BSD DevCenter
oreilly.comSafari Books Online.Conferences.


Big Scary Daemons Installing OpenBSD 3.1

by Michael W. Lucas

OpenBSD has always been on my "must toy with" list, so the recent release of version 3.1 made it seem like a good time to check it out. The OpenBSD Web site shows that OpenBSD includes all of the usual BSD goodies; heaps of programs, an extensive ports tree, good documentation, and so on. Their security claims are intriguing, and some of the features (such as authpf) seem quite interesting. But marketing claims made on a Web site can be quite distant from reality, so I decided to install the OS on both a desktop and a laptop and see what I could do.

These installs were done in standard "hurried sysadmin" mode; skim the documentation, throw in the boot disk, and go. This was a conscious decision on my part, to simulate what people really do. We all know that the documentation should be thoroughly digested before you start running any product, but how many systems administrators actually bother? (The OpenBSD folks do everything they can to encourage people to read the documentation, short of individualized death threats. If you post a question to their support mailing list without reading the documentation, you will be either flamed or ignored. Consider yourself warned.)

The desktop is a Compaq Pentium 166, with a second network card and a second hard drive. This machine served as my firewall for quite some time, but hadn't been booted in almost a year, so I wasn't quite sure if it still worked. (This might not be a fair test, but a quick check of any BSD support forum will show that it's fairly common practice.) At one time I had known what hardware was in the box, but other than a vague recollection that one of the hard drives was only 2GB I really had no idea what was plugged into that motherboard.

My first annoyance was that the disk labeling instructions scrolled off the top of the screen. I could have fixed this by changing the terminal type to give me some extra lines, way back at the beginning of the install process, or by using a serial console, but that wouldn't fit with my "hurried sysadmin" install. Fortunately, I had the FAQ close at hand, and was able to grab the first couple of lines of the instructions from that document.

My only real stumbling block arose from my ignorance of my own hardware. I had a plugged my Ethernet cable into the network card on top. Both network cards showed up, one as dc0 and one as ne0. Which was which? I could have stopped the install, cracked the case, and learned which was the ne2000 clone, but that would have meant starting over. I randomly picked one, and the FTP install failed. I switched to the other card, and the install still failed. With such an old system I could have had a bad cable or failed card, not an installer bug.

Before rebooting to look at my hardware, I decided to try to fix it in the installer. The OpenBSD install process is just a script. If you leave the script, you're at a standard Unix command prompt. With a few ifconfig statements, I was able to see that the media autodetection had failed because my randomly chosen Ethernet card didn't have the cable plugged into it. I set the media manually, went back into the install script, and continued. The install script even remembered the configuration I'd given it so far!

The FTP install started smoothly, and I went off to dinner. When I returned, I rebooted to a fully functional OpenBSD system. My only real annoyance was that the "full" install didn't install the ports tree. I was able to grab this from the FTP site and untar it on the local hard drive. My two vital programs that absolutely must be on all of my systems, tcsh and emacs, compiled from ports without a hitch.

Also in Big Scary Daemons:

Running Commercial Linux Software on FreeBSD

Building Detailed Network Reports with Netflow

Visualizing Network Traffic with Netflow and FlowScan

Monitoring Network Traffic with Netflow

Information Security with Colin Percival

The laptop was a little more interesting. It's a Toshiba 2800-S201, fairly modern, with a 40GB hard drive. Since this is my everyday work machine, and absolutely must be in operational condition during working hours, I decided to do a dual-boot FreeBSD/OpenBSD install on a Saturday morning.

OpenBSD's root partition must be installed in the first 8GB of a hard drive, and it can only be installed in a single, contiguous partition. I installed FreeBSD first, but left the first 20GB of the disk blank for my OpenBSD install. This gave me the FreeBSD boot manager, which was a vital part of this process--OpenBSD does not have its own boot manager. My laptop refused to boot the OpenBSD CD-ROM, so I elected to use a boot floppy. OpenBSD provides a special laptop boot floppy, but since a hurried sysadmin wouldn't bother with such things, I grabbed the boot floppy I used for my desktop's FTP install. Despite all the funky hardware you find in laptops, the standard boot floppy worked fine.

The most difficult part of the install was to make each operating system on the laptop view partitions belonging to the other operating system. FreeBSD had no trouble seeing and mounting the OpenBSD partitions, despite some complaints about the number of partitions that slice supported. OpenBSD didn't see the FreeBSD partitions, however. A bit of examination showed that the OpenBSD disklabel didn't have entries for the FreeBSD partitions. I booted into FreeBSD and copied the disklabel to a file in the OpenBSD space. I then rebooted into OpenBSD, and manually added the partition information to the OpenBSD disklabel. It worked flawlessly--OpenBSD even uses the FreeBSD swap space!

XFree86 configured seamlessly on the known hardware of the laptop. The desktop was another matter, but I spent most of that time trying to understand what hardware I actually had. OpenBSD can run both FreeBSD and Linux programs almost out of the box, just by installing a port. I suspect that I can do some other interesting tricks to improve OpenBSD's FreeBSD compatibility, but that'll have to wait for another day.

Overall, both installs were comfortable and functional. I have one killer issue with the laptop, however, that prevents me from switching to OpenBSD for any length of time. The fan doesn't start up. Since I hold this laptop on my lap for several hours a day, this is bad. While BSD is hot, I don't actually want to get blisters from running it, let alone damage the laptop! Since OpenBSD is squarely targeted at servers, and laptops are something of an afterthought, I'm not too surprised by this.

Still, the desktop is nice. OpenBSD supports everything I need. I can surf the Web, transmit email, connect to other systems, listen to CDs, and in general have a good old time. My biggest surprise was that the default install has a few daemons listening to the network. It would be easy to say that the default install is unhackable if you turn off everything on the network, but when you have portmap, identd, and a few other small services running that claim actually means something. I suppose you can do things like that when you code securely and correctly.

Michael W. Lucas

Read more Big Scary Daemons columns.

Return to BSD DevCenter.

Sponsored by: