Contributed by jose on from the publish-or-perish dept.
"If you walked into a bookstore and saw a book with OpenBSD in its title, what would you expect to see in it? This is a serious question, as I have been asked to write a proposal for such a book, and if it is accepted by the editors, it should see the light of day in a few months. Now is your time to speak up and make it your book."I know of at least two books being written on OpenBSD, and when the time comes the announcement for the second will be posted. However, whenever I talk about books with people some really good ideas come out of the woodwork. Anyone care to suggest a few topics?
Update An anonymous reader has pointed us to this Slashdot story which mirrors this one. More ideas listed there.
(Comments are closed)
By Peter Hessler () spambox@theapt.org on http://phessler.sfobug.org
Comments
By Anonymous Cowherd () on
Topics I'd like to see covered in a "smart newbie's guide" include-
*Logging - Proper/sane configuration.
*Standard cron jobs/security checks - How to use them to your advantage (and avoid freakouts of the change-detection system on upgrade ;))
*Basic mail and appropriate policies - How to put the local mail services to use, and ensure send-pr produces a sane origin, etc.
*Cutting down the system - people often say, "Why would you keep a compiler on your webserver?," but knowing how to strip down an installation - while still keeping it manageable and patchable - is an art that takes a while to learn, and even worse are the tutorials that get it wrong...
*SSH key management/alternative authentication techniques, with "real world" examples. (Demonstrate authentication techniques for an internal LAN - Kerberos?, external users - SSH, web authentication, etc, and VPN clients?)
A lot of the networking stuff has been well-covered, kernel-hacking is another bag of worms... but the middle ground to get one making intelligent administration decisions is a bit lacking.
By Hugo () hugo_lev@hotmail.com on mailto:hugo_lev@hotmail.com
0.5 History...
1. Something about the "architectural" philosophy... the deisgn choices and headings.
on the pratical side:
2. Security practices.
3. Install options (network installs/"cloning"... and other interesting intall issues and methods)
4. Good Obsd Admin practices (use of basic system services)
and this is is the thing I would like to see in an openbsd book:
5.Ports and packages... insights on porting applications maintaning ports and using them... Atleast a quick look at how to "custimize" a port build... Another at the basics of planning a port/package...
Good luck with the book... You can be sure I ll have one sitting beside my server-racks when it comes out!
By Jim () on
By submicron () dsmcr@inherently-evil.net on mailto:dsmcr@inherently-evil.net
1 - The best methodology for setting up a firewall/NAT gateway using OpenBSD. This would cover the installation of OpenBSD, which packages are necessary, which aren't. System hardening specifically for use as a firewall. Pf overview, including intelligent rule-set creation.
2 - The best methodology for setting up a general purpose network server using OpenBSD. Since many people are looking for alternatives to Microsoft, this is a chance to put OpenBSD on the map. Again, installation procedures and intelligent system hardening techniques and configuration should be discussed. Then the installation and maintenance of network servers and services. These should include: DHCP, Apache (covering the fact that Apache is now chrooted and how to deal with this fact), Postfix/Sendmail, Samba (even if you hate it, its still widely used), NFS, NIS, NTP etc.
3 - Setting up a NIDS using OpenBSD. Since security is the big selling point here, why not go into detail about how to intelligently set up security infrastructure using OpenBSD. How to configure systems to serve as NIDS monitors or central log hosts. Tools like Snort, Samhain, Tripwire or Shadow could be discussed even sample configurations could be used as examples.
4 - Setting up VPN Gateways using OpenBSD. This probably ties in with the firewall/NAT gateway section, but doesn't necessarily have to. There are lots of questions on the mailing lists revolving around the best way to set up a VPN using OpenBSD. The process isn't difficult, but it would be helpful, especially for newbies to have a detailed discussion of how to set up a VPN Gateway under OpenBSD.
5 - Intelligent maintenance of OpenBSD machines. Installation of patches (believe me, this can be very daunting for a newbie the first couple of times), log file review, and resources for learning more about OpenBSD should be covered here.
I'm sure there are other sections that could fit in here, but these are all the ones that immediately come to mind. The goal here would be twofold - to lighten the load of questions to the mail lists and to ease the path of OpenBSD adoption by Windows and Linux users. A book containing this information would be extremely valuable to anyone running OpenBSD.
Comments
By consultant () on www.nedyah.org
VPN would be on top of the list. Lots of people want to know how to do this right (at the gateway, preferrably).
Samba is next, as it relates to OpenBSD (ie, security). These are things that are explained elsewhere, but not necessarilly with the semi-paranoid bent that makes OpenBSD so valuable.
