💾 Archived View for altesq.net › ~evenfire › posts › 2022-06-17.gmi captured on 2023-04-26 at 13:22:46. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-01-29)
-=-=-=-=-=-=-
The third day of the OpenBSD transition is here and here's my progress! Might be a bit more lengthy than the other parts.
I learned about disklabel(6) and how to view and write disklabel partitions with it, it's a nice utility once you get to know it.
As usual, OpenBSD shines with security features. I found out that only users in the wheel group can attempt to become root via 'su', unprivileged users cannot, which is really good!
I found out that mount(8) shows the currently mounted partitions and their options, aside from that I've studied its internals and how it calls mount_msdos, for example, when mounting vfat partitions. I've also learned that fat partitions are always on partition i. The OpenBSD partitioning scheme is beginning to make sense and I'm getting quite fond of it.
Speaking of file systems, I found out that FFS/FFS2 (Fast Filesystem/Fast Filesystem 2) can stack mounts. For example, I can have a file in the home partition in ~/usb then mount /dev/sd2i over it and it'll show the flash drive's files. After I unmount the flash drive, the file I wrote originally in ~/usb is there.
I've added the softdeps option, that enables soft updates, to my /etc/fstab entries, specifically /home and /, along with noatime. This resulted in a considerably faster file system, including less disk wear by using the noatime flag.
I've removed the -s flag from ntpd as I've read in /var/log/messages that it's deprecated, quite spammed me about it.
I've learned about /altroot backups and that in fstab the partition type of an altroot backup is "xx". Not using them at the moment, but when I'll deploy OpenBSD in a server setup they'll be useful.
Now that I feel decently comfortable with OpenBSD, I decided I'd attempt an encrypted install on my laptop with it. In the beginning I had an issue because I forgot the last step in the whole disk encryption process, like 3 times, and it wouldn't write the boot blocks. After I fixed that, it installed successfully, though because I didn't see my error wasted like 3 hours. Then I encountered another issue as it wouldn't detect the bootloader. The laptop has UEFI support but thought I'd install
with MBR, and it worked just fine with it. Probably the UEFI support is not that good. After that I configured apm(8) to control my CPU and it's all good.
I'm surprised at how fast the disk decrypts at boot, it's incredibly fast! Much faster than on GNU/Linux with LUKS, even on my dual core laptop.
The security of OpenBSD is more worth it in a server aspect, but it's definitely good in a desktop aspect but it slows things down for eg. by default multicore is disabled and such (to an extent) but you can enable it and you get normalish performance (compared to GNU/Linux), will still have a hit because of the bunch of security tweaks they make. Aside from that the manual pages are incredibly good, doesn't compare to GNU/Linux in any way in this category, wins 100%, I don't need to open my browser and
search for random stuff for no reason whatsoever, everything is offline (which I'm more offline inclined than to rely on an online infrastructure). Aside from that, you can really feel that everything is made by a single team as everything is neatly interconnected and works flawlessly, the attention to bugs and all is definitely another pro for the OpenBSD team.
OpenBSD continues to surprise and deliver!