[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Extra juicy! | Home]

BSD thread! Poasting from OpenBSD server++ Pledge is modes

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.

Thread replies: 78
Thread images: 8

File: puffy.gif (121KB, 500x453px) Image search: [iqdb] [SauceNao] [Google]
puffy.gif
121KB, 500x453px
BSD thread!

Poasting from OpenBSD server++

Pledge is modest but it == an impromptu code review
http://www.tedunangst.com/flak/post/going-full-pledge

Any other news? FreeBSD sites?

Gonna keep puffin and only do crypto on a capable machine. All BSDs share these benefits and Linux too. Don't trust a 1-year upgrade cycle with a key you may need for a decade

Peace
>>
oh I was gonna delete this and saw the other thread started with an invalid BSD command and soon got contaminated anyway

let's keep this one real
>>
>>51445514
Is font rendering of openbsd good?
>>
>>51446315
>using X11
>>
>>51446328
>not using BSD as daily driver
>>
>>51446315
It uses Freetype and Fontconfig just like Linux. Most of the fancy patches to enable really nice font rendering have been upstreamed for a couple of years now, so yes.
>>
I wanna start using BSD what distro or flavor what ever its called should i start with
>>
File: u.jpg (21KB, 316x542px) Image search: [iqdb] [SauceNao] [Google]
u.jpg
21KB, 316x542px
>>
>>51447456
the world's gayest fish

why is their mascot so awful
>>
>>51446537
>using X11 on your daily driver
>>
>>51447295
OpenBSD you nigger.
>>
>>51445514
Open bsd is as airtight as a prostitutes arsehole.
>>
>>51446315
garbage

hope you enjoy having x11 like an NES cartridge with glitches and shit.

contrast that against Metal API, OS X and Retina.

Pure bliss.
>>
>>51448097

I can't even tell who's trolling and who's serious anymore.

Feels like it's gotten a lot worse the last couple days, it's gotten so bad I actually wish the excrement-memers would come back
>>
>>51448134
>>51448097

well im a natural troll and pretty senior (27), as for the other fucks, they likely never used openbsd
>>
Is there any non-annoying way to make a bootable OpenBSD flash drive with a Windows system? I want to put it on one of my spare x60s and I don't feel like digging around my garage to find the power cord for my external optical drive.
>>
>>51450024
If anything I'd just write DSL to the flash drive (50MB install), boot to RAMdisk, and write install58.fs to the flash drive. It seems a little tedious, but shouldn't take too long
>>
>>51450024
just flash the .fs file to a flash drive
>>
>>51450104
Not bad, I guess I could.

Come to think of it, I think I have a couple docks laying around with built-in drives as well that I can try as well, if I can find them.

>>51450108
I understood that part of what I could find, but I'm not sure how to do it in Windows.
>>
>>51450118
>I understood that part of what I could find, but I'm not sure how to do it in Windows.
install Linux in a vm and use dd from there :^)
>>
>>51450160
I think that's what I'm stuck doing if I can't find a working dock

;_;
>>
Can anyone explain me reasons to switch from Linux to any BSD ?
>>
>logo is of a boatfisj
>BSD is boasted
>>
>>51447456
Ainsley Harriett???
>>
>>51450183
Download rufus
"create bootable disk using [dd image]"
select image
put on your cool face
>>
>>51450449
Huh, I wrote that off because none of the guides I found even mentioned it as an option, so I figured it wouldn't work.

Guess I'll have to try that out too.
>>
>>51447295
They're called Projects.
>>
>>51450531
win32 disk imager works for me.
>>
>>51445514
>Any other news?

The Tor BSD Diversity Project (TDP)
Released Tor Browser for OpenBSD - http://lists.nycbug.org/pipermail/talk/2015-October/016390.html

I also recommend the new podcast http://garbage.fm/ by two openbsd devs
>>
File: puffy.png (108KB, 356x184px) Image search: [iqdb] [SauceNao] [Google]
puffy.png
108KB, 356x184px
>>51447473
>>
File: 1443969927898.png (351KB, 512x384px) Image search: [iqdb] [SauceNao] [Google]
1443969927898.png
351KB, 512x384px
>>51446537
>bsd
>drivers
>>
>>51447473
"blowfish"
>>
File: topkek.gif (520KB, 255x255px) Image search: [iqdb] [SauceNao] [Google]
topkek.gif
520KB, 255x255px
>>51450817
>>
>>51450872
fuck off pablo
>>
>>51450615
That is great news, now I can finally build the ultimate tinfoil machine.
>>
>>51450615
it is great news that TBB is coming to BSD. It wouldn't compile on my machine :(

I've been connecting from ssh & vnc on windows/mac, which both have a functional tor browser.

so tor as a daemon/relay on OBSD, and TBB on the client grants as much "torification" as we need

>>51450194
if you're totally satisfied with linux there's no reason. if you have misgivings about any of the following, you might want to look at BSD: filesystem, init system, firewall, networking, "the base install", X11, sudo, or bash

these are somewhat different, but generally you can set up a BSD VM and start fiddling right away.

