[FAQ Index] [To Section 2 - Other OpenBSD Information Resources]

1 - Introduction to OpenBSD

1.1 - What is OpenBSD?
1.2 - On what systems does OpenBSD run?
1.3 - Is OpenBSD really free?
1.4 - Why might I want to use OpenBSD?
1.5 - How can I help support OpenBSD?
1.6 - Who maintains OpenBSD?
1.7 - When is the next release of OpenBSD?
1.8 - What is included with OpenBSD?
1.9 - What is new in OpenBSD 4.2?
1.10 - Can I use OpenBSD as a desktop system?
1.11 - Why is/isn't ProductX included?

1.1 - What is OpenBSD?

The OpenBSD project produces a freely available, multi-platform 4.4BSD-based UNIX-like operating system. Our goals place emphasis on correctness, security, standardization, and portability. OpenBSD supports binary emulation of most binaries from SVR4 (Solaris), FreeBSD, Linux, BSDI, SunOS, and HPUX.

This FAQ specifically covers only the most recent release of OpenBSD, version 4.2.

1.2 - On what systems does OpenBSD run?

OpenBSD 4.2 runs on the following platforms:

alpha - FTP only
amd64 - CD bootable
armish - FTP only
hp300 - FTP only
hppa - FTP only
i386 - CD bootable
landisk - FTP only New!
luna88k - FTP only
mac68k - FTP only
macppc - CD bootable
mvme68k - FTP only
mvme88k - FTP only
sparc - CD bootable
sparc64 - CD bootable
vax - FTP only
zaurus - FTP only

CD bootable means that OpenBSD will boot directly from the CD. The CD set will boot on several hardware platforms. See chapter 3 of this FAQ for details of obtaining OpenBSD on CD.

More information on OpenBSD platforms can be found on the Platforms page.

People sometimes ask why we support so many "odd" machines. The short answer is, "because we want to". If enough skilled people (sometimes, "enough" is only one really skilled person!) wish to maintain support for a platform, it will be supported. There are practical benefits to keeping OpenBSD multi-platform: when new platforms come out, the code tree is relatively free of portability-breaking bugs and design flaws. The OpenBSD platforms include 32 bit and 64 bit processors, little and big endian machines, and many different designs. And yes, supporting "unusual" platforms has helped produced a higher-quality code base for more "common" platforms.

1.3 - Is OpenBSD really free?

OpenBSD is all free. The binaries are free. The source is free. All parts of OpenBSD have reasonable copyright terms permitting free redistribution. This includes the ability to REUSE most parts of the OpenBSD source tree, either for personal or commercial purposes. OpenBSD includes NO further restrictions other than those implied by the original BSD license. Software which is written under stricter licenses cannot be included in the regular distribution of OpenBSD. This is intended to safeguard the free use of OpenBSD. For example, OpenBSD can be freely used for personal use, for academic use, by government institutions, by non-profit making organizations and by commercial organizations. OpenBSD, or parts of it, can also be freely incorporated into commercial products.

People sometimes ask if it bothers us that our free work is put into commercial products. The answer is, we would prefer that our good code be widely used than that commercial software vendors reimplement and create badly coded incompatible alternative solutions to already solved problems. For example, it is likely that SSH is a widely used protocol due to this freedom, much more widely used than if restrictions had been placed on how people used the OpenSSH code.

This isn't to say we would object to financial or hardware support in thanks. In fact, it is stunning how little support of any kind comes from companies that depend upon OpenBSD for their products, but there is no requirement of compensation.

For further reading on other popular licenses read: OpenBSD Copyright Policy.

The maintainers of OpenBSD support the project largely from their own pockets. This includes the time spent programming for the project, equipment used to support the many ports, the network resources used to distribute OpenBSD to you, and the time spent answering questions and investigating users' bug reports. The OpenBSD developers are not independently wealthy and even small contributions of time, equipment, and resources make a big difference.

1.4 - Why might I want to use OpenBSD?

New users frequently want to know whether OpenBSD is superior to some other free UNIX-like operating system. That question is largely unanswerable and is the subject of countless (and useless) religious debates. Do not, under any circumstances, ask such a question on an OpenBSD mailing list.

Below are some reasons why we think OpenBSD is a useful operating system. Whether OpenBSD is right for you is a question that only you can answer.

