This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: BSD

Using OpenBSD on the desktop

By Manolis Tzanidakis on April 21, 2006 (8:00:00 AM)

Share    Print    Comments   

Over the years, OpenBSD has built a reputation for integrated security and reliability, but most people think of it as an operating system suitable only for firewalls and servers. The truth is that OpenBSD also works well as a desktop system; in fact, I use it on an IBM ThinkPad R50e notebook as my main system.

The clear advantage of OpenBSD over other operating systems is the security it offers. The basic philosophy of the project is that security comes as a result of clean, correct code design. A quick search on the BUGTRAQ mailing list archive shows that bugs found on programs do not affect OpenBSD or were already fixed. Of course, given some work by users, security can also be improved on other operating systems, but OpenBSD is "secure by default"; no remote-listening daemons are enabled and features such as ProPolice and the new mmap-based malloc function (introduced in version 3.8) assure that your system is protected from yet undiscovered software bugs and zero-day exploits. The Internet is not a safe place and lots of people want to crack our systems for fun or profit, so it's better to be protected as best as we can.

OpenBSD's clean code and design also provide rock-solid stability. I used to have lots of problems and crashes with new versions of Linux (kernel 2.6.x) and FreeBSD (versions 5.x and 6.x). The main focus of OpenBSD developers is to provide programs that work efficiently and thus prefer to improve their code rather than just add more new features and end up with a bloated and unstable product.

OpenBSD supports a wide range of hardware -- check the official supported platforms list and this unofficial site to find if your hardware is supported. OpenBSD is ideal for older hardware too. Man pages of device drivers also list supported hardware; for instance, the ath man page has a list of specific vendors and models of wireless network adapters based on Atheros chips. If you carefully select your hardware you should have no troubles, since all supported hardware works out of the box on the default installation.

Installing and configuring OpenBSD is not as difficult as you might think. It's like setting up a GNU/Linux distribution that lacks graphical configuration tools, such as Slackware or Gentoo. An experienced Linux user should feel right at home, and an inexperienced one should not have any difficulties after reading the installation guide. One significant feature of OpenBSD is the documentation; every part of the OS (both kernel and userland) has a man page and the FAQ is quite helpful, especially for new users.

OpenBSD ships X.Org packaged as x*.tgz installation sets. If you don't select them during the initial installation, you can easily install X afterwards by unpacking the tarballs in / with a command like for i in x*.tgz; do tar -zxvpf $i -C /; done. The supplied /usr/X11R6/README file includes instructions on how to set up required kernel parameters and create a configuration file for your system.

The only problem with X is that OpenBSD has no 3D acceleration (DRI) support, which means you can't play games that require it. However this a good compromise between functionality and security; for more information check this post by OpenBSD project leader Theo de Raadt on the openbsd-misc mailing list.

OpenBSD uses the ports package management (a source-based system similar to Gentoo's portage) for installing third-party applications. Installing an application from ports is simple -- just unpack the ports collection tarball, ports.tar.gz, from the installation CD-ROM or an FTP mirror into /usr by issuing tar -zxvpf ports.tar.gz -C /usr, then switch to the directory of the application you want to install and run make install clean. Ports will download the source code package, apply any required patches, compile, and install the application along with its dependencies automatically. OpenBSD offers pre-built packages for most ports, which can be installed easily using a command like pkg_add pkgname . For more information about ports and packages you should read their man pages and chapter 15 of the project's FAQ.

Third-party applications in ports are not extensively audited for security flaws, so I'd suggest building applications as a non-root user and using sudo for the parts that require root privileges, such as the installation phase. To allow non-root users to build ports, change the group of the ports directory to wsrc with the command chgrp -R wsrc /usr/ports, and allow write access to members of that group by issuing chmod -R g+w /usr/ports. After that, add your non-root user to the wsrc and wheel groups with usermod -G wsrc,wheel username , run visudo to edit the sudoers file and uncomment (remove the # character) the line #%wheel ALL=(ALL) ALL. Instruct ports to use sudo for installing packages by issuing echo 'SUDO=/usr/bin/sudo' >> /etc/mk.conf. All these commands must be run by root.

To further improve security you can use systrace to force the build procedure to stay inside allowed directories, and prohibit writing in illegal places, thereby reducing the risk of a damaged system. Just run echo 'USE_SYSTRACE=Yes' >> /etc/mk.conf as root to enable it. This adds about 20% overhead to build times, but, in my opinion, it's worth it.

