I'm installing OpenBSD and I want to share an external HDD between it and GNU+Linux

No more GrSec, and Linus' official policy on security is "fuck security gimmie more rice!" Unless Hardened Gentoo starts figuring out a way of riding on the OpenBSD kernel, it's got a big hole blown in its side.

SHUT UP CARLOS!

yeah but people nowadays are more worried about their rice and vidya/watching anime than security, they often bash openBSD because its lacking features yet dont understand that shitload of features has shitload of security holes nobody thought of

Boot obsd in a VM and NFS it then

What are you talking about?
Did you read the OP?

You can have multiple partitions on a hard drive.

Doesn't say anything about sharing a single partition. Reading is fundamental.

Ah, but I need to share one partition.
If I'm constantly switching between the two OS's, I need to have access to the same files on both of them.

so make another partition a fs type that they both can speak reliably and use that as a go between.

problem with FAT is it has some serious limitations which is why op is probably looking for a better solution

NTFS

What if I need something from an OpenBSD partition and I don't have my OpenBSD computer at hand?

What if I used ext4 and had a GNU/Linux VM on OpenBSD, passed the USB port with the external HDD to the GNU/Linux VM and then used NFS to access it from OpenBSD.
Would that be noticeably slower?
Would I be able to, for example, watch anime that's on the HDD normally?

Not an argument.

ext2 is probably the safest and easiest option.

It looks like the version of ufs in OpenBSD is supported as read/write in Linux, so you could use that. You would have to make sure that your kernel is compiled with CONFIG_UFS_FS_WRITE to get write access.
git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/tree/Documentation/filesystems/ufs.txt?h=v4.9.44#n20

...

use any filesystem and fuse

FUSE is just a library.
It's up to 3rd parties to implement support for different file systems.
This is the only ext4 implementation github.com/gerard/ext4fuse
and it has no write support.

That's so cute, you just spent 10 minutes reading about fuse.

How much should I spend?

why are you even trying

that palette is disgusting neck yourself

Thanks, will do.

Really? I knew *BSD doesn't support hardware, but it doesn't even support filesystems? What kind of meme OS is this?

ext4 is too complicated and may introduce security holes, hence it's not supported by OpenBSD

why is it not supported by FreeBSD then?

That's the same reason why nothing is in OpenBSD, someone need to read an understand all the code.

an OS that had only 2 remote security holes in its whole history, basically not an OS for pajeets

short: worm
long
1. hit harddrive with hammer, repeatedly
2. buy a pentium 4 box for like $5 off of some weeb
3. go to 9front.org
4. install 9front
5. host a 9p cluster and shitpost on cat-v irc

FreeBSD has ZFS, which is too complicated for Linux

What is with these meme OS's? I get the filesystem complexity part but they can't even maintain their fucking bluetooth stacks.

people use bluetooth?
lmao

Yeah I use an2linux over bluetooth to sync Android notifications with my desktop.

OpenBSD: Beta Test as Distro

why would they want that unsecure shit on their system, I think openBSD devs cringe at the security record of bluetooth

...

ports?

YES

Sure, but there's OpenZFS for Linux, it's in most distributions.

I'm sure that writing to a ufs drive is not going to fuck you over totally using the ufs module. The warning means that things have not been tested thoroughly, not a statement that writing to the partition destroys your data.

Be sure to mount it as the correct type of ufs though. For OpenBSD that's 44bsd. You could use the worldwide acknowledged approach to life, and test it before relying on it.

In that case you would have to remember the data in your biological storage.

no, BSD's only support ext2 and read-only ext3
idk why is it so hard to implement ext4 support
is it a licensing issue?

linux fully supports zfs you faggot zfsonlinux.org/
the only issue is that it's not included in the official kernel releases (nor is it officially supported by kernel devs) because of license incompatibility

ufs support has been in the kernel since v 2.something
I think someone on IRC said that nobody's working on it

have you yourself tested the ufs module?

nope, i have no use for ufs and why is that relevant? if you're too lazy to test it you obviously shouldn't use it.
i've repeatedly said that ext2 is the best solution for retards to create a cross OpenBSD to Linux filesystem, so that's narrows it down to your only choice.
if you actually want to contribute to make ufs support better, instead of whining then use it.

how exactly is ufs better than ext2?

