HN Theater @HNTheaterMonth

⬐ lsofzz

OpenBSD is also a great choice for a firewall too https://www.openbsd.org/faq/pf/

⬐ brobdingnagians

Highly recommend "The Book of PF" for anyone looking into OpenBSD as a firewall. Lots of nice information in one place and helps showcase how fantastic pf is.

⬐ protomyth

I use it for our network services except for file storage or required OS of a software vendor[1]. It is supper easy to setup and now the upgrade story is much easier, it really is a minimum maintenance OS. Regenerating the system and putting back the files needed to run is very straightforward.

1) I once thought enterprise software was the worst imaginable, but nothing compares to government required software that only runs on Windows 2003.

⬐ jayp1418

I think presentation got one thing wrong. npf (NetBSD's pf) is not coded on based on OpenBSD's pf.

⬐ rjsw

NetBSD used to contain an old copy of pf as well as ipf and npf.

⬐ gbrown_

OpenBSD does not do KASLR as far as I'm aware.

⬐ nargek

OpenBSD does have Kernel Address Randomized Link (KARL) since 6.2 [1].

[1]https://www.openbsd.org/62.html

⬐ gbrown_

Yes which the linked piece covers but it also says OpenBSD does both KASLR and KARL.

⬐ nargek

Sorry, i bookmarked the link for later. I think you are right then.

⬐ brynet

Yes the author is incorrect in their slides, OpenBSD has userland ASLR, it uses both PIE by default and also created static-PIE, which are self-relocating executables. There's also been a considerable effort to convert OpenBSD's already privsep daemons to the fork+exec model, most having been completed, expanding upon initial work done on sshd over 16 years ago.

⬐ traceroute66

OpenBSD is great. Except for Theo.

If you question Theo on anything, even something reasonable, you will incur his wrath, and that of his henchmen (the clique of project devs that surround him).

Case in point is the whole "Funding our Electricity" thing: (a) Theo insists on keeping their test lab in his own house (b) Theo insists on supporting obscure archaic architectures (c) Theo claims on list to have incurred 20,000 dollars of electricity that year (d) Theo refuses to answer reasonable questions, such as cost breakdown, why the equipment can't be moved elsewhere, why the insistent on obscure architectures. Or when he does answer its essentially "my way or the highway".

OpenBSD is great, no doubt about that. But the whole Theo & friends clique needs to change.

⬐ tharne

I don't think you can easily separate a great project like OpenBSD from the culture that produced it. OpenBSD is what it is precisely because Theo and co. are ruthlessly uncompromising with their vision and their principles, and don't suffer fools. That may for some unpleasant email exchanges and hurt feelings, but OpenBSD is a great and unique OS and has been around for decades.

⬐ mumblemumble

Perhaps. But it's also difficult to separate one's donations from a desire that those funds are going places where they will be handled appropriately.

⬐ brynet

The OpenBSD Foundation tells you how your funds are going to be used, if you instead choose to donate to the project, then you're donating to Theo and it is entirely his discretion how he chooses to spend it on the project. Donations with strings attached are not donations.

https://www.openbsdfoundation.org/activities.html

vs.

https://www.openbsd.org/donations.html

⬐ ainar-g

I don't really understand what the point (b) is about. Even if we assume, that portability in and of itself isn't a good thing (which, I think, it is), as far as I know, OpenBSD is very popular in routers and other network-related devices, where “obscure archaic” architectures are not as obscure and archaic.

⬐ lizknope

I think this is his equipment rack in his basement from 2009. The image is from the official OpenBSD web site.

http://www.openbsd.org/images/rack2009.jpg

Security is an important issue to them so they feel they need physical direct control of the hardware and don't want it located somewhere else.

Also some of the equipment is old and may not survive being transported.

I remember them saying taht alignment and endian issues can only be found when compiling and running on the actual hardware. Cross compile to a different arch and emulators don't catch the same bugs.

⬐ LargoLasskhyfv

Looks like a fire waiting to happen. Electricity, heat, small space, wooden beams, carton boxes.

⬐ wil421

No wonder someone mentioned how expensive his electricity bills were. Some of those older machines eat some power. I was looking at old Silicon Graphics servers but the noise and power consumption was too much.

⬐ cbm-vic-20

That's some "cops kick down the door to shut down your illegal marijuana grow operation" level of electricity use.

