|
Grex > Oldcoop > #361: OpenBSD: Discussion of appropriateness for grex and technical merits. | |
|
| Author |
Message |
| 25 new of 80 responses total. |
cross
|
|
response 50 of 80:
| 
Sep 14 17:41 UTC 2006 |
Regarding #47; Okay, tuning: but it only took us two years to get there. We
still don't have enough TTY's, and I still don't understand why a system would
crash just because the proc table filled up. Then there's the tty security
problem, the system logger security problem, and while it may be difficult to
reproduce, there's no denying that the softupdates bug is an actual operating
system problem (and has caused multi-day downtimes). But no one's ever seen
it in FreeBSD, at least not during the time that grex has been running
OpenBSD. Some of this is configuration (which just goes to show that even
talented system administrators working with supposedly secure software can
make mistakes or overlook things). As for bad memory, yes, what you say about
it is true - if it was really the problem - but then the decision to buy
non-parity memory after so much stink was made about ECC memory during the
hardware debates was clearly a bad one. And, after all this time, I'm still
not completely convinced that the memory module is really "bad": it may have
just been poorly seated, and it may have been a bug in the OS, which was
upgraded at around the time the memory module was removed - perhaps the bug
was fixed by the upgrade. Or perhaps it was something totally different.
For the record, the decision to buy a mid-tower case instead of a rack mount
case when grex moved into colo shortly after moving to the present hardware
was also bad.
I'll note that with the exception of the hardware related problems, the rest
*may* have been completely avoided by running FreeBSD from the start instead
of OpenBSD. We'll never really know. Would I describe grex as "horrendously
unreliable"? Hmm, that'd be stretching it, but it was pretty shakey there for
a while, and at least some of that was OpenBSD - supposedly chosen for its
reliability and security.
Regarding #48; OpenBSD 4.0 hasn't been released yet. Java has been running
under FreeBSD for years. What's missing? Any sort of semi-modern JDK in
/usr/ports on grex right now, in September, 2006. Java is older than OpenBSD,
OpenBSD is something like 9 or 10 years old, and they're just now getting it?
Linux has had it for ages, as has FreeBSD. I don't see how you can point to
what they're just doing, now, and use it as justification for a decision made
three years ago.
|
cross
|
|
response 51 of 80:
|
Sep 14 17:43 UTC 2006 |
Regarding #49; That's an opinion that you posit as fact, and then ignore the
parity between their ongoing security efforts when you make statements to
support your opinion. I'm refuting that, and asking you to give me a
substantive argument that justifies your opinion. Repeating, "FreeBSD is very
good, but not as good as OpenBSD..." over and over again will not convince
me. This is not the Bush administration, after all.... :-)
|
tod
|
|
response 52 of 80:
|
Sep 14 18:54 UTC 2006 |
The check is in the mail with your reaping process and FreeBSD, m'kay?
|
cross
|
|
response 53 of 80:
|
Sep 14 19:44 UTC 2006 |
Heh.
|
steve
|
|
response 54 of 80:
|
Sep 14 19:54 UTC 2006 |
Dan, take a look at the cvs logs for FreeBSD. They've had some problems,
I know that. I'm not sure that it has the same problems as we've had, but
I did briefly talk to someone who had a problem with soft deps on a large
database system. So I don't think its fair to say that FreeBSD's
implementation is perfect. I haven't seen the problem on any of my machines
either, so it isn't something easily produced.
The logger problem is a policy issue; syslog from users is normally
trusted. Grex can't do that.
|
spooked
|
|
response 55 of 80:
|
Sep 14 20:51 UTC 2006 |
With all due respect, STeve, if someone reminds you more than a few times
(and is promised that he will get it in a short period more than a few
times, and never got it) they just give up and do it for themselves
because of a lack of respect.
