-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Thanks for the quick response, Zack!
I'm hesitant to give too much advice, as I've been using OpenBSD for all of four months, and I've been a small-time sysadmin for all of three years. So, take all this with a grain of salt.
My ultimate concern is that OpenBSD is just far less wizard-friendly and tutorial-rich than Linux etc. are. The man pages are excellent, but there inevitably comes times when one needs to do some research (sometimes even in the source code - check out bxr.su) to solve something properly. People maintain, and I agree with them, that this is ultimately a more stable and fast means of administration, but it takes a commitment to doing the necessary reading. Many OpenBSD people therefore dislike ad hoc guides, as they just delay the frustration that is inevitable for some people.
Come to think of it, my email which started this discussion ("[tor-dev] OpenBSD in doc/TUNING") is a good example of what I'm talking about. I had to do some digging and man-page-reading to change the maximum number of file descriptors for the daemon. In return, though, an unprivileged user can't choke my system out by opening files en masse on the default install.
Maybe the best solution is to just put such a disclaimer on the guide. Most OpenBSD introductions make it very explicit. On that note, the single venerated beginner's guide to OpenBSD is _Absolute OpenBSD 2nd Ed._ by Michael Lucas. You should check it out if you're interested. It's a fantastic, colorful book, and it focuses on what's unique about OpenBSD.
I appreciate your interest! Also, I hope I'm not speaking with too much authority. If anyone here has more OpenBSD experience than me, please send addendums or corrections.
Libertas
On 11/05/2014 10:47 AM, Zack Weinberg wrote:
On 11/05/2014 10:35 AM, Libertas wrote:
I would love to start a larger conversation about running Tor on OpenBSD. I've been considering making a guide describing the process. However, that violates the OpenBSD philosophy to some extent. They tend to only help those who help themselves - in the long term, only those who want to learn Unix and who RTFMs continue using OpenBSD.[1] Hopefully, though, we can spark enough interest that node operators will take that initiative. I know there's been a lot more interest in OpenBSD on Hacker News et al. since the surveillance revelations.
As a node operator and as someone who has been a small-time sysadmin for *something* with the Unix nature since 1996, I have to say that the main reason I run my nodes on Linux is that I don't feel I know my way around any modern *BSD enough to lock them down properly. A thorough guide to setting up -- and maintaining -- OpenBSD for a node would help with that a great deal.
zw _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays