Title: Why I stopped using OpenBSD
Author: Solène
Date: 15 November 2024
Tags: openbsd linux life
Description: In this blog post, I share my experience and why I stopped
using OpenBSD
# Introduction
Last month, I decided to leave the OpenBSD team as I have not been
using OpenBSD myself for a while. A lot of people asked me why I
stopped using OpenBSD, although I have been advocating it for a while.
Let me share my thoughts.
First, I like OpenBSD, it has values, and it is important that it
exists. It just does not fit all needs, it does not fit mine anymore.
# Issues
Here is a short list of problems that, while bearable when taken
individually, they summed up to a point I had to move away from
OpenBSD.
## Hardware compatibility
* no Bluetooth support
* limited game pad support (not supported by all programs, not all game
pad will work)
* battery life / heat / power usage (OpenBSD draws more power than
alternatives, by a good margin)
## Software compatibility
As part of staying relevant on the DevOps market, I need to experiment
and learn with a lot of stuff, this includes OCI containers, but also
machine learning and some weird technologies. Running virtual machines
on OpenBSD is really limited, running programs headless with one core
and poor performance is not a good incentive to work at staying sharp.
As part of my consultancy work, I occasionally need to run proprietary
crap, this is not an issue when running it in a VM, but I can not do
that on OpenBSD without a huge headache and very bad performance.
## Reliability
I have grievances against OpenBSD file system. Every time OpenBSD
crash, and it happens very often for me when using it as a desktop, it
ends with file corrupted or lost files. This is just not something I
can accept.
Of course, it may be some hardware compatibility issue, I never have
issues on an old ThinkPad T400, but I got various lock up, freeze or
kernel panic on the following machines:
* ThinkPad X395
* ThinkPad t470
* ThinkPad t480
* ryzen 5600X + AMD GPU (desktop)
Would you like to keep using an operating system that daily eat your
data? I don't. Maybe I am doing something weirds, I don't know, I
have never been able to pinpoint why I got so many crashes although
everyone else seem to have a stable experience with OpenBSD.
# Moving to Linux
I moved from OpenBSD to Qubes OS for almost everything (except playing
video games) on which I run Fedora virtual machines (approximately 20
VM simultaneously in average). This provides me better security than
OpenBSD could provide me as I am able to separate every context into
different spaces, this is absolutely hardcore for most users, but I
just can't go back to a traditional system after this.
HTML Earlier blog post: Why one would use Qubes OS?
In addition, I have learned the following Linux features and became
really happy of it:
* namespaces: being able to reduce the scope of a process is incredibly
powerful, this is something that exists in Linux since a very long
time, this is also the foundation for running containers, it is way
better than chroots.
* cgroups: this is the name of the kernel subsystem that is responsible
for resource accounting, with it, it is possible to get access to
accurate and reliable monitoring. It is possible to know how much
network, i/o, CPU or memory have been used by a process. From an
operator point of view, it is really valuable to know exactly what is
consuming resources when looking at the metrics. Where on OpenBSD you
can notice a CPU spike at some timestamp, on Linux you would be able to
know which user used the CPU.
* systemd: journald, timers and scripting possibilities. I need to
write a blog post about this, systemd is clearly disruptive, but it
provides many good features. I understand it can make some people
angry as they have to learn how to use it. The man pages are good
though.
* swap compression: this feature allows me to push my hardware to its
limit, with lz4 compression algorithm, it is easy to get access to
**extremely** fast swap paid with some memory. The compression ratio
is usually 3:1 or 4:1 which is pretty good.
* modern storage backend: between LVM, btrfs and ZFS, there are super
nice things to achieve depending on the hardware, for maximum
performance / reliability and scalability. I love transparent
compression as I can just store more data on my hardware. (when it's
compressible of course).
* flatpak: I really like software distribution done with flatpak,
packages are all running in their own namespace, they can't access all
the file system, you can roll back to a previous version, and do some
interesting stuff
* auditd: this is a must-have for secure environments, it allows
logging all accesses matching some rules (like when was accessed this
arbitrary file, when that file is modified, etc...). This does not
even exist in OpenBSD (maybe if you can run ktrace on pid 1 you could
do something?). This kind of feature is a basic requirement for many
qualified secure environments.
* SELinux: although many people disable it immediately after the first
time it gets on their way (without digging further), this is a very
powerful security mechanism that mitigates entire classes of
vulnerabilities.
When using a desktop for gaming, I found Fedora Silverblue to be a very
solid system with reliable upgrades, good quality and a lot of software
choice.
# Conclusion
I got too many issues with OpenBSD, I wanted to come back to it twice
this year, but I just have lost 2 days of my life due to all the
crashes eating data. And when it was working fine, I was really
frustrated by the performance and not being able to achieve the work I
needed to do.
But as I said, I am glad people there are happy OpenBSD users who enjoy
it and have a reliable system with it. From the various talks I had
with users, the most common (by far) positive fact that make OpenBSD
good is that users can understand what is going on. This is certainly
a quality that can only be found in OpenBSD (maybe NetBSD too?).
I will continue to advocate OpenBSD for situations I think it is
relevant, and I will continue to verify OpenBSD compatibility when
contributing to open source software (last in date is Peergos). This
is something that matters a lot for me, in case I go back to OpenBSD
:-)