BSD And Other Things

>>60520003
Will give it a try sometime this summer. P.s. I like the openbsd logo

>>60520003
Such a obscure OS that only neckbeards use. Prove me wrong faggot.

File: 1490539130012.jpg (223KB, 1200x1200px) Image search: [Google]

223KB, 1200x1200px

>>60520003
I'd just like to interject for a moment. What you're referring to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called "Linux", and many of its users are not aware that it is basically the GNU system, developed by the GNU Project.

There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine's resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called "Linux" distributions are really distributions of GNU/Linux.

I was thinking of installing gentoo on my main, but have been hesitating and weighing up some BSD as well.

Sell me on BSD

>>60520144
Plus the company I work for, and I'm a normie on a macbook because fuck your feelings.

>>60521080
It's easy to maintain because of the -to me- very readable manpages, and it really just werks. OpenBSD runs quite well out of the box, ports contain a lot and packages as far as I've encountered always work. No manual compiling for menial shit is so nice. Also pf is amazing, not sure if FreeBSD has it.
> Bad part: no games. Good part: no games.

File: 1466917291247.png (25KB, 710x225px) Image search: [Google]

25KB, 710x225px

>>60520003

File: bsd_is_shit.png (123KB, 1280x720px) Image search: [Google]

123KB, 1280x720px

>>60521080

>>60520144
>use Shitnux
>get hacked by a packet
>not even to any specific application, just a packet
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
>use Windows
>get WannaCry
Is OpenBSD the only safe operating system?

File: 1495391961446.jpg (82KB, 590x683px) Image search: [Google]

82KB, 590x683px

get back to me when OpenBSD has Jails and (atleast)OpenZFS

the only two features that make Unix/BSD's viable

i maintain my own linux distro and i was looking into OpenBSD for my business because its philosophy with security/auditing and the license and regards to freedom are very similiar to GNU/GPL

this is why i have issues with FreeBSD even though its more modern with support and compatibility

>>60522267
>Jails and (atleast)OpenZFS
It has official support for virtual machines now.

File: 1494699707268.png (52KB, 318x308px) Image search: [Google]

52KB, 318x308px

>cuck license

>>60521770
Sounds good. How does it behave in a VM? I think I wanna give it a try.

>>60522644
>shitposting

>>60522652
openbsd runs well enough on virtualbox but you won't be able to go above 1024x768 for the resolution for some reason

>>60523740
xrandr will set the resolution. but it's a little annoying that it doesn't change automatically when you resize the window

>>60523975
huh? xrandr tells me i can only go up to 1024x768 and trying to set it anyway doesn't work

>>60523984
hm, i was thinking vmware. dunno about vbox then.

>>60522122
Wew, a denial of service attack.Wew.

File: 1488559407775.jpg (12KB, 261x229px) Image search: [Google]

12KB, 261x229px

>>60520003
I would simply like to interject for one second. What you're alluding to as Linux, is in fact, GNU/Linux, or as I have of late taken to calling it, GNU + Linux. Linux is not an operating system on its own, but really another free piece of a fully operational GNU system fashioned into something proper by the GNU core libraries, terminal facilities and essential system components completing a full OS as defined by POSIX.

Quite a few computer holders run a subspecies of the GNU system everyday, but do not know it. Through a unseen series of events, the version of GNU that is being widely utilized today is often called "Linux", and a substantial number of its holders do not know that it is practically the GNU system, created by GNU developers.

There truly is a Linux, and this population do have it installed, but it is simply a part of the system they use. Linux is the core: the program in the system that gives out the machine's resources to the other programs that you run. The core is an essential part of an operating system, but relies on the rest of the system; it will work only in the shadow of a whole operating system. Linux is most commonly utilized in combination with the GNU operating system: the whole system is practically GNU with Linux added on, or GNU/Linux. All the "Linux" distros are really distros of GNU/Linux.

>>60520435
>>60524052
It's just Linux.

File: linus_corrects_rms_8560.jpg (303KB, 806x938px) Image search: [Google]

303KB, 806x938px

>>60520435
>>60524052

>>60520003
Does ZFS work on OpenBSD?

>>60525192
No

http://www.tedunangst.com/flak/post/ZFS-on-OpenBSD

File: 2017-05-21_21-27-38.png (2KB, 692x53px) Image search: [Google]

2KB, 692x53px

>>60520003
>Half asleep and installing OpenBSD for first time.
>Do this and get this message [See Image]
>Stare for like 5 minutes.
So far I'm liking how well they know their operating system and user base.

>>60520003
>2017
>OpenBSD still doesn't provide official binary security updates through a package manager

DROPPED

>>60526279
what is syspatch and openup

are you fucking retarded?

>>60526288
>syspatch
Came out 40 days ago, I missed that. The other one I was aware of but it's untrusted 3rd party

>>60524084
I would simply like to interject for one second. What you're alluding to as Linux, is in fact, systemd/Linux, or as I have of late taken to calling it, systemd + Linux. Linux is not an operating system on its own, but really another free piece of a fully operational systemd system fashioned into something proper by the systemd core libraries, terminal facilities and essential system components completing a full OS as defined by main systemd developer.

Hi,

I'm a potential Linux switcher and I have some questions which I couldn't simply find out by researching.

1) My ThinkPad T460P needs non-free firmware for the WiFi to work, how can I find out if this firmware exists for BSD
2) Which BSD can I choose with a functioning package manager without requiring me to compile everything from scratch?

>>60526901
oops, I forgot, it's the "Intel Dual Band Wireless-AC 8260"

File: 1495309353112.jpg (61KB, 500x667px) Image search: [Google]

61KB, 500x667px

Why is that nvidia_load="YES" in /boot/loader.conf does not work but adding nvidia to kld_list in /etc/rc.conf works?

>>60526901
1) openbsd's iwm driver supports the 8260. fw_update will install the firmware automatically (post-install, so you'll need ethernet to run the installer)
2) openbsd

>>60526943

Tried nvidia-modeset_load in loader.conf instead?

>>60526959
I did just inform myself about openBSD and it looks fine. It seems to follow a more extreme version of the Debian philosophy in being stable over having bleeding edge software. I generally like that on my Desktop (I use Debian)

For some packages although, I prefer having newer versions. This would be stuff like a web browser. For firefox for example, I couldn't find any way to let the newest firefox run on openBSD and I didn't find any build instructions as well. I don't mind building my own if needed as long as there are instructions.