By consultant () on www.nedyah.org
What are best practices for the day to day operation (in a perfect world, this is short, but in this world its not).
How do you make sure your system stays up-to-date without being in a situation while you are always trying to fix problems caused by your last problems. eg, I set up a firewall gateway with Open, no problem. I set up a FreeBSD gateway to try something new, and it worked. Then I did a make buildworld, and ipfw no longer worked. At that point, I did some extensive googling, couldn't find the solution, so I wiped it and went with Open again. Only took an hour, which is significantly less than the time I would have spent fixing my FreeBSD.
So I want to keep on top of things, be proactive and follow best practices, but its not worth it if that causes the system not to function correctly.
By Anonymous Coward () on
By Yves () on
Comments
By Tommy () piebald@voicenet.com on http://users.voicenet.com/~piebald/
By joema () jmaja@ieee.org on mailto:jmaja@ieee.org
Installing OpenBSD needs a little patience, can you give me on what step did you have any problem. Also note that it is very important that you have to configure your mouse driver before you can start configuring the KDE in OpenBSD.
joema
By I'll buy one () on
On the other hand, Administering OpenBSD systems would be a worthwhile title as well. Talk about why telenet is insecure, show how ssh steps in and give examples of how to set up a sftp server in place of an anon ftp server. Make sense out of the VPN documentation, give examples of how to use pf in various situations. How to use apache in the chroot jail.
I have all three editions of Nemeths Unix Administration books, what I would like is a version for the Unix I use, OpneBSD.
Comments
By zil0g () on
to get rid of ftp(d) - and all the crazy firewalling that goes with it - I use a cgi program to upload files, works over plain http for anon uploads too
By Anonymous Coward () on
An official handbook (covering installation and configuration) would be very useful to newbies.
By Dan () on
I was able to pry my way into OpenBSD from an unlikely place: the Complete FreeBSD.
Yes, the Complete FreeBSD may not map closely to OpenBSD, and (at least in my edition) some of the tools are out-of-date, but it was a good place to start, mostly because it gave me enough history so that I could put the entire system in context.
So mostly, I would like to see a book that gave the reader some insight into the OpenBSD philosophy (beyond "Theo had a fight. Hence OpenBSD."), and explained the system architecture. Also, a bit about OpenBSD best practices might be good, because from what I can tell, the OpenBSD community tends to regard what other communities consider "best practices" not to be just bad, but plain idiotic.
Oh, yes, and maybe a preface that says something to the effect of "think about your questions before you ask them. Like any system, OpenBSD can't compensate for a bad sysadmin. If you ask a stupid question, be prepared to be reminded of this fact. This can be hard for newbies, so sometimes you just need a thick skin."
Comments
By Anonymous Coward () on
To save the irritation of experts and roasting of newbies who don't read, I'd like to see a chapter on common blunders and gotchas (I mean subtleties, quirks and pitfalls ;) that people learn after long enough but really aren't that obvious the first few times. Accidentally putting a hole in your firewall rules comes to mind (not that I did that the first time or anything....)
Comments
By Alison () on
I think the book would need two main sections - one for the home user who's using it in a network of five or less machines as a gateway/firewall or a desktop; and one for the business user who's using it as a firewall in a much larger network, someone who needs load balancing and is dealing with different subnets and so on. There is a very, very different approach, and a very different set of apps needed for each use.
By Anonymous Coward () on
Comments
By DC () on
Comments
By Shane J Pearson () on
I have some books that are over 1000 pages. Mac OS X Unleashed is almost 1500.
By Anonymous Coward () on
Fight Club: A day in the life of misc@openbsd.org
By CR () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Kernel definition, I have not been able to find too much information on the kernel internals and architecture. I would pay $100 today for such a book.
Comments
By zil0g () on
By Anonymous Coward () on
this book is not 100% relevant anymore. some of it is still very relevant. the vm subsection is out of date cause we use uvm now, its still a pretty good description of how a vm works, so has value nonetheless. the stuff on filesystems is still very relevant. the only major difference is ffs softupdates (and maybe dirpref) but its easy enough to see where that has changed. im not too sure how relevant the networking stuff is but i dont think any major/fundamental changes have taken place (tcp/ip illustrated vol2 is good for network stack info too). for berevity the book largely does not document design decisions, it describes the implementation. if you're interested in the theory behind various choices made, each chapter has a copius reference list, which you can use with citeseer (http://citeseer.nj.nec.com/cs) to get more info.
dont forget http://www.openbsd.org/books.html too :)
By Steve James () on
2. building custom kernels
i've read the faqs on nearly everything and these two always give me trouble for some reason, esp. vpn's. all in all though, the main FAQ and man pages are awesome, anything else I have questions on, i can usually find on some generic *bsd site/faq.
