Trying out OpenBSD (as a Linux geek)

There’s always been a kind of temptation from the proverbial ‘other side of the fence’ when it comes to Unix-like operating systems. This idea that there’s an entirely separate and similar, but entirely distinct system from what I’m used to is exactly what’s pulled me towards OpenBSD today. As somebody experienced with almost every mainstream Linux distro, I wasn’t entirely sure what to expect.

Visiting the website (openbsd.org), the first thing I noticed was how dense and concise the documentation was. The ‘FAQ’ section of the openbsd.org website is not very long, but gives more than enough information for a beginner or advanced user alike. BSD Manpages are of excellent quality, and that alone is a very good reason to try the system out, even briefly.

I think the best comparison to the ‘real world’ would be the difference between the reference section at a library, and a comprehensive set of encyclopedias. The reference section is written by several different authors, and while they try their best to have a similar style and tone, you can always tell that the different components are only loosely coupled. The OpenBSD system feels like the entire system, from documentation to the defaults and configuration style, was written by an individual or very small team. It feels tightly integrated and well tested. It feels opinionated, the same way a group of hardcore rule-lawyering board game players would be - it puts correctness above all else.

After installing on my old X201, my first impressions were of a very simple system. For example, /boot is a single file, not a collection of kernels, initramfs files, and configurations for grub as you would expect on a Linux system. The boot process is simple for that exact reason - there’s one way to boot a BSD system, so there’s no need to have the complexity (or some would say robustness) of the Gnu/Linux system.

Initially, you only get the basic xenodm and fvwm for a GUI. It’s only really there to provide a basic framework to build your desired system. In my case, I opted to use the ports system to install what I’m more familiar with, xfce4 and its friends. It was also very simple to install Firefox, Thunderbird, Vim, PDF tools, and a few more creature comforts. If you’re used to apt or yum it’s not a very difficult transition. With minimal UI configuration, my desktop environment was pretty much exactly what I expected.

Getting into the shell was a different story. This is where OpenBSD really sets itself apart from Linux. By default, you get ksh and very little else. With a very strict POSIX-centric and highly opinionated userspace, it’s initially quite hostile to those who cut their teeth on GNU. I did make a couple modifications such as installing bash and setting up some aliases to make the system a bit more familiar. For example, OpenBSD does not include sudo because of its complexity and questionable security record. Instead, the utility doas is included to fill the same purpose; escalating user to root in a safe and predictable way. It’s unquestionably better - doas is without a doubt better for most purposes, but years of muscle memory has trained my fingers to quickly type ‘sudo’, and I don’t think I’m ready to retrain that. So, instead I simply aliased “sudo” to “doas” as a crutch. I’m sure that will irritate and even offend some purists, of course.

Overall, the most important thing about OpenBSD for ‘desktop’ use is the distinction between the core system and the installable packages. It represents the critical difference between BSDs and Linuxes, which is the separation of concerns between the operating system and the userspace. As Gnu/Linux almost always has a single package manager responsible for patching all parts of the system, it means that there must be a compromise between the ‘stability’ of the core, and the ‘up-to-dateness’ of the userspace applications. In OpenBSD this compromise does not exist, you may have the very latest userland tools next to the very stable and conservative base system. Security updates are small, quick, and well designed. Packages are released when they’re ready, and everybody is happy.

Honestly, the only thing holding me back from becoming a full-time OpenBSD user is the lack of a functional Signal-Desktop package; almost everything else is a webapp at this point. I understand that as an Electon based application it comes with significant technical baggage, so for the time being I’m more than happy to have a ‘secondary’ computer to continue poking around with BSDs.

At the end of the day, it’s the worst kept secret in the open source world. I would advise any geek to give it a shot, even if just a quick jaunt in Qemu. It might surprise you, I know it surprised me.