Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

OpenBSD 4.6 Released

kdawson posted about 5 years ago | from the onward-and-upward dept.

Upgrades 178

pgilman writes "The release of OpenBSD 4.6 was announced today. Highlights of the new release include a new privilege-separated smtpd; numerous improvements to packet filtering, software RAID, routing daemons, and the TCP stack; a new installer; and lots more. Grab a CD set or download from a mirror, and please support the project (which also brings you OpenSSH and lots of other great free software) if you can."

Sorry! There are no comments related to the filter you selected.

October 18th is also its birthday (5, Informative)

wb8wsf (106309) | about 5 years ago | (#29788387)

OpenBSD is 14 as of today.

Today would be a great day for even a little gift. ;-)

Re:October 18th is also its birthday (-1, Flamebait)

Anonymous Coward | about 5 years ago | (#29788459)

Does OpenBSD support full disk encryption yet? Linux does this pretty easily and it's a must have feature for me.

Re:October 18th is also its birthday (2, Insightful)

Brian Gordon (987471) | about 5 years ago | (#29788731)

Does BSD support "Q" yet? Linux stole the "P" code ages ago and implemented "Q" but released it under a restrictive license that prevents the original authors from using the new features. Come on, get with it BSD!

Re:October 18th is also its birthday (0)

Anonymous Coward | about 5 years ago | (#29788975)

If you didn't want that to happen you should have chosen a different license.

Re:October 18th is also its birthday (0)

Anonymous Coward | about 5 years ago | (#29789303)

Or perhaps it is ok that they took the code but it is not ok to be smug about it.

Re:October 18th is also its birthday (-1, Offtopic)

Anonymous Coward | about 5 years ago | (#29790677)

Here comes the GNU/Ubuntu, here comes the GNU/Ubuntu
Watch him walk this way, watch him walk that way
There goes the GNU/Ubuntu, there goes the GNU/Ubuntu

Re:October 18th is also its birthday (0)

Anonymous Coward | about 5 years ago | (#29788981)

Linux didn't steal - dude, the code wanted to be free, man

Re:October 18th is also its birthday (1, Insightful)

Anonymous Coward | about 5 years ago | (#29789301)

The code was already "free". In fact it was free-er before slapping a new license on it. :)

Re:October 18th is also its birthday (0, Troll)

Anonymous Coward | about 5 years ago | (#29789147)

Actually, no.

OpenBSD stole "P", released it as "Q", then when asked politely threw a hissy-fit, removed "Q" altogether, and called the Linux devs "inhuman" for asking.

Then the OpenBSD maintainer went on a witchhunt to find something in Linux that had been "stolen", but all he could find was a mailing list post of some rejected code, which he promptly sized as "stolen" and started foaming at the mouth again.

Re:October 18th is also its birthday (-1)

Anonymous Coward | about 5 years ago | (#29788673)

Theo, is that you?

Re:October 18th is also its birthday (0)

Anonymous Coward | about 5 years ago | (#29788687)

It is also my birthday, although I am a bit older than that.
Some parts of OpenBSD suck, but I always keep coming back for more.

Netcraft confirms: *BSD is Dying (-1, Troll)

Anonymous Coward | about 5 years ago | (#29789229)

Netcraft confirms BSD is Dying

In 2000, chief *BSD developer Matt Damon left the project after penning a long, meandering suicide note [] , loosely based on a novel by renowned playwright Buzz Aldrin.

FreeBSD used to be fun. It used to be about doing things the right way. It used to be something that you could sink your teeth into when the mundane chores of programming for a living got you down. It was something cool and exciting; a way to spend your spare time on an endeavour you loved that was at the same time wholesome and worthwhile.
It's not anymore. It's about bylaws and committees and reports and milestones, telling others what to do and doing what you're told. It's about who can rant the longest or shout the loudest or mislead the most people into a bloc in order to legitimise doing what they think is best. Individuals notwithstanding, the project as a whole has lost track of where it's going, and has instead become obsessed with process and mechanics.

[edit [] ] Netcraft Weighs In

Not long after Matt's suicide, the United Nations [] Commission for Wresting Control of the DNS Root Servers from the Imperialist United States ("UN-USA [] ")'s Netcraft [] project weighed in with its final judgement. In typical Netcraft fashion, the writer kept to the facts and looked to the numbers:

It is now official. Netcraft has confirmed: *BSD is dying
One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [] in the recent Sys Admin comprehensive networking test.
You don't need to be the Amazing Kreskin [] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.
FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.
Let's keep to the facts and look at the numbers.
OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.
Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.
All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

That crippling bombshell sent *BSD fans into a tailspin of mourning and denial. However, bad news poured in like a river of water.

[edit [] ] Commission for Technology Management

In 2003, the widely respected Commission for Technology Management [] completed a year-long intensive survey that concluded that *BSD may as well already be dead.

