> o Support the sun4v hypervisor interrupt cookie API, adding support for SPARC T7-1/2/4 machines.
Who is running OpenBSD on a big expensive SPARC T7 and why? I'm genuinely curious as to what possible use cases there are which make this a desirable combination.
Actually, being special is sometimes just boring and annoying.
>Do we really want an internet where the use of encryption requires authorization?
No, it doesn't require, it provides identification and that's a huge benefit. We are all far better by having it as a standard. Just configure Let's Encrypt and stop annoying your readers.
For a while, every article from his site on Lobste.rs had someone complaining about that. It got old. I eventually came up with a theory about what the prankster was really up to:
"The other architectures that OpenBSD supports have benefited because some kinds of bugs are exposed more often by the 64-bit big endian nature of UltraSPARC."
That’s the same reason I include Solaris as a target in my automated build system. It’s arcane enough and independently developed enough to expose incorrect assumptions in C code.
"SPARC64 is a favorite of this developer because it's some Alice in Wonderland stuff where up is down and left is right compared to other architectures. So it exposes a number of bugs that others don't."
I apologize for being an ignorant for so many years but... who is the OpenBSD target audience? In which areas it is the most popular OS? I worked with Windows, GNU/Linux and macOS (OSX) but never tried OpenBSD.
- Those running network infrastructure (router, firewall, VPN gateway, mail server, etc.)
- Those who want a simple Unix desktop with no gimmicks and low hassle
- Hardcore Unix geeks who don't like the other flavors for $REASONS
In a more general or vague sense, OpenBSD is often appealing to people who care more about cohesiveness and correctness than about the sheer magnitude of performance and features. If you've ever thought that you might prefer to have an indefinitely supported version of Windows 7 because Windows 10 seems to be crawling with gratuitous changes, bugs, and dubious "features", the appeal is a bit like the Unix equivalent of that.
> - Those who want a simple Unix desktop with no gimmicks and low hassle
This!
When you are using OpenBSD, and wonder how a particular piece of the kernel works, you just open the source code, read it, and you can usually have a good idea of the inner workings with some days studying it.
Trying to do the same thing with linux, you would need months to grasp any idea of how it works.
Linux is developed by thousands of people all around the world at the same time. OpenBSD on the other hand is developed by a few power developers, which gives the code a unique consistency and readability.
Just use Debian GNU/Linux minimum-installation without desktop environment. I doubt you're much faster in studying the OpenBSD kernel compared to the Linux kernel. I'm also not sure if some days are enough for both of them.
OpenBSD is great if you enjoy rooting around in the innards. I find the code simple and easy to read. Man pages are extraordinarily complete and accurate. OpenBSD devs go out of their way to delete unused and crufty code.
> OpenBSD devs go out of their way to delete unused and crufty code.
I noticed this first hand in while submitting a patch for my macbook's touchpad to FreeBSD's wsp driver and then comparing to OpenBSD's driver... The approaches between FreeBSD's and OpenBSD's driver couldn't be more opposite: FreeBSD's is big, explicitly listing each hardware revision/model (hence the reason I had to go in there and add mine), OpenBSD's very minimal, implicitly inferring all hardware revision options so users don't have to add each and every one, it's also very neat and tidy which I think is an underrated quality in source.
Admittedly this is only one file from one small number of devs, far from the whole of FreeBSD, but the contrast matches much of what i've heard of OpenBSD's approach: minimise cruft and bad code, if it's shit and not easy to re-write then delete it, better to be minimal than buggy and insecure.
Full Disclosure: My comment may well be outdated since I moved away from FreeBSD for my desktop 2 years ago, I have nothing against it, I just needed (other) working drivers.
BSD people, usually networking. And people who like security (though OpenBSD has detractors). It was used a lot as firewall for critical infrastructure a few years ago, perhaps still is.
Also, installation was quite fast if you knew what you were doing.
It's my primary desktop as well. I like it because it's low churn, everything I need just works, and most of the configurations have sane defaults so config files tend to be short and simple or not needed at all.
I don't hack on the internals or build my own ports, I just use it. It stays out of my way and I like that.
This may seem like a ridiculous comment but I love that a lot of work on Linux has been to make it easy-as-pie to install/setup quickly and I feel like it's happened in the last couple years (cgroup + systemd stuff mostly). I praise docker for making immutable services commonplace, but I also love projects like cockpit from redhat + netbox + coreOS. There used to be so much technical debt that went into getting a server off the ground and monitoring it.
I run a home brew OpenBSD router. It hosts a vpn server. (Amongst other things) Comes in handy when traveling. Plus, it’s a good way to sharpen my professional skills.
I've got an OpenBSD router setup on an APU2 (https://www.pcengines.ch/apu2c4.htm). It's running dhcpd, unbound, dnscrypt-proxy, openvpn server and an openvpn client and the load averages are pretty low. Haven't bench-marked throughput properly yet as I'm still configuring PF properly.
I used these [0][1] repos as a starting point, I wrote a few helpers to update dynamic dns and a DNS ad blocklist for unbound. This replaced a pfSense install and I'm happy with it so far.
I've found some people who run OpenBSD tend to quite like Arch-Linux style systems, there are similarities in terms of minimalism, it's probably the most Arch like of the BSDs. The install process is similarly more hands on also... unlike say FreeBSD's installer which you can almost just keep pressing the return key on.
Good to know, as much as I like the possibility of customising to that level I also appreciate good defaults so I don't have to if I don't want to (yet). I've been using Debian for a number of years for $HARDWARE_REASONS, but openBSD is probably what I will try next if I give the *BSDs another go.
Before cloud was a thing, I used to run an OpenBSD web server in my bedroom on my old desktop. I set it up after my commercial web host was hacked for running outdated Apache.
I stopped using OpenBSD when I tried installing it on my newer Core 2 Duo desktop in ~2008, but the OS would not boot, and I was told on IRC by OpenBSD developers that the hardware was too new for OpenBSD.
FWIW, now I use Arch Linux. I guess I'm in the target demographic.
I notice the new Broadcom Wifi bwfm(4) drivers. Anyone with better knowledge of the project know what hardware is supported by that? The manpage doesn't mention specific chips: https://man.openbsd.org/bwfm.4
so if you're not sure, checking boot up dmesg on OpenBSD or lspci on linux should give the hexcode of your device which should match 0x14e4 + one of the other two..
Busy upgrading machines now, lots of nice new things.
Looking forward to checking out the new execpromises in pledge. I use pledge in all my C stuff and have added it to a few other apps. Thanks OpenBSD devs!
> Looking forward to checking out the new execpromises in pledge
Interesting that they just changed the interface from `int pledge(const char * promises, const char * paths[]);` to `int pledge(const char * promises, const char * execpromises);`. I guess that is the power they have by being a BSD and integrated system, they do not worry about userland compatibility.
You can have multiple routing tables (similar to VRFs on networking gear) which are classified into routing domains and assign different rdomains to different applications. See rdomain(4): https://man.openbsd.org/rdomain.4
man rdomain to start, though unfortunately you kind of need to already understand rdomains to fully understand the docs. Basically it's a network partitioning/virtualization tool. Two computers can have two routing tables. rdomains lets one computer have two routing tables. Each process is in one rdomain or another which determines where its traffic goes and how it sees the network.
It sounds like someone wanted /net and private namespaces from Plan 9, but they were stuck with Posix, and this is the catenary track they built to make the square wheels run smoothly.
