- Operating System Name
- Operating System's Home Page
The most famous may be “Secure By Default”. Another, frequently used, is the descriptive motto written on the side of the cases of official media: “Free, Functional & Secure”.
The phrase of “Just Works”, refering to the simplicity of things that work well because of excellent design, is often used by the community (on the OpenBSD Journal website @ Undeadly.org) to describe certain successful solutions/designs which often involve using OpenBSD.
OpenBSD's famous mascot is Puffy. Puffy is a “pufferfish”, likely used in response to OpenBSD's use of “blowfish” code. (Puffy is sometimes described as being a “porcupinefish”. Wikipedia's article on Tetraodontidae notes, “Even if they are not visible when the puffer is not inflated, all puffers have pointed spines, so a hungry predator may suddenly find itself facing an unpalatable pointy ball rather than a slow, tasty fish.”)
An early image featuring Puffy is Fishbowl image from OpenBSD 2.6. (That image is also available as OpenBSD's Fishbowl image, hyperlinked to from OpenBSD Art (Page 2). In the image, a cat has stripes resembling those of a prison uniform (as noted by Wikipedia's page about “Prison Uniform”: Section about uniforms in the United States of America), implying the cat being a criminal. Using OpenBSD's Blowfish technology is represented by Puffy. The analogy is that if a script kiddie wanted to attack a system, there may be less attractive systems than a fully secured OpenBSD machine. The contiunued message meant to be conveyed by Puffy's unfriendly spines is that Puffy is not an attactive target. Sometimes the unfriendly nature of Puffy may have been used in comparison to Theo de Raadt, who has been known to take strong stances, often at the cost of niceness.
- Some available artwork
The OpenBSD Art page shows this mascot and the word “OpenBSD” in a re-occuring style.
- Release Theme
Also fairly unique about OpenBSD is that each release comes with a brand new, recorded, song. This happens twice per year, and has been true for more than a decade (since version 3.0 which was released in the latter part of 2011). OpenBSD Songs and Lyrics makes both the lyrics and the downloadable songs available. The web page also shows artwork from the released CD sets. This artwork is related to a fictional story which is often related to current computer/Internet events and also related to the song. The cover of the DVD cases also has related artwork. The theme of the artwork, song, and commentary differs with each new OpenBSD release. In keeping with the mascot Puffy, characters in this artwork are very often rather aquatic.
For OpenBSD 4.4, the title at the top of the FAQ page was changed from “Documentation and Frequently Asked Questions” (and the HTML “TITLE” tag was changed from “Frequently Asked Questions”). This did change: For OpenBSD 4.9, where the theme was Douglas Adams's “The Hitchhiker's Guide to the Galaxy”, the title was changed to “Hitchhiker's Guide to OpenBSD”. Subsequent releases have also renamed the FAQ's title to something that reflects the theme that has been selected for the latest official release.
- Operating System's License
- General/basic type:
ISC, Berkeley (BSD), and perhaps some others.
Note that although OpenBSD FAQ 1: section about “What is included with OpenBSD” (FAQ section 1.8) lists X as if it is included as part of the operating system, OpenBSD Copyright Policy says, “X, X.Org or XFree86 are not parts of OpenBSD, rather X.Org and parts of XFree86 3.3.6 are distributed with many OpenBSD ports as a convenience to the user, subject to applicable license terms.”
- Location of actual license online (if locatable)
OpenBSD Copyright Policy discusses various licenses that may be found when dealing with OpenBSD and its related software.
The web page says that ISC “is the preferred license for new code incorporated into OpenBSD.” The web page refers to a local copy being at
but that file doesn't exist unless source code has been placed into
/usr/src/(and that is NOT done by default). An online copy can be viewed by seeing OpenBSD CVSWeb copy of OpenBSD's license template and choosing the relevant “markup” hyperlink for the latest version of the file.
Licenses related to X.org may be found in Latest X.org documentation files. (There are various License.
*files, so the information is available in different file formats.)
XFree86 Project info on Licenses contains a few...
- Overview/discussion about license
- OpenBSD FAQ 1: section called “Is OpenBSD really free?” (FAQ section 1.4), OpenBSD Goals.
