Spool Five

OpenBSD Experiences

A short post to talk about my experience with OpenBSD. It’s not a guide or anything, just some rough thoughts. Somehow, working with OpenBSD gives me the same comfortable, distraction-free feeling I get browsing Gemini.

I installed it on my laptop (a Thinkpad X230) a few weeks ago. So far, it has been working great.

Installing

Installing the system, to my surprise, was very straightforward. It didn’t take long at all. There is just a series of command-line prompts, most of which you can just choose the defaults. It took about 10 minutes. It’s the easiest and fastest operating system I’ve ever had to install. There is a key reason for this, which I’ll go into more below.

Configuration

I’ve installed arch a few times, on a few different systems. It’s also pretty straightforward, but can be a bit ‘opaque’ in some ways. The process of actually partioning/mounting the drives, chrooting, etc., all makes sense, and you can get your head around it after some time.

I always struggle, however, with what comes next. Once you have the linux kernel installed and the system up and running, you have to make some choices. You have to choose things like your display manager, desktop environment/window manager, login manager, different utilities, etc. This total freedom and choice is great in so many ways. But, for someone like me, who isn’t that well-versed in all the intricacies of all the different environments and tools, you basically end up on the web, jumping between the arch wiki, stack exchange, etc., reading about random people’s configurations and systems. I usually just blindly install package after package (with dependency after dependency) until everything starts to fit together. It usually works fine, but I’d be lying if I said I had anything beyond a surface understanding of all the different parts and how they fit together.

So, the configuration process for arch can take a long time, depending on the system you want running.

If you didn’t know, OpenBSD differs from GNU/linux in that the ‘slash’ from GNU/linux doesn’t exist. That is, the kernel and the system utilities are all developed together under the same umbrella. When you install OpenBSD, most of the utilities you will need are already present. This approach feels far less ‘hacky’, which is both a good and bad thing. On linux, I do love that if I need my computer to do something, I can just look it up online and usually there will already be some kind of amazing script or software someone has written for a similar task or service. Sometimes, I can even just enter a keyword into the aur manager, and something will pop up. Still, all these scripts and tools add up and make the process of ‘rebuilding’ the system each time take longer and longer. That feeling of ‘stitching’ things together is absent on OpenBSD (so far, at least). What I get in place of that instant access to tons of amazing programs is peace-of-mind and a kind of ‘slow’ computing.

One of the things mentioned so often about OpenBSD is that the documentation is incredible. It’s true. When you want to understand how to use something, you read a manual that doesn’t just list the possible arguments for the commands, it also provides some context and a general explanation of the tool. Reading the manual pages in OpenBSD is to reading the Arch Wiki as reading Gemini posts is to browsing the web. They encourage slower, more careful parsing of the language.

Because of this, I opted to stick mostly with the built-in system utilities. I use CWM as the window manager, and KSH as the shell. I have around 150 packages installed on OpenBSD, and usually around 1200 on my arch-based computers.

Security

OpenBSD is also known for its security. It has lots of fancy things that I’m not going to even try to understand, like re-linking the kernel on each reboot( KARL), pledge, privilage separation, and unveil.

I remember early on, I was writing something in emacs org-mode. Org has an export feature that lets you export to html and then view the output in your browser (it automatically opens the html file in a browser). I exported some markdown text, but when the preview opened in the browser (Chromium), it had a ‘file not found’ error. I tried opening the html file directly, and it still wouldn’t work. I think I gave up on it after that.

Anyway, not long after, I realised that the Chromium in the OpenBSD package repository is specifically ported with an additional feature - Chromium can only access the /home/user/Downloads folder on the filesystem. Sure enough, I moved my org-exported html file to the Downloads folder it worked just fine! I was impressed with the thoroughness of the systems security and the way that permissions are divided up so well.

I’m not sure if it’s a media-hype thing, or if cyber attacks are actually becoming more persistent and severe, but somewhere at the back of my mind I have the feeling that learning more about OpenBSD and trying to use it every day more is akin to those people building a bomb shelter during the cold war. Probably shouldn’t be the main reason to use OpenBSD, but you never know…

Wed Oct 20, 2021 - 883 Words

Tags: bsd linux