Yet another sickening blow has struck what's left of the *BSD community, as a soon-to-be-released report by the independent Commision for Technology Management (CTM) after a year-long study has concluded: *BSD is already dead. Here are some of the commission's findings:
Fact: the *BSDs have balkanized yet again. There are now no less than twelve separate, competing *BSD projects, each of which has introduced fundamental incompatibilities with the other *BSDs, and frequently with Unix standards. Average number of developers in each project: fewer than five. Average number of users per project: there are no definitive numbers, but reports show that all projects are on the decline.
Fact: will not include support for *BSD. The newly formed group believes that the *BSDs have strayed too far from Unix standards and have become too difficult to support along with Linux and Solaris x86. "It's too much trouble," said one anonymous developer. "If they want to make their own standards, let them doing the porting for us."
Fact: DragonflyBSD, yet another offshoot of the beleaguered FreeBSD "project", is already collapsing under the weight of internal power struggles and in-fighting. "They haven't done a single decent release," notes Mark Baron, an industry watcher and columnist. "Their mailing lists read like an online version of a Jerry Springer episode, complete with food fights, swearing, name-calling, and chair-throwing." Netcraft reports that DragonflyBSD is run on exactly 0% of internet servers.
Fact: There are almost no FreeBSD developers left, and its use, according to Netcraft, is down to a sadly crippled .005% of internet servers. A recent attempt at a face-to-face summit in Boulder, Colorado culminated in an out-and-out fistfight between core developers, reportedly over code commenting formats (tabs vs. spaces). Hotel security guards broke up the melee and banned the participants from the hotel. Two of the developers were hospitalized, and one continues to have his jaw wired shut.
Fact: NetBSD, which claims to focus on portability (whatever that is supposed to mean), is slow, and cannot take advantage of multiple CPUs. "That about drove the last nail in the coffin for BSD use here," said Michael Curry, CTO of "We took our NetBSD boxes out to the backyard and shot them in the head. We're much happier running Linux."
Fact: *BSD has no support from the media. Number of Linux magazines available at bookstores: 5 (Linux Journal, Linux World, Linux Developer, Linux Format, Linux User). Number of available *BSD magazines: 0. Current count of Linux-oriented technical books: 1071. Current count of *BSD books: 6.
Fact: Many user-level applications will no longer work under *BSD, and no one is working to change this. The GIMP, a Photoshop-like application, has not worked at all under *BSD since version 1.1 (sorry, too much trouble for such a small base, developers have said). OpenOffice, a Microsoft Office clone, has never worked under *BSD and never will. ("Why would we bother?" said developer Steven Andrews, an OpenOffice team lead.)
Fact: servers running OpenBSD, which claims to focus on security, are frequently compromised. According to Jim Markham, editor of the online security forum SecurityWatch, the few OpenBSD servers that exist on the internet have become a joke among the hacker community. "They make a game out of it," he says. "(OpenBSD leader) Theo [de Raadt] will scramble to make a new patch to fix one problem, and they've already compromised a bunch of boxes with a different exploit."
With these incontroverible facts staring (what's left of) the *BSD community in the face, they can only draw one conclusion: *BSD is already dead.

[edit [] ] Wired Writes an Epitaph

In 2004, Wired Magazine [] published an article in which it declared *BSD dead, once and for all. The article also declared Linux [] superior to *BSD.

  • BSD is Dying, Says Respected Journal
Linux advocates have long insisted that open-source development results in better and more secure software. Now they have statistics to back up their claims.
According to a four-year analysis of the 5.7 million lines of Linux source code conducted by five Stanford University computer science researchers, the Linux kernel programming code is better and more secure than the programming code of *BSD.
The report, set to be released on Tuesday, states that the 2.6 Linux production kernel, shipped with software from Red Hat, Novell and other major Linux software vendors, contains 985 bugs in 5.7 million lines of code, well below the average for *BSD software. NetBSD, by comparison, contains about 40 million lines of code, with new bugs found on a frequent basis.
  • BSD software typically has 20 to 30 bugs for every 1,000 lines of code, according to a group of Carnegie Mellon University's pot-smoking hippies. This would be equivalent to 114,000 to 171,000 bugs in 5.7 million lines of code.
The study identified 0.17 bugs per 1,000 lines of code in the Linux kernel. Of the 985 bugs identified, 627 were in critical parts of the kernel. Another 569 could cause a system crash, 100 were security holes, and 33 of the bugs could result in less-than-optimal system performance.
Seth Hell, CEO of Covertitude, a provider of source-code analysis, noted that the majority of the bugs documented in the study have already been fixed by members of the Linux development community.
"Our findings show that Linux contains an extremely low defect rate and is evidence of the strong security of Linux," said Hell. "Many security holes in software are the result of software bugs that can be eliminated with good programming processes."
The Linux source-code analysis project started in 2000 at the Stanford University Computer Science Research Center as part of a large research initiative to improve core software engineering processes in the software industry.
The initiative now continues at Covertitude, a software engineering startup that now employs the five researchers who conducted the study. Covertitude said it intends to start providing Linux bug analysis reports on a regular basis and will make a summary of the results freely available to the Linux development community.
"This is a benefit to the Linux development community, and we appreciate Coverity's efforts to help us improve the security and stability of Linux," said Andrew Mumpkins, lead Linux kernel maintainer. Mumpkins said developers have already addressed the top-priority bugs uncovered in the study.

