Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

OpenBSD 5.5 Released

timothy posted about 5 months ago | from the always-just-in-time dept.

Operating Systems 128

ConstantineM (965345) writes "Just as per the schedule, OpenBSD 5.5 was released today, May 1, 2014. The theme of the 5.5 release is Wrap in Time, which represents a significant achievement of changing time_t to int64_t on all platforms, as well as ensuring that all of the 8k+ OpenBSD ports still continue to build and work properly, thus doing all the heavy lifting and paving the way for all other operating systems to make the transition to 64-bit time an easier task down the line. Signed releases and packages and the new signify utility are another big selling point of 5.5, as well as OpenSSH 6.6, which includes lots of DJB crypto like chacha20-poly1305, plus lots of other goodies."

cancel ×

128 comments

Sorry! There are no comments related to the filter you selected.

YAY for BSD (4, Interesting)

CheshireDragon (1183095) | about 5 months ago | (#46890523)

Even though I've never used it...

Re:YAY for BSD (0)

Anonymous Coward | about 5 months ago | (#46890615)

This article will get like 2 comments while another about lesbian programmers in space with get 200 billion comments.

I won't say anymore because ....

Never mind ,,,

Re:YAY for BSD (0)

Anonymous Coward | about 5 months ago | (#46890719)

Next time the article should say: Lesbians install the new OpenBSD version.

Re:YAY for BSD (1)

davester666 (731373) | about 5 months ago | (#46896955)

OMG. Lesbians are recommending the use of OpenBSD. I have just got to install it, just to be like lesbians.

Re:YAY for BSD (3, Informative)

Anonymous Coward | about 5 months ago | (#46890651)

Fire up a VM and try it out, OpenBSD is a really nice OS to work with IMO.

Re:YAY for BSD (-1, Flamebait)

Jurily (900488) | about 5 months ago | (#46892517)

...until you put a typo in /etc/fstab when you're not used to plain old vi, and get to discover the joys of learning ed. Without a man page because that was in /usr too.

I wish that was a joke.

Re:YAY for BSD (2)

rubycodez (864176) | about 5 months ago | (#46893391)

it is a joke, you're funny

you could have made a backup copy of fstab before dicking with it. or followed the excellent OpenBSD documentation and made backup root partition.

Re:YAY for BSD (0)

Anonymous Coward | about 5 months ago | (#46895567)

http://www.openbsd.org/cgi-bin/man.cgi?query=ed&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html

Maybe you didn't have so much as a smartphone or a wiki kindle, but you can find all of the manual pages online.

I don't even use OpenBSD, but I use this in similar situations.

Re:YAY for BSD (1)

i kan reed (749298) | about 5 months ago | (#46890735)

Yep, that's pretty much what 99.7% of people can contribute to this discussion(maybe 95% of slashdotters specifically, but still).

You can kinda go "Yay open source operating system that creates a bit of systemic competitive pressure to keep updating other open source operating systems through some really bizarre application of economics towards a system built around entirely free exchange"

It gets real abstract.

Re: YAY for BSD (2)

the_humeister (922869) | about 5 months ago | (#46890903)

If not for the lack of ZFS, I would use OpenBSD. Instead my fileserver is running FreeBSD 10.

Re: YAY for BSD (1)

unixisc (2429386) | about 5 months ago | (#46892485)

Which file system do they use?

Re: YAY for BSD (2)

rubycodez (864176) | about 5 months ago | (#46893147)

openbsd has the Unix FFS (up to about 1TB volume size) and FFS2 (up to 8 zettabytes volume size)

Re: YAY for BSD (1)

unixisc (2429386) | about 5 months ago | (#46896619)

So FFS2 - how does it compare w/ ZFS, aside from license (which I'm assuming here is ISC, right?)

Re: YAY for BSD (2)

TheRaven64 (641858) | about 5 months ago | (#46897557)

FFS2 is basically the original Berkeley FFS (also known as UFS, but there are at least half a dozen incompatible filesystems called UFS, so that just gets confusing) with some extensions. It basically just increases the size of various fields in the inode data structure so that various limits are much larger. I'm not familiar with the OpenBSD implementation, but on FreeBSD it also supports soft updates (where metadata and data writes are sequenced so that the filesystem is aways consistent, although fsck may be required to clean up) and journalling. Aside from that, it's a fairly conventional inode-based FS. If you want snapshots, FreeBSD provides them at the block layer via GEOM (I don't know what the OpenBSD equivalent is).