By Anonymous Coward () on
By Anonymous Coward () on
I'd like to see more on VPN, upgrading to -stable, IDS/NIDS, Monitoring, etc...
Comments
By zil0g () on
lots of comments about upgrading to stable an building custom kernels here, I think that should definately be in the book, and lots of it (it _really_ isn't difficult using 'cvs up' and manually diff out your dmesg from GENERIC).
but I want to know more about tuning, how those (you know, *those*) values relate to eachother, what they actually ARE etc.
And what to do when things go wrong, more info about the 'compiler toolchains' the Makefile structure, how to enterpret certain error messages... that is stuff that you simply don't know about the first few times you 'cvs up -d src && cd src/sys/arch/${ARCH}/config && config GENERIC && cd ../compile/GENERIC && make depend && make && cp /bsd /bsd.old && cp bsd /bsd && reboot && cd /usr/src && rm -r /usr/obj/* && make obj && make build && relax'
Thank you for reading, I will by any book with 'OpenBSD' in the title.
Comments
By Anonymous Coward () on
I've bought the 'Building Linux and OpenBSD Firewalls' book just because of the OpenBSD name in there.
Hope to see more OpenBSD books!
By Anonymous Coward () on
I'd like to see a "OpenBSD as your DeskTop" section in the book.
Comments
By Yves () on
How to set up OpenBSD as a desktop including configuring X Server, installing KDE, Qt, etc. Once installed, how to add other programs. I can easily install Red Hat 8.0 on my laptop but I'm getting nowhere with OpenBSD/KDE.
Also setting up an OpenBSD firewall/router using the Alcatel USB ADSL modem.
By kremlyn () on
- Installation (network, cd.. doing "clone" installs to multiple boxes..
- Kernel Configuration (Including ukc)
- Firewall/ALTQ (ALTQ and PF is the *MOST* important, IMO)
- Routing
- ADSL/PPP
- Ports/Packages (using/maintaining/creating)
- NIDS
- Apache
- ftpd
- Mail (sendmail AND postfix)
- DNS (BIND AND djbdns - people *do* use and like djbdns)
- VPN's
- NTP
- General adminsitration (rc init, rc.conf, rc.local, netstart)
- CVS to stable
- Upgrading
Also, best practices..
I don't know about anyone else, but, I want a BIBLE.
Comments
By paulybumps () on
By Anonymous Coward () on
Comments
By kremlyn () on
However, a book that discusses these functions (in much more detail) would be an excellent idea. Sometimes it's handy to have something in print. Also, a consistant, running example, for a complete network design/implementation for a corporate situation would be nice.
I agree, the above things *are* trivial to achieve, I've been using them for a long time now. However, triviality is relative wouldn't you agree? More experienced people know how to use available resources.. maybe the audience to which this book is to be targeted need something to "set them on their way.. and teach them to research and think for themseves".
Cheers
//kremlyn
By striderfive () striderfive@mordor.org on mailto:striderfive@mordor.org
there are already comprehensive books on apache, sendmail, and bind. running them on OpenBSD isnt different enough to warrant much mention.
now, comprehensive sections on PF, routing with OpenBSD, network config, building OpenBSD kernels and software from CVS tree, upgrading/patching. install, and general administration all warrant comprehensive coverage in my mind (among other things)
if you show people how OpenBSD is different from any other *nix, then all those other comprehensive texts will now be useable to them under OpenBSD
By wsb () io@spunge.org on http://www.spunge.org/~io
By Anonymous Coward () on
0. From OpenBSD's perspective many things throughout the system have been changed with correctness and security in mind. But why? What makes it "correct" or "more secure"? There are some situations where it's obvious, but in others it's not (at least ot me). A book of specific things such as detailed explanations of actual diff's between an "audited" OpenBSD functions/calls and the originals would be great. Maybe it all goes without saying once you dig deep enough, but a collection some key examples from someone has has already done the digging could be quite interesting.
1. Philipp Buhler and Henning Brauer's recent paper on performance monitoring and tuning was a great start, but I'd like to see something with greater depth and weight toward the tuning side.
Comments
By Anonymous () on
0. From OpenBSD's perspective many things throughout the system have been changed with correctness and security in mind. But why? What makes it "correct" or "more secure"?
One of (many) short answers to this question is better integration and configuration of security components with the rest of the system. Things that are simpler to manage, are also more secure. All things being equal, of course.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By kremlyn () on
- Installation (network, cd.. doing "clone" installs to multiple boxes..
