT and probably lots of other software, too. That Linux box getting copies of traffic still only provides a modicum of the monitoring, debugging, and reporting options that running your firewall on an actual, full-fledged Unix system can provide, but at least it makes a network admins' difficult job even POSSIBLE to do.
While home "routers" really aren't in the same class, there are MANY reasons you'd want something GOO
Re:Good News! (Score:5, Informative)
Think about all the complexity of GRUB. Think about all the issues that the initrd causes. Think about the loading and unloading of kernel modules, whether for different hardware support or just kernel features (eg. bonding NICs), and issues that arise from switching between kernel versions or whatnot. Think about the often cryptic syntax of modules.conf. Think about the complexity of SysV and looking through those hundreds of little scripts to find the problem you're looking for. Think of chkconfig and "services".
Now imagine it all going away.
That's right... OpenBSD doesn't use or need any of it. The whole system is super-simple and extremely clean. For those who've used FreeBSD and been impressed with how much nicer and simpler it is than Linux, you should know FreeBSD is only half-way to being as simple as OpenBSD.
I used-to LOVE the simplicity of it. Back when removable hard drives were as close to mobile computing as most of us got, I'd have my OpenBSD system all setup, and I could just up and boot it from ANY SYSTEM, with no reconfiguration, and no problems. Windows users were absolutely astonished, and Linux users were aghast at the lack of boot-time kernel panic or other system hangs.
It's absolutely the best way to start learning Unix... With init/startup scripts a child can understand, and configure, and a clean, straight-forward user-land, rather than one cluttered with 20 different shells like any Linux distro.
And I've just started scratching the surface... Think of an OS where the developers have kept the same sound systems for decades, and have kept the same file system for decades, with just a few rare updates that kept it among the all-around best-performing. Think of an OS where the scheduler doesn't keep changing and getting more tweaks, but works the same from version to version for many years in-between. Think of an OS that you can just install and really count on it being as stable as a rock, and incredibly bug-free foundation. Imagine not having to keep up with the constant changes made to better suit some random person's idea of what minor feature is worth completely upending decades of good design, legacy and stability (eg: KMS, Wayland, etc.). Think of an OS that doesn't have to go through contortions and change after change to its design to suit the design constraints of the latest mainframe IBM is developing.
Think of an OS that is simple, elegant, solid, and just plain works.
Re:BSD portability (Score:4, Informative)
BSDs have their advantages over Linux, but portability ain't one of them, given that Linux has been ported to far more platforms than NetBSD.
Linux has only been ported to more platforms because of the sheer number of people working on it, but that's no reflection of the portability of the code. NetBSD was designed with portability from the start, whereas Linux was and still is in many areas designed for an x86-centric world. Many Linux ports never reached maturity, and even some of those that did are now broken.