OpenBSD Journal

Evolution of the OpenBSD Installer

Contributed by jason on from the evolution-not-revolution dept.

OpenBSD has built a reputation for simplicity and security. A masterpiece of honest design, users have always been able to depend on a clean and straightforward approach to building (and upgrading) their OpenBSD systems. So I was utterly dumbfounded when the install script underwent massive changes during the c2k9 hackathon event.

Editor's Note: User sepp0 has pointed us to a similar review of the new installer written in Spanish.

The overall installation process hasn't changed substantially in years. The keystrokes were so ingrained in my muscle memory that I could build a new system in less than three minutes. But knowing these changes weren't going anywhere (and I had new servers to build), I dove in headfirst. I was pleasantly surprised at the results.

erase ^?, werase ^W, kill ^U, intr ^C, status ^T

Welcome to the OpenBSD/i386 4.6 installation program.
(I)nstall, (U)pgrade or (S)hell? i

Cool! Let's get to it.

At any prompt except password prompts you can escape to a shell by
typing '!'. Default answers are shown in []'s and are selected by
pressing RETURN.  You can exit this program at any time by pressing
Control-C, but this can leave your system in an inconsistent state.

Terminal type? [vt220] 
System hostname? (short form, e.g. 'foo') foo

We already notice some of the changes. The hostname question appears right near the start, and there is no longer a fear-inducing message asking IS YOUR DATA BACKED UP. These are tiny changes but they are reassuring nonetheless.

Available network interfaces are: vic0 vlan0.
Which one do you wish to configure? (or 'done') [vic0] 
IPv4 address for vic0? (or 'dhcp' or 'none') [dhcp] 
Issuing hostname-associated DHCP request for vic0.
DHCPDISCOVER on vic0 to 255.255.255.255 port 67 interval 2
DHCPOFFER from 192.168.161.254 (00:50:56:f7:f9:ea)
DHCPREQUEST on vic0 to 255.255.255.255 port 67
DHCPACK from 192.168.161.254 (00:50:56:f7:f9:ea)
bound to 192.168.161.146 -- renewal in 900 seconds.
IPv6 address for vic0? (or 'rtsol' or 'none') [none] 
Available network interfaces are: vic0 vlan0.
Which one do you wish to configure? (or 'done') [done] 
Using DNS domainname localdomain
Using DNS nameservers at 192.168.161.2
Do you want to do any manual network configuration? [no] 

Wow, that was cool. All of the networking questions are grouped together nicely and offer sane defaults like we'd expect. There's a vlan0 choice listed, presumably to remind the user that VLAN is now a supported network interface for installations.

Password for root account? (will not echo) 
Password for root account? (again) 
Start sshd(8) by default? [yes] 
Start ntpd(8) by default? [no] yes
NTP server? (hostname or 'default') [default] 
Do you expect to run the X Window System? [yes] no
Change the default console to com0? [no] 
Setup a user? (enter a lower-case loginname, or 'no') [no] 
What timezone are you in? ('?' for list) [Canada/Mountain] 

More sanity here. The developers have smartly pushed all of the questions that might require more interaction up here near the top. As usual, the defaults are wisely selected and considered for the widest audience. A very nice addition is the ability to add a normal user. I get the feeling that we're almost on cruise control from here on out.