[edit [] ] The Obituary

On September 9, 2005, *BSD was finally declared dead. The following obituary appeared in the Berkeley Observer:

  • BSD Obituary
  • BSD, 28, of Berkeley, CA died Monday, Sept. 19, 2005. Born July 3, 1976, it was the creation of a cluster of pot-smoking hippies who went to Illinois and came home with a reel of tape. Rather than smoke the tape, they uploaded it and hacked on it a little.
  • BSD was known for its C shell and early TCP/IP implementation. After being banished from UC Berkeley, it was ported to the x86 platform, where it fell into the hands of heavier pot-smokers who liked to argue. Soon, the project had splintered into 12 different Balkanized projects. Until its death, there was almost constant fighting in and amongst these groups, sometimes degenerating into out-and-out fistfights.
  • BSD is survived by its superior, Linux, as well as several commercial unix implementations. It may be missed by some who knew it, although most of them are said to be mere OS dilettante dabblers.

A funeral will be held at 2 p.m. Thursday, Sept. 22, at the Berkeley Chapel on the UC campus, with interment to follow via the burning of the original *BSD tapes and scattering of the ashes over the San Francisco Bay. The Rev. Lou "Buddy" Stubbs will officiate.

The family will receive friends from 7 to 8 p.m. Wednesday, Sept. 21, at the funeral home.

[edit [] ] Enemies of *BSD

  • Linux [] was very happy, and a new version of Super Tux [] was made with the BSD Deamon and other BSD characters as the new enemies. Except for Rinux [] which seemed to only have Mario [] type games with enemies named Billy [] and Bally [] and Mario [] had to break Windows [] instead of boxes.
  • Apple [] knew that they no longer had to pay royalties for using *BSD technologies, not that they really contributed anything important to *BSD like that nifty GUI based on Aqua [] , or Safari [] , or Sherlock [] , or Doctor Watson [] , or Moriarty [] , or even iTunes [] , or those special screen savers [] that Apple made. In fact, Mac OSX [] no longer uses any *BSD code, and Steve Jobs [] took up Kitten Huffing [] after counting the profits [] Apple made from sales of the iPod [] and new Macintosh [] systems.

Re:Netcraft confirms: *BSD is Dying (0)

Anonymous Coward | about 5 years ago | (#29789491)


This shit never gets old.

Re:October 18th is also its birthday (-1, Troll)

Anonymous Coward | about 5 years ago | (#29789423)

Wow, all this development time and the performance still sucks.

I applaud OBSD for their code auditing and security stuff but the performance totally blows. It has to be one of the slowest (if not the slowest) modern OS out there. And it's not slow because of security features, it's just poor coding and lack of modern features/drivers.

Re:October 18th is also its birthday (0)

Anonymous Coward | about 5 years ago | (#29790617)

Here's a gift: who cares. Wow, software raid... too little, too late. Yawn.

Abuse of corpse. (-1, Troll)

Anonymous Coward | about 5 years ago | (#29788395)

Abuse of corpse.

Re:Abuse of corpse. (-1, Offtopic)

Anonymous Coward | about 5 years ago | (#29788765)

Abuse of corpse.

Hey, like you'd know. Go back to bowing to the sitting Penguins, on the double.

Soft RAID? (-1, Flamebait)

vawarayer (1035638) | about 5 years ago | (#29788399)

OpenBSD just got Soft RAID support? What took you so long Theo? :P

Re:Soft RAID? (4, Informative)

rivaldufus (634820) | about 5 years ago | (#29788491)

OpenBSD has had the RAIDframe driver for a long time. This releases is adding some sort of RAID 4 and 5 implementation.

Re:Soft RAID? (1)

x2A (858210) | about 5 years ago | (#29789109)

Aye, just notice the use of semicolons and commas in the sentence :-)


Numerous improvements to: (packet filtering, software RAID, routing daemons, and the TCP stack);

(but yes I did read it for a moment as saying that one of the new things was a TCP stack!)

Re:Soft RAID? (0)

Anonymous Coward | about 5 years ago | (#29789391)

raidframe is kinda unsupported, this is legacy stuff with code that hasn't been touched for a looong time.

softraid is the new shiny software raid solution on OpenBSD.
softraid supports raid 0,1,4,5 and crypto.
it is still work in progress, but with 4.6 you get rebuild for raid1 so it is usable in production.

Re:Soft RAID? (1)

rivaldufus (634820) | about 5 years ago | (#29789889)

It's true, but the OpenBSD FAQ only lists RAIDFRAME and not softraid. I suspect that will change in a release or two.

OpenBSD pf (0)

Anonymous Coward | about 5 years ago | (#29788431)

I used OpenBSD as a router for awhile, I'm using FreeBSD now. I can't seem to filter packets from a natted jail to my LAN. I don't know if OpenBSD has jails, but I wonder if it would work under OpenBSD. I don't want packets getting from the jail to my network. But the jail has to access the internet. If someone could send me a pf.conf for that I would appreciate it.

Re:OpenBSD pf (3, Informative)

Dr. Smoove (1099425) | about 5 years ago | (#29788587)

ah, that's super easy, have you ever even tried to read the docs? If is a gateway that people are nat'd behind, something like block in from to in pf.conf, done. pfctl -n -f /etc/pf.conf to check that the grammar is correct, and pfctl -F rules -f /etc/pf.conf to reload the rules. If you mean you need to set up the openbsd box to *do* nating it's still pretty simple. All it takes is a quick look at the PF documentation.

