Home > OpenBSD > OpenBSD 3.3 Released OpenBSD 3.3 Released Eugenia Loli 2003-05-01 OpenBSD 35 Comments OpenBSD 3.3 is out and more secure than ever. Get it while it’s hot. Store, changelog. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 35 Comments 2003-05-01 6:35 am Finally 2003-05-01 7:25 am This is the first release to sport a merged configuration for ALTQ and pf, simplifying TCP ACK prioritization greatly. This is a feature anyone with less upstream than down should utilize, as it greatly helps downstream throughput in the case when upstream is saturated. 2003-05-01 10:07 am W00t. 2003-05-01 12:48 pm a smile creeps onto my face as i realize i now have another new toy to play with… one ive been anxiously awaiting for oh about six months since openbsd 3.2 was released they must be doing something right… ive been satisfied with each release since i first tried it back with version 2.7 :o) 2003-05-01 12:56 pm I am truly amazed at what theo and the OpenBSD team is doing. The changelog just goes on and on.. It will be really exciting to see what propolice will give… … gotta go and install now! bbl regards /texas 2003-05-01 1:12 pm I’ve never installed any of the BSDs (Free, Open, Net, etc). What is the diff between them? After reading the sites, it seems that OpenBSD is more about security, while FreeBSD is more of a swiss army knife BSD. Why should I choose one over the other? I’m wanting to rebuild by server at my house (an old P200), and I’m looking for something new to play with. Any suggestions? 2003-05-01 1:24 pm You’re in luck, Gentoo has had Propolice patches in their GCC build for some time, an effort of the Security Hardened Gentoo Project. It’s not OpenBSD security paranoia, but it’s good enough for most people I would think. The real selling point of OBSD has to be PF, which is just amazing. 2003-05-01 1:31 pm Forgive my ignorance. What is ‘PF’? 2003-05-01 1:53 pm Can someone please explain why one would use BSD over Linux? BSD, like every other UNIX, is “clunky”. I will admin that BSD is like a freight train, but Linux is like a sports car. It’s far more flexible than any UNIX. I don’t know, maybe I’m missing something… 2003-05-01 1:55 pm FreeBSD – works really well on x86 (huge ports tree) NetBSD – works on a whole lot of platforms OpenBSD – fork of NetBSD which focuses on security PF is short for packet filter aka their firewall interface. For a home server (on x86) you should probably go with FreeBSD unless security is the uptmost priority. 2003-05-01 2:04 pm AC: I feel the opposite way, and so to do most UNIX users. GNU/Linux is like a car built by a scatterbrained mechanic — all the individual pieces might work, but the end result is messy, clunkly, and disordered. The BSDs are, for all intents and purposes, real UNIX and have the elegance thereof. They’re cleaner, simpler, more stable, more compliant, etc. One need look no further than the C libraries on BSD and GNU/Linux or the system initialization thereof. Kick the Donkey: PF: Packet Filter, a truly superb firewall Differences: OpenBSD – “Only one remote hole in the default install, in more than 7 years!” FreeBSD – “The power to serve.” NetBSD – “Of course it runs NetBSD.” One can easily extrapolate from there. 2003-05-01 2:04 pm OpenBSD has got to be my most favorite network operating system. It is simple, secure, well documented, and it comes with stickers. I have already preordered a copy of this for myself, and am planning on ordering a few more copies to give away to friends. I have purchased every release of OpenBSD since 2.8 (which is when I first heard about OpenBSD) and have been exceptionally please with each and every release. If you would like to buy OpenBSD, http://www.bsdmall.com is a good place to do it. They have a subscription service where if you commit to buy at least two subsequent versions of OpenBSD (or any other BSD for that matter) you can get each one at a discounted price. I think you save about $5.00 per CD that way. Also, for those who would like to try OpenBSD, but are put off by it’s somewhat daunting installation process, No Starch Press has a new book called Absolutely OpenBSD, which will be released in June; I believe. If it is anything like the author’s previous book, Absolute BSD (which focuses on FreeBSD) then is should be a really good book for people new to OpenBSD. 2003-05-01 2:06 pm Can someone please explain why one would use BSD over Linux? I use it for a workstation because a) my multimedia needs are extremely low (so driver support isn’t a big deal) b) I develop a good bit of software for Solaris, and while Solaris isn’t BSD based, the old SunOS (2 and before?) was and Solaris still maintains a good bit of source compatability c) At least on my machine, FreeBSD (4.x) is faster/gives better throughput than Linux (2.4.x) distributions I’ve used. d) It’s low maintenance 2003-05-01 2:15 pm well my answer is very subjective… some might agree with me and some might feel just the opposite and to be honest both viewpoints are ~right~ if theyre right for the particular person but to me.. personally … bsd is just plain flat out more ~FUN~ 2003-05-01 2:31 pm Thanks for the answers… Looks like I’m off to play with FreeBSD! 