OpenBSD offers a broad selection of window managers. Both KDE and GNOME are available, along with other popular window managers such as Xfce, FVWM, and Fluxbox.

You also have a choice of Web browsers. Firefox is available, but installing Java and Flash Player plugins for it is not an easy task. The Java plugin is part of the Java Development Kit (JDK). Because of Sun's restrictive SCSL license, pre-built JDK binary packages cannot be shipped by OpenBSD, so you must build them from ports -- a time-consuming process. It took around about six hours to finish on my 1.5GHz notebook with 512MB RAM, and required almost 2GB of disk space.

By contrast, Adobe distributes the Flash Player plugin only in binary form for Linux, and offers no native OpenBSD version. Luckily, OpenBSD supports running Linux binaries under emulation without noticeable speed loss. However, Linux shared libraries and modules cannot be used with OpenBSD executables, so to use Flash Player you will need a browser built for Linux as well. If you prefer an alternative to Firefox (for which a Linux version is of course available), Opera and a Flash plugin for Opera are available in ports, though they cannot be distributed as packages due to licensing reasons. You can install them by running make install clean from their directories in ports.

For more information about Java and Flash you should check the OpenBSD FAQ, which also has instructions on how to build JDK.

Openoffice.org does not have a native port for OpenBSD either, but it runs perfectly under Linux emulation. Check this site for instructions and this one for unofficial OOo ports and packages. For an explanation for the lack of a native port you should check the slides from the recent Hackathon in Venice. Other office applications, such as Abiword and Gnumeric, work without problems.

OpenBSD supports printing through the supplied spooler daemon, lpd, or by installing CUPS, the spooler most GNU/Linux distributions use by default. I had no problems printing on my Hewlett-Packard Deskjet 3940 printer. I installed CUPS on my system using the pre-built package, followed the instructions on the install message on how to replace the supplied lpd spooler with cupsd, and finally configured my printer using the CUPS lpadmin tool.

Most multimedia applications available for Linux are ported to OpenBSD. I use XMMS for audio playback, abcde for converting my audio CDs to Ogg/Vorbis, the GIMP and ImageMagick for image editing, Audacity and SoX for audio processing, and MPlayer for video playback and encoding. I installed all these applications from packages, except for MPlayer, whose build I chose to optimize for better performance, especially for encoding with mencoder. In order to optimize it on i386 machines, switch to the x11/mplayer directory in your ports base (usually /usr/ports), open Makefile with your favorite editor, find the line --enable-runtime-cpudetection and replace it with --disable-runtime-cpudetection. Then run :

export CFLAGS="-march=CPU_ARCH -O3 -fomit-frame-pointer -ffast-math"
make install clean
unset CFLAGS

replacing CPU_ARCH with your CPU type -- for example, pentium3 or athlon. The aforementioned CFLAGS may cause stability problems on MPlayer -- although they work fine for me -- so if you find any problems, try to reproduce them using the pre-built package before sending any bug reports. Invoke pkg_info mplayer | less for instructions on how to enable playback of proprietary formats, including RealAudio and WMV -- with Win32 codecs on i386 systems.

OpenBSD doesn't support FireWire devices, so you can't use it to import video from a digital video camcorder.

For more information on multimedia -- how to configure your sound card, play audio CDs, and burn CDs and DVDs -- read chapter 13 of the FAQ.

OpenBSD's clean design and remarkable stability, along with its proactive security, not only make OpenBSD a potential candidate for home desktop users but also every system administrator's dream come true for business environments.

Share    Print    Comments   

Comments

on Using OpenBSD on the desktop

Note: Comments are owned by the poster. We are not responsible for their content.

But where are the screenshots?

Posted by: Anonymous Coward on April 22, 2006 08:00 AM
They're on the Wikipedia's commons of course, <a href="http://commons.wikimedia.org/wiki/Category:OpenBSD" title="wikimedia.org">http://commons.wikimedia.org/wiki/Category:OpenBS<nobr>D<wbr></nobr> </a wikimedia.org>. The Wikipedia article is also pretty nice about OpenBSD, <a href="http://en.wikipedia.org/wiki/OpenBSD" title="wikipedia.org">http://en.wikipedia.org/wiki/OpenBSD</a wikipedia.org>

#

Re:But where are the screenshots?