When I do stuff, like programming, build scripts etc through my work --
I always document as I'm doing the activity. Any responsible IT
professional does this - if not, they are hardly worthy of being in a
team in my opinion.
|
steve
|
|
response 56 of 80:
|
Sep 14 20:54 UTC 2006 |
True enough, documentation is a good thing. The reaping process,
like many of the other things done to maintain Grex was done by
various folks and it kind of evolved over time.
|
albaugh
|
|
response 57 of 80:
|
Sep 14 20:58 UTC 2006 |
And making use of it without documentation is considered to be statutory reap.
|
steve
|
|
response 58 of 80:
|
Sep 14 21:00 UTC 2006 |
Re 50: Grex was shakey there, and we warned people there would be a
transiton period before things were rock solid. You should have seen
Grex when we got on the Sun-3 and then with our new 2G disk: we crashed
about every other day, taking files with it. Ick. The worst problem we
had after moving to OpenBSD was the memory problem.
As for Java, had we been good about upgrades we'd have been in a far
better position re Java. This isn't to say that OpenBSD support isn't
more latent than FreeBSD's, because its true that such support came late
for OpenBSD. However, I can't recall people asking for Java 'till after
we were here, ie it wasn't one of the things that we were worried about
when considering how to leave SunOS.
|
cross
|
|
response 59 of 80:
|
Sep 14 22:08 UTC 2006 |
Regarding #54; I never said FreeBSD was perfect. But I am implying that these
things are more mature on that platform. Part of that is that it has a larger
user base, so snarky problems (that are difficult to reproduce, like grex's
issues with the softupdates code) get exposed more rapidly - and thus fixed.
Further, since more businesses depend on FreeBSD, there are more loud voices
(and willing eyes) joining the chorus to have these problems fixed. But
that's what you get when you have a more mature and larger installed base in a
server oriented system. Linux could have this, too, had they not adopted the
hacker of the month model for development (I remain largely unconvinced that
Eric Raymond's "bazaar" model really works beyond a certain threshold of
complexity and size).
Regarding #58; Two years is quite a transition period. But then, had we run a
system that more sysadmin types were familiar with, would it have taken two
years? And that's part of my point. Perhaps the *worst* problem we had was
the memory problem, but it certainly wasn't the *only* one, and that it has
taken two years to get to the point where problems with the systems software
have been masked speaks to the unsuitability of that software for the task at
hand. I earnestly believe that we could have done better. Whether that is
true or not, the data shows that we didn't do all that well (at the least,
grex should have gotten ECC memory - about which all the stink was made).
I'm not sure how being better about upgrades would put us in a better position
with respect to Java. On *my* OpenBSD system - running the latest stable code
(that is, 3.9-stable from about two weeks ago), Java doesn't exist in the
ports collection, either. Surely you aren't suggest that we run the
unsupported, unstable developer -current tree, which is what OpenBSD 4.0 will
be forked from once it stabilizes? This cannot be what you mean by, "being
better about upgrades." What's more, I cannot find credible your (implied)
claim that Java support on OpenBSD will be as mature as on FreeBSD once
OpenBSD 4.0 is released: Java has run on FreeBSD for years. It is quite new
on OpenBSD, and simply cannot be as well tested.
What's more, as you know, many Java programs rely heavily on threading for
concurrency. The Java threading implementation, in turn, exists on top of the
POSIX threads suite. That suite under OpenBSD exists entirely in a user-land
library, with no support for thread concurrency from the kernel. This means
that, if a process should call some sort of blocking system call, every thread
running in that process will hang until the operating system returns from that
system call. On FreeBSD, threads are (if I'm reading the man pages right)
scheduled by the kernel (they also have a user-level threads library - great
for applications that do lots of thread switching with little chance of
blocking).
Having programmed in Java, I can say that I don't care for their threading
model: it's an architectural throwback to the 1960's, critical section
protected, cooperative coroutine model that's too low level and not as
expressive as, say, CSP-based concurrency systems. But, the fact is that Java
threading just won't work as well on OpenBSD.
As for the logger problem, OpenBSD touts itself as "secure out of the box" and
takes a stance of not really trusting the local user. Why, then, not protect
the system logger, which could be used for a denial of service attack, at the
very least? But I see your point that it's a policy issue rather than an
actual software flaw (I'd say it's more of a configuration issue). MY point
is that we chose this system for security, and then failed to adequately
secure it. No system, no matter how good or bad its security, is going to
remain secure if its configured insecurely (how's that for a tautalogical
statement?). Since we didn't properly secure grex on OpenBSD, what then, was
the point of choosing OpenBSD based on its security record? I'm just not sure
I buy the security argument, and I remain unconvinced.
Steve, if there are specific points on which OpenBSD does demonstrably better
than FreeBSD (with respect to security or anything else), I'd really like to
hear them. So far, all I've heard is impressions and opinions, with little
recourse to facts of measurable data. While those things are fine for
starting to form an opinion, major decisions should not be based on them, and
opinions and intuitions should be subject to change based on observed
behavior. In the absense of sound technical argument in favor of OpenBSD, I
simply don't see how the decision to go with that operating system can be
objectively justified.
With respect to Java, I specifically remember Mic asking for it when the
discussions of what operating system to go with post SunOS 4 were being held.
Item 123 in the old Garage conference has postings from October, 2003 where
it's mentioned.
And for the record, lest it be said otherwise: I'm not "against" OpenBSD. I
run it on several of my own systems. But I really want to understand why it's
appropriate for grex, and I really don't understand that and don't believe
that it is.
|
steve
|
|
response 60 of 80:
|
Sep 14 22:39 UTC 2006 |
Java will never be in the package repository, unless Sun changes their
license. So you'd have to build it yourself. As for the reliability of
Java on OpenBSD, go into the misc@ archives and see comments from Henning
Brauer, one of the developers, for his confidence level in Java. Others
have made the same comments as well. Will it be as fast as on FreeBSD?
I don't know, but likely not. OpenBSD has never been about speed, so I'm
not concerned about that.
I'm puzzled why you don't see policy issues being something that can't
reasonably be set for everyone. syslogd.conf is something that darn well
ought to be looked at and adjusted accordingly. I don't think anyone on
staff had thought about the current toxic users who'd exploit this, I
know I certainly didn't. I might also point out that the systems security
remains unchanged by that--messages to the screen and into a log file
might be annoying, but not threatening to the system.
Yes, we took too long to get Grex stable, I certainly agree. But I'm
not believing for a minute that FreeBSD would have magically made anything
better. I heard the same exact thing years ago when we were on SunOS.
What Grex needs is more local staff who is able to deal with problems
as they arrise. We also need 24 hour access to the system. There were
several times when I would have dealt with problems at night when I'd
gotten back to Ann Arbor, but I couldn't do to the 10pm curfew that is
imposed on us. Grex has never been exactly efficient in certain things.
I also flatly disbelieve that there are many people on Grex who'd be
willing to do systems work on Grex if we didn't run OpenBSD. The two
most vociferous opponents to our current op system don't live here.
More when I get back from a work thing.
|
cross
|
|
response 61 of 80:
|
Sep 15 00:01 UTC 2006 |
I'm not talking about the package collection, I'm talking about the ports
collection. The former is pre-built packages, the latter are built from
source (and he mechanism by which the former are created). The threading
issue isn't just about speed, it's also about reliability and expected
behavior: if I have an application that utilizes n threads, and I expect that
n - 1 of them will ccontinue running even if 1 of them blocks on a system
call, and then I try to run it on OpenBSD and it doesn't work right, I won't
be happy (particularly if the Java spec or something says that it should keep
running). Surely things like this *are* cause for concern?
The problem with the logger had nothing to do with syslog.conf, it had to do
with the fact that people could write to the log socket. It could be masked
by judicious tweaking of syslog.conf (which, you are right, surely should be
modified to be brought into accord with local system policies), but that's
just treating the symptom, not the disease. Personally, I don't think that
ordinary users should be able to write to the logging socket *by default*:
If I want to enable it, that's another matter. And I would further suggest
that it *is* a systems security issue in that it can be used as the basis for
a denial of service attack. Random junk spewed into the logs can also mask
actual system attacks, and greatly reduce the value of information in log
files. If the system log rotation policy favors size over time when deciding
to rotate a file, real information may be lost.
Perhaps FreeBSD wouldn't magically have fixed all of grex's problems, but
we'll never know since we didn't try it. I submit that several of the
problems we experienced with OpenBSD wouldn't have shown up, and if they had,
there would have been a larger user community to draw from to get them sorted
out. As it is, we still have OS related problems: Grex isn't configured to
support enough terminal devices for the number of users who want to use it.
