Getting started with OpenBSD

— Updated on 10 oct 2018

What is OpenBSD?

OpenBSD is a FREE, multi-platform 4.4BSD-based UNIX-like operating system. Unlike GNU\Linux which is most likely a joining of 2 projects - Linux the kernel and the GNU utilities, the BSD's are usually one whole i.e the whole OS, including the kernel + utitlies are built in-house.

However if you do plan to try it out, keep in mind that the project mainly focuses on security and code correctness. You might not be able to run most of the software you're used to, as it might not be in the software repos or you might simply cannot build them.

Why OpenBSD?

When not to choose OpenBSD?

Install media

The installation

I’ll be explaining the process of installing OpenBSD 6.3 on to a laptop. Read the installation guide. It’s very much straight forward. As for what I chose,

System hostname? = lappy
Which network interface do you wish to configure? = em0
DNS domain name? = anythinghere.com
Password for root account? = ****
Do you want the X Window System to be started by xenodm(1)? = yes
Setup a user? = akts
Full name for user akts? = akts
Password for user akts? = ****
What timezone are you in? [Asia/Calcutta] = <Enter>
Which disk is the root disk? = sd1
Use (W)hole disk MBR, whole disk (G)PT or (E)dit? = w
Location of sets? = disk
Is the disk partition already mounted? = no
Which disk contains the install media? = sd2
Directory does not contain SHA256.sig. Continue without verification? = yes

Reboot into your new installation.

First boot

Login as your user. It helps, if you jack into your router with a cable - we’ll need internet, if your wifi doesn’t work.

Oh! before we go any further, $ man afterboot. What you see, after you log in, is the fvwm window manager in all its glory. Open a terminal and go root

$ su -l
Password:

To get internet, try

$ ifconfig # is your interface there?
# ifconfig em0 up
# dhclient em0

Install any non-free firmware with # fw_update

Pull out the cable, and lets get our wifi going.

# ifconfig iwn0 up
# ifconfig iwn0 scan
# ifconfig iwn0 nwid mywifihotspot wpakey P4$$w0rd wpaprotos wpa1,wpa2
# dhclient iwn0

Refer eth and wifi for more.

Installing packages

We need a repo url in /etc/installurl. This is where pkg_add, OpenBSD’s package manager looks for getting packages.

# echo "https://www.mirrorservice.org/pub/OpenBSD" >> /etc/installurl
# pkg_add i3 # installs i3
# pkg_info -Q i3 # searches for i3

Consult the faq for more.

Upgrading

# syspatch

Power management

# rcctl enable apmd
# rcctl set apmd flags -A
# rcctl start apmd

This will update a file called rc.conf.local in /etc. Never update the rc.conf file directly. Use rcctl instead. If you have not guessed it by now rc.conf is used to handle system startup scripts/programs.

Privilleged user

Add your username to /etc/doas.conf

# echo 'permit akts' > /etc/doas.conf

Warning: This will allow akts to run any command.

Memory limits

OpenBSD restricts the amount of RAM a program can eat to 1.5GB at max. If you have more than 4GB of RAM,

# cp /etc/login.conf /etc/login.conf.bak
# sed -i 's/datasize-cur=768M/datasize-cur=4096M/' /etc/login.conf
# sed -i 's/datasize-max=768M/datasize-max=4096M/' /etc/login.conf

Mounting disks

We allowed akts to execute any command. However if we want akts to execute specific commands as a privilleged user,

permit nopass akts as root cmd mount
permit nopass akts as root cmd umount

where mount and umount are the command names.

To mount and unmount disks

$ doas mount /dev/sd2i /home/akts/mounts
$ doas umount /dev/sd2i

Disk life

Even when you read a file, the filesystem keeps a record. The noatime in /etc/fstab prevents OpenBSD from doing this.

# cp /etc/fstab /etc/fstab.bak
# sed -i 's/rw/rw,noatime/' /etc/fstab

Refer fstab and disk setup for more.

References and better writings

Resources

Happy Hacking