- The OpenBSD Team: OpenBSD FAQ 1: section on “Who maintains OpenBSD” (OpenBSD FAQ 1.6) states, “OpenBSD is maintained by a development team spread across many different” [nations]. “The project is coordinated by Theo de Raadt, located in Canada.” (Hyperlink added to quote.) A map showing locations of developers of OpenBSD shows that most are either in or near the Pacific Time Zone, in or near the portion of the United States in the Eastern Time Zone, or in Europe.
- [#obsdsize]: OS Sizes
- Minimum installation
OpenBSD FAQ 4: section on partitioning (FAQ section 4.8) says, “OpenBSD can be installed in as little as 512M, but installing to that small of a device is something for advanced users.” A rather minimal OpenBSD/i386 4.0 installation took about two thirds of a gigabyte at 655.7 MB. That wasn't achieved by taking any extra special efforts to remove things that could be removed with difficulty, but rather that was achieved simply by installing only the base filesets.
- Full installation
Amounts closer to (but under) 5.5 GB have been seen by OpenBSD 4.8-stable, although keeping things that small may cause limits to be approached. That installed a few applications that were recommended by TOOGAM's tutorial for setting up an operating system: guide to installing some common software.
A system with an 8GB drive may create an automatic disk layout that isn't quite large enough for easily upgrading OpenBSD by using source code. (However, an 8 GB drive may still work; it just involves not using the automatic disk layout, or making some changes to work around the fact that the upgrading isn't quite as easy as if more space was available. For further details, see the section about upgrading by using source code.)
OpenBSD's Anonymous CVS Guide: section about setting up a mirror indicates expected growth in code, but has noted the size to be “about 5GB of disk” space.
- Typical installation
Sizes can vary quite a bit within the ranges between the minimum installation and perhaps 5.5GB. Clearly adding more software can increase the size well above 5.5GB.
An OpenBSD/amd64 4.8-release which later compiled its own new code and became 4.8-stable, with several packages installed weighed in at over 41/8 GB (5 and 1/8 gigabytes). About 142MB of that was outside of /usr/, meaning that the remaining space taken up was in /usr/. On a rather basic installation, /usr/ is where most of the space typically gets taken up (not counting log files, temporary files or other files that users might create, and other things which may vary wildly on different systems). That installation used automatic partition sizing that /usr/ had 1.9GB/2.0GB used, with -20.3M available (and capacity shown as being 101% used), and had other mount points under /usr/ (which is where the rest of the about 5GB was stored). In that specific case, bigger would have been nicer than what the automatic installatin process selected.
On an older OpenBSD/i386 4.4 installation, /usr/ was about 3.1GB after being used for years. An actual live system, used as a firewall for years, had been known to use 1.7GB for /usr/ without any complaint about insufficient disk size. So, the size has not remained unchanged over time.
Older versions of the FAQ had a Partitioning section of OpenBSD FAQ 4 which was titled, “How much space do I need for an OpenBSD installation?” OpenBSD 4.3 FAQ (Archived): “Disklabel” section had another breakdown of space. Version 4.4 of the FAQ showed that as follows:
- wd0a: / (root) - 150M. Should be more than enough.
- wd0b: (swap) - 300M.
- wd0d: /tmp - 120M. /tmp is used for building some software, 120M will probably be enough for most things.
- wd0e: /var - 80M. If this were to be a web or mail server, we'd have made this partition much larger, but, that's not what we are doing.
- wd0g: /usr - 6G. We want this partition to be large enough to load a few user applications, plus be able to update and rebuild the system by source if desired or needed. The Ports tree will be here as well, which will take almost 250M of this space before ports are built. If one was planning on building many applications from source using ports rather than pre-built packages, you might want a lot more space here.
- wd0h: /home - 4G. This will allow plenty of user file space.
- Other operating system requirements
The web page listing OpenBSD's list of supported platforms lists the platforms, and has hyperlinks to a page with more details about each platform. Some of those details include mentioning requirements and supported hardware. (The list of active platforms is also shown by OpenBSD FAQ 1: section listing what types of computers run OpenBSD (FAQ section 1.2).