Re:OpenBSD pf (1)

lastgoodnickname (1438821) | about 5 years ago | (#29789275)

All it takes is a quick look at the PF documentation.

Don't you have to do something after looking at the documentation?

Re:OpenBSD pf (0)

Anonymous Coward | about 5 years ago | (#29789855)

This is all on a FreeBSD 7.2 machine. Just for the record, is a jailed alias on the external interface. Since there is a NAT rule for to access the internet, it seems even adding at the top of the filtering rules "block in quick from to" and reloading the rules will have no effect on blocking packets from to (I can still ssh to from the jail for example [and the sshd logs verify the address it sees coming in is I had the doods in FreeBSD on #efnet IRC try to help me, I used and gave my config. i_love_goats, and Darius were both stumped and I could tell they knew their shit. I really think it is not my fault. I think it's a bug in the order of operations of pf.

To clarify, I was wondering if OpenBSD would have this seeming lack of filtering in a natted jail. Of course if I remove the NAT rule for the jail, the filtering rule does work. Hmmm... strange. Unfortunate. :-(

Thanks Theo and everyone else. (2)

Anonymous Coward | about 5 years ago | (#29788453)

I just want to give a huge Thanks to Theo and the rest of the OpenBSD developers. They're doing a fantastic job. I'll order my CD soon.

Now There's Some Software Engineering! (2, Interesting)

yup2000 (182755) | about 5 years ago | (#29788463)

Doing what others only dream... a scheduled release, early!

openbsd kernel (-1, Flamebait)

Anonymous Coward | about 5 years ago | (#29788469)

I'm waiting for OpenBSD to give up on creating a modern kernel and focus on what they do best: create hardened network applications & a clean base system. A freebsd / openbsd fusion would give linux a run for their money.

Re:openbsd kernel (0)

Anonymous Coward | about 5 years ago | (#29788665)

What the fuck are you talking about? A hardened userland is totally useless without a bulletproof kernel underneath it. Security has to start at the deepest levels, and work its way upwards.

And most of the OpenBSD-specific userland libraries and apps have already been ported to FreeBSD. If you're actually a FreeBSD user, which I suspect you aren't, you'd know how to install them, too.

Re:openbsd kernel (-1, Troll)

Anonymous Coward | about 5 years ago | (#29789025)

And if you did what you preach you wouldn't use FreeBSD, which I suspect you do.

I really like OpenBSD but it is suffering from a bad NIHS that will lead it to its ultimate demise.
No locale support in this day and age. Really?

No wonder most devs are either American or European codepage Neanderthals. Not that they need better people, but they sure do need more people and more money. Not gonna happen with nobody using it.

Re:openbsd kernel (0)

Anonymous Coward | about 5 years ago | (#29788835)

I'm waiting for OpenBSD to give up on creating a modern kernel and focus on what they do best: create hardened network applications & a clean base system. A freebsd / openbsd fusion would give linux a run for their money.

I wish that were so. *BSDs (all of them) still lack HA and failover clustering software. Until that is there, *BSD is not a viable alternative.

Re:openbsd kernel (3, Funny)

Just Some Guy (3352) | about 5 years ago | (#29788875)

*BSDs (all of them) still lack HA and failover clustering software.

Ironic in a story about an OS release that features improved HA networking.

Re:openbsd kernel (2, Informative)

DaMattster (977781) | about 5 years ago | (#29789517)

Funny, I thought that was what CARP and pfsync were. They are for failover but I don't know about clustering and load balancing.

Re:openbsd kernel (1)

jimicus (737525) | about 5 years ago | (#29791199)

CARP and pfsync can provide a virtual IP address managed by a cluster to act as a frontend to N web servers, but AFAIK (and no I haven't RTFA) they don't have anything else to help like a clustered filesystem, a web server that clusters so sessions can fail over within the cluster or anything fancy like that.

Re:openbsd kernel (1)

Galactic Dominator (944134) | about 5 years ago | (#29789029)

Do you have any clue who is responsible for developing Common Address Redundancy Protocol?

You have other options too, []

or for a DRBD eqiv, try ggated + gmirror []

Torrent? (1)

DragonDru (984185) | about 5 years ago | (#29788475)

They have lots of mirrors and they likely work well, but with a torrent I could help pass it around.
What is with projects not offering the option?

Re:Torrent? (2, Insightful)

Anonymous Coward | about 5 years ago | (#29788517)

OpenBSD is, if nothing else, a very conservative OS. It's not particularly surprising that they don't adopt the new shiny if their current system is working just fine.

Re:Torrent? (1)

Jared555 (874152) | about 5 years ago | (#29788525)

Their main CD is not very large at all. If I remember correctly most of the files are downloaded during the installation.

Re:Torrent? (1)

Jared555 (874152) | about 5 years ago | (#29788537)

Was looking at the wrong file, guess it is 200MB but they probably have their reasons for not offering a torrent by default

Re:Torrent? (1)

rivaldufus (634820) | about 5 years ago | (#29788583)

They didn't have a full install iso until somewhat recently, as they felt that it would hurt their CD sales. I suppose they will do a bit torrent sometime, but probably not for a release or two.