2003-05-01 2:56 pm I’ve only used FreeBSD in the past, and it is a really fun OS to work with. Very well thought out and implemented. The only thing that keeps my from using it for some of my work is the lack of a native current JDK. You can get one by using Linux emulation to get the bootstrap process oging, but my attitude towards that is “if I need linux emualtion, I might as well use Linux”. 2003-05-01 3:18 pm At least NetBSD and OpenBSD WORKS on my old PC ( Cyrix MediaGX 180 Mhz ), unlike linux. I’ve tried old version of picoBSD and it works, so I would think FreeBSD should work as well. I’ve tried several different linuxes and they all failed. ( Slackware ZipSlack, RedHat 8.0, Knoppix ) It’s too bad many employers want Linux folks instead of BSD folks. 2003-05-01 3:55 pm And don’t forget that there is a new song as well to go along with OpenBSD 3.3!!!! 2003-05-01 4:05 pm How different is Apple’s OSX from the BSDs besides the Kernel and GUI? 2003-05-01 4:12 pm I haven’t tried Darwin recently, but it was very unpolished and incomplete when I tried it several months ago. I don’t know what it’s like today. 2003-05-01 6:12 pm [i]How different is Apple’s OSX from the BSDs besides the Kernel and GUI?[/i} Actually most command line applications in Mac OS X come from NetBSD or FreeBSD and behave exactly the same. Added is netinfo and other NextStep stuff, then the Aqua interface. BTW, OpenBSD is easy to install standalone, and a mess to install in multiboot if you try to use its fdisk… However it’s great and suitable to make a router/firewall/whatever network security device you can think of. 2003-05-01 6:17 pm First let me say that I use RedHat9 and FreeBSD 4.8, so I’m not totally inexperienced here First, the good things *BSD based operating systems are usually: – stable – secure – reliable – well organized – very “tidy” both in terms of code and distribution. – consistent – have a great attitude about various licenses, not just one – easy to get involved with development – thousands of programs that are easily installable – great for uniprocessor servers – usually stable / reliable drivers for the hardware that is supported – have a great vm system Last, the bad things – outdated hardware support (high-end consumer multimedia hardware vendors generally ignore them completely) – SMP support is two processor at best, and even then is not as good as other operating systems currently have don’t even talk about serious SMP for 3+ processors (althoug SMPng is bringing hope) – lack of a true journaling file system in current -STABLE branch (UFS2 coming to -STABLE soon hopefully) – no serious pre-emption or low latency optimization yet – some *BSD kernels are not very modular in their build process yet – harder to find answers sometimes due to a smaller community – poor kernel build system, quite archaic, hard to compile the kernel “just right” Notes: NVidia does have an accelerated native FreeBSD driver now, but it’s fairly old and doesn’t appear to be very stable. Summary: Basically, if you have older hardware and not very strict multimedia needs, or a lot of money to spend for commercial drivers from XiG or 4Front Technologies, *BSD based operating systems are probably great for you. 2003-05-01 6:19 pm I should note that while UFS2 is not a “true” journaling file system, it has many of the benefits of a journaling file system in “a way”, and arguably has 20 years of reliable history behind it. Currently, the main *BSD developers I’ve read posts from seem to eschew “true” journaling file systems… 2003-05-01 7:10 pm On my box connected to the Net via 768/128 ADSL with PPPoE, OpenBSD’s userland PPPoE implentation eats up all of my CPU and drops packets when I open approx. 300 tcp connections (about 8k/s both ways). FreeBSD’s netgraph-based part-kernel solution works great. It uses .05-2% of my CPU time in the same situation where OpenBSD’s pppd + pppoe would use 30-70%. For more benchmarks see: http://derbian.org/pppoe/ 2003-05-01 8:29 pm It’s much simpler to compile *bsd kernel than linux one IMHO. 2003-05-01 8:39 pm What are you talking about??? A BSD kernel compile is much simpler than a Linux one… For FreeBSD 5.0: cd /usr/src make KERNCONF=yourkernconf buildkernel make KERNCONF=yourkernconf installkernel how hard is that? actual kernel configuration is a little harder than Linux, but considerably faster and more powerful once you get the hang of it. You have to manually edit a kernel configuration file. Which usually amounts to commenting out drivers you don’t need and adding in things using the Handbook as your guide A few other notes…I’ve found documentation for the BSDs to be vastly superior, and the community isn’t as small as you think…a lot of experienced users try BSDs and end up using both Linux and BSDs…for instance, I’m typing this on Red Hat 9, IMing some friends using gaim on a FreeBSD workstation, running traffic for both through an OpenBSD router, and setting up another OpenBSD laptop. (I don’t have exotic hardware, so NetBSD doesn’t make much sense for me on an x86) Keep up the good work BSDs -bytes256 2003-05-01 10:24 pm BSD is for those who love Unix Linux is for those who hate Microsoft 2003-05-01 10:28 pm Linux has many enterprise level features that the BSDs do not… journaling file systems and logical volume management come to mind. 2003-05-01 10:59 pm I’d much rather have UFS than a journalling filesystem…UFS with soft updates is fast, reliable, and supports background file checking…very nice…i can guarantee performance