No one seems to have figured out how to get OpenBSD to allow more. Hmm.
I think that it's telling that Jan Wolter, who did the majority of work in
getting grex running under OpenBSD, ended up not liking it very much that
experience. See, for instance, item 170 in the old garage conference.
|
cross
|
|
response 62 of 80:
|
Sep 15 00:11 UTC 2006 |
A correction to my earlier posts: it appears that Java *is* in OpenBSD's ports
collection, even on grex right now: /usr/ports/devel/jdk.
|
tod
|
|
response 63 of 80:
|
Sep 15 01:55 UTC 2006 |
I think Grex needs less local staff considering the pool of volunteers is
likely to come from abroad. Spooked and cross are on opposite sides of the
planet but are well equipped to patch and lock down FreeBSD.
|
twenex
|
|
response 64 of 80:
|
Sep 15 07:28 UTC 2006 |
Hmm. How likely is it that volunteers are more likely to come from abroad than
the US, really?
|
jep
|
|
response 65 of 80:
|
Sep 15 13:22 UTC 2006 |
Given that the pool of local volunteers is approaching 0, the chances of
finding volunteers from other places seems to be more likely each year.
|
cross
|
|
response 66 of 80:
|
Sep 15 14:26 UTC 2006 |
I'm not sure volunteers need to come from abroad (I mean, not that it's a
problem if they do - I'm sure they're certainly welcome and I'm not trying
to imply otherwise), but it's clear that those that are coming from Ann Arbor
itself are getting fewer and fewer.
Todd is right.
|
tod
|
|
response 67 of 80:
|
Sep 15 18:09 UTC 2006 |
re #66
Silly man. Abroad=anywhere outside the Planet of Ann Arbor (aka perpetual
high school mentality land)
|
cross
|
|
response 68 of 80:
|
Sep 15 18:35 UTC 2006 |
My bad.
|
twenex
|
|
response 69 of 80:
|
Sep 16 20:45 UTC 2006 |
Mine too.
|
khamsun
|
|
response 70 of 80:
|
Sep 30 11:55 UTC 2006 |
Dan Cross "cross":
--> "reasons I believe one may consider OpenBSD inappropriate
for grex and/or "not modern."...(blah-blah-blah)..."deficient Java
support on OpenBSD"
--> "STeve andre" in #35:
"Kurt Miller has done a great job of keeping Java 1.3, 1.4 and 1.5
working. Java and OpenBSD is an excellent combination."
--> cross #39: "Indeed, it's not in /usr/ports on grex right now."
--> cross #50: "What's missing? Any sort of semi-modern JDK in
/usr/ports on grex right now"
--> cross #59: "On *my* OpenBSD system - running the latest stable
code(that is, 3.9-stable from about two weeks ago), Java doesn't exist
in the ports collection, either."
But
--> cross #62: "A correction to my earlier posts: it appears that Java
*is* in OpenBSD's ports collection, even on grex right now:
/usr/ports/devel/jdk."
|
cross
|
|
response 71 of 80:
|
Sep 30 13:56 UTC 2006 |
Err, that was why I made the correction...? How does this address my other
points?
|
cross
|
|
response 72 of 80:
|
Sep 30 13:57 UTC 2006 |
(For instance, grex was off the network for about 8 or 9 hours last week.
We never saw any sort of explanation as to why....)
|
dtk
|
|
response 73 of 80:
|
Jan 7 16:16 UTC 2013 |
People talk about security in the abstract when discussing projects like
OpenBSD without asking the two critical questions:
1) what resource or value are you trying to secure?
2) What threat are you trying to secure it against?
If Cyberspace Communications BOD is interested in, for example,
protecting availability of the forum and the near-real-time chat-room,
there are radically different concerns than if they were interested in
protecting the confidentiality of messages, either at-rest or in-flight.
Does the BOD give guidance on what to protect, and from whom? Without
answering those two simple questions, discussion about security is at
best supposition and partisan shouting. -DTK
|
cross
|
|
response 74 of 80:
|
Jan 7 17:02 UTC 2013 |
Short answer: no.
But Grex is going to be moving away from OpenBSD and to FreeBSD on the next
revision of hardware.
|