In contrast, ZFS rearranges all of the layering. At the lowest level, you have a set of physical devices that are combined into a single virtual device. On top of this is a layer that's responsible for storing objects and providing a transactional copy-on-right interface to the underlying storage. On top of this, you layer something that looks like a POSIX filesystem, or something that looks like a block device (or, in theory, something that looks like an SQL database or whatever).

For the user, this means that a load of things are easy with ZFS that are hard with UFS:

  • Creating snapshots with ZFS is a O(1) operation.
  • Creating new filesystems with ZFS is about has hard as creating directories.
  • Filesystems all have block-level checksums, can have multiple copies of files (if they're used for important stuff) on a single volume.
  • Compression and deduplication can be enabled on a per-filesystem basis. With UFS, there's no deduplication (although it would be possible to write a block-level dedup implementation for GEOM), and compression is handled at the block device layer.
  • You can delegate the rights to create and modify filesystem properties into jails safely with ZFS (not relevant to OpenBSD, as it lacks jails).

Re:YAY for BSD (4, Funny)

wonkey_monkey (2592601) | about 5 months ago | (#46891239)

It gets real abstract.

Well, which is it?

Re:YAY for BSD (2)

CODiNE (27417) | about 5 months ago | (#46892877)

The former latter.

Re:YAY for BSD (0)

Anonymous Coward | about 5 months ago | (#46890751)

Even though I've never used it...

And there you go with the problem with it. OpenBSD has no holes in the install as long as you don't mess with the config and actually turn on a service and as long as you upgrade to each new version which can't (practically [tedunangst.com] ) be done automatically. It's almost unusable to a normal user.

Still; I'm going to install it today and all of you should send the project some money 'cos lots of the important security software such as OpenSSH comes from OpenBSD.

Re:YAY for BSD (4, Insightful)

QuietLagoon (813062) | about 5 months ago | (#46891139)

And there you go with the problem with it. OpenBSD has no holes in the install...

Regardless of how you use an operating system, if the OS foundation is not secure, then anything you put on top of it cannot be secure.

At least OpenBSD provides the secure foundation upon which you can build what you'd like. The security of what you build on top of OpenBSD is your responsibility.

Re:YAY for BSD (2)

metrix007 (200091) | about 5 months ago | (#46893043)

Yeah, no. Heartbleed showed how meaningless theire claims of a secure default install are in this day and age.

It used to mean something against Windows Servers and Linux Distros that had everything enabled by default, but not so much these days.

All these years, and they hadn't even audited openssl, a key core component of the default install.

Re:YAY for BSD (1)

Dan Ost (415913) | about 5 months ago | (#46895819)

I was under the impression that OpenBSD did not enable heartbeats by default and, as such, was not vulnerable to Heartbleed by default.

Am I wrong?

Re:YAY for BSD (1)

Anonymous Coward | about 5 months ago | (#46897129)

OpenBSD have software in place that wouldn't allow the Heartbleed bug to work in the first place. As soon as a Heartbleed event occurred, the OpenSSL software would immediately terminate in OpenBSD.

Re:YAY for BSD (2)

TheRaven64 (641858) | about 5 months ago | (#46897559)

Not true. It would have done if OpenSSL hadn't used a custom allocator, but the use of the custom allocator bypassed the policy in OpenBSD's malloc() that aggressively returns unused pages to the OS and causes this kind of fault. And why does OpenSSL have this custom allocator? Because without it people complain that malloc() implementations like the one in OpenBSD are too slow...

Re: YAY for BSD (3, Informative)

Anonymous Coward | about 5 months ago | (#46892041)

How to update Open BSD: insert CD, boot CD, select update. Wait a few minutes. Upgrade ports. Wait a few minutes. You are done.

No CD? Copy base files to machine through SSH. Install files. Reboot. Upgrade ports. Wait a few minutes. You are done.

Any other questions?

Re: YAY for BSD (1)

Anonymous Coward | about 5 months ago | (#46892501)

You got it. I've updated remote (read: "in other countries") OpenBSD machines for over a decade. There is still the anxiety of waiting for the system to boot, but I don't recall ever having it blow up on me.

Why not try it? (-1)

ArchieBunker (132337) | about 5 months ago | (#46890817)

Seriously its so much cleaner than a typical Linux install. Linux is nothing but scripts built upon scripts now. How do you even change the ip address from the command line?

Re:Why not try it? (1)

i kan reed (749298) | about 5 months ago | (#46890909)

Why do we not like scripts? Honest question.

Re:Why not try it? (1)

jones_supa (887896) | about 5 months ago | (#46891141)

They break easily and are slow to interpret.

Re:Why not try it? (1)

i kan reed (749298) | about 5 months ago | (#46892213)

Break easy compared to machine code in some specific way?

Re:Why not try it? (1)

jones_supa (887896) | about 5 months ago | (#46893247)

Not in any specific way. For example when a called subprogram returns an unexpected result, or a result in an unexpected format. Also when the script interpreter is upgraded, it might break something. Heck, sometimes the problem is caused by something silly like a space in a file name.

Re:Why not try it? (1)

i kan reed (749298) | about 5 months ago | (#46893677)

That is to say: it's software.

Re:Why not try it? (1)

jones_supa (887896) | about 5 months ago | (#46897107)

Not really. Machine code is more robust and, as I said, faster. There might still be other good reasons to use scripts, I'm not denying that. They are easier to maintain, for example.

Re:Why not try it? (0)

Anonymous Coward | about 5 months ago | (#46891227)

There's nothing wrong with scripts as such. It's much better to have scripts than have all the configuration and system actions hidden in binaries and controlled from some binary formatted hirearchical database like the Windows registry. However the number and types of scripts in the average Linux install can be pretty overwhelming. There is a kind of deep lack of clarity about some Linux distro's boot process. This makes them much more flexible and easy when everything's working but it can be confusing. People don't tend to like confusing.

Re:Why not try it? (1)

ArchieBunker (132337) | about 5 months ago | (#46891389)

Its not one script anymore. Its one script hundreds of lines long that calls other scripts to finally accomplish something you could do with seconds and ifconfig. Don't get me started with the mess systemd is.

Re:Why not try it? (0)

Anonymous Coward | about 5 months ago | (#46890933)

Just don't use Ubuntu, which emphasize on graphical experience. There are distributions which are intended for the kind of folks who want to change their IPs on the command line. Try arch or gentoo.

Re:Why not try it? (1)

Anonymous Coward | about 5 months ago | (#46890947)

How do you even change the ip address from the command line?

"ip addr add $IP_NUM dev $IP_DEV"

Or, if you like, you can use ifconfig, even though that's obsolete.

They'll collect your nerd card on the way out, troll.

Not quite (1)

ArchieBunker (132337) | about 5 months ago | (#46891359)

Wasn't that easy on my BeagleBone Black board http://derekmolloy.ie/set-ip-a... [derekmolloy.ie]

How anyone is supposed to figure that out is beyond me. Is a script calling ifconfig too good for you people?

Re:Not quite (0)

Anonymous Coward | about 5 months ago | (#46892201)

Get used to this, with systemd and everything udev (including the kernel) and dbus, it's config files all the way down.

Re:Why not try it? (-1)

Anonymous Coward | about 5 months ago | (#46892541)

ifconfig is obsolete? By what, some clusterfuck of scripts calling each other so the devs can say "Look! We're teh l337!"
Fuck, no wonder I love working on any BSD more than the bleeding, cancerous cunt-tumour Linux has become.

Re:Why not try it? (1)

Jakeula (1427201) | about 5 months ago | (#46891063)

What an odd measure of the quality of an OS. Like changing your IP from the command line is something that speaks to how well Linux has been developed. And you can change your IP from the command line. ifconfig does this just fine, even if its not the preferred method. you can also do something like this: sudo ip addr add xxx.xxx.xxx.xxx
but I guess I just fed a troll, so jokes on me.

Re:Why not try it? (2)

metrix007 (200091) | about 5 months ago | (#46893061)

You use the same tools the scripts use. Ifconfig.

Choose a better distro and things wont be so obfuscated.

Re:Why not try it? (1)

just_another_sean (919159) | about 5 months ago | (#46893191)

/sbin/ifconfig

It's not just for listing!

Re:YAY for BSD (1, Informative)

Kremmy (793693) | about 5 months ago | (#46891175)

There's a little bit of header, a little bit of license, BSD...

It's the silent protagonist in the technological world - they build and refine the technology that seeps into all other operating systems.
The code is licensed so liberally that Stallman's arguments literally boil down to "everyone can use it so it's not free".
If you dig into the credits portion of almost any software, it's there.
We all use BSD.

Re:YAY for BSD (1)

Anonymous Coward | about 5 months ago | (#46891311)

Stallman has never called the BSD license non-free. You're either delusional or a liar.
All free software licenses are wonderful for us users. Copyleft ones are also wonderful for free software as a whole.

Re:YAY for BSD (1)

Anonymous Coward | about 5 months ago | (#46893313)

The code is licensed so liberally that Stallman's arguments literally boil down to "everyone can use it so it's not free".

Given that Stallman's main organisation, the Free Software Foundation, almost actively supports [gnu.org] the BSD license, declaring it a Free Software License compatible with the GPL, I wonder what it is that drives you to say such a thing. A feeling that since the truth normally supports Richard, it's worth spreading almost any lie in the hope of discrediting him?

Re:YAY for BSD (1)

Arker (91948) | about 5 months ago | (#46894565)

"The code is licensed so liberally that Stallman's arguments literally boil down to "everyone can use it so it's not free"."

Stallman has always acknowledged it as Free and continues to do so.

Dont be a troll.

Re:YAY for BSD (2)

Kremmy (793693) | about 5 months ago | (#46896143)

That is EXACTLY what he is saying given his comments regarding LLVM.
Referring to this [gnu.org] post in particular.
His stance is a demonization of liberally licensed code, to a very unfortunate degree.
I am absolutely not trolling when I say that man has given up freedom for ideology.

Re:YAY for BSD (2)

rubycodez (864176) | about 5 months ago | (#46893427)

you sure? your printer doesn't have have controller running BSD? or network appliance?

*Ahem* (1, Funny)

Anonymous Coward | about 5 months ago | (#46890609)

oblig [xkcd.com]

Re:*Ahem* (1)

ledow (319597) | about 5 months ago | (#46892313)

Except we're not on 64-bit.

The full announcement tells you that a load of things had to be converted to unsigned 32-bit because that's all you could do.

And they can conceivably affect things in your children's lifetimes (if not before, with long date calculations like mortgages etc.).

Fact is, however, that system support for 64-bit time only means your taskbar clock will go up that far. It means nothing in terms of your application actually supporting and calculating things correctly once we get anywhere near 2038.

Conceivably, those places offering 30-year mortgages etc. were handling those dates several years ago. They involve a lot of money so likely they are okay.

But whether your we get everything like your phone, satnav, car, embedded devices etc. all onto full 64-bit time OS and 64-bit time applications BEFORE they're predicted-end-of-life would go through 2038 - that's a different question entirely.

Re:*Ahem* (1)

fnj (64210) | about 5 months ago | (#46894705)

Making time_t an int64_t instead of an int32_t has absolutely NOTHING to do with whether the architecture is 32 or 64 bits. An application that does time manipulations NOT using time_t is a stupid, broken application.

OpenBSD's future (-1, Flamebait)

Anonymous Coward | about 5 months ago | (#46890639)

It is now official. Netcraft has confirmed: *BSD is dying

        One more crippling bombshell hit the already beleaguered *BSD community when IDC confirmed that *BSD market share has dropped yet again, now down to less than a fraction of 1 percent of all servers. Coming on the heels of a recent Netcraft survey which plainly states that *BSD has lost more market share, this news serves to reinforce what we've known all along. *BSD is collapsing in complete disarray, as fittingly exemplified by failing dead last [samag.com] in the recent Sys Admin comprehensive networking test.

        You don't need to be the Amazing Kreskin [amazingkreskin.com] to predict *BSD's future. The hand writing is on the wall: *BSD faces a bleak future. In fact there won't be any future at all for *BSD because *BSD is dying. Things are looking very bad for *BSD. As many of us are already aware, *BSD continues to lose market share. Red ink flows like a river of blood.

        FreeBSD is the most endangered of them all, having lost 93% of its core developers. The sudden and unpleasant departures of long time FreeBSD developers Jordan Hubbard and Mike Smith only serve to underscore the point more clearly. There can no longer be any doubt: FreeBSD is dying.

        Let's keep to the facts and look at the numbers.

        OpenBSD leader Theo states that there are 7000 users of OpenBSD. How many users of NetBSD are there? Let's see. The number of OpenBSD versus NetBSD posts on Usenet is roughly in ratio of 5 to 1. Therefore there are about 7000/5 = 1400 NetBSD users. BSD/OS posts on Usenet are about half of the volume of NetBSD posts. Therefore there are about 700 users of BSD/OS. A recent article put FreeBSD at about 80 percent of the *BSD market. Therefore there are (7000+1400+700)*4 = 36400 FreeBSD users. This is consistent with the number of FreeBSD Usenet posts.

        Due to the troubles of Walnut Creek, abysmal sales and so on, FreeBSD went out of business and was taken over by BSDI who sell another troubled OS. Now BSDI is also dead, its corpse turned over to yet another charnel house.

        All major surveys show that *BSD has steadily declined in market share. *BSD is very sick and its long term survival prospects are very dim. If *BSD is to survive at all it will be among OS dilettante dabblers. *BSD continues to decay. Nothing short of a miracle could save it at this point in time. For all practical purposes, *BSD is dead.