That said, my C knowledge is quite low, can I assume Linux build instructions apply for openBSD as well?

>>60525120
This is glorious.

>>60521844
Whoever gave him an account obviously didn't know shit.
With jails and rctl on FreeBSD, you can forkbomb as much as you want, you still can't bring the host system down.

No love for netbsd?

>>60522486
You're thinking of vmm and vmc?

It has support for running OpenBSD in vmm, but last I checked no other OS (neither Linux, nor Windows) runs in it yet. That might've changed, though.

>>60526444
Made me chuckle, then despair a little at the complete lack of choice that Linux offers nowadays.

>>60526959

OpenBSD are pretty based about making hardware work without non-free cancer and blobs.

>>60527049
if you want recent firefox, install an openbsd snapshot instead of release. right now firefox-53.0.2 and chromium-58.0.3029 are in snaps, both are the latest versions. you don't have to compile anything.

>>60527079
linux runs in vmm, in snaps anyway.

>>60527099
yes, that's true. but there are exceptions for some stuff that absolutely has to have firmware to work. iwm is one of those drivers. blame intel.

closed drivers of course are completely off the table. closed firmwares are annoying but in freedom terms no worse than the rom chips that are in literally everything.

>>60527077
I run NetBSD on my SHARP X68000, but most of the people on 4chan nowadays aren't old enough to have nostalgia for gear like that.

>>60527049
>That said, my C knowledge is quite low, can I assume Linux build instructions apply for openBSD as well?
Assuming it was written as POSIX C, since both the BSDs and Linux are nominally POSIX-compatible - however, there's been a recent trend in Linux development to abandon every concept of cross-platform comparability, so it really depends on the specific software in question.

>>60527099
No. "portability, standardization, correctness, proactive security and integrated cryptography" are what they work on.

>>60527079
vmm will never run windows. it's elf-only.

>>60527156
can't have security with closed source drivers. that's why openbsd will never have any.

>>60527128
>>60527156
Thanks to both. I'm going through my list of needed software and epecially with the snapshots, I don't think I will need to compile anything for now.

the amount of packages for a system with such a small user-base is really fascinating. Even stuff like intellij and go are in the packages...

>>60527156

Fuck off dickhead, OpenBSD are probably the biggest sticklers for enforcing free software out of all Unix and Linux projects, besides RMS who they think is Hitler with his license.

http://www.onlamp.com/pub/a/bsd/2006/04/27/openbsd-3_9.html

>>60527051
It is also fake.

>>60526170
Dear Theo!

I HAVE THE FREEDOM TO USE USERNAME "YES" YOU FUCKING LEAF!

File: 70nW7o41E85wCuHDs.jpg (116KB, 800x1067px) Image search: [Google]

116KB, 800x1067px

>>60526959
>fw_update will install the firmware automatically
It's supposed to in the past.

As someone who has managed very complex firewalls for a long time, I say that PF on OpenBSD is peerless.

>>60527077
>>60527156
Is there any point in running NetBSD as a desktop/laptop OS? Or OpenBSD for that matter.

>>60527465

If you want to learn them, sure. It feels like running Linux back before Ubuntu came out. No non-free (linux/wine) binaries on OBSD though.

File: screenFetch-2017-05-22_11-46-06.png (136KB, 1024x768px) Image search: [Google]

136KB, 1024x768px

I did it, I'm one of you now. Let's see how far I can go

I need Spotify and Netflix. I don't need any games. Can I get these to run on BSD? Also, which live medium should I try out for hardware compability, before installing BSD? GhostBSD?

>>60527691
>Netflix
AFAIK this won't run on Firefox because of the DRM stuff and Chrome isn't available.
>Spotify
Spotify is a self-contained nodejs (javascript) app, you can probably hack your way around to make it work

>>60527691

Not yet. There's a Linux compat version of Firefox 45, maybe if they update that Netflix will work. I tried portable FF on WINE the other day without much success on videos, but I didn't try very hard.

FWIW the Chromium port has a "todo" about the widevine DRM, maybe one day.

>>60527401
Is pfSense comparable to OPNsense?

>>60527465
>>60527549
Are you saying that NetBSD allows for non-free binaries? Does that make NetBSD unsafe for server use? I'm also thinking of NetBSD as a daily driver on my ThinkPad, but you have me curious about OpenBSD.

>>60522652
It works well, actually! I've ran it in vmware before without hassle. It play along really nice with kms as well, it doesn't seem to care whether it's in a vm or just some really generic IBM-compatible PC.

>>60526279
Syspatch is exactly that, friend.

Why doesn't BSD use the Linux kernel?

>>60528284

NetBSD has linux compat as well as WINE. OBSD supports neither any longer. You don't need compat with free software, just recompile.

>>60521770

FreeBSD has an older version of PF but still very good. FreeBSD also comes with the older IPFW which is a FreeBSD peculiarity, and IPF which was OpenBSD used ot ship before PF.

File: 1484098139515.jpg (170KB, 850x1233px) Image search: [Google]

170KB, 850x1233px

>>60520003
I want to share a 1TB external HDD between GNU/Linux and FreeBSD.
Which filesystem do you recommend I use?
I was thinking either ufs or ext2.
ext2 is the only Linux filesystem that kFreeBSD has full rw support for.
I know that Linux can be compiled with rw support for ufs, but I read somewhere that the write support is a bit iffy.

>>60527691

I think Nuvola supports spotify. Google play music works fine for me, but not the movies (yet)

>>60527673

Good have fun.

>>60528852

I think Linux has better UFS support than the other way around. UFS has been around for a very long time and was standard on Solaris as well.

File: 1486287637904.png (247KB, 320x462px) Image search: [Google]

247KB, 320x462px

>>60528926
Also, what about zfs?
My problem with zfs would be that it's not included with the kernel and the update cycles of the zfs module and the kernel don't usually match.
But would it be worth the trouble?
Is it stable enough?
Is there a reason to use zfs on my external drive for anime instead of ufs?

>>60526444
As defined by *poettering

>>60528959

Not sure about Linux ZFS but I thought it was a FUSE userspace FS, so the kernel doesn't matter too much. ZFS is really good, you can even have different mountpoints and just import the pool.