⬐ yumh

I have read various times about this thing of Theo being angry at people and so on which I don't understand honestly. I know his replies are usually short and he doesn't like to hold hands to n00bs like us, but I never had the feeling he was angry or insulting people, it was quite the opposite: his mail are on spot, precise and, frankly, honest.

Disclaimer: I've been using OpenBSD since 6.3 (~ 2 years ago), so quite recently, I don't know if he changed attitude at some point.

⬐ dx87

From what I've seen on the mailing lists, he seems a lot like Linus, where he's only rude if he thinks you should know better, or if you make an objectively stupid suggestion. I've regularly seen contributors being rude and insulting though. For example, I read a message from one contributor who said that safety features in modern languages are like a straitjacket, and are only useful to developers too stupid to write bug-free programs in C.

⬐ owenmarshall

I lurk the OpenBSD mailing lists and while Theo can definitely be abrasive, I think that it's really that he won't suffer fools lightly.

What seems to be the least tolerated are "ideas people". If you come in and suggest that it'd be lovely to port OpenBSD to this new SOC, or that someone should write new Bluetooth support, or what have you – that's when the teeth come out.

But conversely, if you bring a patch the OpenBSD community seems to be very welcoming. They definitely value you putting in the work, not just talking about it.

⬐ kyuudou

For those critical of his personality, imagine being constantly trolled by script kiddies and others with malicious (such as government actors) intent. You'd probably get a little grumpy, too. The fact that Theo and the OpenBSD crew have been so uncompromising ideologically is a large part of its attraction.

The support for "antiquated" architectures has a lot to do with them being OPEN, e.g. SPARC. This crew is some of the first along with rms to really push not just open and free software but also the hardware it runs on for a variety of solid reasons.

⬐ kjs3

Well...OpenBSD runs on a lot of "antiquated" architectures because it started as a fork of NetBSD, which supports/supported even more architectures. Both Open and Net have pared down the definition of 'supported' and the number of archs they support over the years.

The support for "antiquated" architectures has a lot to do with them being OPEN

Not exactly...I recall Theo called it OPEN because he felt the NetBSD crew wasn't. NetBSD was around first, recall, and one of their core principles is wide portability, where OpenBSD took on the mantle of correctness and security and portability came along for the ride. Both side of the unpleasant history are documented; the truth is somewhere in the middle, of course.

That said, both crews advocate building on multiple architectures as a solid best practice to turn up 'interesting' programming issues. For example, Theo has stated that SPARC/SPARC64 porting is particularly useful for finding unaligned memory accesses (Alpha didn't like them either).

I'll leave out my own experience in dealing with the 'OpenBSD attitude' other than to say 'generally less than pleasant'. I still use OpenBSD daily, tho more for infrastructure (FW, DNS, DHCP, LDAP) than as a desktop.

⬐ s_dev

>OpenBSD is great, no doubt about that. But the whole Theo & friends clique needs to change.

Why -- he effectively builds and designs it and it's open source and free to copy and make your own.

⬐ unixhero

Those architectures help OpenBSD to smoke out bugs.

Obscure architectures is important also to keep the world online.

Also obscure architectures are damn fun.

⬐ tyingq

I bet the disappearance of big endian systems means a notable amount of bugs sit out there waiting.

⬐ RedShift1

Are there advantages to big endian systems?

⬐ mprovost

Network protocols usually encode things as big endian since that was the dominant order when the internet was being developed. It's a minor point now but everything has to be swapped around on little endian systems.

⬐ RedShift1

But is there some kind of computational advantage down to the processor architecture level? Can certain instructions or set of instructions be executed faster on big endian systems?

⬐ retro64

Not sure about today's CPUs, but back in the days of the 68000 I'm pretty certain there was a small advantage in both designs but for different reasons. I wouldn't normally write such a vapid post without supporting details (that I can't recall anyway), but I wanted to pipe up to encourage you to do more research if you're curious.

⬐ tyingq

No, no advantage. Just variety. You used to occasionally see bugs where things would work fine on little and not big, or vice-versa. Usually due to assumptions about data.

⬐ jfoutz

No. There may have been micro optimizations on specific chips, but there's nothing intrinsically faster about one encoding or the other.

Sorta like English reads right to left, but left to right or top to bottom would work just as well. left to right was what won.