Missing libReSSL, as expected (4, Insightful)

Anonymous Coward | about 5 months ago | (#46890645)

Before anyone asks, no, this new version of OpenBSD (version 5.5) does not include libReSSL yet.
That's not how OpenBSD operates. Neat announcements made even a month before an OpenBSD release do not usually appear in the very next OpenBSD release. There are cutoffs/deadlines, and the OpenBSD group is far more interesting in ensuring reliability than flashy new code that is only partially ready.
If you check the libReSSL.org website, libReSSL is planning to be included in OpenBSD 5.6, which I expect will be released on November 1, 2014. The OpenBSD group has a solid track record of making their official releases publicly available by the expected date.
To see an overview on what did get included in this version (like signed packages), see the release notes (which is pointed to by the first hyperlink of this Slashdot news story).

Next release... (4, Funny)

msauve (701917) | about 5 months ago | (#46890667)

The next release is scheduled for a few years prior to Sunday, 4 December 292,277,026,596.

Re:Next release... (0)

Anonymous Coward | about 5 months ago | (#46890775)

The next release is scheduled for a few years prior to Sunday, 4 December 292,277,026,596.

Will that be Sunday morning or Sunday afternoon?

Re:Next release... (1)

proxie (3418611) | about 5 months ago | (#46891307)

ha! I was just checking.. 5.4 - November 2013 5.3 - May 2013 5.2 - November 2012 5.1 - May 2012 5.0 - November 2012 4.9 - May 2011 Its' actually consistent, just really prolonged compared to other *nix distros... dethrone a tyrant and might actually get things done sooner :)

Re: Next release... (0)

Anonymous Coward | about 5 months ago | (#46891993)

Yes they release every 6 months. What's your point?

Re:Next release... (1)

fnj (64210) | about 5 months ago | (#46894677)

[time between releases is] just really prolonged compared to other *nix distros

Horse shit. It's exactly the same timing as Ubuntu and Fedora and much qicker than Debian and Redhat Enterprise.

Re:Next release... (1)

unixisc (2429386) | about 5 months ago | (#46892073)

I was gonna ask - which year would people have to look out for now?

support for victims of exploding whale syndrome.. (-1)

Anonymous Coward | about 5 months ago | (#46890675)

unauthorized drones hoovering overhead as the residents stand their ground with hoses & rakes... a 6000 mile no-fly zone around the area should keep the rest of us safe for now...

Linux is dying (-1)

Anonymous Coward | about 5 months ago | (#46890697)

'nuff said.

Damn OpenBSD (0)

Anonymous Coward | about 5 months ago | (#46890739)

They do this just when I'm halfway done building my year 2038 bunker.

Re:Damn OpenBSD (1)

jones_supa (887896) | about 5 months ago | (#46891277)

You should call yourself lucky. I just made the finishing touches to my Y2K survival basement.

Re:Damn OpenBSD (0)

Anonymous Coward | about 5 months ago | (#46893239)

At least you're ready for Y3K.

Re:Damn OpenBSD (1)

TheRaven64 (641858) | about 5 months ago | (#46897577)

Pretty much all 64-bit systems have used 64-bit time_t forever, so the Y2038 problem is only an issue if people are still using 32-bit platforms in 24 years. Given that even ARM is now 64-bit, that seems quite unlikely (none of those old mainframes that were a problem for Y2K have this problem and most databases use 64-bit time values because people care about dates further in the past than can be expressed with a 32-bit UNIX time_t). Of course, Google has just released a new Java implementation for Android that does a load of void* to int32_t casts all over the place and is going to be almost a total rewrite to port to a 64-bit architecture, so you can't always trust big software companies not to be complete idiots...

OpenBSD + Truecrypt + Rip Anywhere Mp3 player (-1)

Anonymous Coward | about 5 months ago | (#46890777)

Give me an MP3 player which has the following features:

1. OpenBSD
2. TrueCrypt - choice of encrypting all of device with 1st run and in settings
3. Rip from any device - an extension to the device (like the front part of ST:TNG ship's dish which separates for example) which allows CDs to be inserted and ripped on the fly without a computer connection, and the ability to plug into any electronic device which has the ability to contain audio files, scan for, and rip any audio files - all with the option to convert them to a format of your choosing
4. Complete support of as many audio/image/video codecs as possible.
5. Nothing about the device should be proprietary, neither hardware or software.

Before you say, "Why would you want to use a device with the MP3 format?" As #4 points out, and you should really know unless you're trolling, if you look at all of the MP3 players currently for sale, most support many audio, image (JPG and more) and sometimes several video formats.

English? (0)

Anonymous Coward | about 5 months ago | (#46891023)

"Just as per the schedule"? Really?