>>60528926

No sorry I was wrong, Linux UFS support is RO. Funny that, considering it's a totally free and widely extant FS.

hello blakkheim theleft purist supra

>>60529097
It has write support, but the distro maintainers still don't enable it in the kernel config, this is from the default config for Arch

CONFIG_UFS_FS=m
# CONFIG_UFS_FS_WRITE is not set

So you're telling me I can nest a Windows machine using Virtualbox in a Linux machine while hosting it on FreeBSD using vmm? Does everything pass through?

>>60529724
Or, as in the case of my use case:
> no GPL license which makes it suitable for use within our company
> Works well
> Stable
> Great manuals
> Pisses off people like you who just come here to troll and try to derail our thread :)

OT: did anyone try the vmm yet? Is it as nice as the news seems to indicate?

What do you guys think about HardenedBSD?
>having all the good features of FreeBSD
>with some mitigations

Can someone explain to me the BSD license meme?

>>60529794
BSD style licenses basically say you can use my code for whatever, just give me credit. The GNU zealots don't like that.

>>60529814
Isn't that basically what LGPL does?

>>60529814
>The GNU zealots don't like that.
Not true. FSF explicitly states BSD style is Free. Even Eben Moglen has said enforcing copyleft is not always worth it, and he wrote the GPL.

>>60529832
I know the FSF counts it, I'm talking about the mouthbreathers on this board.

>>60529724
we found the Arch meme user :')

>>60529724
what do you use yourself anon?

>>60529849
>hates IRC
>hates obscure software
>hates technical details and user unfriendliness
...Actually, yeah, that does describe modern Arch and its users quite well.

>>60529844
>FSF aren't "GNU Zealots"

>>60529888
They're a superset of the zealots I'm talking about

>>60529793
FreeBSD as a desktop is too vulnerable to too many attacks, as a server (datacentre) it's perfect. If you want security just use OpenBSD, the team behind hardenedBSD is small and their primary purpose is to work on security mechanisms for FreeBSD and not make an entire distribution based on FreeBSD. Think of HardenedBSD as a BETA version of a future FreeBSD release (security wise)

I see everyone recommending OpenBSD due to security and whatnot. How does something independed like DragonflyBSD compare? Security-wise, compatibility-wise, etc. Is it worth trying out or is it only for specific needs/usecases?

>>60530253
>FreeBSD as a desktop is too vulnerable to too many attacks
like what? any source to supplement your claims?

>>60530253
OpenBSD has nothing for multi user systems, there is no RBAC / MAC or anything to protect certain parts.

>>60530253
HardenedBSD is a separate OS, they are not making it for FreeBSD because FreeBSD doesn't want to upstream it that's the whole reason they started HBSD

>>60530400
it's called "unix filesystem permissions" and "privilege separation" and "privilege dropping" and "minimal audited codebase"

>>60529724
Arch user detected

Stop shilling this crap, BSD won't take over Linux

>>60529724
kek

>>60530400
>MAC

yeah, worked great for windows and linux. only people who messes with that shit are overpayed federal employees. you do realize MAC is mandatory (policy) for fed systems which is the only reason nsa created it (not to be super nice and help secure the internet)

>>60530583
>waaah choice is baad

been seeing these threads for months and they still yet to obtain value. i am disappoint /g/

>>60530400
>have chroot implementation that's full of vulnerabilities
>need to add RBAC, MAC, Burger King, KFC just to make system a little more secure
>shit's useless because of all the privilege escalation exploits in the Linux(tm) kernel
I'm glad that my system is secure without 20 years worth of snake oil added to it.

File: 1494871310565.jpg (36KB, 657x527px) Image search: [Google]

36KB, 657x527px

>>60530593
bad attempt

>>60530615
what does this even mean you dumb frogposting idiot. it's all true.

>>60530610
go back to your gpu thread

>>60530613
the recent kernel vs grsec shit is the last straw.

>>60530626
don't vidya or anime son

>>60530653
>vidya
>>>/v/
>>>/r/eddit

>>60530509
both shit unless you do every application that the user or server runs.
And even then you want to have a RBAC so your Firefox can't see your .ssh files.

>>60530593
SELinux is pretty cool with mls setup, it actually works great and is pretty easy once you get it.

>>60530613
You have the wrong idea why RBAC & MACs exist..
First of all it's about preventing applications or users from doing stupid things.
Genode is pretty cool as well.
But yea multi user systems you really want to have a MLS setup to prevent users & applications from doing weird things.
Even iOS & MAC OS makes use of TrustedBSD MAC

>>60520003
Is there a GPL'd BSD?
I'm fine with clang, BSD liscence etc., but the whole "make everything GPL-free" sounds stupid to me. I just want to use the best tools for the job, and none of this idealogical nonsense.

Also how is hardware compatibility?
Linux compatibility?

>>60530948
>I just want to use the best tools for the job, and none of this idealogical nonsense
what's stopping you from using windows or macos then?

>>60527230
The base system is not free of binary blobs though, not if iwm supports 8260. And the ports tree is definitely not free, that much was firmly established in 2007 on openbsd-misc when RMS got called a hypocrite by Theo. The article you linked is from 2006, long before wifi adapters started requiring OS' to supply them with firmware because they don't ship with any non-volatile storage to save money.

>>60527465
I run FreeBSD on my workstation, laptop and server, and NetBSD on my SHARP X68000 as I mentioned (the last one, because it's the only BSD that'll run on it).
Here's how I see the choice of what BSD to run: All BSDs can be used on desktops or laptops, but it's ultimately a question of what matters most to you with respect to the features offered by the BSDs. FreeBSD focuses on production stability mixed with speed and security (but neither at the cost of stability), NetBSD focuses on portability and OpenBSD focuses on standardization and correctness (and attempts security, although it's arguable whether all of their features accomplish this in a meaningful way).

>>60527299
Still gonna post the shit out of it in response to that RMS copypasta.

>>60528812
IPFW is only older in terms of age, it's actually considerably ahead in terms of how much traffic it can handle statefully. The version of pf in FreeBSD is also modified quite a bit because FreeBSD isn't giant-locked in the same way OpenBSD is.

>>60528926
>>60529097
It's hilarious that it's only RO, considering EXT1 was based on UFS and the on-disk format hasn't changed much with UFS2.

>>60529724
kek

>>60530253
OpenBSD, outside of the base system, is just as vulnerable as any other OS.
Or do you propose using OpenBSD without any other software?
At least FreeBSD can jail stuff from ports, so that they can't use root for anything outside of the jail.