OpenBSD runs on many different hardware platforms.
OpenBSD is thought of by many security professionals as the most secure UNIX-like operating system, as the result of a never-ending comprehensive source code security audit.
OpenBSD is a full-featured UNIX-like operating system available in source form at no charge.
OpenBSD integrates cutting-edge security technology suitable for building firewalls and private network services in a distributed environment.
OpenBSD benefits from strong ongoing development in many areas, offering opportunities to work with emerging technologies with an international community of programmers and end-users.
OpenBSD attempts to minimize the need for customization and tweaking. For the vast majority of users, OpenBSD "Just Works" on their hardware for their application. Not only is tweaking and customizing rarely needed, it is actively discouraged.

1.5 - How can I help support OpenBSD?

We are greatly indebted to the people and organizations that have contributed to the OpenBSD project. They are acknowledged by name on the donations page.

OpenBSD has a constant need for several types of support from the user community. If you find OpenBSD useful, you are strongly encouraged to find a way to contribute. If none of the suggestions below are right for you, feel free to propose an alternative by sending e-mail to donations@openbsd.org.

Buy an OpenBSD CD set. It includes the current full release of OpenBSD, and is bootable on many platforms. It also generates revenue to support the OpenBSD project, and reduces the strain on network resources used to deliver the distribution via the Internet. This inexpensive three-CD set includes full source. Remember, your friends need their own copy!
Donate money. The project has a constant need for cash to pay for equipment, network connectivity, and expenses relating to CD publishing. Manufacturing CDs requires an up-front out-of-pocket investment for the OpenBSD developers, without guaranteed return. Send e-mail to donations@openbsd.org to find out how to contribute. Even small donations make a profound difference.
Donate equipment and parts. The project has a constant need for general and specific hardware. Items such as IDE and SCSI disks, and various types of RAM are always welcome. For other types of hardware such as computer systems and motherboards, you should inquire as to current need. Write to donations@openbsd.org to arrange for shipment.
Donate your time and skills. Programmers who enjoy writing operating systems are naturally always welcome, but there are literally dozens of other ways that people can be useful. Follow mailing lists and help answer new-user questions.
Help maintain documentation by submitting new FAQ material (to faq@openbsd.org). Form a local user group and get your friends hooked on OpenBSD. Make a case to your employer for using OpenBSD at work. If you're a student, talk to your professors about using OpenBSD as a learning tool for Computer Science or Engineering courses. It's also worth mentioning one of the most important ways you should not try to "help" the OpenBSD project: do not waste your time engaging in operating system flame wars. It does not help the project to find new users and can cause substantial harm to important relationships that developers have with other developers.

1.6 - Who maintains OpenBSD?

OpenBSD is maintained by a development team spread across many different countries. The project is coordinated by Theo de Raadt, located in Canada.

1.7 - When is the next release of OpenBSD?

The OpenBSD team makes a new release every six months, with target release dates in May and November. More information on the development cycle can be found here.

1.8 - What is included with OpenBSD?

OpenBSD is distributed with a number of third-party software products, including:

X.org 7.2, the X Window environment, with local patches. Installed with the x*.tgz install file sets.
GCC versions 2.95.3 and 3.3.5. GNU C Compiler. The OpenBSD team has added the Propolice stack protection technology, enabled by default, and used throughout the OpenBSD userland and by default on applications compiled on OpenBSD. Installed as part of the comp42.tgz file set.
Perl 5.8.8, with patches and improvements from the OpenBSD team.
Our improved and secured version of the Apache 1.3 web server. The OpenBSD team has added default chrooting, privilege revocation, and other security-related improvements. Also includes mod_ssl and DSO support.
OpenSSL 0.9.7j, with patches and improvements from the OpenBSD team.
Groff 1.15 text processor.
Sendmail 8.14.1 mail server, with libmilter.
BIND 9.3.4 DNS server. OpenBSD has implemented many improvements in chroot operation and other security-related issues.
Lynx 2.8.5rel.4 text web browser. With HTTPS support added, plus patches from the OpenBSD team.
Sudo v1.6.9p4, allowing users to run individual commands as root.
Ncurses 5.2
KAME IPv6
Heimdal 0.7.2 with patches
Arla 0.35.7
Binutils 2.15 with patches
gdb 6.3 with patches
OpenSSH 4.7
OpenNTPD Secure and simple Network Time Protocol implementation
OpenBGPD and OpenOSPFD routing applications

As can be seen, the OpenBSD team often patches third-party products (typically) to improve the security or quality of the code. In some cases, the user will see no difference in operation, in other cases, there ARE operational differences which may impact some users. Keep these enhancements in mind before blindly adding different versions of the same software. You may get a bigger version number, but a less secure system.

Of course, additional applications can be added through the OpenBSD packages and ports system.

1.9 - What is new in OpenBSD 4.2?