beats ext3 by a wide margin, probably beats JFS as well, and rivals ReiserFS and XFS Journalling file systems are not a show-stopper missing feature for the BSDs However, the reliability that they offer is a great asset to the enterprise, BSD uptimes tend to be measured in years…look at the netcraft listing…how many of the top 100 uptimes are attributed to a BSD? 2003-05-02 4:54 am I think BSDs are hands on operating system. Once you’ve intended to install/use it, be prepare to face a somewhat steep learning curve. Oh yea…the kernel compile issue….FreeBSD handbook is your friend. Trust me on this until you get the hang of it. 2003-05-02 5:05 am Well, I installed 3.3 on my Sparcstation 2 router. It’s running fine now but I had some very bizarre problems with it before. The first time I booted I couldn’t login via ssh because the privsep thread couldn’t chroot to /var/empty (Operation not permitted) After configuring pf.conf, dhcp, named, and various other services, I rebooted. As the system was coming up I got several more “Operation not permitted” errors followed by a kernel panic as it tried to start dhcpd. So, I rebooted again. Everything was fine after that, for several subsequent reboots. The system seems to be working properly now, as far as I can tell, including ssh. But those initial problems certainly scare me. I don’t think they’ve done a great deal of testing on the Sparc branch. 2003-05-02 7:17 am I have used a few different OS’es, quite frankly, I don’t find BSD to be anymore hands on than any other OS. Nor did I find the learning curve to be any more steeper than the next OS. Like most things in life, you get out what you put in. Most people complain that it is too hard or it takes too long to install BSD. Quite frankly, that is not true. People say it is easy to install Windows because they are used to installing Windows. Brain surgery is not hard if you know what you’re doing. For those who complain about how hard it is to install a BSD based system, I’d ask them to at least spend a little time reading the documentation. All three of the major BSD distributions have superb documentation on their websites. For those who actually take the time to read the well thought out step by step installation, they will find it a walk in the park. As far as the time it takes to install the actual OS, the BSD installation is much faster than Windows if you’re installing from a CD or over a LAN. Ephemeral Of course it runs NetBSD. 2003-05-02 2:39 pm “What are you talking about??? A BSD kernel compile is much simpler than a Linux one… For FreeBSD 5.0: cd /usr/src make KERNCONF=yourkernconf buildkernel make KERNCONF=yourkernconf installkernel how hard is that?” I’m talking about the kernel configuration process. If I want to trim all the fact from the kernel, I need to uncomment all the different drivers that I don’t need. However, since there is no proper build system, it’s easy to get module dependencies wrong and having to end up rebuilding your kernel several times until you get it just right. Compiling the kernel is easy if you don’t customize the configuration at all. That’s why if you customize it’s configuration it’s hard to compile “just right”. ” A few other notes…I’ve found documentation for the BSDs to be vastly superior, and the community isn’t as small as you think…” This is mostly true, however much of the documentation still needs to be updated to reflect changes made in current versions. Also, the kernel configuration process is perhaps the most outdated when it comes to configuration documentation. For example, when I removed all the network card drivers other than my own, I had to recompile the kernel again after hunting through the source to find out what provided “MII bus”. Mind you my network card was above the MII module section, not below it, implying that it was not dependent on it, yet it was for some reason. While *BSD OS’s usually have pretty good documentation, it still falls flat in several areas. This is where I think the Linux kernel has a large advantage, the easy to use text based console prompt or menu system ensures that I don’t miss a dependent module and gives me a full description about each one instead of a terse usually unhelpful comment. 2003-05-02 2:40 pm s/trim all fact/trim all fat/, bleh. 2003-05-02 3:17 pm A big difference between *BSD and Linux is that with *BSD, you normally don’t have to, and shouldn’t reconfigure the kernel. Most users only rebuild their kernel if a patch requires it, and leave the kernel config alone. Only in some cases (eg. special hardware which is disabled by default because the probe for it tends to have unwanted side-effects sometimes,…) one should change the kernel configuration, mostly uncommenting a single line, but hardly ever removing anything. Wake up, *BSD is _not_ Linux. The GENERIC kernel is perfectly fine for 99.5% of the users. Maybe your totally stripped down kernel is “l337”, but that isn’t what *BSD is about. Afaik, the only reason why one would want to strip stuff out of GENERIC is for very low-memory systems, like embedded systems. And if you’re building a system to run on such a box, you normally know what you’re doing, right? Also, with UKC, you can reconfigure most of the kernel (if that would ever be needed, due to funky hardware), without even needing a recompile. How’s that for ease of use?