OpenBSD Webzine

TL;DR

Recent -current changes

Many changes to current since last webzine, this is awesome!

Interesting new packages

7.0-stable updates (since last webzine issue)

Questions & Answers

We chose to keep the author of each question anonymous for this section.


Question from K.: I'm curious about criterias for where you've chosen to use OpenBSD in some contexts versus a linux distribution in some others

Solene@: there are many criteria that will come into the decision: first, are my software and hardware requirements compatible with OpenBSD? If no, usually Linux is a very good fallback. Most of the time, this will be the only question I need to think about, I would install OpenBSD any time when I have the choice AND it will do what I want. Another question would be in case of a multiple human users system, do I want them to use OpenBSD, is it a good idea? Finally, performance could also be an important factor in the decision, especially for embedded systems.


Question from T.: I found it really confusing on how to get started with the very few basics of relayd and how to set it up with httpd. I could run httpd on its own but it seemed all the features I wanted were in relayd and the manual assumed a level of basic set-up info I didn't know

Solene@: it is true the relation between httpd and relayd can be confusing. Relayd in front of httpd can add some logic related to headers while httpd doesn't have much logic in its configuration which make it relatively dependent on relayd for some use cases. However, I usually recommend use of a web server like apache or nginx when you need some advanced features that httpd doesn't have.


Question from T.: How to change the 404 page in httpd? Is there really no other way than changing the source code and recompiling httpd?

Solene@: httpd received support for custom error pages in October 2021 , you can read about it


Question from S.: I've always been curious how folks are able to play games like old Half-Life mods (e.g. Counter-Strike); like is this some wine or Linux compatibility layer or do there exist builds of these games for OpenBSD?

Solene@: commercial video games running on OpenBSD are using various technologies. They can be run using a game engine implementation, meaning someone rewrote the game engine from scratch and you need to have the game assets (sounds, maps, graphics etc..) to play the game, sometimes it's not really clear as if it's really open source or leaked code, this is the case for the Gold Engine used to run Half-Life, hence this is why it's not available in ports. On the other hand, some games are written in programming language such as Java or C# which are virtual machines and they only rely on open source libraries that we have in ports, in that case it's often possible to run the game natively by replacing the original libraries with the one from ports and use java or mono to run the code.


Question from W. O.: What are some practical uses for rdomains?

Solene@: there are at least two different uses I can think of right now. The first use would be for a system with multiple internet connections which would use each independently. Each link would live in its own routing domain and never mix with the others. Another use case would be with VPN, instead of using it as a default gateway it could run in a different routing domain, the user could then choose per-application if it should pass through the VPN or not.


Question from R. S.: Assuming a new user is coming from a linux background, what things do you think are critical to know about OpenBSD?

Solene@: I think new users should know OpenBSD is quite unlike Linux distributions, to avoid common mistakes that lead people to follow wrong instructions when looking for help. In addition, knowing about the FAQ on the website and how to efficiently read man pages would be a great introduction. Of course, starting a new product by its documentation it not very fun, but as OpenBSD differs greatly from Linux, I'm convinced new users should spend some time learning how to use the documentation.


Question from R. S.: What do you think is the coolest 'new' thing in the upcoming release?

Solene@: I'm personnaly happy to see support for distributing gzipped content in httpd but I have to admit the various changes such as Apple M1 support or all the WiFi improvements are exciting.


Question from R. S.: Name an unexpected man page that you think is a must-read for admins.

Solene@: here is the man page


Question from T.: Is any work on network/PF performance being done? I use OpenBSD as a firewall, and it works great with my existing hardware an internet connection, but when I look at benchmarks it seems to lag behind Linux and FreeBSD as far as throughput in this application.

Solene@: there is a current work to improve PF performance to make it use multiple CPUs at once, in the end this will give good results. However we regularly reach milestones and performance is getting better with every new release.

Shell tips

It is easy to add autocompletion to commands in ksh, however they are limited because they have to be evaluated when the shell is starting.

In the following example, we can parse the file

~/.ssh/known_hosts
to get hostnames and use this list to set autocompletion entries for some commands:
HOSTS_LIST=$(awk '{split($1,a,","); print a[1]}' ~/.ssh/known_hosts)
set -A complete_ssh -- $HOSTS_LIST
set -A complete_ping -- $HOSTS_LIST
set -A complete_sndioctl_1 -- $(sndioctl | cut -d= -f 1)

In this other example, we autocomplete differently depending on the parameter position

set -A complete_rclone_1 -- ncdu ls copy sync
set -A complete_rclone_2 -- $(rclone listremotes)
Adding autocompletion entries is easy but in ksh it is evaluated at runtime, so you should avoid time consuming evaluations, and some commands like scp or git can't receive much useful completion.

More information can be found about this feature .

Artworks of the moment

Some circles with spikes having eyes looking like puffy fishes, hand drawn in black and white
"Herd of puff." by

Authors

Solène Rapenne, pamela@ and other people who contributed outside of git that I may have forgotten. Many thanks to everyone involved and supportive of the idea!