⬐ protomyth

I would imagine the new PowerPC64 port is running big endian.

⬐ unixhero

Cool! Do you know which machines that port would boot?

⬐ protomyth

http://www.openbsd.org/powerpc64.html

Current status:

Currently OpenBSD/powerpc64 only supports POWER9 processors and runs stably on PowerNV machines based on the Raptor Computing Systems Talos II and Blackbird boards. SMP is not yet supported. Support for POWER8 processors is planned but won't happen unless someone provides us access to suitable hardware.

OpenBSD/powerpc64 does not run under a hypervisor such as PowerVM or PowerKVM.

⬐ cptnapalm

With regards to b), I am very thankful. My favorite computer is a Tadpole Viper which has a 1.2 GHz UltraSparc IIIi. OpenBSD not only has current support for it, it is also the only thing that will run on it (unless someone has the old Tadpole Solaris 8 or 10 patched CDs). I love that laptop and will be very sorry when it does finally die.

⬐ dbtc

What sort of stuff do you use that machine for? Just curious how people use old (=not new) tech.

⬐ unixhero

I own old computers, from my perspective:

SSH

Writing things

Being productive and having productive workflows in old software, well that's not a sin.

⬐ cptnapalm

UNIX-y stuff. Nothing I couldn't do with my daily driver, honestly, but the keyboard is better, I like the screen better (1400 x 1050) and I get a dorky smile when I compile things and its sparc64. I just like using it, moreso than the Thinkpad and Acer laptops it has outlasted.

I did have a Tadpole Sparcle (which I liked so much I jumped at the Viper). It came in very handy once when I was learning C and was getting different answers depending on the machine. A deep dive into old newsgroup postings informed me that I had an endian problem. I was excited that I had one of those.

I do have a fondness for computing oddities which is why I bought the Sparcle in the first place and also why I have a "small" 1999 IBM mainframe.

⬐ _wldu

I have an old Sun netra. I occasionally compile software on it just for testing. It's the only real big-endian system I have anymore. It sounds like a jet getting ready to take off, so I don't run it much.

⬐ tyingq

Curious about the "obscure architectures" part. They do seem to have retired quite a few ports...more than have survived. And I don't see anything really outlandishly rare in what's left of the supported list. Maybe the 88k stuff? https://www.openbsd.org/plat.html

I assume the other odd stuff is probably things that are common in China, like the Landisk and Loongson, perhaps because OpenBSD is popular as a router/firewall OS.

⬐ kjs3

Yeah...88k, Alpha and HPPA are pretty obscure for first-tier support being around 30, 15 and 10 years killed by their manufacturer, respectively. Maybe there's still some HPPA boxes grinding out a production workload in some dataccenter someplace. I'd wager to guesss there's some Alphas still running OpenVMS someplace where power is cheap. Almost certainly not an 88k.

Landisk (SH4) and Loongsoon (MIPS), while not common machines, are CPU architectures that are still in production and could be used as a port to newer machines, should someone do the work.

⬐ hnarn

As you have noticed first hand, Theo doesn't "need" to do anything. Neither does anyone else that contributes to open source software. If you don't like it, fork it.

⬐ nobody9999

>If you don't like it, fork it.

I'd point out that you don't even need to fork OpenBSD. NetBSD[0], FreeBSD[1] and DragonflyBSD[2] are available for anyone to use, hack on and/or contribute.

This is something of a tangent, but I've discovered over the years that understanding the history of a particular technology (or anything else, for that matter) provides a better understanding of where we are and where we might be going.

As Eugen Weber put it[7] (in a vastly different context, but certainly applicable to this subject): "We're going back to where many of our ancestors came from. To see where their stories came from, and their memories and their habits and the way they are which has made us the way we are. This is what history is about. Where we come from, what lies behind the way we live and act and think. How our religions, our institutions, our laws were made."

I first encountered BSD as SunOS[3] and found it to be useful and workable, although it did have some significant limitations, not least of which was vendor lock-in.

By the time GNU/Linux gained in popularity, most commercial vendors of Unix had moved to SVR3/4[8], and many folks (like this person[4]) chose Linux over BSD for that reason.

In the 1990s, I played with both BSD and Linux, but since Solaris[3], AIX[5] and HP/UX[6] were all SVR(3/4) based and my jobs were to implement/manage such systems, as such I (and many other folks) mostly used Linux personally.