- Kernel Configuration (Including ukc)
- Firewall/ALTQ (ALTQ and PF is the *MOST* important, IMO)
- Routing
- ADSL/PPP
- Ports/Packages (using/maintaining/creating)
- NIDS
- Apache
- ftpd
- Mail (sendmail AND postfix)
- DNS (BIND AND djbdns - people *do* use and like djbdns)
- VPN's
- NTP
- General adminsitration (rc init, rc.conf, rc.local, netstart)
- CVS to stable
- Upgrading
Also, best practices..
I don't know about anyone else, but, I want a BIBLE.
Comments
By Anonymous Coward () on
Examples along with it too.
I hope it won't be a book like the ORA BIN 4 book where it's just a copy/paste of man pages.
By Anonymous () on
If my proposal is accepted, and I start writing this book, I will be asking more questions and will let you know about my progress. Thanks!
Comments
By W () on
But who are you?
By Anonymous Coward () on
eg
- customising installations (ala solaris jumpstart).
- patch management
- different authentication methods (eg x9.9 tokens, skey, radius etc)
Comments
By Matthew Emmett () matt@emmett.ca on mailto:matt@emmett.ca
I'd love to see some stuff about account management and authentication issues too.
NIS, LDAP?
Comments
By zil0g () on
NIS, LDAP,KERBEROS,IPSec + vpn - I would love to read all about them in paper, in the same paper even!
thank you, and good night :)
By Quark () on
Comments
By Chris () someone.else@bangkokchickboys.com on http://www.bangkokchickboys.com/
A book similar in context to the original daemon book would be nice.
I second your suggestion. The Daemon book isn't the most scintillating read in the world, but I still read it from cover to cover several times because it's the only BSD Unix internals book I could find. I referred to both the Open and NetBSD sources as I read it (around the time of Net 1.4 and Open 2.6 IIRC), which was helpful, but the book is quite out of date with the current state of the art BSD kernels.
Chris
By Matthias () on
I sometimes have the feeling that there are things missing... or didn't I search good enough?
By Adam Skutt () LordHunter317@softhome.net on mailto:LordHunter317@softhome.net
OpenBSD is still in its infancy, even moreso than Linux is. And I have zero Linux books in my bookcase for that very reason. Linux and OpenBSD are still evolving very rapidly, so fast in fact that any book is usually obsolete and useless before you get to read it. Otherwise, its just general Unix knowledge that is covered a million times over in many many books.
I think where OpenBSD differs and is unique is well covered in its documentation (the man pages & FAQ). I've never had any trouble that I couldn't solve by reading the manpages or the FAQ. Maybe my techincal skillset lets me do that, I dunno. Either way, I think OpenBSD's documentation is a good thing and it doesn't really need to be supplemented.
Either way, if you want to write a book, feel free and I'll even buy a copy for the good of the order, but I don't think I'll use it much, since hte system already provides top-notch documentation.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
Yeah, right. I've been using OpenBSD as a firewall since 2.7. No changes there; I'm still using the exact same configuration files and utilities on my 3.2 box...
By Hugo () hugo_lev@hotmail.com on mailto:hugo_lev@hotmail.com
As far as standardization and change is concerned I feel that the BSD's/Linux OS's have pretty much stuck with the standard are are doing a good job of satisfying the professional market.
I run labs with a number OS's (Windowes*, Solareess and some obsd and linux machines) and I have found that the BSD/LINUX os's tend to stick to stuff that s proven to work on the default installations while the other two tend to make drastic changes that require quite abit of work when migrating from version to version...
Take these example: Moving from WindowzeNT to 2K/XP... and move yer SAM to ADS and come back and tell me everything ran smoothly on the first try.
Look for AutoClient support in Solareess 8 ... I dont think you ll find it there...
Here s my point: When new features appear in the BSD's or Linux they most proably appeared in commercially available OS's ... and work just as well on BSD/Linux than on the commercially available OS's.
I'd rather see a OBSD book published where I ll find information that s 99.9% accurate after 2, 3 or even 4 OS version changes than have to pick up a windowze admin book version XX and have to trash it when the new OS version comes out.
By Patrick Myers () on
-p
By Marty () on
1. Why do people pay money for cuddly published manpages?
2. How good would open source software be if the money spent on these books was instead spent on development?
3. Why does everything need to be dumbed down so extremely?
Comments
By Anonymous () on
1. Why do people pay money for cuddly published manpages?
Because you cannot read man pages when your system is not operating? Because man pages assume that people who read them have a certain amount of knowledge that beginners just don't have?