One note of irony (at least with modern versions of OpenBSD): the OpenBSD/i386 platform does not work on an Intel 386 CPU. (Yes, the lowercase i in the term i386 does refer to Intel.) OpenBSD/i386's change in support of the 80386 seems to have removed the support from OpenBSD 4.3 and newer. OpenBSD/i386 platform notes statement about processors says, “All CPU chips compatible with the Intel 80386 (i386) architecture, except for the 80386 itself, are supported”. (FreeBSD has a similar situation.) OpenBSD FAQ 12.7.2: Discussion on floating point (the section is titled “OpenBSD won't work on my 80386/80386SX/80486SX system!”) also discusses this.
- RAM (Memory)
For minimum RAM, an answer from a fairly official source: OpenBSD FAQ 3: “What is an appropriate "first system" to learn OpenBSD on?” (FAQ section 3.7) states, “64M RAM or better: If you wish to run X, 128M would be a better starting point.” This was quoted from OpenBSD 5.3, but this quoted amount is believed to be quite a bit older than version 5.3 of the operating system.
In practice, setting up several virtual machines showed that 272MB seemed to work much better, and that was without X or Anti-Virus software. (Using ClamAV's
program might add on about another third of a gigabyte: ClamAV for Unix RAM requirements.)
The “-release” versions of OpenBSD prior to 5.0 did not support more than 4 GB of memory on the amd64 platform. (Forum post about BIGMEM support in OpenBSD discusses that although the code was considered to be enabled prior to OpenBSD/amd64-release 4.9's release, the modified code was meant for a later operating system.) This was since /usr/src/sys/arch/amd64/amd64/machdep.c had text saying “
bigmem = 0” instead of “
bigmem = 1”. OpenBSD Journal article mentioning bigmem support being enabled shortly before OpenBSD 4.9's release, OpenBSD 4.8 ChangeLog showing bigmem support wasn't considered fully ready for 4.8.
OpenBSD FAQ 14: section about large hard drives (FAQ section 14.8) discusses some limits. In the “FFS vs. FFS2” section, it is noted, “The boot/installation kernels only support FFS, not FFS2, so key system partitions (/, /usr, /var, /tmp) should not be FFS2, or severe maintenance problems can arise (there should be no reason for those partitions to be that large, anyway).” Those folders will be subject to the limit of OpenBSD's FFS, which allows “an individual file system of up to” 2(31)-1, “or 2,147,483,647 blocks, and as each block is 512 bytes, that's a tiny amount less than 1T.” (It is one 512-byte block under a TB.) In example in later text demonstrates that some subdirectories, such as /var/www, could be different mount points that don't need to be affected by that same space limitation.
(For details on the minimum amount of disk space recommended, see the section on OpenBSD operating system sizes.)
- Network adapter
At the time of this writing (with OpenBSD 5.3), OpenBSD FAQ 3: “Getting started with OpenBSD”, #FirstSys section titled “What is an appropriate "first system" to learn OpenBSD on?” gives what is probably now some bad advice: “Use a PCI adapter.” What the FAQ is really trying to communicate is “Do not use an ISA-based network card if the computer supports other options.” However, the “Conventional PCI” bus has now become old, and there are often better options than using the older bus style that was simply called “Peripheral Component Interconnect” (and more frequently by its initials: PCI). It might be true that having NICs built onto a motherboard may often be superior than using a standardized bus system like PCI Express. Newer, modern network cards would benefit from using a newer bus type (like “PCI Express”) rather than the older bus type that was simply called “PCI”.
Having at least two network ports on a system is great if the system is planning to be a firewall. Having two network ports on a motherboard may be fairly uncommon, at the time of this writing, but motherboards featuring such connectivity do exist.
- More Hardware Details
(This section is meant to provide additional details beyond just those that are described in the section about the operating system's main “system requirements”).
For further documentation regarding hardware, see: OpenBSD FAQ 3: “Getting started with OpenBSD”, #SelectHW section titled “Selecting Hardware” and OpenBSD FAQ 3: “Getting started with OpenBSD”, #FirstSys section titled “What is an appropriate "first system" to learn OpenBSD on?”.
][CyberPillar]['s section on RAID: section about Adaptec support discusses some references to the OpenBSD team having some harsh words about hardware from that company.
OpenBSD FAQ 12: Hardware and Platform-Specific Questions provides more specifics about hardware. The web page about OpenBSD Platforms has hyperlinks to pages about each of the various platforms, and these pages often have further details about hardware. (Those details may often be rather platform specific.) Also, in the collection of installation files for a platform, there may be a file named INSTALL.
*(which is partially named after the platform). The content of that file will very likely be quite similar (although perhaps not entirely identical?) to the details on the online web page about the hardware platform.
- Checking intro(4) references
Another option is to check section 4 of the manual, checking it for a manual page called “intro”. By doing so, references can be seen to some other manual pages that describe support for different hardware.
- Finding the right intro page
Know that there are quite a few variations to pages named “intro”, and you may not find much related documentation if you find the wrong one. First of all, they tend to be platform-specific. The desired “intro” manual page is quite platform-dependent: http://www.openbsd.org/cgi-bin/man.cgi?query=intro&apropos=0&sektion=4&manpath=OpenBSD+Current&format=html does not find a file generic for platforms of the operating system. However, OpenBSD/i386 manual page for “intro” from section 4 of the manual exists, and the text of OpenBSD/amd64 manual page for “intro” from section 4 of the manual has only very minor differences from the i386 version.
Both of those are different from, and unrelated to, OpenBSD manual page for “intro” from section 1 of the manual.
The information from the “intro” topic in section 4 of the manual does also reference some other manual pages, such as a manual page called “netintro” for network adapters. However, the “List of Devices” section (OpenBSD/i386 manual page for “intro” from section 4 of the manual: section about a list of devices, OpenBSD/amd64 manual page for “intro” from section 4 of the manual: section about a list of devices) provides hyperlinks to several other manual pages that describe different types of connections for peripheral devices. For example, on the OpenBSD manual page for PCI support, in the “DESCRIPTION” section (underneath the “SYNOPSIS” section which looks more gibberishy), the manual page lists different drivers for “Wired network interfaces” (and other types of devices; that is simply one example). The manual page also provides a quick description of the types of devices meant for use with each driver. That manual page also has provided hyperlinks to the manual pages of each specific driver. (These hyperlinks are easily used with the “web page” version of the manual page, which may be found online.) So, exploring these manual pages can find information about many drivers.
That is mostly a list of information coming from the OpenBSD team. Of course, there are other sources of information about hardware, such as ][CyberPillar]['s section on hardware.
OpenBSD manual page for “autoconf” (in section 4 of the manual) states, “Devices which exist in the machine but are not configured into the kernel are usually not detected.” Even more condemningly, OpenBSD “intro” page from manual section 4 states, “If a device does not respond at autoconfiguration time it is not accessible at any time afterwards. To enable a device which did not autoconfigure, the system will have to be rebooted.”
Some hardware may work better after running “
” using files obtained from Firmware for use with OpenBSD.
Forum post by ocicat discusses a request for details about hardware support, and notes that perhaps the person “will need to spend time spelunking on the Web. Tedious? Perhaps, but with patience you may very well find your answers.” Another Forum post by ocicat indicates that the misc@ mailing list may be a good spot to check for details about hardware compatibility. Actually, in forum post by ocicat, the statement is even stated that “searching archives of the project's mailing lists is most likely your best choice outside of experimenting yourself.” If details about a specific hardware product are not found, also check for details about whether or not a vendor is generally well-supported.
- Similar/related operating systems
OpenBSD was derived from NetBSD. (OpenBSD's founder, Theo, was one of the founders of the earlier NetBSD.) FreeBSD was also derived from NetBSD, and each of these BSD systems (NetBSD, FreeBSD, and OpenBSD) have benefited by including code updates based on code developed on the other BSD systems just mentioned. In addition to being similar to BSD code, it should be noted that BSD is itself designed to use or be similar to Unix code. Therefore, operating systems that are similar to Unix, such as operating system distributions that use the Linux kernel, are likely to be pretty similar.
- Release varieties
OpenBSD calls the various varieties of a release “flavors”. OpenBSD FAQ 5: section (5.1) about “Flavors”.
