On Tue, Oct 29, 2013 at 09:44:46PM -0500, David Noel wrote:
> I started playing around with FreeBSD back in the 2.2.7 days. I'd
> describe myself as a casual desktop/workstation user. Back in the day
> I was attracted to OpenBSD's heavy focus on security but was pulled
> towards FreeBSD due to a good friend of mine being a FreeBSD
> contributor ("dude, trust me, it's the way to go"). Recently I've
> purchased a handful of servers for a software project I've been
> working on and have started reconsidering my choice of OS's.
> Administering a single FreeBSD workstation isn't too much of a
> headache; I've kind of gotten used to having to rebuild kernel and
> world every few months as security advisories are released. But now
> that I'm administering 6 of them I'm really starting to get annoyed by
> the whole process: rebuild kernel... rebuild world... reboot, and then
> pray that it doesn't blow up in my face (as it often does). That got
> me thinking about OpenBSD. Looking at the security advisories the last
> one I see was from nearly a year and a half ago! That's pretty
> incredible to me. Does this mean that I could theoretically have
> gotten away with a year and a half uptime? What's the catch here? I'm
> sorry but I'm incredulous by how good it sounds so I have to ask. For
> me the biggest selling points of an operating system are security and
> maintenance. I've been wowed by ZFS, but really how often do
> filesystems need to be fsck'd? --and I never take snapshots. I feel
> like I could do without it. UFS+J is good enough. Given my priorities,
> does it sound like OpenBSD could be the one for me?OpenBSD doesn't have UFS journaling. Your servers will spend time checking filesystems after unclean shutdown. You might be able to mitigate service downtime by running redundant servers with carp(4). Apart from that, I believe you'll find your expectations satisfied. Note that you'll need to compile ports from the -stable tree to get security fixes for things installed from packages. Ports are only supported by the community for the latest release right now. Apart from that, you can upgrade through two releases once a year, or to the next release every 6 months. 5.4 will be out on Friday and I don't see why you shouldn't at least give it a try.