IMHO, that's why Linux initially achieved broader acceptance than the BSDs, even though most folks don't use proprietary *nix anymore.

On a variety of occasions over the years, I implemented BSD variants for specific purposes (generally custom third-party software which required it).

I encourage folks to use the BSDs as well as GNU/Linux when each are appropriate.

Given that all of these OS' are open-source, it seems odd to expend the energy to put any particular OS flavor down, rather than picking one or more that meets one's needs and putting their energy into those instead.

[0]https://www.netbsd.org/

[1]https://www.freebsd.org/

[2]https://www.dragonflybsd.org/

[3]https://en.wikipedia.org/wiki/SunOS

[4]https://rtemsramblings.blogspot.com/2011/11/minix-versus-lin...

[5]https://en.wikipedia.org/wiki/IBM_AIX

[6]https://en.wikipedia.org/wiki/HP-UX

[7]https://www.youtube.com/watch?v=XCyO8meahME

[8]https://en.wikipedia.org/wiki/UNIX_System_V

[Edit: Fixed link references]

⬐ kjs3

Coincidentally, OpenBSD is in fact a fork of NetBSD.

⬐ 0xdeadb00f

Yep. Precisely because Theo didn't like some of the things NetBSD was doing.

⬐ 120photo

You can always do what Theo did when he was not happy with NetBSD... check out the code, fork, and start your own BSD OS project. The dude is crazy but there is some level of madness that makes projects like these possible. Look at what Terry Davis was able to do, no sane person would be able to do what he did.

⬐ nabla9

"my way or the highway" is the best part of open source organization.

It's not democracy. There is no equality. You have no voice unless others want your contribution.

People are free to form a cliques of same minded people and ignore everyone else. You can hate those who make the software you use, but Theo & friends do what they want.

⬐ logicprog

I think that's the great thing about voluntary association and freedom in that sense in general: you can associate with those who are like-minded and willing to work with you, and you don't have to/aren't forced to associate with those that disagree with you entirely - and those groups can't really get at you as easily. In open source, it's just a more pure version of that because you essentially have infinite "space" to spread out, and you can just clone stuff.

⬐ jascii

Not directly relevant to this discussion, but I think it is worth pondering about:

While I greatly enjoy the freedom that comes with voluntary association, I think it is worth realizing that it has few protections against the creation of toxic environments that exclude people/resources on non-technical issues. Our culture can be annoyingly straight-white-male oriented.

⬐ rawoke083600

OpenBSD is brilliant and I'm sure it runs on a multitude of network hardware, that you don't even know you encounter on a daily basis !

Given that this is HN, many of the readers might already know the "story" and I'm sure it has be told many many times... but I will tell it anyway since it's so funny (to me at least). Also we probably should not admire or approve of this sorta behaviour.

Right so disclaimer out of the way, the story goes that:

Someone once incurred Theo de Raadt(Main guy at OpenBSD) ire by asking the wrong question at the wrong time, and Theo de Raadt hacked his router and remotely remapped his keyboard.

Now that is funny - Wrong but funny:)

⬐ Simon_says

Given that that anecdote is a criminal allegation against a living person, you should provide a source or STFU.

⬐ _wldu

Before the 90s and Kevin Mitnick, there weren't nearly as many computer crime laws.

⬐ rawoke083600

Was practical jokes or humour before or after your time ? STFU (Really ?) Wow...

⬐ Simon_says

After.

⬐ rawoke083600

As are you contributions... I see you submit nothing but comments and negativity ! Glad I'm not working with your sour ass ! PS. Your co workers probably don't like you...

⬐ Simon_says

I'm retired. Nobody has to put up with my sour ass.

⬐ xlrz

Lol wow ! You must be a very happy person !

⬐ jascii

It is only a criminal allegation if there were indeed laws against it at the time and in the jurisdiction at hand.

Playing "practical jokes" with each others systems was a fairly common occurrence in the hacker-scene back in the day...

⬐ rawoke083600

Exactly THIS! I remember "taking over IRC channels" back in the 90's remember "ping flood", only to lost it again a few hours later. Guess you had to be there to appreciate the time and the culture.

It was a joke and not a declaration of war or a "federal crime". When did geeks get so serious :/

⬐ djxfade

That sounds a bit too good to be true. You got any tangible source for this?