ISO Policy Explained (3, Insightful)

nuckfuts (690967) | about 5 years ago | (#29788735)

OpenBSD's FAQ explains their choices regarding ISO images [] .

I like to install OpenBSD from a floppy image [] - only 1.44 MB! I then choose an FTP mirror [] and install whatever parts I want on the fly.

Re:ISO Policy Explained (1)

buchner.johannes (1139593) | about 5 years ago | (#29788919)

You can install it from your running Linux or something to a free partition if you don't want to burn a CD.
It is a good finger exercise to do without a CD.

Re:ISO Policy Explained (2, Informative)

Anonymous Coward | about 5 years ago | (#29789081)

In summary, buy the cds they come with cool stickers and they're only $50.

I got my cds in the mail on friday.

Already have the OpenBSD 4.6 stickers on my lappy :D


ps - it really is a drop in the bucket compared to my other work expenses this year.

Re:ISO Policy Explained (0)

Anonymous Coward | about 5 years ago | (#29789257)

yay, just as expensive as a Windows Vista copy from Dell. fffff

Re:Torrent? (0)

Anonymous Coward | about 5 years ago | (#29788869)

The OpenBSD ISO is just a move to keep whiners quiet. And the CD is so Theo can eat.

Using the release/stable versions is not supported/recommended at all, even when they are the latest.

Patches for vulnerabilities in the base system are provided for the latest version, so if you run ssh/sftp server or a PF router you are okay, otherwise, you should update regularly to stay CURRENT.

Backporting bugfixes for obsolete versions of third party software is not something OpenBSD can afford to do.

Re:Torrent? (1)

cbhacking (979169) | about 5 years ago | (#29789795)

Still no torrent? (1, Insightful)

phantomcircuit (938963) | about 5 years ago | (#29788507)

Come on! FreeBSD has been releasing via bittorrent for a while now [] . Get with it OpenBSD!

Re:Still no torrent? (2, Insightful)

Jared555 (874152) | about 5 years ago | (#29788565)

Most distros have at least one or two really good mirrors nearby. Maybe when they don't offer a 4GB file (their install.iso file is 200MB) they don't see the need.

Re:Still no torrent? (1)

phantomcircuit (938963) | about 5 years ago | (#29788685)

Even a 200MB iso would benefit from bittorrent.

Re:Still no torrent? (2, Informative)

dayid (802168) | about 5 years ago | (#29788725)

Except if you're following installation directions (and for some reason not using bsd.rd, etc, to install), you would be downloading the 6MB cd64.iso, not the 200MB install46.iso. []

Re:Still no torrent? (0)

phantomcircuit (938963) | about 5 years ago | (#29788781)

Funny that just says that the iso files available are not official. I do not see where it says that the 6MB network installer is more official than the 200 MB installer with all of the file sets on it.

Re:Still no torrent? (2, Informative)

dayid (802168) | about 5 years ago | (#29788823)

For those that need a bootable CD for their system, bootdisk ISO images (named cd46.iso) are available for a number of platforms [...]. ...

Re:Still no torrent? (0)

phantomcircuit (938963) | about 5 years ago | (#29788917)

Just because cd46.iso is a bootable cd does not mean that install46.iso is not.

Re:Still no torrent? (1)

Jared555 (874152) | about 5 years ago | (#29790565)

Funny that just says that the iso files available are not official. I do not see where it says that the 6MB network installer is more official than the 200 MB installer with all of the file sets on it.

I am guessing that statement is just outdated since at one point in time some or all of the .iso files they release now were not available in the past and other people made and distributed unofficial ones.

Re:Still no torrent? (2, Insightful)

blhack (921171) | about 5 years ago | (#29788857)

Maybe when they don't offer a 4GB file (their install.iso file is 200MB) they don't see the need.

Every openbsd installer I have ever downloaded has been 10MB...

Re:Still no torrent? (1)

Jared555 (874152) | about 5 years ago | (#29790573)

install.iso is 200MB, the iso that has just the installer on it without packages is around 10MB.

Re:Still no torrent? (0)

Anonymous Coward | about 5 years ago | (#29788907)

Most distros have at least one or two really good mirrors nearby. Maybe when they don't offer a 4GB file (their install.iso file is 200MB) they don't see the need.

FreeBSD has a boot-only ISO image that's 40 MB. You then do an network-based (e.g., via FTP) install after you boot from that.

Re:Still no torrent? (0)

Anonymous Coward | about 5 years ago | (#29788579)

Why would you make a torrent to distribute a 6MB CD .iso?

Re:Still no torrent? (1)

DragonDru (984185) | about 5 years ago | (#29788649)

But one would make a torrent for the 200 MB iso.

Re:Still no torrent? (1)

Jared555 (874152) | about 5 years ago | (#29790605)

The 200MB iso is meant primarily for installing on networkless or low speed connections so the packages are already available. A comparison would be a linux network install cd/floppy vs the live cd/cd with packages on it.