>>51450024
just burn a CD it's always 100% easier. once you install OpenBSD you never need another install media. you can download upgrades to disk and install them from the boot prompt:

boot> bsd.rd

>>51446315
yes
>>
Can i use muh emulators on bsd?
>>
File: roflcopter.gif (1KB, 235x150px) Image search: [iqdb] [SauceNao] [Google]
roflcopter.gif
1KB, 235x150px
>>51447456
ok I lol'd but only reading it bottom-up

smug face in a tiny fishbowl
>>
>>51452456
yes

open: http://openports.se/emulators
free: https://freshports.org/emulators/

OBSD has no virtualization (virtualbox) right now, but someone is making a native i386 hypervisor in the next months

http://undeadly.org/cgi?action=article&sid=20150831183826
>>
openbsd is insecure, use freebsd.
>>
>>51452560
FreeBSD still doesn't have address space layout randomisation. FreeBSD is a meme and a joke. Get out.
>>
>>51452594
openbsd is a meme you tool. it lacks jails, has no MAC, and its current security is a joke. the only secure parts of openbsd is the audited base, you'll ruin the meme security if you install anything.
>>
>>51452560
>>51452594
>>51452613
can we please stop polluting the thread?

the security of a system ultimately depends on the consistency of the config, the intelligence of the admin, and the quality of the software.

OBSD is minimal enough to take a lot of shitware and shitconfigs, and Free is solid enough for those who want MAC and security add-ons out of the box
>>
>>51452613
No faggot, you are the meme.
https://events.yandex.com/events/ruBSD/2013/talks/103/
http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/pledge.2?query=pledge
>>
>>51452613
It has more MAC than FreeBSD these days. I don't know if you noticed but adoption for Capsicum is approximately FUCK ALL. Meanwhile, over half of OpenBSD's base system is pledged, and the kernel and all of userland is W^X.

And in case you somehow failed to notice, an audited base is better than an audited nothing.
>>
>>51452770
>pledged
oh wow, it's shitty like chroot is. they screamed for years how openbsd doesn't need a jail or MAC and they decide to back down like a little bitch and add one. talk about cowards.
>>
>>51452770
>>51452796

guys:
>>51452713

pledge slides/examples:
http://www.openbsd.org/papers/hackfest2015-pledge/mgp00001.html

it makes "a subset of the posix environment" for each program to mitigate privilege creep. no big deal, but it forced another code audit and makes devs/ports know up front what their program needs.

theo sez: "pledge is a seal belt"
>>
>>51452934
*seat belt

and here's a good explanation:
http://www.theregister.co.uk/2015/11/10/untamed_pledge_hopes_to_improve_openbsd_security/

"Why bother? Think of it as a second line of security: someone trying to exploit a compromised application to step outside its permissions finds themselves stonewalled by the pledge() rules.
...
"In looking at 500 OpenBSD programs, de Raadt says, there's a clear pattern in how system calls are used: there's a “rich set of system calls needed during initialisation”, but the main loop of the program calls a “narrower class of system calls”.

"Hence, if pledge() statements (requests for permission to use particular system calls) are inserted between initialisation and the main loop, it can watch over operations to see if the program breaks its own rules.

"Pledge() itself for now covers calls like stdio; various path calls; file attributes (such as ownership); socket opening statements; networking like DNS and route calls; getpwd and others."
>>
So what is the best *BSD for server things?
I've been wondering this for awhile, might try it out
>>
>>51453275
FreeBSD is frequently used as a server OS. You could use OpenBSD as well but usually OpenBSD is used for firewalling.
>>
So is there a screenfetch like alternative that doesn't need Bash installed?
>>
>>51453275
It depends on your needs really.

FreeBSD is a good OS for heavy networking (Whatsapp and Netflix for example prefer FreeBSD's network stack).
FreeBSD is also better/good at anything linux can do.


OpenBSD is simpler, all it has to offer really is security. It doesn't have a fancy filesystem or jailing and virtual machines.