⬐ rawoke083600

I read it on mailing list yearrss ago, and repeated on my blogs and sites over the years, I'm obvious not helping if it is just an urban-myth, hence the "story-air-quotes". I still get a kick out of just the idea though :)

If one googles "theo de raadt and keyboard remap" there a numerous reports - but I agree it's not credible enough. Lol if one google "LochNess Monster" you also get lots of hits and sites reporting it to be so.

Just a "maybe-urban-myth" to lighten the Monday-Bluezz :)

[0] https://www.trollaxor.com/2010/06/why-i-left-openbsd.html

⬐ juped

"trollaxor" is a joke site (with various takes on the "theo bad man" schtick posted therein)

⬐ RedShift1

This just sounds like a Chuck Norris quote. Except Chuck Norris doesn't need to hack routers to remap keyboards, keyboards remap themselves when they see Chuck Norris.

⬐ brobdingnagians

I've grown to love OpenBSD recently (and BSDs in general). I started life using Windows all the time, switched to Linux when I went to university, had a fling with Macs for a few years, then almost exclusive with Linux again for years. In the last several years I discovered the BSDSs, and OpenBSD is now my daily driver. It is so beautifully simple. Configuring a secure server is easy. The config files are consistent. It just works.

I highly recommend installing and playing around with it. Like Lisp, even if you don't go permanent with it, the encounter will change how you think and what you expect in terms of elegance from every other system you use.

⬐ valarauko

I've been on linux for many years, and have been growing curious about BSDs, but confused over the various BSDs variants. I'm still unclear of how exactly BSDs are superior to linux. Could you shine a light on the different BSDS, and perhaps a recommendation?

⬐ billsix

https://www.over-yonder.net/~fullermd/rants/bsd4linux/01

⬐ brobdingnagians

OpenBSD is very elegant and secure; upgrading is as simple as 'sysupgrade'. The developers use it for desktop/laptop usage, so setting up X is supported in the installer. They have a lot of their own lean, minimalistic applications that focus on security and code correctness. Things like httpd, relayd, OpenSSH, their own secure X11 (Xenocara), pf firewall, and lots more. I love setting up servers with OpenBSD because for most things those work very well for my needs. They work well together and do what they do well. I use it for my desktop, application servers, load balancers, and so on.

FreeBSD has noticeably higher performance, more packages, and is great for things like databases, virtualization, or application servers that are behind a load balancer or firewall. It has a lot of the OpenBSD applications ported to it though, so you can run pf or relayd on FreeBSD just fine. It's a bit more convenient to run FreeBSD for some things because of extensive packages (FreeBSD has things like C++ actor framework in packages, doesn't currently compile on OpenBSD). The jetbrains IDEs are better supported on FreeBSD than on OpenBSD too. (I've made some personal modifications to get things working on OpenBSD). Integrated ZFS is really nice for databases and storage servers as well.

I don't have much experience with NetBSD, but it is portable to all kinds of things (e.g. toasters), and they have done some neat things with rump kernels.

Dragonfly BSD has some cool experimental stuff with SMT and hammer filesystem, but I haven't played around with it much.

EDIT: A few nice things in comparing BSD to Linux. ZFS on FreeBSD is nicely integrated w/ the kernel. In general, I think solutions in BSD take longer to come around than Linux, but when they do they are well designed and thought through. Things just seem to fit better. From what I've observed, the community thinks things through and often recommend that someone use Linux if it would work better for the use case. That is a fantastic level of maturity; like when the hardware store guy recommends the competitor store down the street, because they will have what I need.

⬐ LargoLasskhyfv

When does that effing toaster meme finally die? Why do you repeat it? It may have been true in the early days of Linux, but nowadays it's just a fairy tale. Compare the architectures Linux runs on, vs. NetBSD. And then STOP!

edit: I like NetBSD, but that meme is just non-sense.

⬐ anthk

NetBSD still runs on the Amiga and the Atari.

⬐ LargoLasskhyfv

So does Linux, if you absolutely have to. Meanwhile it gained the ability to run on architectures no BSD ever heard of.

⬐ valarauko

Is it possible to use a BSD as a daily driver on your primary computer? Compared to a usual linux disto (eg, Pop! OS, my current driver), what's the drawbacks?