>>60530948
FreeBSD is going for a GPL-free/copyfree (as opposed to copyleft) base install because it no longer needs to use GCC since clang was BSD licensed before Apple hired its developers. GCC was always the biggest thorn in terms of having a copyfree/more-permissively-licensed OS.

>>60532007
>FreeBSD focuses on production stability mixed with speed and security (but neither at the cost of stability), NetBSD focuses on portability and OpenBSD focuses on standardization and correctness (and attempts security, although it's arguable whether all of their features accomplish this in a meaningful way).
What about Dragonfly

>>60530921
>SELinux is pretty cool with mls setup, it actually works great and is pretty easy once you get it.
its getting better i will give you this, but is still stand by mac is for large organizations and feds because it's policy. it's definitely not near secure-by-default for any distro anyone here would use. windows has had it for decade and this proves my point.

File: Workspace 1_002.png (686KB, 1920x1080px) Image search: [Google]

686KB, 1920x1080px

I have a rather tricky virtualization setup.

Hard disk 1: (480 GB SATA SSD)
- Bootloader
- Linux
- Shared files (NTFS, mounted on Linux and Windows)

Hard disk 2: (60 GB M.2 SSD)
- Windows

Windows mounts /dev/sdb4 as C:\ and /dev/sda3 as D:\
Linux mounts /dev/sda5 as / and /dev/sda3 as /home/user/shared

Now on Linux, I have Vitualbox, which uses a virtual disk which is actually /dev/sdb4 as boot and one virtual disk which is actually /dev/sda3 as D:\

This means, I can download and install games on my shared partition, from Windows, while doing my work on Linux. I do this quite often (fot example, right now I'm downloading TESO on Windows while writing this on Linux, which is 40 gb of data)

is there any reason why this set-up wouldn't work on openBSD?

>>60527049
most of the time the only issue when building linux software is the include/lib paths being different, this can be fixed by modifying CFLAGS/LDFLAGS or whatever it was called

>>60530948
it's not really "make everything gpl free". it's almost insulting. bsd doesn't really take a lot from gnu, and they aren't on some crusade against gnu. they've been developed on their own for a long time.

>>60532334
secure by default is alright, but as soon as the user install an application for example Firefox the security has been degraded already because now you run software that isn't secure and can touch all kinds of shit that you shouldn't want.
>mac is for large organizations
This is false, a MAC is there whenever an user wants to configure & use it.
Not everyone is going to bother with it, but there alot quite a few users on Gentoo that use SELinux with strict policy and Android uses SELinux with everything confined, and TrustedBSD mac is being used in Mac OS & iOS and remote jailbreaks for iOS are like what 1.5million dollars.

>>60520003
I want to try FreeBSD 11 on an old Athlon 64 X2 laptop.
The only problem is wifi. Has anyone here had luck with the bwn driver for Broadcom BCM4322? It used to kernel panic on me back on FreeBSD 10.

>>60532007
>OpenBSD, outside of the base system, is just as vulnerable as any other OS.

What are all these ports that are so glaringly insecure within a 6 month release schedule? In six months you might have a couple ports with advisories, of course being office, firefox, thunderbird.

these are not the attack vectors. researchers attack services. those are what OpenBSD provides. secure unix services. then other mitigations that trickle down to ports.

saying ports is just as insecure it elementary and stupid. i don't know what advisories you're following but i don't think they exist.

>>60532766
>soon as the user install an application for example Firefox
oh my god will you stop. you're living in some fantasy theoretical land

>>60532766
>This is false
no its not. because there are people who setup mac all day because its a bunch of annoying bullshit only someone on a federal payroll would be willing to admin

>>60532334
anyway nothing against OpenBSD, it's a cool OS and i use it sometimes :)

>>60532871
>>60532881
MAC & RBACs are pretty normal on servers with multiple users or desktops with security clearance or Android & iOS phones maybe overkill for desktop users that can't handle MAC on their own.
>>60532871
Firefox is an insecure piece of shit by installing it you just decreased your security..

>>60532856
There are entire companies shitting out exploits for any platform to sell to governments and other shady corporations.

>>60533055
>There are entire companies shitting out exploits for any platform to sell to governments and other shady corporations.

yeah but they're not end user or even userland. they're services and clients.

>Firefox is an insecure piece of shit
that isn't openbsds fault. installing it isn't going to implode your openbsd setup.

also your obviously full of shit

Which BSD supports vulcan with hardware acceleration on radeon rx 480?

>>60532511
Can you give me a tutorial for that?

i will concede to running firefox or other clientside software requires due dilegence regardless of os. you people act like ports is some fuckin wild west of shit when it's not. you do not have to provide due diligence outside of things like firefox, thunderbird, office, pdf. but keep giving your money to those shit eaters over at mcafee.

>>60520003
plan9 fags. plan9 switched to GPL. Kek
There will never be a usable desktop OS based on plan9, only mac and windows for the nao What were they thinking? I'd rather give it away for someone to make money off and see it grow then kill it with GPL

>>60533181
This is the final proof that OpenBSD faggots are just as bad as systemd/Freedesktop/RedHat faggots.

You know that Firefox is a piece of shit security-wise, and I know it's not your or OpenBSD's fault, but at the end of the day you are going to get owned regardless because the condition - insecure browser - is still intact.
But you handwave it away and are content with a false sense of security. AND I FUCKING HATE THAT.

Someone once said that there's nothing worse than watching someone defend a thing you like with bad arguments and this is exactly the case. You could have said there are working sandboxes for X and that you can use chroot jails and other features that limit the possible attack vectors, but you chose to be an idiot and pretend the problem doesn't exist.

tl;dl OpenBSD fags on /g/ can't into security

>>60533055
Give up dude, as an operating systems developer, I can tell you from experience that over 90% of people you interact with don't understand what the purpose of various security ideas is. They'll reiterate whatever their role model at the time told them and not bother to learn anything. You're wasting your time.

>>60530583
Stop shilling, Linux won't take over Windows

>>60533298
What would a secure browser be?