Note: OpenBSD FAQ 15: section about “Using flavors and subpackages” (FAQ section 15.3.8) notes another usage of term “flavors” as used by the OpenBSD project. A software port (and a resulting package) may contain multiple “flavors” to install from. (For example, GNU Screen may contain a “static” binary version, and Samba may have variations related to support for printers.) Such a “port flavor” is simply a re-use of the term, and not really tied to which flavor of operating system is being used.
- Release schedule
- Every six months, on May 1 and November 1. (Historically OpenBSD CDs have actually tended to get mailed out earlier than those release dates, perhaps by a couple of weeks or so.) These release dates reflect when the official website starts referring to that version as the latest version, and when the operating system is available on the FTP site. Official CDs are mailed to those who pre-ordered the operating system CDs and actually typically ship some time (perhaps weeks) before the OS's release date. (The erratta/bugfix page may, therefore, have information about an issue, and information about a fix, on the first day of the operating system's release). The software packages for a release version are typically not released for some number of days after the official release date of the (which is the first day of either May or November).
- Release History
A page about each release of OpenBSD has a dedicated page, starting with OpenBSD 2.1. A hyperlink on the main web page will direct visitors to the page about the latest version (except, perhaps, for a brief time right as a release is coming out, when a prior version may still be hyperlinked to).
The “OpenBSD -current changes” page at http://openbsd.org/plus.html shows the latest information. Near the top of that page are hyperlinks to show changes from other versions.
OpenBSD Release Errata also has hyperlinks to pages that are specific about individual versions of OpenBSD.
- OpenBSD is famous for an excellent security record, and the OpenBSD team has also been involved with deploying new security-related technologies. The most famous example may be OpenSSH, as the dervied “Portable OpenSSH” has become the most popular SSH server and client bundled in with many operating systems. (This term “Portable OpenSSH” has nothing to do with the concept of OpenSSH on PortableApps.com.)
- OpenBSD features free software, and OpenBSD is famous for a stance on promoting unrestricted use of technology. Specifically, OpenBSD uses licenses that are quite unrestrictive. Additionally, the OpenBSD team has encouraged to use of those sort of licenses as well as information sharing policies that allow the technology to be used by others with little restrictions on how the technology. Their advocacy is often shown by descriptions provided along with the official web page that distributes the OpenBSD Release Songs.
- OpenBSD FAQ 1: section on why OpenBSD may be desired discusses some good things about OpenBSD.
OpenBSD's stance on these two issues (security and licensing) is considered very important. These goals may be given higher priority than others, such as NetBSD's focus on hardware independence (leading to NetBSD having more compatibility with hardware), or performance optimizations and providing support for many third party software packages (which are focuses where FreeBSD may have a lead over OpenBSD and NetBSD).
- Operating System Distribution Media
The operating system is freely available. Installation from official OpenBSD CDs is highly encouraged, largely because the sale of such CDs is something that substantially helps to be supporting OpenBSD. Additional methods of obtaining the operating system files from official distributors include including using one of the free options listed in the list of Official OpenBSD HTTP, FTP, RSYNC, and AFS mirrors, or following the guide at OpenBSD's guide to using Anonymous CVS.
- How to obtain the OS
To get the official CDs, the generally recommended way is to use OpenBSD's order site to have CDs shipped. Otherwise, installation files are located on onsite sources Official OpenBSD HTTP, FTP, RSYNC, and AFS mirrors. The relevant files are sorted by platforms.
There may also be additional sources from which to purcase the CDs. For example, Softpro Books (section on OpenBSD Distributions).
The most compatible platform may be i386, although 64-bit machines will benefit by using the amd64 platform (even if the processor is made by the AMD's chief rival of many years, Intel). Machines with over 4GB of RAM are likely to be 64-bit machines.