2. How good would open source software be if the money spent on these books was instead spent on development?
Books are needed, otherwise not many people would use open source. Also, some publishers donate money to open source projects, employ developers or pay them to write books. Visit the O'Reilly, Wiley, Addison-Wesley, Prentice-Hall, or New Riders on-line book catalogues and see the names of authors.
3. Why does everything need to be dumbed down so extremely?
There are books for everyone, and don't forget that today's dummies are tomorrow's gurus
Comments
By tomorrow's guru () on
1. I spend all day in front of screens doing work. At the end of the day, the last thing I want to do is sit in front of one and read manpages with 1000 hyperlinks to navigate through. I learn much better sitting back with a book in hand.
2. I feel like chasing my tail
3. Why do I need to pull out of the drive way at 60 mph?
By Anonymous Coward () on
On the other hand, having a true "Bible" of the manpages (in binder format, for easy 'upgrade') would be a damn nice product in its own right- just don't fob it off as a newbie's or sysadmin's guide.
By Anonymous Coward () on
So, I suggest a very detailed chapter on this, where you assume the user has no experience with any of the concepts (e.g., getting source via cvs, diffs, etc). Include several step-by-step examples.
With such a chapter, I'd buy the book in a second.
Comments
By Anonymous Coward () on
By David A. Rogers () darogers@speakeasy.net on mailto:darogers@speakeasy.net
Don't be yet another book on using Unix applications. There are way too many already.
Don't put in stuff that is easily found in the manual pages.
Don't give "magic incantations". The sort of instructions that tell you to do something, but not why you're doing it.
Do
Do give the big picture. What are the pieces of OpenBSD. How do they relate and how do they work together.
Do give the reasons for the way things work. Explain why the reader should do whatever it is you just told them to do.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
The "Do" would be a nice read. ;) It's nice to know why you are getting milk at the store. :P
Comments
By AC () on
By RC () on
For instance... If someone wants to make sure noone can boot into single user mode ond get root without knowing the root password, they don't know where to start. Once you tell them to look at "/etc/ttys" they have no problems figuring out the information from the man pages, and the file itself.
If they know they want a VPN, how do they know to look at IPSec?
In addition, I'd say include all the important information, but otherwise, keep it as brief as possible.
Comments
By Anonymous Coward () on
Now, for the newbie to just stumble across OpenBSD is a matter for question. For if he knows he should use OpenBSD, he does have a certain degree of technical knowledge and should have the experience of finding information and not easily giving up at dead ends.
Comments
By RC () on
I seriously doubt that a new user can figure out that awk/sed is what they want when they want to do text processing and replacement. How would a new user learn about systrace or chroot when looking for security? How would a user learn that SSH is a secure alternative to telnet (prominent placement helps, some)? How would someone learn about named pipes when they don't know that something like that exists? How would they learn that using a back-quote embeds the output of that command in that spot? How would a new user even figure out that lynx can be used to surf the web in text when they don't even know that it is possible?
Sure, reading TONS of information will eventually give them their answer, but that is assuming they always know the right questions to ask (and that they know they've asked the right questions when they have, so they don't give up on a search that will eventually find something useful).
We all take the workings of Unix for granted now. But most of us that weren't taught Unix just gradually picked up on these things from numerous sources over time. I'm only well informed of these sorts of problems from having helped beginners learn to use OpenBSD.
Of course, maybe there is some book out there that guides users through these basic Unix concepts, but I didn't find it when I needed it, and have still not come across any such book.
By Rob () on
- forget the X window system stuff (it would waste to much valuable space for other topics and the dang desktop systems change so much)
- it has been mentioned but for emphasis, a strong, day-to-day toolset explanation. things like the critical logs, important config files, system monitoring etc.
- I hate to admit it but I still fear doing patches. anything that eases that process would be great.
- Lastly, an index to the most widely used command line tricks and tips- the ones used every day or every week.
Thanks and my credit card is ready to swipe
Comments
By Anonymous Coward () on
1. http://openbsd.org/errata.html
2. Click the patch link and save it in your /usr/src directory.
3. follow the instructions in the patch which are for example:
Apply by doing:
cd /usr/src
patch -p0 <005_named.patch
And then rebuild and install named:
cd usr.sbin/named
make obj depend
make && make install
4. you are done, restart the service in question. 005_named.patch
By XFree86 User () on
Seriously, an O'Reilly "pamphlet" (on the order of their laughable PPP book, or less-laughable guides to awk/sed/etc) for XFree86, perhaps customized to "XFree86 on OpenBSD," would be another good project in its own right. Learning to secure it, use it effectively over the network, not load 500 modules you won't need anyway, etc- all good stuff.
By Anonymous Coward () on
I tell people the first thing to do when they boot is to update the locate database, and the second thing to do is read man afterboot.
If you put an appendix in the book that is a step-by-step to doing something useful - even if it's only a page long and says "you're assumed to know vi", it might save people some time.
Comments
By Anonymous Coward () on
The only OS which comes as close as possible to standards is --> OpenBSD. The OpenBSD community does not need to document the fact that most others break standards.
By AC () on
By Funk () rfunk+spam@funknet.net on mailto:rfunk+spam@funknet.net
The ports upgrade issue is why I don't use OpenBSD on the desktop; explaining that one would be quite useful.
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Find out what people are doing with obsd; firewall, vpn, etc, and take them through the steps to get obsd up and running.
A transition chapter acts like a foreign language dictionary. obsd > windows windows
Comments
By Anonymous Coward () on
By MrChuck () YoChuck@evilspammer.com on mailto:YoChuck@evilspammer.com
Is there truly a market for an OS that we can guess is used by 50k people, most of whom won't pony up $40 for a CD?
I like the nemeth system admin books.
They cover the principles of running Unix.
They have, in each section, a breakout where there are differences.
Widen the audience. The FreeBSD Handbook applies, mostly, to the other BSDs.
Free|Net|Open (and hell, MacOS/Darwin) all run apache, IPv6, IPSec, GNOME, KDE. They have a ports tree (netbsd's is available for MacOS X and Solaris).
Variations include Racoon, ISAKMP and minor implementations of things like ifconfig and some user tools that are or aren't included.
I regularly move from OpenBSD to FreeBSD and NetBSD through the day. I rarely think about it. I move to Solaris and I have to pause and recall to do certain things differently.
Why deliberately narrow your audience?
When you write a book, odds are pretty low that you will make minimum wage for that time you put it. Make it available to the other BSDs and you might make $3 for each hour you spend instead of $1.
By James A. Peltier () james@site-fx.net on http://www.site-fx.net
Comments
By Anonymous Coward () on
By Anonymous Coward () on
By clicket [Jason Brewer] () likeabeerbrewer ĄT yahoo.com on http://www.mosaek.com
Comments
By Anonymous Coward () on
By kremlyn () on
It's such awesome software, that although the man pages are already top class, they need to be *better* for PF+ALTQ for 3.3-Release
By Anonymous Coward () on
By Erik Seidel () erik@neptun.tamu.edu on mailto:erik@neptun.tamu.edu
and a bit on the COMPAT_LINUX functionality and uses.
By Wish I were Tim O () on
The beauty of the free market system is that someone who is enterprising and fills the need succeeds and the market (us users) succeeds.
Bravo! bring the books on!
By Anonymous Coward () on
I'll send the link to the OpenBSD Journal folks in case they don't see this comment as it may be worthy of posting an update to this story.
By click46 () click46@operamail.com on mailto:click46@operamail.com
By Justin () on
I want to see pictures of the openbsd dev team in the nude all holding little bsd daemon stuffed animals above their heads singing the song on the openbsd 3.1 cd "...Vampire omellete, kitten cake..."
In other news, I guess all I want is a paraphrasing of the important man pages printed. Important meaning things like: afterboot, netstat, tcpdump, vpn, isakmpd.conf, pf.conf, pfctl, sh, man, ln, etc. :)
have a nice day
Comments
By Anonymous Coward () on
Ow. Ow. Ow.
You just made my eyes bleed.
By zil0g () on
By HAL9000 () none@internet.null on mailto:none@internet.null
By Dylan Harris () dyl@postmaster.co.uk on http://dylanharris.org/
Comments
By Funk () rfunk+spam@funknet.net on mailto:rfunk+spam@funknet.net
It would be really useful to have pointers to the man pages in section 8 that go into depth on particular topics rather than the usual commands. Most people accustomed to other Unices won't know to look for these unless they're pointed out. Yeah, a lot of them are mentioned in afterboot(8), but afterboot should be summarized in a book anyway, for those who haven't read it in a while or (horrors!) never read it at all.
By Just Another Admin () anon@emoose.com on mailto:anon@emoose.com
Patches, ports, upgrades, and kernel customization
PF firewall config
Chroot jail for server apps
E-mail, web, and ftp server configs
Router, firewall, VPN gateways
Using OpenBSD as a secure log server
Using as a Snort NIDS
I don't care for design history and all that. I want a one-stop-shop for configuring OpenBSD as a secure network device or Internet server without having to sift through man pages, on-line docs and newsgroups. That's all. Write that, and I'll buy two copies.
