View Single Post
  #2   (View Single Post)  
Old 14th April 2009
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by ax0 View Post
I was told to,

A. not worry about ports, it's a waste of time and slow.

B. not to go to -current/-stable and instead just install patches manually..


im kind of confused, i've used FBSD for almost 7 months (2 years ago) and gentoo for a little over a year (until this past november) and i always liked ports and thought it was a good addition.

can anyone give me some input, also.. i can't find specifically in the faq about updating from generic(release?) to -stable / -current.

any help?
FreeBSD and Gentoo are moving targets. For all practical purposes
those are rolling releases operating systems. In practical sense
they work only on i386 and amd64 and they are optimized for speed.
In both cases ports and portages have many knobs that you can turn
on or off to optimize packet to your specific purpose.

OpenBSD is security appliance. It is extremely portable and able to work across the range of different architectures. The coolest version of OpenBSD
IMHO is sparc64. It has cascade release cycle (six months like CentOS for instance).
Userland is complete unlike FreeBSD for instance and it is configured to be as safe as possible out of box.
Ports are add-ons. They are not carefully audited for security and they usually bring whole slue of security issues to the OpenBSD installation.
The ultimate goal of OpenBSD packaging system is reproducibility so that
system stays as safe as possible. Ports are compiled with very conservative options and there are only minor things that can be tuned.
Those are called flavors. Allowing them to be tweaked like on FreeBSD will completely undermine security.

One could argue that compiling things from source using ports on OpenBSD is safer than installing binary tarballs. That is fine. But unless
you back port new versions of the software or port it yourself the ports will compile on identical way for six months. There is no way that you can
use stable OpenBSD as a moving target. If you want that follow current.
Current is IMHO as stable as FreeBSD stable for about 3 months during the
release cycle. However usually in May, June or November and December things might break as the developers are making major changes to OpenBSD.

Last edited by Oko; 14th April 2009 at 03:05 AM.
Reply With Quote