Re:Still no torrent? (0)

Anonymous Coward | about 5 years ago | (#29789129)

Because while some people know how useful torrents are to distribute files, a non-trivial number just like using the word "torrent" because they think it makes them l337, or whatever.

Re:Still no torrent? (1)

dayid (802168) | about 5 years ago | (#29788585)

The x86 install disk is less than 6MB. Maybe when they have 4GB DVD iso's available like FreeBSD they'll feel the pain and go torrents?

Re:Still no torrent? (1)

zach_the_lizard (1317619) | about 5 years ago | (#29788695)

That's only the net install ISO, not the full disk.

Re:Still no torrent? (1)

MichaelSmith (789609) | about 5 years ago | (#29788807)

NetBSD has torrents as well. About as year ago I wanted an AMD64 iso to I got the torrent but it turned into a straight download so I may as well not have bothered. I wonder if the actual demand for openbsd is enough to justify the effort.

Re:Still no torrent? (0)

Anonymous Coward | about 5 years ago | (#29788933)

The slightly more conservative NetBSD even has bittorrent releases as the preferred method of distributing their disk images. Sometimes OpenBSD seems a little big and crufty in comparison, especially with the performance gains made by NetBSD in the last few releases.
I still remember being a high school kid trying to install OpenBSD on my 486 HP Vectra with 16MB of RAM. It should have been enough (16 was the OpenBSD minimum requirement), but the installer was slow, noticeably messy, and it even crashed at times. Eventually I switched to the more minimalist NetBSD, and it worked very nicely without the slowness and crashing. To this day, I think that NetBSD is one of the best and cleanest systems for people who want to learn Unix. While I appreciate the ideals of OpenBSD, it seems like their delivery is never as graceful or as smooth as it could be. By focusing on different security threats so much, maybe they miss the larger principles of clean design and simplicity.
In any case, no matter what version of *nix we use, we should be thankful to the OpenBSD people for their work on OpenSSH (including SFTP), which is remarkably useful for many purposes.

Yahoo! (-1, Troll)

XPeter (1429763) | about 5 years ago | (#29788551)

Not trying to be a troll, but do any significant websites besides Yahoo! and Verio run BSD?

Re:Yahoo! (1)

Dr. Smoove (1099425) | about 5 years ago | (#29788637)

Most places using it use it for site-to-site VPN, routers, firewalls, etc, so A. only people from significant sites probably know the answer and B. it's not really what it's known for being great at.

Re:Yahoo! (2, Interesting)

DaMattster (977781) | about 5 years ago | (#29789477)

I use it for my father's site-to-site VPN and the ease of configuration of OpenBSD's ipsec.conf makes it wonderful. It is highly reliable and, in the two years I have had it implemented it went down due to the failure of the onboard NIC in a Dell Server. I simply threw in a spare INTEL PRO/100 (em) and it was back up within 5 minutes.

Re:Yahoo! (1)

hotfireball (948064) | about 5 years ago | (#29788887)

No, why troll... First, Yahoo is not only on BSD. Second, BSD is widely in a Cisco stuff, mostly for network appliances, routers, firewalls etc. It is very good firmware-like OS for network stuff.

For everything else you've got Solaris... :-)

Re:Yahoo! (2, Informative)

Galactic Dominator (944134) | about 5 years ago | (#29788903)

Re:Yahoo! (0)

Anonymous Coward | about 5 years ago | (#29789471)

Netcraft? Is this some kind of joke?

j.delanoy is a fucking bastard (-1, Offtopic)

Anonymous Coward | about 5 years ago | (#29788591)

Where's the song? (1)

martin-boundary (547041) | about 5 years ago | (#29788699)

Where's the song [] ? There was supposed to be an earth-shattering song!

Re:Where's the song? (1)

pddo (969282) | about 5 years ago | (#29790255)

That is some of the funniest/wierdest music I've ever heard.

Software RAID? (1)

WarlockD (623872) | about 5 years ago | (#29788729)

Anyone know of the preformace? Been using mdadm for a while and been liking it.

Re:Software RAID? (2, Informative)

Galactic Dominator (944134) | about 5 years ago | (#29788891)

Now if mdadm only had the ease use gmirror/geom does in freebsd, then it might be more widely adopted.

mdadm is a perfectly functional package, but it's setup is quite awkward. gmirror however is a breeze to setup, and it's performance kicks the crap out of most hardware controllers I've tried(admittedly few). I imagine OpenBSD implementation is also a good performer as software raid. This states a 30% speedup for certain cases. []

Re:Software RAID? (0)

Anonymous Coward | about 5 years ago | (#29789505)

mdadm's limitations arise when you attempt to mirror your existing root disk without destroying the data. You'd think such a task would be easy, but it's not. If you don't configure the mirror during install, it's a real headache. This can't be an uncommon situation either, with people who start out with a single disk and then later decide to add some redundancy.

Solaris DiskSuite does this very nicely. A few commands, modify /etc/vfstab, reboot, then attach the other disk to the mirror and let it sync.

BSD on a linux kernel! (-1, Offtopic)

iCantSpell (1162581) | about 5 years ago | (#29789033)

For those who don't know, there's a BSD style linux distro that kills Gentoo in both, setup, design, and ease. It's virtually BSD with a linux kernel, and an apt-get killer.