I mean, ufs has no journaling, although it's a good file system
just like ext2
so why would I use ufs with shady linux support when I can just use ext2 that shold be stable and well supported everywhere?

it's not

The Solaris compatibility layer makes it too complicated for any system other than native(Solaris) to be honest.
I'm skeptical about the proposed solution of inserting a generic API instead of just doing platform native(non-Solaris) versions.
open-zfs.org/wiki/Roadmap#ZFS_Compatibility_Layer

They're either going to have to maintain both the Solaris one and this new one or drop the old one and introduce overhead into the Solaris relm this way.

My god when will this meme end.
Fucking educate yourselves en.wikipedia.org/wiki/BSD_licenses.

Nobody is stealing anything.
In whatever form they redistribute your software, be it source or just binary, they have to give you credit and cannot give any credit to themselves whatsoever without your permission.

Why the fuck would they even do that?
I mean they can, but either way they can still sell your software and not share any of their profits with you (the same applies to GPL software).
Keeping a project open source does not diminish their profits if they sell it in such a way that they don't profit directly from it.
Apple integrates their open source Darwin OS with OS X and iOS which are sold together with computers and phones.
Android and much of Google's software is open source, but they don't profit directly from that.
Red Hat can still sell as a professional enterprise distro, even if the OS is almost completely open source.

Who do they have to call if something goes wrong? You.
Why? Because they know jack shit about the code you wrote especially if it's a large project.
By refusing to share the source code they're just crippling both your and their project.
Why? Because you may accept their patches in the upstream or just implement some of those ideas in your own way if it's beneficial to your project and they can then expand on that and so on.
It's a win-win situation.
There doesn't have to be much collaboration in order to make this a healthy relationship, but there needs to be some.

GPL'd software alienates companies and that reduces the number of possible contributions.
Read freebsd.org/doc/en/articles/bsdl-gpl/article.html.
Jump straight to the conclusion for tl;dr.

into the trash it goes

how about local?

or should I not use software outside the base system at all?

You alright?

How does ufs compare to ext2?
Can someone that knows some technical details about both file systems explain this to me?

You should know the second someone gets physical access to hardware it is over no matter what software you have on it. No hardware is secure. The software on it could be made secure, but there is no secure hardware.

Anyone ?

how about someTHING
OpenBSD itself might be secure, but what about other software that runs on it?
like I said, should I not use software outside the base system at all?
or do they guarantee that everything I install from the ports is as secure as the base system?

you may have missed this post, so here

It would work and there would be some overhead but I doubt it's enough to annoy you. I run Windows with FreeBSD in a VM, I give 2 of my host sata disks to the BSD vm and access them in Windows via samba, FreeBSD accesses some of the host storage this way as well. I've never been bothered by it but I don't have hard numbers either. I don't think I could give a fair test right now either since there's a performance difference between NTFS and ZFS already.

You should try your method and see if you're alright with it, it couldn't hurt.

Cute pictures by the way.

Thanks for the reply, user.
I guess I'll give it a try.

I forgot a protip

I use mpv and it allows you to set the cache size to whatever you want, even though I doubt you'd need this it can't hurt either. I used to have very slow drives and run a lot of io intensive applications so I still have my config set to it even though I no longer need it, but when I did it was nice to have a few seconds buffered already, however much memory you give the player is how long it has to load more, so if you give it enough to hold 10 seconds then you have 10 whole seconds for it to load more data into the buffer. I'm sure most players let you set this or do it by default, but maybe not as aggressive.

Like I said though I doubt the overhead will be that bad that you'll need it, but I do it anyway even on local files, there's no harm in doing it just more ram usage.

Neat.

Can someone explain how exactly do I securely run 3rd party software on OpenBSD without access control and sandboxing tools?

Unix ACLs and chroot

Does OpenBSD have Wayland support yet?
They're going to get left behind if they don't get on that.

what about local, as user said no computer hardware is safe from local attack, at least not normal everyday hardware
besides other OSes had far more local exploits than openBSD ever had

They have their own X11 implementation without Xorg's cruft.