Posted by: Joseph Cooper on April 23, 2006 09:08 AM
We all know what our window managers look like, not much point in making more screenshots...

#

Re(1):But where are the screenshots?

Posted by: Anonymous [ip: 217.194.139.131] on September 14, 2007 02:59 PM
I think my nipples are getting bigger...

#

Always interested in BSD...

Posted by: Anonymous Coward on April 22, 2006 11:21 PM
I've always been interested in BSD, being a long-time Linux user my main interest lies in the kernel architecture of BSD.

All the caveats you mentioned (Java, Flash, Firewire, etc etc) make me not want to rush out and try BSD anytime soon. The linux compatibility is nice, however I already run Linux. It's like telling a Windows user that they should run Linux since WINE can run a few of the programs they use. It's a hard sell.

Thanks for the aritcle.

#

Re:Always interested in BSD...

Posted by: Anonymous Coward on April 23, 2006 10:50 AM
Java is Sun's dish, if they don't want to be nice to the world, the world doesn't have to be nice to them. Since both Java and Flash work fine for people who have no moral involvement in Free Software, I don't see why you worry over them. Firewire on the other hand is simply a matter of noone caring about it, not a single OpenBSD cares about Firewire and thus it is not supported, if you care about it, code for it.

#

Re:Always interested in BSD...

Posted by: Anonymous Coward on April 23, 2006 10:58 AM
The compatibilty layer only comes into play when dealing with binaries, anything that is written properly can be compiled for OpenBSD just the same as for Linux distribution: XYZ. Man, I thought you Linux users cared about your Free Software Foundation defined Freedoms, where's that one about the code?

#

Re:Always interested in BSD...

Posted by: Anonymous Coward on April 24, 2006 06:12 AM
Most Linux users don't give a damn about Free Software Foundation defined Freedoms, they just want a system that works.

#

Re:Always interested in BSD...

Posted by: Anonymous Coward on April 24, 2006 12:30 PM
That's true, and those people should go back to their Windoze systems or pony up for a Mac.

Free Software is all about the freedom. At home, I run Slackware 10.2 (no Sun Java), and I simply refuse to purchase hardware for which there aren't Free drivers. I do not use any non-Free software at home, either, nor do I recommend non-Free software or hardware to others.

While I am primarily a GNU/Linux user, I have no problem with the BSD's, and I actually actively like OpenBSD and what their developers stand for, even if they can be somewhat acidic when not necessary. I applaud their efforts directed against hardware manufacturers who are not friendly to Free Software, and I find myself often using OpenBSD's hardware compatibility list when considering hardware for purchase. It's why I haven't bought any video cards in the last several years. The ones that I have aren't the latest/greatest, but 1.) they aren't broken, 2.) they are more than good enough for my needs, and 3.) there are Free drivers available for them. Any hardware purchase I make, I check that first.

Many "Linux users" don't care about the Four Freedoms. Well, this (mostly) GNU/Linux user *does*.

#

Re:Always interested in BSD...

Posted by: Anonymous Coward on April 25, 2006 05:03 AM
That's true, and those people should go back to their Windoze systems or pony up for a Mac.

And why is that?

#

Re:Always interested in BSD...

Posted by: daniel1986 on April 25, 2006 01:35 PM
Even RMS himself says he'd rather have people using free software even if those users don't care about their freedom. If you are a true free software advocate, you should be that way too instead of telling people to go back to "Windoze" or get a Macintosh. You have no right to tell people what they should use. Maybe these people do want to use as much free software as they can but they need a couple of proprietary software programs. I am that way. Sure, I really do want it all to be free software, but it's kind of unrealistic to expect everybody who uses GNU/Linux to do what you do all the time.

#

OBSD works just fine as a desktop

Posted by: Anonymous Coward on April 23, 2006 08:04 PM
This site has some good info for the beginner:

<a href="http://www.wbglinks.net/pages/openbsd/" title="wbglinks.net">http://www.wbglinks.net/pages/openbsd/</a wbglinks.net>

And a screenshot of OpenBSD as a desktop:

<a href="http://www.wbglinks.net/pages/about/album/more/openbsd38.html" title="wbglinks.net">http://www.wbglinks.net/pages/about/album/more/op<nobr>e<wbr></nobr> nbsd38.html</a wbglinks.net>

#

Re:OBSD works just fine as a desktop

Posted by: Anonymous Coward on April 24, 2006 12:38 PM
Of course it does. I've used it as a desktop OS myself before, and one guy I know runs it on his (non-work) laptop today.