Arch Linux is an independently developed, i686/x86-64 general purpose GNU/Linux distribution versatile enough to suit any role. Development focuses on simplicity, minimalism, and code elegance. Arch is installed as a minimal base system, configured by the user upon which their own ideal environment is assembled by installing only what is required or desired for their unique purposes. GUI configuration utilities are not officially provided, and most system configuration is performed from the shell by editing simple text files. Arch strives to stay bleeding edge, and typically offers the latest stable versions of most software.

Arch Linux uses its own Pacman package manager, which couples simple binary packages with an easy-to-use package build system. This allows users to easily manage and customize packages ranging from official Arch software to the user's own personal packages to packages from 3rd party sources. The repository system also allows users to easily build and maintain their own custom build scripts, packages, and repositories, encouraging community growth and contribution.

The minimal Arch base package set resides in the streamlined [core] repository. In addition, the official [extra], [community], and [testing] repositories provide several thousand high-quality, packages to meet your software demands. Arch also offers an [unsupported] section in the Arch Linux User Repository (AUR), which contains over 9,000 build scripts, for compiling installable packages from source using the Arch Linux makepkg application.

Arch Linux uses a "rolling release" system which allows one-time installation and perpetual software upgrades. It is not generally necessary to reinstall or upgrade your Arch Linux system from one "version" to the next. By issuing one command, an Arch system is kept up-to-date and on the bleeding edge.

Arch strives to keep its packages as close to the original upstream software as possible. Patches are applied only when necessary to ensure an application compiles and runs correctly with the other packages installed on an up-to-date Arch system.

To summarize: Arch Linux is a versatile, and simple distribution designed to fit the needs of the competent Linux® user. It is both powerful and easy to manage, making it an ideal distro for servers and workstations. Take it in any direction you like. If you share this vision of what a GNU/Linux distribution should be, then you are welcomed and encouraged to use it freely, get involved, and contribute to the community. Welcome to Arch!
" - []

Ah, that time again... (0)

Anonymous Coward | about 5 years ago | (#29789065)

What I like about OpenBSD is every six months I have to look at the upgrade guide to decide what new accounts to create and config files to synchronize with etcXX.tgz, then I "upgrade" with cp and tar. OK, the upgrades are a bit more painful than using aptitude on a Linux box, but the results are always good. :-)

Update link in story (0)

Anonymous Coward | about 5 years ago | (#29789083)

The story points to plus46.html which isn't useful for a general distribution announcement like this. Here's a much better choice (which includes a link to the plus46.html page): []

or []

Re:Update link in story (2, Interesting)

pgilman (96092) | about 5 years ago | (#29789441)

The story points to plus46.html which isn't useful for a general distribution announcement like this. Here's a much better choice (which includes a link to the plus46.html page): []

or []

for the record, i submitted it with different links. plus46.html was originally linked from the text "and lots more." they "improved" the links in the story before they published it.

make (0)

tirnacopu (732831) | about 5 years ago | (#29789133)

Make floor(3) round towards -inf instead of towards zero.

Floor? Really? Who was so bored they looked at a 20-year old function (the ANSI C standard was written in '89) and said: yes, there is room for improvement here!

At least they could have changed it to accept input in XML format :p

Re:make (1)

Blakey Rat (99501) | about 5 years ago | (#29789843)

"floor" is one of those functions... ugh.

Depending on what language/program/whatever you're using, it'll either round towards -inf (as apparently they've patched this one to do), or towards 0. The mathematical definition of the term "floor" is -inf, so I guess this change makes it "more correct." But God help you if you have a program that relied on the previous behavior.

Re:make (2, Informative)

Undead NDR (1252916) | about 5 years ago | (#29790983)

But God help you if you have a program that relied on the previous behavior.

Well, IIUC, that would just entail converting all floors on negative numbers to ceils:

double floorToZero (double n)
        return (n < 0) ? ceil(n) : floor(n);

OpenBSD - not that secure... (1, Insightful)

metrix007 (200091) | about 5 years ago | (#29789533)

OpenBSD security is in large part overstated, and at worst, a myth.

Let us look at 3 main points, of which the last is the most important.

1. Secure by default. Yes, having services turned off by default is a good move. It also actually has nothing to do with the security of what you actually have running.

2. Auditing. Only the base system is audited. The ports are often quite far behind. Most attacks are not against "the base system".

3. Lastly...OpenBSD, by design, is not a secure system. A secure system is much, much more than just a lack of vulnerabilities. It is the ability to have controls and lock down things, to prevent unauthorized access. Instead, the OpenBSD approach does it's very best to assume that people don't get in, but does little to help when something does go wrong. Or, you know, if you even wanted to actually restrict access with more than just the user/group scheme. Hell, they don't even have a basic ACL. VMS was a secure system. Very recent editions of Windows are well on their way to becoming secure systems. OpenBSD is not.

In fact, as it stands, Linux is a far, far more secure system, because of access to things like SELinux and RSBAC. These frameworks allow you to lock down and control every aspect of your system. Anything you want to restrict and how, you basically can. It takes the "everything is a file" philosophy to the next step. These systems are more secure for one simple reason. You should be prepared in case someone does, not simply try to eliminate all bugs all together, which while noble, is a flawed attempt. Not to mention the inability to restrict legitimate users on the system in a limiting way...