Available disks are: wd0.
Which one is the root disk? (or 'done') [wd0] 
Disk: wd0       geometry: 1040/128/63 [8388608 Sectors]
Offset: 0       Signature: 0xAA55
            Starting         Ending         LBA Info:
 #: id      C   H   S -      C   H   S [       start:        size ]
-------------------------------------------------------------------------------
 0: 00      0   0   0 -      0   0   0 [           0:           0 ] unused      
 1: 00      0   0   0 -      0   0   0 [           0:           0 ] unused      
 2: 00      0   0   0 -      0   0   0 [           0:           0 ] unused      
*3: A6      0   1   1 -   1039 127  63 [          63:     8386497 ] OpenBSD     
Use (W)hole disk, use the (O)penBSD area, or (E)dit the MBR? [OpenBSD] 
The auto-allocated layout for wd0 is:
#                size           offset  fstype [fsize bsize  cpg]
  a:           902.9M               63  4.2BSD   2048 16384    1 # /
  b:           256.0M          1849298    swap                   
  c:          4096.0M                0  unused                   
  d:          2506.0M          2373586  4.2BSD   2048 16384    1 # /usr
  e:           430.1M          7505812  4.2BSD   2048 16384    1 # /home
Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? [a] 
/dev/rwd0a: 902.9MB in 1849232 sectors of 512 bytes
5 cylinder groups of 202.47MB, 12958 blocks, 25984 inodes each
newfs: reduced number of fragments per cylinder group from 55040 to 54824 to enlarge last cylinder group
/dev/rwd0e: 430.1MB in 880748 sectors of 512 bytes
5 cylinder groups of 107.08MB, 6853 blocks, 13824 inodes each
/dev/rwd0d: 2506.0MB in 5132224 sectors of 512 bytes
13 cylinder groups of 202.47MB, 12958 blocks, 25984 inodes each
/dev/wd0a on /mnt type ffs (rw, asynchronous, local)
/dev/wd0e on /mnt/home type ffs (rw, asynchronous, local, nodev, nosuid)
/dev/wd0d on /mnt/usr type ffs (rw, asynchronous, local, nodev)

If you blinked you might have just missed the automatic partitioning and formatting of my new system in just three keystrokes. You read that right. Scroll up again if you missed the new auto-allocating disklabel feature. Based on the size of your disk it will create a suggested layout for your installation. Of course, you're free to edit it to suit your requirements.

Let's install the sets!
Location of sets? (cd disk ftp http or 'done') [cd] 
Available CD-ROMs are: cd0.
Which one contains the install media? (or 'done') [cd0] 
Pathname to the sets? (or 'done') [4.6/i386] 

There is one exciting new feature that this example doesn't illustrate. The installer will use geolocation data to suggest the closest mirror to your system (see startftplist() in install.sub). This information is used solely for the purpose of providing a convenient mirror, but it's expected that some users will ask What else are they using my information for?

I suggest that if you're concerned about your IP address and architecture information getting into unscrupulous hands that you'd be better off compiling your own release or buying a CD set (at which point they have your information anyways).

Select sets by entering a set name, a file name pattern or 'all'. De-select
sets by prepending a '-' to the set name, file name pattern or 'all'. Selected
sets are labelled '[X]'.
    [X] bsd           [X] etc46.tgz     [X] game46.tgz    [X] xfont46.tgz
    [X] bsd.rd        [X] misc46.tgz    [X] xbase46.tgz   [X] xserv46.tgz
    [ ] bsd.mp        [X] comp46.tgz    [X] xetc46.tgz
    [X] base46.tgz    [X] man46.tgz     [X] xshare46.tgz
Set name(s)? (or 'abort' or 'done') [done] 
bsd          100% |*************************************|  7068 KB    00:01    
bsd.rd       100% |*************************************|  5917 KB    00:01    
base46.tgz   100% |*************************************| 47315 KB    00:30    
etc46.tgz    100% |*************************************|   503 KB    00:00    
misc46.tgz   100% |*************************************|  2867 KB    00:01    
comp46.tgz   100% |*************************************| 88555 KB    00:55    
man46.tgz    100% |*************************************|  8047 KB    00:08    
game46.tgz   100% |*************************************|  2558 KB    00:02    
xbase46.tgz  100% |*************************************| 10160 KB    00:10    
xetc46.tgz   100% |*************************************| 69166       00:00    
xshare46.tgz 100% |*************************************|  2861 KB    00:07    
xfont46.tgz  100% |*************************************| 34745 KB    00:15    
xserv46.tgz  100% |*************************************| 19789 KB    00:05    
Location of sets? (cd disk ftp http or 'done') [done] 

A lot of work and attention to detail went into revising the set layout and progress views. Set selections are now ordered horizontally to save on vertical screen space. We see a similar change for the download/extract step, where progress feedback is available on a single line for each set. This is a very welcome change for serial console installations.

