💾 Archived View for altesq.net › ~masqq › gemlog › 2022-06-16.gmi captured on 2022-07-16 at 13:51:50. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Today I've continued my journey into the OpenBSD realm. This post documents what I achieved today. Firstly, I found out that file(1) exists, I somehow never found out about it, and that it is hardened on OpenBSD to not execute any code, which is awesome!
I spent time today understanding the boot process and more of rc.conf, and by tomorrow I hope I can write my own start up scripts for custom services, it seems easy as they're shell scripts. I tested around single user mode, and other nice features.
Aside from that, I found in the OpenBSD FAQ that they recommend starting the X session with xenodm(1), because it runs X in another user and has many security benefits over running traditionally using startx(1). Coming from GNU/Linux, I always used an xinitrc so I ported it over to an xsession file in my home directory. I copied the example in /etc/xenodm/Xsession, until I found out that I must write my own not copy the example, so I did just that and it works. I like the error redirection to xsession-errors because you can see if anything goes wrong in the background, for example I forgot to configure redshift(1).
I also like the fact that each service is run in its own separate user by default, no need to tweak things, for example on GNU/Linux it's a pain to get X to run in another user, and on Arch, for example, many processes run with the root user, which is not good at all.
I've also customized ntpd to start with the "-s" flag, so it syncs my clock at boot. I do plan to re-install soon once I get a better hang of OpenBSD, so I can customize my installation more, especially the partitions, as I've left them default.
One thing I appreciate is that almost every program has an in-depth configuration example in /etc/examples, as well as a README. Using the man pages is a good way to learn the OS, and I find myself going less often to search for something than on GNU/Linux. You have to piece different bits of information from various man pages to get a working result, but in turn this gives you a good understanding of the programs. I especially like the "see also" section in the OpenBSD man pages. You can view related man pages easily using it, and it helps you understand a whole area of the OS easily.
Aside from all of this, I plan to continue reading the book "Absolute OpenBSD" in the following days, and learn, or at least experiment around, with pf(4), mostly pfctl(8).