Instead, if someone successfully gets root on OpenBSD..then they have root, This is getting better with privilege separated stuff, but Linux had this in 3rd party patches about 10 years ago. With SELinux and RSBAC, you can remove the concept of root. If someone hacks a webserver...well, the webserver does not need write access, except maybe to tmp, it won't need execute access, it won't need to initiate outgoing connections, and it won't need write access, only append access to /var/log. The attacker can't do anything, and you simply can't do something similar with OpenBSD.

In fact, despite Theo being staunchly opposed to such attempts, there was one. Systrace. It was nowhere near as powerful or flexible as the aforementioned frameworks, but it was a start. Instead, The developers decided to use an insecure technique, system call interposition [] , shown to be insecure. After this they gave up.

OpenBSD is an extremely quality codebase, and it is more secure for small stuff and does make a good router or firewall. It is by no means a secure system though, and should not be hailed as one.

Re:OpenBSD - not that secure... (0, Flamebait)

Anonymous Coward | about 5 years ago | (#29790527)

You raise some valid points but you completely lost any credibility you had when you named SELinux. Which makes you a troll at best.
About OpenVMS purported security. When I start seeing webservers using OpenVMS, or they release their source, I might believe it. Until then it seems to me they and their customers still live in the 80s.

Re:OpenBSD - not that secure... (1)

metrix007 (200091) | about 5 years ago | (#29790627)

What problem do you have with SELinux? Perhaps you don't understand correctly how it works. It has a bad rep for being cumbersome, but it isn't terribly hard to learn if you're willing. There are several examples of it blocking exploits and 0 day attacks, because of the method I describe. You may find this article [] interesting, with links to some of Dan Walsh's blog posts.

As for VMS, it is widely considered to be one of the most secure systems. Just have a quick look at it's vulnarability history. It puts OpenBSD to shame. More info. []

Re:OpenBSD - not that secure... (0)

Anonymous Coward | about 5 years ago | (#29791215)

What problem do you have with SELinux?...

Gee, what problem haven't I had with SELinux! I dunno if it's SELinux or the Fedora distro, but one of the first things almost everyone does is nuke SELinux. Then things work and logs don't get full of meaningless messages. Does anyone really understand each and every one of the (hundreds? thousands?, more?) rules in the SELinux policy? If not, then whats the point? Whatever SELinux is, was, or hoped to be, it just isn't working.

Re:OpenBSD - not that secure... (3, Informative)

Spit (23158) | about 5 years ago | (#29790971)

OpenBSD's focus is preventing the exploits in the first place with many overflow vulnerabities in third-party software being non-exploitable on OpenBSD. After running it for 10 years, I trust OpenBSD's record. It has some of the best in the business probing it, and with the most serious flaw in years being a subtle IP6 attack, I think that trust is well founded. If you were to prove otherwise, I'm sure you would instantly be a big name in security.

Although sound design, role security is added complexity which increases scope for vulnerabilities. From coding errors to implementation errors, complexity breeds insecurity. They also create a false sense of security: having implemented RBAC on Solaris I was initially impressed until I realized one could bypass it with suid bombs.

OpenBSD's simple design and sound default permissions mean that even with a local account, it is very difficult to gain root access. The base system is comprehensive so usually there's little reason to go to ports to implement OpenBSD in its perimiter focused role.

You would do well to back up your claim that OpenBSD is snake-oil.

mo3 up (-1, Offtopic)

Anonymous Coward | about 5 years ago | (#29789799)

The web server can finally serve large files (2, Interesting)

Mr.Ned (79679) | about 5 years ago | (#29790137)

When I looked at the release notes sent out by email, I saw this under "New functionality":

"httpd(8) can now serve files larger than 2GB in size."

I'm very surprised by this.

Re:The web server can finally serve large files (0)

DNS-and-BIND (461968) | about 5 years ago | (#29791087)

"Two Gigabytes ought to be enough for anybody!"

Seriously, this just reflects the conservativeness of OpenBSD, just like DOS back in the day. They move slowly, if at all. Users are expected to be grateful for improvements made years ago in other OSes.

Looks like a typical OpenBSD release (3, Interesting)

fadir (522518) | about 5 years ago | (#29790717)

Rock solid, thought through and very conservative.

They have their niche and do their best to serve it as good as they can. I'm very glad that this project exists even though I don't use OpenBSD but various of its offsprings (OpenSSH/SSL, etc.) only.
Theo is a very controversial person but at least he keeps the project on focus and going. Congratulations for that and best of luck for the future.
I don't see myself using OpenBSD anytime soon but I know a few people that do and they are happy with it. So keep going, the community needs you!

They're behind - way behind . . . (1)

greenreaper (205818) | about 5 years ago | (#29790797)

FreeBSD is already at 7.2! No way they can catch up now, unless they pull a Windows.

softraid (1)

RAMMS+EIN (578166) | about 5 years ago | (#29790863)

Apparently, softraid is also included in the GENERIC kernel. This means that, unlike with the old RAIDframe, you don't have to compile your own kernel before you can use it.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?