>>60533396
>wat is dis dicussion about

>>60532511
Seconding >>60533199, this with GPU passthrough would completely eliminate any need for dual booting for me

File: windows-pwns-linux.png (614KB, 720x540px) Image search: [Google]

614KB, 720x540px

>>60522486
virtual machines arent jails bud

if i cared about virtual machines i wouldnt spend a second on BSD

linux has virtual machines

I want a isolated environment to put around those virtual machines

aka a jail

for security

not a chroot

not some kind of container virtualization]

i want to be able to sandbox my servers and processes and certain parts of my drive

also whats the deal with OpenZFS?

i understand that ZFS license has some conflicts but why cant they use OpenZFS like Linux atleast??

i need my zpool mirrors!!!! i need my jails!!!

REEEEEEEe

>>60533442
Virtualization is getting a bit better on FreeBSD, but still a long way to go. There's very active development around bhyve so that's a step in the right direction for virtualization.

>>60533440
there is no tutorial, just create virtual disks with your physical disks and boot your vm from it. Also install guest additions for Windows

VBoxManage  internalcommands createrawvmdk -filename shared.vmdk -rawdisk /dev/sda

still I would like to know if it could run on openBSD, too. I would like to abandon Linux

>>60533491
>I would like to abandon Linux
Out of curiosity, why?

>>60533513
systemd
systems without systemd are autistic
openBSD is autistic
if I need an autistic system, I'd rather go full autistic

Jokes aside, I want to try something new

>>60533530
Good points

I'm using void, considering gentoo and dragonfly/open bsd for maximum autism points accross the spectrum

>>60533396
I don't think you can build a secure browser that supports modern web anymore. There's just too much shit that you have to implement.
So we have to go the other road and isolate it from the rest of the system as best as we can.

>>60529832
why even talk about FSF licensing if you arent even aware?

there is multiple GPL licenses and BSD licenses

the reclauses the modified varient ect

if you look at the FSF website they compare them and they arent all equal

for instance the GPL3+ closes the loop that allows people like apple to take patches and not commit back upstream

this would not be considered compatible with BSD clauses

>>60532637
>doesnt take alot from gnu

lol

*bsd wouldnt be alive without GCC

>>60533254
>plan9
>latest release 2015

you guys sound just like the Haiku OS fags
>latest update 2012

face it even HURD has more progress x]

>>60533298
no you're wrong. you do due diligence on your clients (firefox) and ports-based services (what could you possibly need). there is no myriad of evil vulnerable ports. even in 6 months of a release cycle there isn't much due diligence to do. you're fucking ignorant.

>>60533298
>false sense of security
it's called due diligence. OpenBSD is not a panacea of course.

>>60533823
>doesn't realize BSD came before GNU
Fuck off pajeet

>>60533894
>he doesnt know how to disprove my statement

you know im right bud

clang didnt exist forever

>>60526170
now that's funny

>>60533862
9front the plan fell off

>>60533868
what browser do you use?

does links/lynx work for openbsd?

File: cuckbert.just.jpg (232KB, 960x640px) Image search: [Google]

232KB, 960x640px

>>60526170

>>60533922
the point was bsd isn't on any sort of "GPL cleansing" crusade.

>>60533868
There are always vulnerabilities, the best way is to mitigate and protect the OS from shitty written applications that's why you possibly would like a RBAC/MAC

>>60533941
>firefox is shit
>security is thus impossible

guess its over. lets all pack up and go home.

MAC is a meme. always has been.

>>60533831
A virtual machine is a bit of an overkill for running a browser. Then again, QubeOS exists and it appears to work for some people.

>>60533982
>the best way
there is no best way. that is a way.

>>60533940
they dont even have a wiki page and their whole repo is in googles servers wtf

did they atleast get rid of the lucent license??

is it only gpl2 now?

where can i find a list of people working on it and commits why dont they just move it to git and fork to github ect

is the arm port working? seems like a lost cause desu

regarding the security of firefox cant you just jail the firefox and isolate it from the rest of the system, at least on freeBSD

>>60533941
lynx used to ship with openbsd

>>60534109
yes.

also you can go to about:config and put a 0 to everything that can write to the disk

limit ram memory and also turn off syncing ect

then make it read only

if you need to save things have a seperate jail with a seperate physical drive and make that your downloads folder

that way they cant overflow your root directory or constantly write and delete to try and kill a drive

>>60533868
I like how you completely missed the point of my rant and then tried to strawman your way out.

Due diligence (and rational course of action) is exactly what I'm advocating for and it's the opposite of handwaving that some faggots tried real hard before my post.
Also, where did you get those "myriad of evil vulnerable ports" from? Firefox, or any other port, doesn't have to be malicious; a simple oversight is all it takes to compromise your system.

>>60533885
>one minute and two seconds apart
>conicidence

>>60534119
interesting.

what made them stop?
what took its place?

File: aha.png (159KB, 690x542px) Image search: [Google]

159KB, 690x542px

>>60533940
Agree with the sentiment.
At least there was a better chance for it before - without GPL. After GPL 9 is a kill. Thanks GPL tards. Just read a little bit about plan9 the other day, too bad they cucked 9.

>>60534174
i guess they wanted to slim down the base system, they're trying to include as little third party stuff as possible it seems like

nothing took its place

>>60534037
The best way forward for users is to sandbox and mitigate that shit.
Because without your browser can still read your ssh keys or other docs.

>>60534164
>Also, where did you get those "myriad of evil vulnerable ports" from?

its always faggots saying "uhh...ports is insecure" never is it, "hey you might just want to keep an eye on (due diligence) keeping stuff like firefox. it's "oh no you can't install anything on OpenBSD because there is no MAC!" truth is OpenBSD does innovate outside of MAC, of which the latter I'm convinced is pointless bullshit who only government sysadmins use because it's actual policy.

>>60534179
in my opinion the gpl was their last leg

i feel like the lucent license is what hampered its outside development till it stagnated and lost steam

bell labs was just too restrictive on their power grasp during the telco days

now its just a experiment for college science labs to fiddle around with

>>60534179
>tfw if it wasn't GPL we'd be using the plan 9 compiler for the openbsd base
i think they even claimed that they were going for permissive licensing originally

>>60534185
is there a equivilent CLI browser that freebsd users prefer or open dragonfly/ghost/net?

even if i needed to compile it?

>>60534156

yeah, it sounds a little bit extreme but when you think about security nowadays you just cant be to careful :D

>>60534275
maybe xombero not cli

>>60534244
They should have chosen something like Apache or BSD, it would increase the chances of a commercial system based on it, with some clause that if successful they have to donate to them or something. Say something like 1-5% royalty... or just for free.