The problem is that there's a bunch of folks out there who create content in non-Free formats (Flash, Winblows Media, etc.). Some, especially Windows and Mac users, just don't care. But OpenBSD will not accept anything into it that is not Free. Period. And I applaud them for that. Would that Linus Torvalds would take a similar attitude!

#

Linux users are lazy

Posted by: Anonymous Coward on April 24, 2006 01:40 PM
Linux users are just as lazy as Windows users.

They want everything point-n-click. OpenBSD doesn't afford such luxuries, you have to actually know what you are doing to get flash, java and Windows media to work on OpenBSD. And yes, java, flash and Windows media works just fine on OpenBSD.

#

Re:Linux users are lazy

Posted by: Anonymous Coward on April 24, 2006 08:11 PM
That depends on the Linux user as well as the distro in question. Those kinds of generalizations are just what the Free Software world doesn't need. Remember that we're on the same side here.

I myself use Slackware with all of the above, both on my desktop and one of my laptops. For school computer labs, I'll use K12LTSP. My Ultra 5 runs OpenBSD. It's about using the *best* tool for the particular job at hand. GNU/Linux is excellent for certain tasks (SMP being one very good example; it's quite mature at this point), and OpenBSD is excellent for others. And you're quite correct; the above items that you mention do indeed work on OpenBSD, with some effort.

Freedom is what matters first. If OpenBSD floats your boat, great! If, say, Fedora Core floats your boat, great! I myself will continue to use primarily Slackware, since it does the job best, in my experience, on my specific hardware, and permits me to compute in Freedom.

#

Re:Linux users are lazy

Posted by: Joseph Cooper on April 24, 2006 09:55 PM
AMEN.

Stupid Linux people, wasting all their free time doing enjoyable things instead of spending all night coaxing libAVfile to compile so they can compile FFMPEG so they can compile MPlayer only to find out that they forgot to figure out how to get the FBSD NVidia driver to work so that the video doesn't run like ass.

Sheesh! What a bunch of lazy dorks!

#

Re:Linux users are lazy

Posted by: Anonymous Coward on April 25, 2006 03:22 PM
You never heard of ports, huh doucheman?

#

Love it's lack of features for a desktop....

Posted by: Anonymous Coward on April 24, 2006 10:11 PM
No working LKM for 3d drivers...
No Bluetooth...
No ACPI that allows HT to work...
No Ndis wrapper equivalent. (even netbsd has this) for those closed drivers.
And oh yeah, the ever increasing list of applications Theo and others have deamed "not needed" (e.g. ethereal, driftnet,<nobr> <wbr></nobr>...)

Even the developers like Marco do not even run OpenBSD on their laptops...

#

Re:Love it's lack of features for a desktop....

Posted by: Anonymous Coward on April 25, 2006 01:23 AM
You're an idiot son, OpenBSD developers don't advocate soley using OpenBSD, they expect you to use what is best for the job at hand, OpenBSD developers do not exclusively use OpenBSD for everything.

Ethereal was deemed "fucking broken beyond all hope of repair" and removed from ports because of it. The developers of Ethereal are incompetent and incapable of making safe code.

Hyperthreading has not only been deemed dangerous, but stupid by several OpenBSD developers, if you can code a safe way to use the technology, supply the patch.

ndis nonsense like project evil are explicitly vetoed because of that whole nonfree thing, even mentioning it makes you a stupid punk looking to stir shit up.

You want bluetooth? Code for it, noone working on OpenBSD gives a rat's ass about it and thus there is no code for it.

OpenBSD does not support loadable kernel modules and it does not support binary blobs, so you're not going to find either on OpenBSD for your beloved 3d.

Fucking troll.

#

Re:Love it's lack of features for a desktop....

Posted by: Anonymous Coward on May 01, 2006 10:36 PM
He does have a point<nobr> <wbr></nobr>;) But if you don't really need those things it's ok. I wish DRI was available for openbsd. I use dri on freebsd and I can play lots of games, and DRI is free.

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya