trenchant.org

⦿

⦿

⦿

Operating systems, like religion or politics, are a subject best not discussed in polite society.

But why let that stop me. Anyway, sorry in advance.

· · ·

After a few months of tinkering I finally switched the server that powers this web site and my various remaining projects from Ubuntu to OpenBSD and it’s great. I love it.

Really, it’s great.

I’d like to claim this was a serious decision and not merely bike shedding. (Which is a popular geek term to refer to Parkinson’s Law of Triviality, which was popularized by the more popular than OpenBSD FreeBSD community.)

I’d also like to claim everything on my server is still working and not going to break.

Those claims are not verifiable.

Anyway.

Linux used to feel like the contrarian alternative OS for discerning computer enthusiasts but now that Linux powers the Android phones that half the world keeps in their pocket it feels less like an act of rebellion to use it and more the OS of choice for corporate super states. So probably this like 80% fashion and 5% post-facto rationalization and 15% completely legitimate rationales.

· · ·

Everything about modern operating systems is basically impossible and incomprehensible, as a general rule.

That’s what makes OpenBSD so great. It really breaks that rule.

The Incoherence of Modern Linux

I run my own Unix server and web sites and programs and experiments for fun.

Fun for me is taking things from idea to software, learning how stuff works, making computers do interesting things, and creating and sharing stuff.

Depending on what I’m doing I want to get into the “guts” of things and be close to the machine.

I’ve been using Linux in various ways on desktops and servers for 20 years. (I first used Red Hat linux the summer of 1997 during high school, after spending a weird summer getting a taste of overpriced Sun Workstations.)

But the last few years of using Ubuntu on this server have felt off.

Maybe it was the second time Ubuntu changed init systems and I had to learn yet another one. Or maybe when I looked at top and didn’t recognize a bunch of stuff. (Mostly systemd’s processes and dependencies and god knows what else Ubuntu has on by default.)

Linux has always sort of seemed like a beautiful mess – and never particularly coherent, but it never bothered me that much, until recently.

Recently, I’ve just been kind of annoyed with it. It feels – nonsensical.

Minimal Viable Unix

OpenBSD takes a different approach.

It’s quiet. Things are off by default. You have to figure out how to turn them on, and in the process learn enough about them to run them responsibly.

The initial set of “base” software is spartan by modern standards, but more than enough to do what I need. Installing software from ports and packages is straightforward.

When I look at the process list, there are no surprises.

It’s just enough operating system.

Coherence

Things don’t happen unexpectedly.

The system follows the principle of least astonishment. Things are predictable, in a good way.

The filesystem hierarchy makes sense.

The installer is text based and runs in a few minutes.

Releases happen regularly, every six months.

It all comes together and feels solid and coherent, rather than just disparate unrelated pieces.

Reading through Absolute OpenBSD: UNIX for the Practical Paranoid, I felt like I grokked what was going on..

Sane Documentation

People mention the quality of OpenBSD documentation, but it was hard to realize how bad things were in Linux or MacOS or other places until I started to use a system with really good, well written, comprehensive man pages.

Rather than futzing around on the web with varying sources of questionable quality, or reading manual pages that that too often are inconsistent with the actual working version of the software, OpenBSD man pages just work and are great.

It’s the first system where reading the manual seems to not just be reasonable advice to start, but most of the advice you’d need to solve the bulk of problems.

Continuity

In an alternate reality I became a weird grizzled systems administrator, but in this world I’m a product manager who tinkers with this stuff on the side.

I’m tired of the operating system I use feeling like shifting sand – arbitrarily changing things and breaking and being inconsistent.

I don’t need my Unix server to break backwards compatibility every few years in random, unpredictable ways, I want it to have some stability and continuity over the years in how it works and how I maintain it.

I’m not averse to learning new things and adopting new technologies, but I want it to be for valid reasons, not just a random walk wherever the whims of some random corporate benefactor lead.

I want /etc/motd work as expected – not be a descent into madness.

Security

Systemd may possibly be an NSA Plot.

I mean, probably not? But if the software you rely on is so confusing people think that may be a reasonable explanation for its complexity, that seems worrisome. (Remember when I said operating systems were like religion or politics and apologized in advance? Now it makes sense, right?)

The biggest security flaw in any system I’m using is generally me and the software I write, not low level operating system exploits, so security is not really my focus.

I appreciate OpenBSD’s focus on security, mostly because it leads to making the system easier, more coherent, and better. A focus on minimizing risk, attack surface, and making coherent, understandable, robust systems seems to have led the project to a good place.

Why Not

Hardware compatibility – some hardware appears to be harder to get working (or, purposefully doesn’t work as a result of not taking close source binary blobs to get some things working). This doesn’t matter to me on servers, but does matter to me on a desktop (I’ve in too deep with MacOS, Thunderbolt 3, and this stupid 5k monitor I bought.

Performance – me and my personal projects are extremely unpopular so this is not really an issue for me. If you are working on something where scale and performance at the OS level actually matter, you probably have strong feelings about which Linux kernel you’re using and low level optimizations and file systems and things I don’t worry about. OpenBSD performance is fine for me.

Virtualization – support for OpenBSD in modern VPS hosts is a bit rarer. Vultr is probably the easiest to get it working. I managed to get it to work on Linode but that is probably more trouble than its worth.

Updates – things can be slightly more complicated than apt-get upgrade, though you can get pretty close if you try.

Support – OpenBSD doesn’t seem intended to solve everyone’s problems, or be the most accessible or easy to start or use software, and the community is a lot less interested than (for example) the 90’s linux community about convincing anyone to use their software. (IE, people are smart and helpful but you probably can’t expect the same support from the software or small community compared to some of the alternatives.) Which is fine, for me, but if you’re just trying to figure out how to use Unix for the first time, maybe just stick with Ubuntu.

Or go with OpenBSD because it’ll be cooler and more interesting and make more sense and everyone will be like “wtf” when you tell them that’s what you use.

Further Reading

• Why OpenBSD – Frederic Cambus
• OpenBSD 6.1 : why and how – Derek Siver
• OpenBSD from a veternal Linux user perspective – Carlos Fenollosa
• quobit/awesome-openbsd
• Dieter Rams: As Little Design as Possible