But if you're running your own, not-so-complicated software, like a web-app. Then OpenBSD is really nice.
>>
>>51457770
openbsd security is a meme. use freebsd if you want something useful. openbsd has no jails or anything that freebsd uses.
>>
>>51457789
>openbsd security is a meme.
Explain / proof plz

>openbsd has no jails or anything that freebsd uses.
FreeBSD and OpenBSD share many applications?
Sure, jails isn't one of them but I already stated that.
>>
>>51457770
>If all you do is simplistic babby shit then OpenBSD is for you
Indeed, I cant wait to migrate my NAS off of freenas. The fuking system sucks complete cock.
>>
>>51457825
openbsd has no jails, it just has a shitty chroot. they sperg about how their audited system has perfect security and then get BTFO when you try to install anything.
>>
>>51457856
FreeNAS is based on FreeBSD bro

>>51457864
>anything
I have no problem running large rails applications on OpenBSD.
Maybe you just got BTFO when you didn't find a "how-to" tut on digitalocean?
>>
>butthurt samefag still pushing the openbsd has no security meme in every BSD thread
Just kill yourself you fucking autistic loser.
>>
>>51458373
At least you know from the earlier thread, of an insane tripfag person who that idiot is not.

You shills are trolling each and getting trolled by various trolls that inhabit this dumb board and 4chan.
>>
>>51458373
It's a pretty long fall down, isn't it?
>>
>>51460471
>the psychological cliff that people fall down when they deny reality for their comfortable delusions for long enough

It's best not to let it get too tall.
>>
>>51452456
Yes, but I've had shit luck with MAME on OpenBSD so far.

It runs at a terrible fucking framerate. Two reasons I can think of:
1. Their version of MAME is outdated
2. I'm running it in a VM

Although I've run OpenBSD on this machine, now I run it in a VM? Why? Because having two partitions is a pain.
>>
>>51460924
It's the VM you idiot.
>>
>>51460924
its probably the VM.
>>
>>51458373
all openbsd does for security is having an audited base. the more complex you make it, the less secure it is.
>>
>>51460924
Running it in a VM will fuck the performance man. OpenBSD isn't the fastest OS but it should be able to run old arcade games well enough.
>>
you can't spell based without BSD!
>>
>>51456211
sooner or later you'll need bash

fucking leiningen man

>>51457789
>>51457825
>>51457864
>>51458373

see >>51452713

>>51460924
don't run an emulator on a vm. obsd is best in a bare metal install, any shit computer will blaze
>>
>>51463645
Yeah, I've been thinking of getting a guinea pig thinkpad laptop just for it, actually.

Heard they're the most compatible ones, thanks to the devs using almost nothing but that.
>>
>>51463997
As long as you've got a compatible Wi-Fi card and non-Nvidia graphics you should be good
>>
>>51445514
I know next to nothing about BSD.
I was reading this article here https://www.freebsd.org/doc/en/articles/explaining-bsd/comparing-bsd-and-linux.html
and I found this thing quite interesting:
> BSD can execute most Linux binaries, while Linux can not execute BSD binaries
Is it true?
>>
>>51452594
>still doesn't have address space layout randomisation
You can stay in your fantasy.
https://hardenedbsd.org/
>>
>>51468114
>Is it true?
Yes.
>>
>>51468617
How well does it work? I mean, often there are different binaries for different distros on Linux, does bsd only support [for example] RPM based things? Or somehow it uses black magic and makes everything work?
>>
>>51469103
>How well does it work?
Natively or via linuxulator.
> I mean, often there are different binaries for different distros on Linux
Via linuxulator:
When execute linux kernel command -> execute freebsd kernel command, due to peculiarities of implementation a few commands are performed a bit faster:
https://www.freebsd.org/doc/handbook/linuxemu.html
*64-bit exist only in freebsd 11
or natively:
*gnu/freebsd disro there is glibc exist by default.
>does bsd only support [for example] RPM based things?
Yes via original tool:
https://freshports.org/archivers/rpm4/
https://freshports.org/archivers/dpkg/
Or native via pkg:
https://wiki.freebsd.org/SummerOfCode2015/LinuxPackagesForpkg
>>
>>51471009
64-bit linuxulator still not MFC to FreeBSD 10-stable
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201299
>>
>>51471009
>>51471110
Thank you a lot.
>>
>>51472693
You are welcome.
Thread posts: 78
Thread images: 8


[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]
Please support this website by donating Bitcoins to 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
If a post contains copyrighted or illegal content, please click on that post's [Report] button and fill out a post removal request
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site. This means that 4Archive shows an archive of their content. If you need information for a Poster - contact them.