-=> Richard Falken wrote to Dan Clough <=-

 > I may give it (Devuan) another look one of these days.  I do like
 > Debian and it's offspring fairly well.  Never cared much for the
 > BSD's, although only ever tried the FreeBSD variant and that was
 > long ago.  Never really saw the point of it - what does it do any
 > better than Linux...?

 RF> FreeBSD used to have proper jails and great ZFS integration, but
 RF> I don't know how great of an advantage it has on those fields
 RF> these days.

 RF> What OpenBSD does is to feel less insane than the others. To
 RF> begin with, it has less cruft going on. If you don'tknow how
 RF> something works, it is easier to figure it out form the source
 RF> code than it is from the source code of some of the alternatives.
 RF> Not that you are likely to need it since everything is well
 RF> documented.

 RF> Traditionally risky daemons are chrooted and subject to privilege
 RF> deprivation. BSD Auth is easier to understand and work with than
 RF> something like PAM. The TCP stack you would have to harden after
 RF> every Linux install is set with sane defaults in OpenBSD.

 RF> Also, it comes with software enough to build your own packaging
 RF> compiling cluster. The port system is so fun to break havoc with
 RF> :-)

 RF> Cherry on the top: the OpenBSD comunity has a reputation of being
 RF> composed of unfriendly bastards. I think that reputation is
 RF> overblown, but they really have an Iron Fist of Death when
 RF> dealing with drama. Anybody strong enough to remain active in the
 RF> community is granted to really care for the OS - ie. if you pop
 RF> up in the IRC channel you are likely to find people who LIVES
 RF> OpenBSD, as opposed to self-entitled brats you often find in some
 RF> forums.

 RF> Oh, and OpenBSD has PF. Some people prefers it over Linux packet
 RF> filtering interfaces. It is a matter of taste, really. Same with
 RF> the default smtp daemon or httpd. Those are a delight to work
 RF> with and are so much logical and preasurable to configure than
 RF> the minastream ones you'd find in the Linux world.

 RF> IMO you could do what you do with an OpenBSD with a Linux, but
 RF> when deploying some paket forwarder or small server, or a small
 RF> web service, OpenBSD gives you less post-instll work to do and
 RF> the whole thing seems more logical in general. I mean, the
 RF> Filesystem Hierarchy the Linux world routinely rapes.... you
 RF> suggest putting the wrong file in the worng place in the OpenBSD
 RF> world and they will send Skynet for you.

 RF> That said, OpenBSD has its own bunch of problems, like lacking
 RF> proper cow for the filesystem. They also lack a MAC framework -
 RF> they have other ways to mitigate break-ins, exploits, and what a
 RF> program may access, but you won't find SElinux or AppArmor
 RF> capabilities at kernel level.

 RF> I think that pretty much sums it up.

Thanks for that info, good insight there.  It (OpenBSD) interests 
me some, but frankly, I don't have the time nor motivation to go 
through the learning curve for something that does pretty much 
what I already know how to do...  That was kinda my point - if I 
was a Windoze guy looking to move to the *nix world, perhaps it 
would make good sense.  But as an experienced Linux guy, well.... 
not so much.  Appreciate you taking the time to write that up!



... All hope abandon, ye who enter messages here.
=== MultiMail/Linux v0.52
--- SBBSecho 3.11-Linux