Scheduled Release Dates... yes, really (0)

Anonymous Coward | about 5 months ago | (#46892393)

Yes, really. Here I provide you a summary of some regular release dates:

Gnome - March (version number increases by .2)
Ubuntu - towards end of April (LTS if this is an even-numbered year)
OpenBSD - May 1st (or, historically and occasionally, May 19th)
GNOME - September (version number increases by .2)
Ubuntu - towards end of October (hence why version numbers end with "10", it is the 10th month)
OpenBSD - November 1st

Firefox: New release every whenever-they-feel-like-it not-very-long
Debian: New release every whenever-they-feel-like-it yes-very-long

I'm sure there are other projects with regular schedules... I'd appreciate any reply comments about other major projects with known regular release dates.

Some notes related to Ubuntu:
Ubuntu has a history of releasing very 6 months. Mark Shuttleworth of Canonical (who releases Ubuntu) has expressed desire to synchronize with other projects:
Mark Shuttleworth: The Art of Release [markshuttleworth.com]
More recently, he may have drunk some of Mozilla's Kool Aid, though
Mark Shuttleworth: Let's Go Faster... [markshuttleworth.com]
discusses possibly turning Ubuntu into a "rolling release" cycle.

Anyway, getting back to OpenBSD, Theo seems quite dedicated to releasing the software when it is expected, and describes it as a result of their carefully controlled development process. (Even before their semi-annual release schedule, they had an annual release on December 1st. So, when they did change their schedule to release on November 1st, they were ahead of their old schedule.) So, they have demonstrated that they are carefully able to release on time. Slashdot Article on OpenBSD release process [slashdot.org] , Discussion on OpenBSD release cycle [undeadly.org] . Development is also discussed in the video at BSDNow.tv: Doing It de Raadt Way [bsdnow.tv] (which interviews de Raadt starting about 8min7sec into the show).

So, they stick to their schedule well. But why a semi-annual schedule? In Kernel Trap interview with Theo [martinusadyh.web.id] , Theo says, "We have a six month cycle for many reasons. First off, and most important to me personally, it is just the right length so that I do not kill myself."

USB Installer! (4, Informative)

Dimwit (36756) | about 5 months ago | (#46891107)

There's a USB installation image for i386 and amd64! Finally! Dear lord, it's been years. That's as big a deal as the time_t thing for me.

Re:USB Installer! (0)

Anonymous Coward | about 5 months ago | (#46891655)

It still won't boot on my 2011 imac, so it's worth fuck-all to me.

Re:USB Installer! (1)

Anonymous Coward | about 5 months ago | (#46892001)

A more flexible way to create an OpenBSD flash installer:
http://blog.breeno.net/2014/02/creating-flexible-openbsd-usb-installer.html

Signed packages! (1)

aNonnyMouseCowered (2693969) | about 5 months ago | (#46895537)

No, the biggest thing for me is the signed packages. For a security-focused distribution, the lack of signed packages seemed quite ironic.

NetBSD time_t (4, Informative)

Anonymous Coward | about 5 months ago | (#46891121)

I use OpenBSD almost exclusively, but in all fairness NetBSD was the first to move to a 64-bit time_t on all its platforms.

Also, there's no chance that Linux would ever make such a jump. They'll invent something complex and annoying to maintain backward compatibility with all the proprietary crapware. OpenBSD and NetBSD can do it because they're not afraid to make everybody recompile their software.

(For people who don't understand the issue: on NetBSD and OpenBSD time_t is now 64-bits, even on 32-bit platforms. So the 2038 problem is non-existent going forward, even for 32-bit software.)

You are correct (0)

Anonymous Coward | about 5 months ago | (#46891429)

Running NetBSD on a 64 bit Alpha really showed how broken a lot of software was.

Re:You are correct (0)

Anonymous Coward | about 5 months ago | (#46891739)

It used to be that running *anything* on an Alpha apart from VMS* showed how broken a lot of software was.

* Runing VMS just showed how broken VMS was.

Re:You are correct (0)

Anonymous Coward | about 5 months ago | (#46892239)

The OS itself was rock solid. I had the box running for close to a decade. The problem was trying to compile poorly written software. Still hard to believe that VMS is still supported on Itanium. I'd love to get some numbers on their user base.

Re:You are correct (1)

TheRaven64 (641858) | about 5 months ago | (#46897581)

Especially anything that used threads. Going from a strongly ordered x86, where basically anything is sequentially consistent for free, to the extremely weakly ordered Alpha, where things are only visible between threads with explicit barriers breaks a lot of stuff where people only tested on x86. ARM has a similar problem.