>>60534235
OpenBSD's pledge system is a much more elegant solution but it requires help from application developers which limits its reach. I really want it to catch on with Linux and the other BSDs so there's sufficient pressure to force applications to make use of it.

>>60534179
>Thanks GPL tards
That's just stupid. They (Alcatel-Lucent) were free to choose any license they wanted. Nobody forced them. It was the lawyers who chose it for whatever reason.

>>60534235
Way to refute an argument I haven't made.

>>60534276
agreed

one must consider layers these days

reducing the attack surface isnt enough these days we need to isolate and partition sectors off to negate in the event a breach does happen

>>60534235
no you don't understand what a MAC does.
You can install whatever you want, but is it secure when browsers can access your ssh keys or that they can access other stuff.
My pdf reader can only access ~/books and only read that directory no writes allowed it also doesn't have any networking access so there is little chance something downloading shady things.
It's all about fine grained controls.
Let me ask you something why does a pdf reader or libreoffice need internet access?
That's right they don't need any internet access or they shouldn't be allowed to read .ssh folder.

>>60534286
xombrero is pretty much dead and hasn't been updated in a long time.

>>60534287
>they should have
and microsoft should have stuck with XP instead of making vista

i agree if they had released it under apache back in the day people would of ate that up in the homeserver crowd and enterprise

sadly they werent ready to let it go for the better of technology

they got prideful

tried to install BSD (True OS) in VM, but can't get it to work ...

>>60534321
The problem is that each OS has it's own fucking framework for it.
Linux has seccomp, Freebsd has capsicum, NetBSD has kauth, OpenBSD has pledge.
It's all so fucking messy and everyone wants something else.

>>60534381
why would anyone use some complicated shit for something so simple. mac is just an albatross. pledge is better IMO.

File: lucent and gpl suck according to plan9crew.png (48KB, 1273x325px) Image search: [Google]

48KB, 1273x325px

>>60534394
>>60534244
>>60534330
>>60534254
Thanks for the info. Read up a bit. GPL is seriously the worst. Dumbest decision. How would you even recover from that? You'd have to discard every innovation, every single line of code done since GPL and release only pre-GPL code. Way to cuck a project lawyers.

>>60534564
i wonder if snaps will help with this?

>>60521844
haha okay

$ uname -s
OpenBSD
$ ulimit -p
256
$ date; perl -e "fork while fork"; date
Mon May 22 20:02:30 UTC 2017
Mon May 22 20:02:31 UTC 2017
$

>>60534567
Pledge doesn't prevent an application accessing your .ssh folder.
It also doesn't prevent execs out of the pledge framework.
You can literally escape by execing to ksh shell and go from there.
Capsicum actually prevents this but is harder to write.

>>60534321
OpenBSD pledge is useless because it's a system call wrapper. System call wrappers have race conditions when one forces a page fault in the pledged binary, effectively bypassing the syscall filter entirely. Also, it's not a sandbox.

>>60533823
Technically speaking, the current BSDs wouldn't exist without GCC - but BSD predates both IA32 and GCC, so it's not as if BSD couldn't have existed without GCC, because it already did.

>>60533868
Lol if you think vulnerabilities aren't there because you do "due dilligence". You're either conceited and arrogant or fucking dumb if you think that.

>>60535087
Also there's jail so even if a program has a privilege escalation exploit, all they can do is mess around with a jailed root.

>>60535267
that is only on FreeBSD, OpenBSD has chroots.

>>60535342
I'm well aware, and jail is one of the reasons I run FreeBSD rather than OpenBSD.

Ever since Bill Joy made chroot, people have been finding and using ways to escape it - it's not a feature made for security, it's made for testing software in a clean environment.

>>60535267
>Lol if you think vulnerabilities aren't there because you do "due dilligence".

No. You patch/update apps that demand it. This includes a small number of ports which are universally problematic.

>>60535515
kek

>>60535515
Just stop, you're making an idiot of yourself

>>60535548
outside of 9710 packages in OpenBSD you cannot even list 10 that require tracking advisories.

>>60530593
>>60532334

Are you talking about integrity levels as a MAC for Windows? That's not really comparable to selinux.

>>60535515
Thank you for making my argument for me, anon. For reference, here's what I said a few hours ago:
>OpenBSD, outside of the base system, is just as vulnerable as any other OS.

>>60534564
Google at least got behind both capsicum and MAC, both of which are from FreeBSD and has seen recular commits sponsored by DARPA, UCCL and a few others, and it's used by Apple in macOS.
Beyond that, OpenBSM is now a shared thing by Apple and FreeBSD.

Everything Linux has done so far have been done after someone else has done it, and some fucker decided that since it wasn't invented for Linux, then it can't be good enough. NIH syndrome is strong with Linux developers.

>>60535638
That's the entire fucking point you mouthbreathing basement-dwelling dick-cheese smelling turdbrained goatfucker. The base install might only have had very few exploits against it, but that's because the base install is relatively simple to maintain compared to an entire ports tree which is left completely open. At least FreeBSD have jails.

>>60535638
you might wanna check if you're still breathing because you're so fucking dumb that i wouldn't put it past you to forget

>>60535728
so have your faith in jails. packages are built from ports every 6 months, .1% are problematic if at all. shitty packages like wireshark are dropped. packages are actually used. but no, ports are a fucking landmine so we need jails.

>>60535728
What is wrong with Capsicum?
SELinux is invented by the NSA and used in Android phones and high security clearance stuff.
Nothing wrong with TrustedBSD stuff or SELinux.
What i was explaining that everyone implements something else and it's almost impossible to do it with every application because of all the different frameworks.
Honestly would love to see capsicum in every application.

>>60532007
>OpenBSD, outside of the base system, is just as vulnerable as any other OS.

That's a lie. OpenBSD can enforce a faceplant on out of bounds memory access where that program would continue ot work on other systems.

>>60532839

I'm running on an Athlon64x2 desktop, shit's cash.

>>60535728
Just curious are you a programmer?