⬐ retro64

Yes, but maybe not 100%, depending. I have been using FreeBSD as my primary driver since 2006, and have been without a Windows box or partition since Win 10 was hatched. But, while I can accomplish 99% of what I want to do in BSD, I use Linux for the rest.

I’ll resist the fanboi post and just say the usual things you hear about BSD vs. Linux (good and bad) are true. Personally I appreciate the rock solid consistency (configuration, file system, runtime) I’ve gained from FreeBSD, but it’s not a commercially supported OS and there are times I’ve had to fall back to Linux (GOG games are one example).

⬐ valarauko

I'm an academic (bioinformatics), and my use case is largely browsing, reading pdfs, drafting scientific reports in markdown (trying to move to emacs and org-mode) & docx, and writing code in python & R. I do rely on many bioinformatics packages, though most are available through conda. Probably 80% of my computer time is spent in Firefox or the command line. I've been linux only for over 10 years now, mostly on Ubuntu or Pop! OS. I'll be moving to a new postdoc position in a few months, and is a opportunity to do a clean install on my creaky Intel Core i3 laptop. I've been leaning towards Arch/Manjaro/Arcolinux, but BSDs have recently popped up in my periphery.

Would you suggest FreeBSD for my use case? Or another BSD? Or something else altogether?

⬐ LargoLasskhyfv

Do you need CUDA? If so, forget it. Because it is not there on any BSD. OTOH creaky i3 suggests you don't.

edit: I think one of the most important and convenient things is to get a NAS or build a small fileserver. That way you can decouple most of your personal stuff from the systems you are using via NFS/SMB/CIFS and give a damn about interoperability of filesystems, thereby gaining the ability to try out what works best for you without much hassle.

⬐ valarauko

I do use CUDA, though not on my laptop. My usual workflow has been to fiddle around with the code on a minimal dataset which takes up most of my time. Once I'm happy with the logic and how things work, the heavy crunching (if required) is offloaded to CUDA workstations/servers.

The thing that gives me the most pause is how fractured the academic bioinformatics software scene is, and how poorly they're maintained once published. I've often run across requirements for GCC beyond what's included in the current Ubuntu LTS, for example. In my old lab I kept a CUDA workstation running the latest Manjaro for these eventualities, among others.

⬐ retro64

I have very little experience with the other BSD flavors, but FreeBSD will be different than Linux, for sure. I used to use Slackware and I would say FreeBSD is fairly comparable from a “clean slate” perspective (although now it’s gotten much more full featured). On the surface you will get the usual support for Firefox, your choice of windows manager (I use xfce) and so on, but expect to do some tweaking. Using xfce as an example, the basic install is very different and fundamental than what you might find on something like Linux Mint, but if you see something you like, once you know you can do it, it’s typically not too time consuming to figure out how. More of this will be on your shoulders though. Sometimes you’ll find small things like right clicking on an archive to trigger an unpack won’t work out of the box, you’ll need to add that yourself. But once you get things dialed in, they stay.

After some reflection, I think the number one reason I’ve stayed with FreeBSD all this time is it’s so dang stable and it just works. Historically speaking, I can’t think of anything radical ever happening since I’ve been using it. When it comes time to upgrade it’s been fairly painless which boils down to making a backup and running a couple commands (crossing your fingers is optional, but I think it helps).

TrueOS may be tempting but my experience with it was not very good. In fairness maybe it’s better now. I just use the vanilla release and chug along and won’t deviate again. No point.

But for you – not sure. I write code for my bread and butter and am steeped in technology – I most certainly have blinders regarding the complexity involved, but again, if you’ve been using Linux for 10 years this may not be an issue for you.

*Edited for ramble.

⬐ valarauko

>TrueOS may be tempting but my experience with it was not very good. In fairness maybe it’s better now.

TrueOS development has been discontinued as of May (?) 2020.

Xfce is more than sufficient for my needs - I've been experimenting with TWMs, i3 most recently.

As a long term linux user, I'm well accustomed to spending exponentially more time working on the system rather than actually using it. As biologists, our computational skills tend to be middling, so dogfooding linux as my daily driver was a means to learn. If a BSD daily driver takes my learning up a notch, worth it. The top level comments reference to "elegance" and "well designed" is what struck me - these are not things I'd associate with any of the linux distros I've used.