Re:NetBSD time_t (1)

unixisc (2429386) | about 5 months ago | (#46892095)

I think you got it the other way around - it's Linux that's unafraid to break backwards compatibility, while the BSDs are pretty religious about that point

Re:NetBSD time_t (1)

rubycodez (864176) | about 5 months ago | (#46893367)

but this openbsd release is a "flag day" release, meaning it *will* break old binaries, they need to be recompiled.

Re:NetBSD time_t (0)

Anonymous Coward | about 5 months ago | (#46893509)

I disagree. Look at multiarch support in Linux. There is little reason to support 32-bit binaries on 64-bit architectures, _especially_ for FOSS software. Yet modern Linux systems have a convoluted library system to support this. The BSDs, on the other hand, took the route of simplicity. 64-bit is 64-bit, 32-bit is 32-bit, and ne'er the twain shall meet (at least for x86).

I think you're confusing API and ABI backwards compatibility. Linux aims for long-term backwards compatibility for both ABI and API, but commercial vendors will cynically tell you that they suck at both. BSDs, however, generally only aim for API compatibility. They don't care about long-term ABI compatibility--just recompile your crapware for the new point release, already. That means they have more time and energy to focus on a consistent and sane API implementation.

Re:NetBSD time_t (0)

AndroSyn (89960) | about 5 months ago | (#46893883)

I disagree. Look at multiarch support in Linux. There is little reason to support 32-bit binaries on 64-bit architectures, _especially_ for FOSS software.

Not all platforms are as brain damaged as the x86. On SPARC64 type systems, you'll find that most all software is run in 32bit mode, as the ABI still allows you full register access. Most software doesn't need to access more than 4GB of memory anyways.

Also there is a lot of non-FOSS software that is only available as Linux x86 32bit executables, keeping that 32 ABI compatiblity sure is useful as well on a 64bit system.

It's not entirely unthinkable to run a 64bit kernel on X86-64 and run entirely a 32bit userspace, in fact, it might run a little bit faster as a lot of the software would have a smaller cache footprint, yet the kernel would still support large amounts of physical memory without PAE tricks.

Just because *YOU* think is convoluted and not useful, doesn't mean it doesn't make sense to someone else.

       

Re:NetBSD time_t (1)

TheRaven64 (641858) | about 5 months ago | (#46897585)

On x86, you can (now) use the x32 ABI to get the same effect. The problem comes when you need to run one or two 64-bit binaries. Now they are pulling in a different libc and so on and the extra i-cache churn from multiple copies of the same library can quickly offset the reduced d-cache churn from smaller pointers (main memory usage is largely irrelevant: it's rarely a bottleneck and the average 5-10% saving from reduced pointer size is in the noise).

So how does it perform? (2, Interesting)

Anonymous Coward | about 5 months ago | (#46891539)

I have used OpenBSD a number of times over the years but when I have tried to use it as a high performance server it falls on its face. Has it gotten any better?

Re:So how does it perform? (3, Insightful)

Anonymous Coward | about 5 months ago | (#46892119)

OpenBSD is not meant to be the fastest or most scalable OS in the world -- just the safest. The right tool for the job. You use OpenBSD as a firewall in front of your high performance server, which can then run whatever OS you choose. I wouldn't trust anything else. More specifically, the bare bones, well documented, best practice coded, continuously audited, secure by default approach means you can deploy an OpenBSD firewall router with minimal effort and minimal worry. Save the worry and effort for the potentially less secure OS's that are running behind the firewall.

Re:So how does it perform? (0)

Anonymous Coward | about 5 months ago | (#46893693)

Nothing like putting a superfluous firewall in front of a web application server which would only have port 80 open anyhow (or maybe port 22, too, but that's the least of your worries).

I agree that for high performance you're stuck with Linux. But slapping an OpenBSD firewall in front of your Linux application server doesn't magically make it any safer. Port 80 is still open, which for most intrusions is the only port that matters. And who seriously blocks outgoing connections? Your server must be doing something mighty boring to not need to make requests over the Internet. And good luck coordinating with the developers the precise IP addresses they'll be contacting.

For truly critical infrastructure, just use OpenBSD. Most critical services can be spread across multiple boxes.

Re:So how does it perform? (0)

Anonymous Coward | about 5 months ago | (#46895161)

There is no point in even using OpenBSD in that case. Your apps are still running on whatever high performance insecure backend you need. OpenBSD adds nothing.

Can I relax now? (1)

NMBob (772954) | about 5 months ago | (#46891631)

Does this mean I don't have to worry about Tuesday January 19, 2038 at 03:14:07 UTC anymore? What's the new date/time when things will crash and burn?

