Do NOT use the preconfigured OpenBSD on the VMWare site...

Discussion in 'other software & services' started by TNT, Sep 18, 2006.

Thread Status:
Not open for further replies.
  1. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Our system administrator decided to try the preconfigured OpenBSD 3.8 (latest official is 3.9, btw) that is available on the VMWare site... what a disaster that thing is! :mad:

    That virtual machine on the VMWare site was clearly made up by someone completely clueless about OpenBSD; first of all, the boot shows that the system was not properly unmounted (the person who put it together evidently didn't read this document). Also, all the system was put in ONE PARTITION! It's clearly stated in every OpenBSD installation guide since... well, since OpenBSD WAS CREATED that for security (and logical) reasons you should never put all the system in one partition! At least all the partitions
    Code:
    /
    /tmp
    /var
    /var/tmp
    /usr
    /home
    
    are a given, because they need to be mounted with different filesystem restrictions. I'm bewildered by the incompetence shown by whoever created that preconfigured virtual machine.

    If some of you want to try OpenBSD in VMWare, just don't use that absolute rubbish they put together, get the ISO from the OpenBSD site and read installation the documents... or ask me... :D

    Sorry about the rant, but it had to be said.
     
  2. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thanks for the warning TNT.
    I'm not ready to try OpenBSD yet, but I have a couple of very basic questions about the partition setup for OpenBSD.

    / This is the root containing the core OS system (like the Windows system partition).
    /tmp This is the swap partition similar to Windows pagefile.
    /var What is this used for?
    /var/tmp Is this a separate swap partition for /var or just a subdirectory?
    Why can't /var simply use /tmp to store swap data.
    /usr What is this used for?
    /home This is where the user's documents and programs are stored.

    What would you recommend as a good size for each partition?
     
  3. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    It contains the kernel image, the devices special files (/dev), the /etc partition (configuration files), /bin (some command files) /sbin (other command files), it's usually the smaller one.
    No, it corresponds to the temp storage folder in Windows. The swap partition is created at installation time (usually twice the size of the ram) but it's not accessible as a "regular" directory.
    Storage of system databases, mail and logs...
    It's a subdirectory AND a separate partition. :D
    Because (in my experience) you can later on define /tmp as "noexec", but defining the same for /var/tmp breaks some stuff. It's not swap... it's a temporary storage.
    Most of the programs
    Yes.

    I set up mine as:

    Code:
    / 500 megs
    (swap) 2 gigs
    /tmp 1 gigabyte -> nodev, noexec, nosuid, with user quotas
    /var 1 gigabyte -> nodev, nosuid
    /var/tmp 1 gigabyte -> nodev, nosuid, qith user quotas
    /usr 5 gigs -> nodev
    /home 4 gigs -> nodev, nosuid, with user quotas
    Basically regular users (not root) have the possibility to write only in /tmp (sticky bit), /home and /var/tmp (sticky bit) so quotas make sense only there. The partitions are restricted so that it's not possible to create, say, setuid files (which are dangerous) in temporary directories, or to create device files where they shouldn't go. This is of course only part of a careful setup, but all this wouldn't be possible at all with just one partition.

    As for the space, obviously it depends on how much drive space you have... I have that setup in a OpenBSD-VMWare dedicated TrueCrypt partition of just 20 gigs... /usr and /home should ideally be the largest directories anyway. The others don't need MUCH space in a home setup.
     
  4. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    Do you use it as desktop PC or server?

    What is the advantage of BSD over Linux as Desktop PC?
     
  5. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Desktop PC... laptop, in fact... :D

    Well... on a desktop PC most users would probably prefer Linux... BSD systems have generally a more stripped down initial configuration. In my experience they are all more stable and more secure than Linux (especially OpenBSD), but less user friendly (GUI configuration setups are quite rare) and with harder setup procedures (OpenBSD can be somewhat frustrating sometimes). However they also tend to be much less chaotic and easier to keep under control than most of the Linux distros I've seen.

    OpenBSD is basically the Unix system that's most dedicated to security; quite a bit of the security tools and ideas that were later ported to Linux were first developed on OpenBSD.
     
    Last edited: Sep 18, 2006
  6. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thank you TNT for the clear explanations! :)
    I was really starting to understand it and then you throw this in...
    Noooooooooooooooooooooooooooooooooooo! :D
    I guess I am out of luck understanding this one for now.
    Is it like a symbolic link/alias type of thing?
    Or like in Windows you can have a partition and then create a "shortcut" that is a link to the partition?
     
  7. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    You can have a partition mounted wherever you want. Just like /tmp is just a subdirectory or / on a different partition, /var/tmp is a subdirectory of /var on a different partition.
     
  8. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thank you.
    I think I understand.
    It is like TrueCrypt in Windows where you have an encrypted partition or file container and you mount it to any drive letter you want.
    In OpenBSD, you have the partitions and you mount them to specific directory names.
     
  9. Durad

    Durad Registered Member

    Joined:
    Aug 13, 2005
    Posts:
    591
    Location:
    Canada
    Thanks

    I am currently experimenting with Freespire
     
  10. IMM

    IMM Spyware Fighter

    Joined:
    May 6, 2004
    Posts:
    351
  11. TNT

    TNT Registered Member

    Joined:
    Sep 4, 2005
    Posts:
    948
    Yes... in UNIX you don't mount partition as drive letters, but as directories.
     
  12. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
  13. Devinco

    Devinco Registered Member

    Joined:
    Jul 2, 2004
    Posts:
    2,524
    Thank you TNT! I understand it now. :thumb:
     
Loading...
Thread Status:
Not open for further replies.