⬐ aaron_m04

For the use cases I care about, the drawbacks (for OpenBSD) are:

* no filesystem support for ext4 or btrfs

* no working adb package (at least not for USB)

* printing is hard to setup

* no rustup (you must use current to not fall behind the Rust community)

* no native Discord app, which means screenshare doesn't work (neither sending nor receiving). I can still do text and voice chat with Firefox.

That said, I have been using it as my daily driver for over a month now. Last time I tried it as a daily driver back in 2016 I had to switch back to Linux.

⬐ owenmarshall

I daily drive OpenBSD on a Thinkpad x220 for side gigs/personal use. The drawbacks:

* Hardware support is great for me because I use a Thinkpad: most OBSD devs use Thinkpads as their laptops. I tried on a work-issued Dell and the driver support wasn't there + some odd kernel panics happened. Target "current generation - 1" and you'll likely have less to worry about.

* Expect performance to take a hit – every so often Chrome exhibits graphical tearing, slows down, etc. The pages I frequent don't tend to cause this issue, but if your browsing is JS to the max you might have some headaches.

* You'll find tons of packages, but should expect support to be lagging behind Linux. Just a function of adoption, really. Additionally, OBSD compiles some packages with security functionality that isn't present in other OSes, so expect a SIGABRT or two that you might otherwise not see.

Really though, it depends on your needs. It fits mine perfectly.

⬐ anthk

>every so often Chrome exhibits graphical tearing, slows down

Force HW acceleration in Chromium (about:flags) and tweak a bit the /etc/login.conf (cap_mkdb /etc/login.conf as root after editing).

⬐ _-david-_

Are you able to watch Netflix with Chrome (I assume its actually Chromium?) on OpenBSD? Last time I checked Widevine wasn't supported on OpenBSD.

⬐ owenmarshall

The biggest thing you'll find over Linux (IMO) is the advantage of having one team build things. Linux the OS is actually the Linux kernel + userspace software, and those pieces are built independently. With the BSDs, the team is building the userspace and kernel together. You end up with a small, well-designed system that fits together nicely.

As an example, OpenBSD gives you a HTTP server, load balancer, and firewall right out of the box – and they all make use of pledge(2) and privsep and other security designs in a very consistent manner. And the documentation for the whole system is top-notch: you can read their manpages and not have to resort to Googling things.

I'd recommend you spin up OpenBSD on a VPC (try Vultr or DigitalOcean) and kick it around.

⬐ sn

One thing we couldn't figure out from the documentation is encrypted root with serial console: https://prgmr.com/blog/openbsd/2020/05/08/openbsd-encrypted-... I have gotten it on someone's TODO list to upstream that work though it hasn't happened yet.

⬐ danieldk

Linux the OS is actually the Linux kernel + userspace software, and those pieces are built independently. With the BSDs, the team is building the userspace and kernel together. You end up with a small, well-designed system that fits together nicely.

That's a blessing and a curse. While the BSD approach leads to more consistency, the Linux approach allows the ecosystem to move faster. In BSD projects, progress is often hampered, because proposals to drastically change subsystems is met with inertia, and then nothing happens. In Linux the inertia is there, but nobody stops people from implementing an alternative implementation, because the pieces are relatively decoupled, and then convince distributions to adopt the replacement.

This is why Linux ecosystem went from System V init -> Upstart -> systemd. Similarly, X11 -> Mir/Wayland -> Wayland (although Wayland could be adopted as a default on BSDs as well). Or chroot -> LXC -> Docker (or more generally cgroups + user namespaces). Although controversial (every change leads to some controversy), technically systemd and Wayland are substantial improvements to their predecessors.

Of course, the downside is that the integration is left to the distributors and the documentation may be inconsistent or uneven.

---

Another thing to take into accounts when looking at BSDs is that the BSDs have far fewer contributors than the Linux ecosystem. So, you might find that it lacks basic things such as 802.11ac support (though there has recently been movement in FreeBSD again) or support for the newest GPUs.

⬐ victorgama

Out of curiosity: what do you work with? Asking since I’d like to move to OpenBSD as well, but several tools are not available. For instance, the company I work for relies heavily on Docker. :(

⬐ brobdingnagians

Yeah, that has been an issue at times. My team uses Docker, luckily it is only a few applications and it was easy to set them up to just be run directly. For heavy Docker usage though, that could be a deal breaker.