Is that even possible, I thought that x11 required copying of framebuffers from each application or something crazy inefficient like that?

Seriously? Would it work on GNU/Linux?

Can I get a quick rundown on why people are hype about Wayland? Is it actually good in some way or is it only good in comparison to X11?

It will be an instant end to graphical issues (screen tearing, aliased fonts, low frame rate in games, lack of up-to-date video decoders/encoders) plaguing FOSS.

Filesystems don't really matter anymore anyway as we have SSDs, logical volume managers, and battery-backed controllers. Just get a controller card and roll with ext2 with sync disabled.

No, there's even a talk where an x11 dev requests that people bring xeonocara to linux only to be chided by some redhat dev.

license, philosophy, bothering to rewrite a complex file system interface using "correct" C that works with BSD fast enough to be useful

when will you learn?

So it would work great on Linux but RHEL needs to secure their job with systemd, because all the wayland wms are going to be GTK or Qt

Minimalism on Linux is under attack and the only way to escape is via securityfats and corporate whores like freebsd.

Xenocara is just a safer version of X11

It's more pretty and less efficient but more compatible and higher throughput. If you're scared of the CLI, you'll love Wayland.

I like your optimism, but I think reality will be slightly different.

is it an actual different implementation of the protocol or a shitty fork?

From a quick glance it seems like just the normal version of xorg in a chroot without the setuid bit. It also might have some security patches(maybe?). Any real difference between it and using gentoo hardened?

that's a cute autist

Are you sure you don't have brain damage bud?

you don't
next thing you might ask
not using

Fuck GNU. GNU is shit-balls in code quality, it should eat the fucking compatibility layer. There are still companies putting good money into superior Solaris/illumos and they sure as hell aren't going to hand the keys to the GNU kiddies!

Slowloris died in the late '90s. It was also a clusterfuck of terrible design. I used to 'hack' systems just by dumping NIS and running it through jack because they were determined that it was fine that any user should be able to read it despite everyone saying otherwise, and connected chargen on uni servers repeatedly to IRC servers to get them to netsplit because their TCP stack was written by morons.

what did he mean by this?

Is OpenBSD free as in freedom?
Does it contains nonfree blobs?

ports isn't secure because most ports come from freebsd and linux, which both have large attack surfaces and are widespread, making them valuable targets
however, ports could potentially be more secure than native freebsd/linux because different kernels address memory in different manners

you are considered a cuck and backdoored on linux forums, but you gain hipster points for extra adherence to unix philosophy
gentoo hardened is for x200 users who steal cp from tor with javascript turned off.
openbsd is for securityfats and pfsense.
gentoo probs has more compatibility with other software (loads of FOSS gpl trash that relies on bash and debian/rhel stuff) but I can't confirm since I don't use it.

I'll take your blasted bait you bugger.
It downloads nonfree firmware if you choose, so yes, but it stays outside the kernel and post-manopausal leafposters write pissy emails if you remind them.

yes, but all of those systems are POSIX compliant, including OpenBSD
what's to stop malware in a form of a harmful POSIX script from stealing cookies, uploading screenshots, encrypting files, etc
or just buggy code from fucking something up

is not an argument. you don't need an argument to tell when a fuckin meme is old news

wow such security

What does OpenBSD do to restrict local malicious code?

nothing

W^X and pledge(but this one is only for OpenBSD's own code), you also can chroot of course.

That's pretty much nothing compared to what Linux has.

W^X at least is being applied to the ports tree too, and /usr/local can be mounted without the wxallowed flag.

Is there a filesystem encryption method that's supported on both OpenBSD and GNU/Linux?

that doesn't prevent malicious/buggy code from deleting my files, stealing my ssh keys and browser cookies, encrypting my files, attacking things on the LAN, etc

chroot is insecure by design and it wasn't originally meant to be a security mechanism
administratosphere.wordpress.com/2007/09/28/abusing-chroot-for-security/
github.com/earthquake/chw00t
serverfault.com/questions/454899/why-chroot-is-considered-insecure

are you a windows user, its expected you are not retard to run some random code under privileges on system, the system cant protect from users stupidity no matter what

openBSD is designed for power users not script kiddies that run random code from web as a root

you don't need to run it as root in order to do any of the things I mentioned

xkcd.com/1200/

You can make it so those things require a password as well.