At this point we're effectively done. The only thing left to do is issue a quick reboot.

Saving configuration files...done.
Generating initial host.random file...done.
Making all device nodes...done.

CONGRATULATIONS! Your OpenBSD install has been successfully completed!
To boot the new system, enter 'reboot' at the command prompt.
When you login to your new system the first time, please read your mail
using the 'mail' command.

# 

The developers have put an enormous amount of effort into something that until recently, seemed good enough. They have an uncanny ability to recognize the potential in something commonplace and refactor it in such a way that it seems obvious in hindsight. Kudos to all of the developers that worked so hard on the "new installer".

(Comments are closed)


  1. By Markus Peloquin (incripshin) markpeloquin@gmail.com on http://cs.wisc.edu/~markus

    Awesome! The partitioning step has always been the most dreadful part of every Linux and BSD installation I've done.

  2. By Bram (marB) bramspam@pandora.be on

    Why was the keyboard layout option removed? I really hate having to come up with a new root password on an unfamiliar keyboard layout. Any speed I gain by not having to enter 'be' will be lost by having to boot into single user mode and resetting the password.

    1. By Jordi Beltran Creix (jbcreix) on

      > Why was the keyboard layout option removed? I really hate having to come up with a new root password on an unfamiliar keyboard layout. Any speed I gain by not having to enter 'be' will be lost by having to boot into single user mode and resetting the password.

      I don't know which revision went into the beta, but current does ask for the keyboard layout, the code is there. Apparently some arches do not have keyboard layout alternatives, though.

      http://www.openbsd.org/cgi-bin/cvsweb/src/distrib/miniroot/install.sub?annotate=1.593

    2. By Miod Vallat (miod) on

      > Why was the keyboard layout option removed? I really hate having to come up with a new root password on an unfamiliar keyboard layout. Any speed I gain by not having to enter 'be' will be lost by having to boot into single user mode and resetting the password.

      Jason's installation was made using a serial console. The keyboard layout question is skipped if you are installing with a serial console.

      1. By jason (jason) on http://www.dixongroup.net/

        > > Why was the keyboard layout option removed? I really hate having to come up with a new root password on an unfamiliar keyboard layout. Any speed I gain by not having to enter 'be' will be lost by having to boot into single user mode and resetting the password.
        >
        > Jason's installation was made using a serial console. The keyboard layout question is skipped if you are installing with a serial console.
        >

        Ah, stupid me. I'll correct the story. Thanks.

        1. By Bram (Marb) on

          > Ah, stupid me. I'll correct the story. Thanks.

          Aha, thanks for the clarification and the fix, the change now makes me a happy camper instead of a grumpy one, huzzahè

  3. By Gabriel Guzman (gabe) gabe@guzman-nunez.com on http://guzman-nunez.com/

    I've always thought OpenBSD had the best installer of any *nix out there, and now it's even better than it was before. I think it took all of 2 minutes to get through it on a fresh install last night. Awesome.

    1. By Greg H (GregH) on

      I agree! I took the new installer for a spin a week ago and I really appreciated the changes (not that the old installer was bad). The only thing that should be looked at is the default partition sizes. They seem to be based on the size of the physical disk, which is fine, but on a netbook with limited flash space, the numbers didn't seem suitable to me.

  4. By jirib (jirib) jirib@mailinator.com on

    Nice, OpenBSD has the best installer.

    What do you think about recent Linux distros which don't setup password for root user and ask during installation for creation of a normal user with privileges in /etc/sudoers to obtain root?

    1. By Chris Bennett (chrisbennett) on www.bennettconstruction.us

      > Nice, OpenBSD has the best installer.
      >
      > What do you think about recent Linux distros which don't setup password for root user and ask during installation for creation of a normal user with privileges in /etc/sudoers to obtain root?

      I recently had to do a small page on how to do an application installation on Ubuntu. Boy was I shocked at this new "Feature"!

      This is an excellent feature for crackers, should allow much easier break-ins, which should reduce bandwidth use in attacks, help train new users in using fdisk and they should quickly become pros at re-installation.