>>60535769
if i'm the dumbest in this thread you seriously need to reevaluate your criteria

>>60535515
>>60533868
You guys basically called me a troll earlier and here we are with the exact quantum bullshit I described in actual reality. "Don't use ports at the same time you're using ports so that you can have software but it's insecure so here's some bullshit I made up on the spot about how it's the user's fault". Every BSD anti-mantra eventually boils down to "I think I'm fucking better than you"; keyword "think"

BSD is not an OS - because nobody uses it. It's a shitty turbo hippie ultra faggot pre-suicidal dick sucking psuedo movement for welfare queens trying to out-hipster each other. You NEED something that shitty to pass off 30+ years of software development as "user choice" and all the other hippie marginalizing terms they keep using to mean "anything besides not jerking off in a terminal" like when they repeat "what else could you possibly need". Again you passed what I said off as a joke but here we fucking are seeing this piece of shit try to pretend that you don't need a web browser. Also again you will not see this in ANY linux distro even the "fsf zealot" ones don't see arguments as shitty and retarded as "just throw the entire web out and then not having a browser makes sense, you don't need that". Nobody gives a flying fiddler's fuck about you and your "needs" and other psuedo marginalizing smarm horse crap.

The only reason why this thread keeps getting made is because OP's shitty IRC channel is so dead he can't even ban anyone from it which is his only form of communication because his social needs are badly fighting against trying to pretend to be better than everyone else. OP, please kill yourself, we all know your shitty hipster anti-game and it's already played out.

BSD has NOTHING to do with technology, it's just what happens when you have too much welfare and free time, they're all trying to out-hipster each other. Cut welfare and you will kill BSD.

>>60536639
imagine being this angry about an operating system

also you've been doing this for 2 years lmao

>>60536639
>what else could you possibly need
it's not this dude. it's the fact that unix is still relevant. maybe it's not for everyone but you really can't deny it. when I've posted in these threads i've said it, but what it means is it ships with any unix services you might need. it just so happens these are very hostile areas of security. if in the rare case you do need something outside of these unix services, then yes you must use ports, which means not being lazy taking care of your server.

>>60536727
the "cuck license" guy is more annoying

OpenBSD has nice integration and sane defaults for useful services. It's very easy to drop in as a router, network screen, DNS, load-balancing proxy or general bastion or whatever. The audited services are there with examples and already configured with privsep as part of base. OBSD's CARP HA is very simple and tightly integrated with base services.

For web servers or other high-performance uses I'd always use FreeBSD or Linux, but having used all of them for perimiter services I can say that OpenBSD really is a good system. FreeBSD takes a lot of OBSD innovation on board eventually and while there are some nice features like MAC and jails, there are also some questionables in base like Sendmail.

For all the talk about how much more secure all of the whizbang selinux and freebsd MAC is, they sure are a chore to setup. I'm not seeing any compelling evidence that any security choice in OpenBSD makes for a less secure system than a system which ships with a ton of features all disabled by default.

>>60536773
yeah at least this one is funny

you can notice him because he always mentions suicide in some form

>>60520003
What's the point of BSD over Linux ?
When should I install a BSD (and which one) ?

>>60536639
>you don't need a web browser.
no one is saying that. if you don't see the value in unix it doesn't make you inferior but I see tremendous value there not offered elseware, but I guess we'll always disagree.

>>60536918

If you're interested in learning something about Unix. When I started out Unix was widespread and Linux was rare, and I worked on a large variety of Unix systems from Sun, SGI, HP, IBM, DEC, Pyramid and even Cray. There was also BSDi in production use then. Linux was not used in production.

Now there is hardly and Unix and Linux has become some fucked-up hodgepodge for whatever not-invented-here reasons. Init trashed, including getty and other Unix mainstays. ip addr why?

This is what happens when nearly 50 years of knowledge is flushed down the drain by some knowitall punk who has never used Unix and doesn't understand it.

Don't be that punk, get to know the lore.

How is FreeBSD these days as a desktop OS? Haven't used it since 1998

>>60537168

Pretty good. I came back to 11 after abandoning 5 and while there's a lot of tinkering to setup, it's usable.

>>60537201

so if I want to switch from windows and i dont play games its all good to go, I really despise windows these days and I am looking for good stable alternative

>>60537267

Sure, but fyi games work well under Linux compat or wine. The only thing I really miss is Netflix and Google DRM video.

>>60528926
Youre completely wrong

>>60529194
>saying irc nicks on 4chan

>>60537888

well I have several machines, and my machine with good gpu will stay on windows but I dont play much these days, I was exploring a possibility of virtualization and pci passthrough, but it seems bhyve doesnt support it yet, we will need to wait for that one it seems but I would really like one day to try gaming on freeBSD machine

>>60538222

Fyi VirtualBox works perfectly on fbsd.

>>60529097
Each BSD has their own version of UFS which makes compatibility a bit complicated. Linux is read only to avoid accidentally corrupting UFS volumes.

>>60538247

I know but does it support passthrough of the gpu, I read in the past that it is not supported but maybe something changed in the meantime

>>60534230
so run firefox as its own user, no mac necessary

>>60535260
the openbsd people removed systrace years ago because it was a system call wrapper with inherent race conditions. i have a hard time believing they reintroduced them with pledge

>>60538990
netbsd just did the same apparantly

Quite curious:

are BSD admins really fought for in the sysadmin world?

>>60535875
FreeBSD uses Poudriere to build packages on their cluster, it builds all ~30k ports in about 24 hours and only about 700 of them fail for various reasons (mostly configure, build or install failures). That doesn't mean any of them aren't absolutely full of security holes, because it's inevitable that some of them are.

>>60535890
Oh, nothing's wrong with Capsicum, as far as I can tell. I was just mentioning that it's one of the few things on the list that at least has significant backing by other than whoever developing it.

>>60536308
>faceplant
Either learn proper terminology or gtfo. You sould like a 12 year old who's only been half paying attention in class.

>>60536536
I've helped audit both OpenBSD and parts of FreeBSD, but no I don't make money doing programming.

>>60537168
Been using it as a desktop and workstation OS since the early 2000s, around v5.

>>60541187

If you know BSD and other Unix platforms that looks good when I'm hiring. RHEL only? Don't call me I'll call you.

>>60541308

Fuck off faget.