I hate xkcd so much.

OpenBSD is the only OS the CIA couldn't pwn, wasn't even mentioned in the vault 7 leaks

Well they are niggers after all. Thats where the not secret agency comes in.

OpenBSD has no games.

Why do you think it's shilled against so much?
Who do you think is doing the shilling?

it has games by default in /usr/games man.openbsd.org/intro.6
and thats not all, you can find many games in ports

None of that shit matters anymore.

This.

Agreed

why even live with technology anymore

you can remove intel ME with me_cleaner if thats what you mean, openBSD anyways is more suited to older hardware and you can run it perfectly on something that isnt backdoored

also ARM support is getting better every day, in 10 years x86 will be totally locked and we wont be able to do jack shit about it

I think it was mentioned twice. I read through it all, and I remember seeing it twice.

Once, it was in the context of "this exploit does not work on OpenBSD." The second mention is what I am guessing was an intern (or new employee) saying "I am going to set up a local repository with the latest version", followed by a more senior person saying "why?" I take this to mean OBSD is what they run, at least for some things.

I believe there was also mention of an internal host named 'puffy'.

mrsatterly.com/openbsd_games.html

This is the best reference I know of for obsd gaming. It was updated only a couple of weeks ago, and it is surprising how much you can make work.

It's probably their porn server tbh

I've been thinking about trying a bsd for a while.
So how bad is the driver/software support?
I can already see it's pretty bad from this thread, but my pc is somewhat old (i7-860) and I think it should be well supported by now. no?
I don't really do much nowadays, as long as my OS can browse the web, play videos, open pictures, connect to irc and compile programs, I think I'm covered.

What's the default web browser?
Also, do they have xfce4 in ports or am I supposed to use one of their window managers?

At this UDF is the best filesystem for removable media.

Just try it and find out. It should be fine.

en.wikipedia.org/wiki/Universal_Disk_Format#Compatibility

I would but I'm working late until the weekend and don't have much to experiment at the moment.
So I'm just trying to familiarize myself with the system while I can by reading FAQs and man pages etc.

MUH MUH MUH ENCRYPTION BACKDOOR
MUH MUH MUH "corporations use BSDs for proprietary software [usually FreeBSD] so BSD kernel is backdoored"
MUH leaf

openBSD is perfect for you in that case, older hardware works fine just research man pages if everything is supported

It's again.
So I finally had some time to spin it up in a vm. everything looks fine and comfy. except, there seems to be no virtual machine support? I guess I missed that in my list, even though I probably only use a vm once a month, it would still be a blocker for me to go in without any virtual machine support at all. I know Qemu exists but it's useless without a kernel accelerator
Is there really nothing for it? I think the built in vmm is only for openbsd guests, right?

OpenBSD and Linux.

I installed openBSD on my desktop about a week ago. my desktop has a 7th-gen intel botnet cpu and ddr4 ram, as well as an intel gigabit etherenet card, and everything was recognized and works with brand new hardware.
I actually recommend it, the documentation makes things pretty convenient.

Soon my m.2 ssd will get here, and we'll wee if that works also.

Ran OpenBSD 6.0 and 6.1 on a ThinkPad - unfortunately slow as fuck and felt like a single task system

parrotsandopenbsd.org/myforum/

good taste

Can you run virtualbox on Openbsd as the host?

No, virtualbox does not have a port for openbsd.

I've found that people hate it because it's right most of the time. It actually gives Holla Forums a run for its money! -d8^)

Best solution for virtualization/containerization is Illumos IMO (SmartOS or OpenIndiana). Solaris Zones are more comprehensive than FreeBSD jails, there are LX-branded Zones which will run Linux-compiled binaries directly, there's KVM, and you can even run Docker containers within Zones.

Can you commie faggots stop mentioning Holla Forums in every single fucking post? Go back to Holla Forums and gas yourselves please.

thankyou.