Re:Can I relax now? (1)

Jurily (900488) | about 5 months ago | (#46892793)

Using a signed 64-bit value introduces a new wraparound date that is over twenty times greater than the estimated age of the universe: approximately 292 billion years from now, at 15:30:08 on Sunday, 4 December 292,277,026,596.

Re:Can I relax now? (1)

NMBob (772954) | about 5 months ago | (#46892913)

Yeah, but isn't it going to take like 10^500 (or is it 10^800?) years for all of the baryons to fizzle out? Rats. More code to write.

Everyone forgot the most important bit! (1)

ConstantineM (965345) | about 5 months ago | (#46891871)

5.5 base signify pubkey: RWRGy8gxk9N9314J0gh9U02lA7s8i6ITajJiNgxQOndvXvM5ZPX+nQ9h
5.5 fw signify pubkey: RWTdVOhdk5qyNktv0iGV6OpaVfogGxTYc1bbkaUhFlExmclYvpJR/opO
5.5 pkg signify pubkey: RWQQC1M9dhm/tja/ktitJs/QVI1kGTQr7W7jtUmdZ4uTp+4yZJ6RRHb5

Heartbleed not fixed in 5.5 by default (0)

cmdrbuzz (681767) | about 5 months ago | (#46891961)

Just an FYI, heartbleed is not fixed in 5.5 without extra (source) patches.

See http://www.openbsd.org/errata5... [openbsd.org]

  002: SECURITY FIX: April 8, 2014 All architectures
Missing bounds checking in OpenSSL's implementation of the TLS/DTLS heartbeat extension (RFC6520) which can result in a leak of memory contents.
A source code patch exists which remedies this problem.

Re:Heartbleed not fixed in 5.5 by default (0)

Anonymous Coward | about 5 months ago | (#46892167)

Can't you just do apt-get upgrade or whatever the equivalent OpenBSD alternative is?

Re:Heartbleed not fixed in 5.5 by default (1)

rubycodez (864176) | about 5 months ago | (#46893245)

patching openbsd is usually this dance:

1. wget or whatever to download the patch
2. best practice, use "signify" to check signature
3. cd /usr/src and apply patch with patch -p0 my_patch.txt
4. make obj; make; make install

Re:Heartbleed not fixed in 5.5 by default (1)

rubycodez (864176) | about 5 months ago | (#46893257)

oh, slashdot filter knocked out the < sign; nice going for a supposed geek tech forum eh?

/. IS a geek tech forum (1)

ConstantineM (965345) | about 5 months ago | (#46894767)

patch -p0 < 005_openssl.patch.sig

Re:Heartbleed not fixed in 5.5 by default (2)

machine321 (458769) | about 5 months ago | (#46895593)

A third party has created an auto-update app.

https://stable.mtier.org/ [mtier.org]

Re:Heartbleed not fixed in 5.5 by default (0)

Anonymous Coward | about 5 months ago | (#46893725)

This is how you patch OpenBSD these days:
1. openup
2. profit

Shock and horror, no "???" step.
Seriously, that is how easy it is.
stable.mtier.org look it up.

I wonder whether DJB will be trying it out (0)

ConstantineM (965345) | about 5 months ago | (#46891967)

I just tweeted him to ask if he'll be switching back to OpenBSD now. :-)

https://twitter.com/Mcnst/stat... [twitter.com]

(DJB is known as @hashbreaker on Twitter.)

OpenBSD + TrueCrypt MP3 Player / Ripper (0)

Anonymous Coward | about 5 months ago | (#46892803)

Give me an MP3 player which has the following features:

1. OpenBSD
2. TrueCrypt - choice of encrypting all of device with 1st run and in settings
3. Rip from any device - an extension to the device (like the front part of ST:TNG ship's dish which separates for example) which allows CDs to be inserted and ripped on the fly without a computer connection, and the ability to plug into any electronic device which has the ability to contain audio files, scan for, and rip any audio files - all with the option to convert them to a format of your choosing
4. Complete support of as many audio/image/video codecs as possible.
5. Nothing about the device should be proprietary, neither hardware or software.

Before you say, "Why would you want to use a device with the MP3 format?" As #4 points out, and you should really know unless you're trolling, if you look at all of the MP3 players currently for sale, most support many audio, image (JPG and more) and sometimes several video formats.....

Wayland (1)

unixisc (2429386) | about 5 months ago | (#46896631)

Does OBSD include support for Wayland in 5.5? Is it stated for a future version, or have they decided to stay w/ X11?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?