Comments
By Anonymous Coward () on
If that is truely the case, you must use a Microsoft product called Windows. I care for my DeskTop environment and wish for it to be as correct as possible.
Anyone who doesn't care what their desktop does, and how, as long as the tool works for a desirable amount of time, more than likey uses Windows. Windows is bloated, slow, and does everything you can imagine.
Inefficiency leaves room for equality, and efficiency leaves room for no equality. In this case, Microsoft tries to please everyone, making the system as accessible as possible to reach monetary goals. OpenBSD however, caters to itself. The developers code for their interests, and that's where its strengths lie. They try not to please everyone, but try to please only themselves. In essence excluding a large user base which has no reason to be sniffing around OpenBSD. Sounds to me, you shouldn't even bother with OpenBSD to begin with.
Comments
By zil0g () on
"right, uh first make sure you selected xbase in the installation, then run xf86cfg or xf86config, configure x just like on any other system.
NOW for the tricky part, turn 'xdm' on in /etc/rc.conf and run 'xdm'; done*"
*the adventurous user might want look in the nearest pkg mirror for something like 'fluxbox', 'icewm' or even kde* or gnome*
"halfway usable browsers exist in the ports tree, for fully-fledged pr0n consumption we need to bugg the mozilla developers untill OBSD is fully supported"
really, if a mar00n like me can run it on the desktop, so can anyone else - and I can't even type right.
and looking at the suggestions so far there doesn't seem to be that hight a demand for desktops, but well for firewall/NAT boxes, vpn this-and-that servers.
where did windows come in the picture here? are you telling me YOU will be the one who walks in the office and says: "STOP! stop what you're doing close those spreadsheets! I'll reinstall your lousy windoze boxen with OpenBSD! You'll thank me for it, because it's stable, secure and 'correct'!"
(don't get me wrong, I think it is just that, but your average office worker won' care WHAT it is if they can't find 'word' on the desktop with a green 'W' icon...)
who cares if someone uses windows? heck I do it's either that or (eww)Linux to play my beloved game collection in, diff is most won't run in Linux...
hmm... I've got it! let's add a chapter for everyone who plays games in OpenBSD! that should attract an even greater reader-base!
in summary: if I'm not using OBSD on the desktop, I shouldn't use it at all, thank you. (and no, I didn't write the first post)
(I'm not really this bitchy, it just _sounds_ like it on the net. btw, I can't spell either - didn't go to school, go figure).
By Gimlet () on
For example, there are several excellent books on system administration, TCP/IP, sendmail, Samba, etc. Better just to say, "buy, borrow, or steal these books!" and then use the saved space to cover things in detail that aren't available elsewhere.
I'd be very interested in having a book that focused on what OpenBSD can be used for better than other systems. Firewalling, SSL, VPN, and other security topics where OpenBSD shows its strengths would be greatly appreciated.
Oh, and please don't put the book on the level of a Unix newbie. A solid, well-written, and *detailed* technical book would be far more beneficial to most OpenBSD users, and, IMHO, would appeal to serious users of other Unixes.
And someone mentioned an OpenBSD-centric follow-up to McKusick's BSD bible. That would be wonderful, but I think it would be another book, perhaps best suited for one of the core developers -- another source of revenue for the project perhaps?
By rust () usr_billy@hotmail.com on mailto:usr_billy@hotmail.com
I have asked this question many times from co-workers/friends and have received little in return.
By anonymous () on
On Winblows (TM), I set up boxes from an image with applications and network profiles (aka, icons on the desktop, drive mountings, printer mappings, etc). The user profiles reside on a server with the user shares. When a user logs into a random box, they get "Their" desktop and run.
I don't need the idea behind the system, I'm not a CS major. I load the programs from compiled binaries, read the manuals, and try to modify the buggy po$hits work as advertised. If I want to set up a network on linux it would be OS, GUI, Webbrowser + addins, Mail (Mozilla + Kmail or such), and the office suite (Star or Corel).
$.02
Comments
By Anonymous Cowherd () on
Demonstrating interaction with Windows clients would be good, as would a mention of what little can be done to enhance security for them via OpenBSD - I hate texts that dive into a particular commercial product, but discussions of what's available for virus protection [Kaspersky AV for Linux being the only *NIX-hosted Windows scanner I know of], and [network/fileserver] backup would be nice.
By Anonymous Coward () on
I do have to disagree with the fellow who said OBSD is too new to warrant a book. All OSes which're still being worked on will evolve over time, and documentation will inevitably go stale. My Solaris 2.5 docs still retain some relevence today, but should be replaced. Same with my older Complete FreeBSD book. If the author can stick to the specifics, online errata will hold readers for a while, and when it becomes necessary for a new release, it'll likely be a more managable task to update the book's content.