Quads for truth.
FreeBSD blondie has a cute face and nice hair. The fake tits are a turn off. Loonix man has a weird expression. Surprisingly nice bod, he must work out or something.

Sorry for triggering you, I didn't realize that Holla Forums was a safe space. :^)

Who said anything about stealing ?
Also you assume to much retarded shit in your post.

Because they can
Same question has "why google is tivoizing android?" or "why google didin't include any GPLv3 licensed software ?".

Thank you for letting hardware manufacturers not letting you own what you buy.

They just profit from the massive datamining that they do and that no one that isn't a freedom loving autist would remove because if you do remove all the bullshit that google added to android you get replicant, which is an OS that can't activate the GPS, 3d acceleration, Wifi, most of sensors, Bluetooth etc... because it requires the botnet.

Not necessarily.
Look at minix for example, intel didn't need Tanenbaum to make it work for the intel management engine.

Implying they don't have fuck you money.

The only thing that the GPL stop companies from doing something is to stop the users from doing what they want they their hardware/software
> freebsd.org/doc/en/articles/bsdl-gpl/article.html.
That's bullshit from top to bottom.
The GPL is meant to preserve the freedom for anyone who use it, the static linking BS is completely misunderstood, has long the license of the software is GPL compatible (BSD/MIT/APACHEv2/MLPv2 etc...) then it just fucking works.
Has always cuck license users can't into licenses.

(checked)
Nice quadruples my friend.
I agree wit the /pollack/ :^)

Yeah, sure.

Unironically fat32 or reiser.

GrSec died because they violated the GPLv2, and their code was shit quality and never got upstreamed. Theo doesn't take sloppy code into the OpenBSD kernel either.

I had a similar experience on an x120e. OpenBSD's kernel is far less SMP-capable than Linux or the FreeBSD kernel, and the browser ports are all subpar due to OpenBSD's security hardening messing with JavaScript JIT engines.

I think the post to which you replied talking about desktop virtualization of pointy clicky OSes. VirtualBox has stuff like Seamless Mode and 3D acceleration for guests that makes it great for running an XP VM for weeaboo eroge. I do agree that SmartOS or a Linux+libvirt based platform is better for server side virtualization.

It has no journaling so it's likely you get a corrupted file or worse if it was modifying something hierarchically close to the superblock.

OpenBSDs FFS supports soft updates, journaling is much more common but neither one guarantees that no data will be lost in the event of some problem

Theo is wrong to go the "good code in spite of added well-planned features," when he should have been going "good code in addition to added well-planned features." It seems like the dichotomy of "good code" and "access controls" are artificially mutually exclusive, when most recommendations state that BOTH are important.
OpenBSD won't touch Solaris Zones until Theo stops being such an autist. Maybe he should change OpenBSD to be 3-ring or 4-ring, with 0 being his kernel, 1 being his base system, and 2 being additional security features (MAC, capabilities, Zones, ZFS) he's so averse to implementing, and if not also on 2 then ring-3 should be total userland.
Unless Intel CPUs only effectively have two rings of operation.

Intel CPUs have had four rings since the 386. OS/2 is nightmarishly difficult to virtualize because it uses ring-2 for a lot of stuff, and that's where modern hypervisors generally place code executed by guest systems.

xkcd's author is pure cuck. Gets fired from NASA then settles for marrying a woman he doesn't love who immediately bleeds him for money treating her breast cancer and is still childless 6 years later and might even be dead. Desperately virtue signals all women's causes while he jealously longs for the waifu he never had.

What a mess.

What a fucking loser. REEEE I SHOULDN'T HAVE BEEN ME MEGAN!

Randall gets to watch a black man fuck his wife from the closet saga when?

UDF

en.wikipedia.org/wiki/Universal_Disk_Format#Compatibility

They actually now have 6:
There's a ring -1 (negative one) for hypervisors,
and a ring -2 for "System Management Mode"

Related paper on gaining ring -2 access on intel hardware:
blackhat.com/docs/us-15/materials/us-15-Domas-The-Memory-Sinkhole-Unleashing-An-x86-Design-Flaw-Allowing-Universal-Privilege-Escalation-wp.pdf