A boot image needs to be used. (Traditionally this involved booting off of some sort of a floppy image, most commonly built into a CD ISO image. However, this sort of floppy emulation was dropped by the time that the OpenBSD 3.6 release notes were published.) An overview of available boot images is provided by OpenBSD FAQ 4: section called “Creating bootable OpenBSD install media”. (This is about creating media from images, not about creating images, and is (or has been) OpenBSD FAQ section “4.3”.) As an overview for i386 (which also works for amd64), one option is a small CD to be able to boot into the operating system quickly, obtain a cd
??.iso file. If that doesn't work, try using a cdemu
??.iso image. For a CD with operating system installation files as part of the image, there is an install
??.iso file available. There may also be one or more floppy
*.fs images. Of these, OpenBSD FAQ 4: section called “Creating bootable OpenBSD install media” states “Most users will use” the floppy
??.fs image file. The floppyB
??.fs file may support some other equipment, particularly server-grade hardware. The floppyC
??.fs image may support more devices on portable systems.
Once such a file is obtained, the goal will be to run the OpenBSD boot loader. Using PXE with OpenBSD to boot by using a network server (and by using a system startup sequence, such as BIOS code, that supports such a boot method) may be another method of using the boot loader.
Once the operating system is booted, the core operating system files are included in the
*gz files which might be on the CD that was used to boot the system. Otherwise, these files can be downloaded by the installation program. Having the files stored on a local disk is also an option.
- Typical/Standard Interfaces
- e.g. in OpenBSD: Text mode. X may be installed, and comes with the following window manager(s): OpenBSD FAQ 11.5.1 notes, “The default window manager in OpenBSD is fvwm”. “Fvwm is a good, general purpose window manager, but it is hardly your only choice; it isn't even the only window manager included with OpenBSD” which also comes with twm and cwm. (There are also other window managers available through packages.) Note that although OpenBSD is largely Posix compatible, and graphics support in such Posix operating systems are often provided by X or by framebuffer, OpenBSD FAQ 11.1.2 shows there is no framebuffer console driver. “Some operating systems provide this, but there is not currently one for OpenBSD, nor is there much interest among developers for one.” (Similar situation for svgalib, or is that considered framebuffer?)
- Software package management
- OpenBSD uses pkg_tools. (The pkg_tools used by OpenBSD may differ from other versions of pkg_tools used by various other BSD operating systems). For details, see software installation: pkg_tools.
- System startup process
- [#obtldloc]: Location of OpenBSD's first stage boot loader
This information has been moved to: Location of OpenBSD's first stage boot loader.
- [#obscbtld]: Location of OpenBSD's first stage boot loader
This information has been moved to: Second stage boot loader.
- [#obsdinit]: Process control initialization: the “init” code
This information has been moved to: Process control initialization: the “init” code.
- Installation guide(s)
- Upgrading/Updating OpenBSD
See: Updating OpenBSD for details about how to perform an upgrade, or apply updates.
- Software packages
OpenBSD uses pkg* (pkgtools). For more details, see: software installation page: pkg_* (pkgtools).
The end of OpenBSD FAQ 5: section on OpenBSD Flavors states, “It is important to understand that OpenBSD is an Operating System, intended to be taken as a whole, not a kernel with a bunch of utilities stuck on.” The kernel and other software is meant to match.
Even while recognizing that, it is interesting that Debian has branched out from originally using Linux only, to now supporting the FreeBSD kernel. Who knows how things might evolve in the future? There is a project (which is most certainly third party, unrelated to the official OpenBSD development) which is obase, a port of the OpenBSD userland to Linux.
- Other websites
OpenBSD FAQ 2:
section about other websites may mention multiple sites. Of particular
worthy mention is
The OpenBSD Journal @
Undeadly.org. That document often describes some of the more noteworthy efforts or events related to the development of OpenBSD.
- OpenBSD web page about Mailing Lists: section about Mailing List Archives describes some archives. The content of those archives come from the mailing lists which are described earlier on the referenced web page.
Calomel.org:: Open Source Research and Reference shows how to set up some services in OpenBSD.
Nomoa.com's section about BSD is basically about OpenBSD
- OpenPorts.se which provides information about software for OpenBSD
- DistroWatch page about OpenBSD has a “Related Web Sites” section which lists more.
- OpenBSD FAQ 2: section about other websites may mention multiple sites. Of particular worthy mention is The OpenBSD Journal @
- Live Media
Here are some unofficial projects. Wikipedia's list of live CDs: section on “OpenBSD based” may mention some of these:
This original release was based on OpenBSD 4.6. It appears there may not have been any subsequent releases. DistroWatch Weekly Issue 339's Feature Story: “GNOBSD - killed by GUI-is-for-wimps hacker culture” describes the first reply to the announcement: “there will be blood”.
M:tier news article states that the company “released its new GNOME3-based Desktop for its customers.” No download is apparent; it appears this release may be intended just for this company's customers. Some details have been made public: “The main modification against the stock GNOME 3.4.2 Desktop is the use of the axemenu extension as a replacement to gnome-shell; this was based on customers feedback reporting that gnome-shell was not a fit for corporate non-IT users. The whole Desktop is bootstrapped using a ramdisk kernel” with customizations for easy management and “some utilities to ease some tasks like setting up a WiFi connection, changing a local, LDAP and/or Kerberos password, auto-mounting USB drives, encrypting a folder...”
- [#mtiernam]: m:tier's name
The organization does not seem to have a single name that is consistently used by the organization, which refers to itself as “m:tier” and “M:tier”. This organization does give some to OpenSource, such as the “BinpatchNG” software. (See: m:tier products which lists some products, and also some provided (presumably paid-for) services.) Graphics on the site seem to suggest it may be spelled as “m:tier” or even “MTier”.
- Commercial offshoot(s)
Another offshoot is MirOS BSD. (See: Wikipedia's article on MirOS BSD.) To possibly see others, see Wikipedia's page comparing BSD operating systems: “General Information” section” and look for “OpenBSD” in the column called “Based on”.
Virtualization may primarily be implemented using Qemu.
Some people think that the OpenBSD team is anti-virtualization. Some of this arose from the following incident:
A few of us just spent some time again debugging an application level problem ... and once again realized that the application was running on OpenBSD inside the Innobox's VirtualBox VM.
Theo's commentary about using VirtualBox goes on to state:
When that VM is running, we end up with bugs that make it quite clear that cpu registers are being corrupted in some instances.
We don't know how other operating system products continue running when the userland ecx register gets clobbered on a return from a page fault, but at least people should be aware that there is likely some security risk from running that product.
Ouch! Checking the CPU registers is a relatively complex debugging step, and it seems experts spent time on an issue only to eventually figure out that the problems originated from improper actions by virtual machine software.
(Some further discussion is quoted by VirtualBox commentary thread. The post also references VirtualBox ticket #639 where a user discusses stability issues. VirtualBox ticket # 639: comment # 17 states that a user has “been running steadily for over 15 minutes without crashing.” Woot!)The comment on security risk is amplified by another bit of commentary by Theo about virtualization:
You've been smoking something really mind altering, and I think you should share it.
x86 virtualization is about basically placing another nearly full kernel, full of new bugs, on top of a nasty x86 architecture which barely has correct page protection. Then running your operating system on the other side of this brand new pile of [problems].
You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can't write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.
You've seen something on the shelf, and it has all sorts of pretty colours, and you've bought it.
That's all x86 virtualization is.
(No, “colours” is not a misspelling. Theo de Raadt is currently Canadian. The thread may also be read by KernelTrap's mirror of de Raadt virtualization security post. This article did generate some buzz, largely just meaning that it was quoted fairly widely. See: Slashdot commentary on Theo's comments on using VM for security benefits.)
However, really Theo's comments are meant to be applied to specific implementations of virtualization. Some of the unquoted material from the first reference shows that the commentary was certainly meant to refer to the software named VirtualBox. (VirtualBox and FreeBSD indicates that OpenBSD was not the only platform to find issues with VirtualBox.) The latter commentary is meant to address specific topics: security, and emulation of the x86 platform (which was still quite widely used at the time). Even Theo de Raadt's commentary about virtual machine usage increasing, which may seem like another anti-virtualization article, notes concerns from a security perspective.
BSD Now (The Place To Be... Es Dee) Episode 006: Doing it de Raadt Way seems to have an episode title that is meant to be similar to the phrase, “do it the right way”. About 16 minutes into this video, Theo discusses how Qemu was helpful in development, and he has been appreciating the resulting code. That, by itself, is enough to show that Theo is not entirely anti-virtualization. He simply doesn't like what he has identified to be poor implementations and/or wrong approaches.