I'm a linuxfag
Why should I use BSD? I'm a little annoyed about the extent to which corporations like red hat, Intel etc have influenced linux, (also the NSA literally writes kernel code) and how systemd/poetteringcrap has proliferated. In the end I only really care about a private and secure system, with a good amount of software available. How good is BSD for a Java/Scala programmer? I use intellij 90% of the time; does it work on any of the BSDs?
(Also if you're going to shit on Java please hang yourself)

File: 52096130.jpg (50KB, 600x549px) Image search: [Google]

50KB, 600x549px

>>60542957
>Java programmer
Fuck off pajeet

What should I expect if I switch from Linux to BSD? Is it entirely different or are there only a few marked changes?
Currently using Antergos with GNOME.

>>60542957

OpenJDK works fine, and FreeBSD has Oracle Java in ports which runs via Linux compat.

>>60543295

You can install gnome and whatever browser. Probably you'll miss Netflix but that's about it. My biggest beef with FreeBSD was trying to get a gamepad working with the asshole.

>>60543627
>My biggest beef with FreeBSD was trying to get a gamepad working with the asshole.
So driver support isn't as good?

>>60543644

Not really a driver issue, more a polish issue.

>>60534619
Yeah sure, right?

$ ulimit -p
256
$ perl -e 'while(true) {fork}'
ksh: cannot fork - try again
$
ksh: cannot fork - try again
$
ksh: cannot fork - try again
$
ksh: cannot fork - try again
$
ksh: cannot fork - try again

Nevermind.

>>60523984
>>60524041
As with Linux without VirtualBox extensions, you need to add custom resolutions in xrandr first before they can be used.
https://wiki.archlinux.org/index.php/xrandr#Adding_undetected_resolutions

>>60538990
They did the same thing with pledge. ANY system call wrapper will have those. It's purely theoretical, not up to the implementation. There are ways to go around it, but are very slow. Look at pledge code and you'll see those race conditions immediately, they got rid of systrace because it's hard to use, and pledge isn't. Fits the OpenBSD development model, but that doesn't change the fact that it's insecure

>>60545237
I'm not that great a programmer. Can you show me a specific example?

>>60532231
*hammertime*

>>60545237
Capsicum is pretty great since it will prevent that stuff from happening.
If designed right you can't just exec out of a program.
http://www.watson.org/~robert/2007woot/2007usenixwoot-exploitingconcurrency.pdf
there is alot of information about capsicum.

>>60547596
wat

>>60542314
Your rage warms the cockles of my cold heart.

>>60544044
Or install virtualbox-ose-additions from ports.

>60545843
Do your own homework.

>>60547973
Probably referring to HAMMER, a not-yet-ready-for-production alternative to ZFS made by Matthew Dillon who also maintains DragonFlyBSD. It's an interesting piece of work, will be nice to have an alternative to ZFS.

>>60520003
What's the point in using BSDs when they lag all Linux development by 5 years?

>>60548359
For FreeBSD, GEOM, ZFS, and a better networking stack is nice. If the development seemed far behind, you were probably using the STABLE release.

>>60548359

I would say linux is lagging, when you see what is going on with systemd and security these days I would say BSD is a better choice, also whole system is coming from the same source and thats a +

Knock, knock. It's Rust.
Rust said "Fuck you and die" to the BSD.

>>60548359
Network appliances. That's literally it.

>>60541308
>some of them are.
like what? name one package that doesn't provide a service already shipped with OpenBSD that isn't protected by default mitigations. anything besides firefox, thunderbird, or open/libre office.

>>60534416
TrueOS is horrible in VMs, try FreeBSD instead, or try it on bare metal.

>>60520003
I shilled FreeBSD and OpenBSD.
Nobody cared.
https://www.youtube.com/watch?v=zi8ShAosqzI

is opnsense good?

I tried DragonflyBSD on my desktop a while back and wasn't very pleased. HAMMER used up far more RAM than ZFS does, to the point where I couldn't run any VMs. It might be good as a server OS, but without the Nvidia drivers I need I far prefer FreeBSD

>>60549211
define mitigations, pledge doesn't always work since you can still exec out if the program needs execs.

>>60547714
I'm well aware of capsicum and have done some work on it as well. But yes, this is precisely the reason capsicum was designed the way it was.

>>60548669
Aehm, rust is not only supported on FreeBSD, but we actively use it for some daemons in our research.

>>60550697
>define mitigations, pledge doesn't always work since you can still exec out if the program needs execs.
you're a fucking retard then since you're the one designing the program in 90% of the cases, you should know when you're using execs

>>60550697
why are you obsessed with MAC. it's not a panacea. this has been discussed for a decade.

>>60551952
to put it into perspective, imagine that you put someone in jail, gave him the key and told him to escape

that's the situation you just described

so why does OpenBSD, apparently the only OS without MAC, have it's track record while things like Windows and Android are atrocious?

>>60552144
>fucking analogies and hypothetical

answer me this or just stop

like what? name one package that doesn't provide a service already shipped with OpenBSD that isn't protected by default mitigations. anything besides firefox, thunderbird, or open/libre office.

>>60552240
name me one package that was pledged and the author was a fucking retard and also exec'd himself out of the pledge

>>60552240
lol you lost the argument kid.

I run FreeBSD on my desktop but have no illusions that OpenBSD hasn't earned it's reputation for being a rock-solid secure OS. OpenBSD always does its own thing and it turns out is usually right. FreeBSD still ships Sendmail by default.

I want to test OpenBSD on a virtual machine, point me to the file please

>>60552526
install60.iso

>>60552526

Go to openbsd.org, read the doco it's very clear.

You're all mentally ill.

Sent from my ThinkPad T520 with GNU/Linux(R) Debian Unstable.

File: scrot.png (9KB, 720x400px) Image search: [Google]

9KB, 720x400px

>>60552492
FreeBSD 11's installer does actually prompt you to enable a bunch of security mitigations and lets you disable sendmail now. I just don't get why they couldn't enable most of these by default.

>>60552753

Some of those are noops, for instance ASLR on x64. But default is listen Sendmail and syslog? Pretty stupid.

>>60552270
nope. Marco Peereboom said it best. knobs for knobs. no competent programmer is obsessed with access controls like the help-desk tier knobs in this thread. same people say, "whats a mitigation"

>>60520003

Was using FreeBSD from 2005 to 2010. Now using Linux. Does anyone use a x220 with FreeBSD? Was it hard to make it run nice? Any problems with powersaving/acpi/suspend/fan-control/wifi? How is the ports collection doing? Problems with out-of-date ports?

If not FreeBSD, anyone using *BSD on x220?