The complete list of changes made to OpenBSD 4.1 to create OpenBSD 4.2 can be found on plus42.html, and highlights on the OpenBSD 4.2 Information page, however here are a few changes the OpenBSD team anticipate will require or warrant some special note to people upgrading or installing OpenBSD 4.2 who are familiar with older versions:

libexpat is part of xbase42.tgz, not a package
This will prove to be a problem for many users, and for 4.3, will be part of base43.tgz, but for OpenBSD 4.2, many users will have to install xbase42.tgz. More details in the 4.2 Upgrade Guide
XF3 is no longer included:
XF3 was provided on the i386 platform to support some very old display hardware that is now rarely used. With the new version of X.org and its new build process, support for XF3 was dropped. It is expected few people will be impacted by this.
Updated ahci driver may change how disks are handled:
Systems using the ahci(4) driver may find SATA disks which had been recognized and handled by the wd(4) (i.e., wd0) to become sd(4) (i.e., sd0) devices. More details in the 4.2 Upgrade Guide
SSH protocol 1 discouraged on new installs:
New OpenBSD installs will default to not accepting SSH v1 connections.
Changes in the way sudo(8) passes environment:
For security reasons sudo(8) will now reset the environment to a small default set with only certain variables preserved from the previous environment.
[i386, amd64] boot(8) enhancements:
boot(8) will now ignore any /etc/boot.conf file if the CTRL key is held down when boot starts. This can be handy for recovering from some configuration errors. boot(8) for i386 can now boot an amd64 kernel, and vice versa, which can make changing platforms easier.

1.10 - Can I use OpenBSD as a desktop system?

This question is often asked in exactly this manner -- with no explanation of what the asker means by "desktop". The only person who can answer that question is you, as it depends on what your needs and expectations are.

While OpenBSD has a great reputation as a "server" operating system, it can be and is used on the desktop. Many "desktop" applications are available through packages and ports. As with all operating system decisions, the question is: can it do the job you desire in the way you wish? You must answer this question for yourself.

It might be worth noting that a large amount of OpenBSD development is done on laptops.

1.11 - Why is/isn't ProductX included?

People often ask why a particular product is or isn't included with OpenBSD. The answer is based on two things: the wishes of the developers and compatibility with the goals of the project. A product will not be included simply because it is "neat" -- it must also be "free" for use, distribution and modification by our standards. A product must also be stable and secure -- a bigger version number does not always mean a better product.

License is often the biggest problem: we want OpenBSD to remain usable by any person anywhere in the world for any purpose.

Another major consideration is the wishes of the developers. The OpenBSD developers are the ultimate judges of what does and doesn't go into the project. Just because an application is "good" doesn't mean the OpenBSD project wishes to devote the resources needed to maintaining it, or that they will share other's enthusiasm about its place in OpenBSD.

Some commonly asked questions about third-party products:

Why is Sendmail included, it is "known insecure"?!
Sendmail has had an imperfect security record, however the Sendmail authors and maintainers have been very receptive to reworking their code to make it much more secure (and this is a sadly uncommon response). The recent security history of Sendmail is not much different than some of the supposedly "more secure" alternatives.
Why isn't Postfix included?
The license is not free, and thus can not be considered.
Why isn't qmail or djbdns included?
Neither program is what many Unix users "expect" out of a mail or DNS application. In the case of djbdns, also the license, or lack of: the inability to distribute a modified version of this software keeps it from being considered.
Why is Apache included? It isn't needed by many people!
Because the developers want it.
Why isn't a newer version of Apache included?
The license on newer versions is unacceptable.
Why isn't bzip2 included instead of gzip?
Performance is horrible, and benefit is minimal. Impact on slower platforms, such as m68k or VAX would be unacceptable.
Why isn't there a graphical or curses(3) based installer?
For a number of reasons, including the goal of keeping the installation boot media able to be a single floppy disk, the fact that one installer can be used on all platforms in all configurations, and the fact that after the second or third OpenBSD install, most users find the OpenBSD installation system among the fastest and easiest installers of any OS. Most developers and users greatly prefer the speed, power, and ease of use of the current installer to any of the more "colorful" or "pretty" installers on some other platforms.

In most cases, these topics have been discussed in painful detail on the mail lists, please see archives if you need more information.

Of course, If you wish to use one of these packages and your use is compatible with the license of the products, no one will stop you (that wouldn't be very free if we tried, would it?). However, your needs may change -- you may not want to develop a "Killer Application" that you can't sell, distribute, or get rich from because you incorporated non-free software into it.