      Perhaps OpenBSD could have a similar installation option?
      root password? [no]
      new user password? [password]
      repeat password [password]
      encrypt password file? [no]

  5. By Mikolaj Kucharski (mkucharski) mikolaj@kucharski.name on

    I can see that during installation you answered that you don't want to run X, but sets for X Window System are selected.

    Is that intentional?

    1. By Clever Monkey (clvrmnky) on http://clevermonkey.org

      > I can see that during installation you answered that you don't want to run X, but sets for X Window System are selected.
      >
      > Is that intentional?
      >

      Probably. It is recommended to install all of the X libs and stuff even if you intend not to run X. There is a FAQ item, I think, that explains this.

    2. By jason (jason) on http://www.dixongroup.net/

      > I can see that during installation you answered that you don't want to 
      > run X, but sets for X Window System are selected.
      > 
      > Is that intentional?
      

      I will not actually run X, so answering "no" to the first question means that machdep.allowaperture is disabled. I allowed the X sets to be installed in case I need them as build dependencies for ports. There is no harm in having the extra sets installed.

      1. By Mikolaj Kucharski (mkucharski) on

        >
        > I can see that during installation you answered that you don't want to
        > run X, but sets for X Window System are selected.
        >
        > Is that intentional?
        >
        >
        > I will not actually run X, so answering "no" to the first question means that machdep.allowaperture is disabled. I allowed the X sets to be installed in case I need them as build dependencies for ports. There is no harm in having the extra sets installed.

        I'm asking about installer defaults, not user intentions. In above text screen shots I cannot see that you asked for X sets. I see that you stick with defaults by pressing RETURN for sets.

        Are those screen shots from different install sessions or this is default behavior of installer -- that when you answer `no' for running X, you will have X sets selected?

        1. By tedu (udet) on


          > Are those screen shots from different install sessions or this is default behavior of installer -- that when you answer `no' for running X, you will have X sets selected?

          all sets are selected by default now.

    3. By Richard Johnson (rdump) on

      > I can see that during installation you answered that you don't want to run X, but sets for X Window System are selected.
      >
      > Is that intentional?

      It's necessary to allow X sets installed even if an X server is not going to be used on the system. X clients, for example, need libs and the like.

  6. By Earin (theearin) on

    Something that could imho be improved is in the area of the location for the installation sets:


    Let's install the sets!
    Location of sets? (cd disk ftp http or 'done') [cd]
    Available CD-ROMs are: cd0.
    Which one contains the install media? (or 'done') [cd0]
    Pathname to the sets? (or 'done') [4.6/i386]



    The installer does show the available cdrom drives. In this example cd0.
    Wouldn't it be nice that if only one drive is found, the question "Which one contains the install media? (or 'done') [cd0]" does not get asked?
    I mean with only one drive installed in the system there remains only one valid answer to that question.


    But still very good work from the OpenBSD team! Thank you

  7. By Alexandre Ratchov (ratchov) alex@caoua.org on

    and yet another surprising feature:

    i was supposed to install openbsd by network using a
    usb ethernet adapter... but when the intaller asked me
    to configure network interfaces, my usb nic was missing
    from the list simply because i've forgotten to plug it.

    so i plugged the usb nic, and prepared myself to possibly
    restart the installation. But surprise, at the moment i
    plugged the nic, before i've got any chance to touch the
    keyboard, the installer automagically updated its list of
    interfaces and reasked me the same question with the
    new list.

    1. By Ed Ahlsen-Girard (eagirard) on

      > and yet another surprising feature:
      >
      > i was supposed to install openbsd by network using a
      > usb ethernet adapter... but when the intaller asked me
      > to configure network interfaces, my usb nic was missing
      > from the list simply because i've forgotten to plug it.
      >
      > so i plugged the usb nic, and prepared myself to possibly
      > restart the installation. But surprise, at the moment i
      > plugged the nic, before i've got any chance to touch the
      > keyboard, the installer automagically updated its list of
      > interfaces and reasked me the same question with the
      > new list.
      >

      The new installer is a thing of beauty.

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]