Blah blah blah...
By Ash () on
Comments
By Anonymous Coward () on
By Anonymous Coward () on
Comments
By Anonymous Coward () on
The C Programming Language
Managing Projects with Make
By Boris () - on -
some simple chapter on programming show how to write'secure' code, and how to avoid race conditions etc. some chapter on all*BSD things, to remind us that openbsd is indeed open. Something that will still mean something in 3 years from now.
By J.Smith () lbalbalba@hotmail.com on N/A
Comments
By Daniel Feenberg () feenberg@nber.org on mailto:feenberg@nber.org
concentrating on those thinks that are not universal.
One thing that no books seem to cover is configuration changes. Changing a host id or NIC, or adding a hard drive are all commonplace
tasks, but are never documented for an free OS.
Users can figure this stuff out, but it would
be better if it were in the text books.
By Daniel Feenberg () feenberg@nber.org on mailto:feenberg@nber.org
concentrating on those thinks that are not universal.
One thing that no books seem to cover is configuration changes. Changing a host id or NIC, or adding a hard drive are all commonplace
tasks, but are never documented for an free OS.
Users can figure this stuff out, but it would
be better if it were in the text books.
By Anonymous Coward () on
At my job I had to setup a BSD with RAS. Pain in the neck finding information about how to do it and how to easily maintain it(adding/changing modems, adding/changing IP's).
By Adam Getchell () acgetchell@ucdavis.edu on mailto:acgetchell@ucdavis.edu
* Building a transparent bridging firewall
* Building a NAT firewall for hosts
* Other lockdown and performance tuning for firewalls
* Use of ALTQ (and how to record bandwidth usage to the above log system)
* How to do load balancing
* How to setup SQUID as a reverse proxy cache for webservers (Apache, Zope, IIS, etc)
* How to set up a DNS, SMTP, servers
* How to setup and configure symon (or some other suitable practice) to create a central monitoring system for your transparent bridges, NAT boxes, SQUID boxes, bandwidth throttling, etc.
* How to setup and configure SNORT, ACID, PHP
* Tuning the above systems
That takes care of some edge uses for OpenBSD. Now, for general network use as a webserver, application server, and file/print server, I'd like to see sections on:
* Apache
* Tomcat (and in particular, getting it locked down and working properly. I've struggled with it, myself.
* SAMBA
* CVS/OpenCM etc.
* Kerberos integration (because, if you manage a large number of systems you'll want to get away from separate accounts on each server)
* AFS
* Tuning the above systems
Finally, I wouldn't mind seeing sections on configuring OpenBSD in the desktop environment, particularly:
* X/KDE configuration
* GNOME (perhaps)
* Diskless terminals
* CD boot systems, RAMFS
The last two suited towards dumb terminal/CD systems approach.
Now, I realize the above list might be 3 books instead of 1, but that's the order I personally would rate.
Finally, I have "The Design and Implementation of the 4.4 BSD Operating System", but anything to help aspiring newbie kernel hackers would be welcome. Such a tome could also include philosophical discussion, if desired.
All in all, a tall order. I'd be willing to contribute my meager knowledge to the effort.
--Adam
By marc bayerkohler () junk3@zounds.net on mailto:junk3@zounds.net
Id like better explanations of 'Snapshots', and the steps of taking a box from 2.7 to the latest -stable without losing my data and configurations.
Also, more examples of setting up VPNs, espesh to other OSes.
Comments
By Forge () forge@flakshack.nospam.com on mailto:forge@flakshack.nospam.com
By Forge () forge@flakshack.nospam.com on mailto:forge@flakshack.nospam.com
By herodiade () boudiou@reynerie.org on mailto:boudiou@reynerie.org
Using syscalls policies, chrooting everything, ipsec's vpns, hardening the fs ... is an necessary content.
Another point : documenting Altq usage.
Since open is frequently used in firewalls/gateway (the good place for an QoS Altq box), since it does more and more to integrate altq on the kernel, since it's very hard to configure a good altq policy, and since there isn't a lot of hand on tutorials on altq ...
By James () James@Jamesworld.com on mailto:James@Jamesworld.com
By Graun Frondwidth () graun@aol.com on mailto:graun@aol.com
Somewhere in the networking section, please explain (all in one place) what the heck all
of those devices which are displayed when you
execute "ifconfig -a" actually are.
Another section on getting X up and running
with Gnome/KDE and a window manager other
than twm would also be much appreciated.
Comments
By Anonymous Coward () on
http://evilwm.sourceforge.net/