impressions of a new user

["Charles J. Fisher" <cfisher@rhadmin.org>]

I switched to OpenBSD from RedHat a few months ago, shortly after RedHat
started messing with up2date.

While I'd never go back at this point, someone recently asked me what I
thought about OpenBSD. I thought that it might be productive to share my
impressions.


Thinks I like:

Here is a list of the RedHat 9 errata [redhat.com]. Here is the list of
OpenBSD 3.3 errata [openbsd.org]. Notice a slight difference in the number
of errata that have been issued between these distributions? I may be
generalizing, but when you need hardware compatibility, go with Linux;
when you require security, go with OpenBSD.

If you run OpenBSD, you will immediately notice your Apache process:
httpd: parent [chroot /var/www] (httpd)
AFAIK, OpenBSD is the only UNIX(like) distribution with chroot Apache out
of the box.

OpenBSD comes with the spamd daemon/system, which pulls information from
spews.org and links it into the local pf routing, pointing spammers at a
resource-consuming tarpit at little cost to you.

More importantly, this software is bound by the BSD license, which gives
you much more freedom to do with the code as you will. Apple Mac OS X
probably couldn't have been done with a GPL system (excepting gcc), for
example. While the GPL is fantastic in that it will eventually destroy
Microsoft, if you truly love software freedom, you will prefer BSD.

All the BSDs continue the legacy of the CSRG at UCB. Each (major version
of) BSD is worth preserving for historical purposes alone.


Things I don't like:

I hate rc.conf. RedHat's "service httpd restart" is much easier than
digging the options up out of the /etc/rc* files.

In fact, I really miss the SysV init scripts. OpenBSD should have a switch
you can throw that forces init to follow a SysV-style behavior. This would
let the userbase decide how OpenBSD develops.

bzip2 is not part of the base distribution. RedHat converted to bzip2 some
time ago, while OpenBSD still relies on gzip. This a) wastes download
bandwidth, and b) wastes space on the OpenBSD cds. I probably shouldn't
complain, but releases for some architectures aren't on the cds at all
(alpha), and some have incomplete package collections (sparc). This is a
stupid waste, forced by tradition alone. OpenBSD 4, when it comes out,
should use the best compression available, no compromises.

A DVD distribution might be nice.

Mozilla doesn't work. Gimp is available, but there is no complete gnome
port. I hate konq.

(pd)ksh is not configured very well; everything is configured for (t)csh.
There was no /etc/profile (if I remember correctly). It is sad to see
OpenBSD and Apple using such a discredited shell. csh has profound
problems as a scripting shell, and people should use the same shell for
scripting that they use interactively.

sendmail.cf is not sufficiently flexible. Under RH6.2, I was able to use a
mailertable entry of the form "pickydomain.net SMTP:[mail.myisp.com]" when
a remote MTA insisted that I relay through my ISP. While I am no sendmail
expert, this doesn't seem to be (easily) possible under the OpenBSD
configuration. I copied RedHat's sendmail.cf to restore this
functionality.

Some of my pcmcia network configuration was pure hell.

pkg_add should do more with PKG_PATH. Part of the installation should find
the mirror with the best ping time/hop count/bandwidth, and install this
mirror in /etc/PKG_PATH as the default source for all future installs.
root should be able to trigger such a scan at any time.

The installer is a bit spartan, and also a bit confusing. OpenBSD's
installer works in three phases: format file systems, untar the base
operating system, configure the boot manager and sundry tasks. These
sections should be clearly labeled, and something should be done to make
them easier to understand (esp the "p m" option in creating the disklabel
- "m" should be the default). A GUI instaler isn't really necessary, but
something with curses would be better than what is currently used.

The documentation for the default NAT configuration (SOHO) ends up denying
all connectivity to the OpenBSD router (RedHat does this also). When I
want to turn on the POP server for a few minutes, I don't want to hassle
with pf.

What is the sense in bundling a POP server in the base operating system,
but not bundling an IMAP server?

    ---------------------------------------------------------------------------
   / Charles J. Fisher                   |"Dig within. There lies the spring /
  /  cfisher@rhadmin.org                 | of good: ever dig, and it will   /
 /   http://rhadmin.org                  | ever flow."  -Marcus Aurelius   /
---------------------------------------------------------------------------