I also had to custom compile the pty4j and purejavacomm libraries to get the jetbrains IDEs to work to my satisfaction.

⬐ phone8675309

Not OP, but daily OpenBSD user.

My desktop machine runs OpenBSD (after getting off of OS X) but I have a few headless Linux machines for things that only run on it.

⬐ kazinator

I started in Lisp in the year 2000, I think. It's not done changing how I think. So yeah, permanent is the way to go.

Also, changes to how you think have a way of reverting themselves when you remove the change-stimulating environment.

⬐ 120photo

FreeBSD was the system where I really really learned to use UNIX like systems. I had a home server and followed book "How to Build a Server with FreeBSD 7" and that was a helpful guide. Michael Lucas' "Absolute FreeBSD" and his other BSD books are amazing resources. The FreeBSD documentation is also so well written there is little room for 3rd party books. The main reason I don't use BSD (well other than mac OS and iOS which you can argue are a fork of BSD) and go with Linux is because of work and if I do use Linux on a personal station there is just so much more software and more support. I would recommend any Linux user to go give the BSDs a try and see what a well thought out OS looks like.

⬐ mikece

"I would recommend any Linux user to go give the BSDs a try and see what a well thought out OS looks like."

While I can see where both kernel and userland being built by a single team can have advantages, why is it necessarily the Linux approach to bolting the userland items as needed necessarily a bad thing? If a fictitious userland app such as `hnget` doesn't have good documentation is that a weakness of the linux distro or the makers of `hnget`? Sure, having one team brings the opportunity to leverage peer pressure to improve documentation or even to impose a "system level of docs quality".... but is it really so bad in Linux-land?

⬐ brobdingnagians

One example I like is the FreeBSD security page. It gives a nice overview of different things to think about and configure in relation to security. It brings a lot of information about separate systems into one conceptual place, which helps know if you are missing something obvious.

⬐ massysett

As a user the end result is the same: my system has this thing ‘hnget’ that I need to use, yet it’s not documented. I don’t care whose fault it is.

Linux land can certainly be bad in the sense that many distributors don’t document the system. They just bolt stuff together, sometimes with multiple layers of bolting (Distro X is based on Ubuntu that’s based on Debian, so which method am I “supposed to” use? If I use this new shiny package manager front end, will that interfere with the old command-line tool that works on Debian?)

For this reason I shy away from derivative distributions. But even then, the Linux user land and kernel are not models of superior documentation.

⬐ linguae

I've been using FreeBSD for servers and as an occasional daily driver for the past 16 years. Linux is a great operating system that I use for my work and also in situations where I have Linux hardware support but not for FreeBSD (I prefer Linux for laptops over FreeBSD). It's not a bad thing that Linux's core utilities are not developed alongside the kernel; in fact, part of what makes the GNU toolkit so flexible is the fact that it runs on a variety of Unix-like operating systems instead of just Linux, a great thing for BSD users as well as users of lesser-used Unix-like operating systems like Minix, Solaris, and GNU Hurd.

But with that being said, what I love about FreeBSD is that the core utilities are very well documented. I believe the quality of FreeBSD's documentation is an artifact of the BSDs long-standing culture of providing high-quality documentation; some of the man pages have origins in AT&T Unix and the days of BSD up to 4.4BSD, but it's been updated over all these years to reflect changes. The AT&T Unix versions and the Berkeley-developed BSDs always had wonderful documentation, much of it written by Unix legends like Ken Thompson, Dennis Ritchie, Bill Joy, Marshall Kirk McKusick, and others. Even the post-Berkeley documentation still captures this spirit. Plus, I happen to prefer man pages to the info pages that GNU utilities tend to prefer since I can never remember the keys used for navigating the hyperlinks found in info pages. I also like how FreeBSD ships with some traditional supplementary Unix documents, which have helpful tutorials for classic Unix tools. The FreeBSD handbook is very well written, and it can be easily downloaded. For people who sometimes need to do kernel hacking, there's Marshall Kirk McKusick et al.'s wonderfully written "The Design and Implementation of the FreeBSD Operating System, Second Edition," which I have a copy of. I find the source code of FreeBSD easier to read than the source code of Linux.

FreeBSD reminds me a lot of PostgreSQL, another high-quality open source project with excellent documentation that happens to also derive from UC Berkeley.