Textplain

The Source Will Be With You, Always

Thoughts and News

Moving to FreeBSD

published

Intro

During college, I started playing with Linux. I found that I greatly preferred doing things on the command line rather than hunting through layers of drop down menus. Running 'man ssh' to scan the options, then typing it out is much faster for me than hunting through PuTTY's menus to figure out where an option lives.

It didn't take me long to find a home with Gentoo Linux. I loved the customization and the minimalism. The ports tree was amazing -- I enjoyed playing with USE flags before I compiled things. I liked the rolling release paradigm. The learning curve was steep, but I enjoy learning new things.

My system didn't have cruft on it, and that was a great feeling for me. I had gotten past all these layers that make computing opaque. My computers were no longer magic black boxes.

Then came the systemd controversy. I'm sick of talking about it, so let's skip that part. I decided to look into other operating systems. Linux isn't the only UNIX-like OS out there, after all.

I'd heard of BSD, but didn't know much about it. After some time on Wikipedia, I decided to give FreeBSD a try.

I pulled out an old desktop, found a hard drive in my drawer, and set it up next to my Gentoo server while the FreeBSD 10 ISO was downloading.

Installation

My first impression was that installation was super easy. Installing Gentoo is done manually and can be a "fun" weekend adventure if you're not sure what you're doing. I can spin up a new FreeBSD VM in five minutes.

Packages and Ports

Being able to install things from either packages (binary) or ports (source) and have them work well together was a revolutionary idea for me. For most things, the default options are fine. So why compile something yourself if someone else has already done it for you? But sometimes you do need a custom option. FreeBSD gives you the best of both worlds.

I was resistant to FreeBSD's system for compiling ports. I had to find the directory, cd there, then run 'make install clean'. There was an ncurses menu for selecting compile flags. Then every few minutes the whole build would stop while it waited for me to enter options for the next dependency. I couldn't walk away. I knew there were things I could do to make it easier, but I hadn't figured them out yet.

For contrast, Gentoo's portage feels more user-friendly. You use the 'emerge' command and feed it the packages you want to build. It works for a minute, then shows you beautifully colored output with each package it's going to build, why it needs it, and which USE (compile) flags are active. You can see exactly everything it's going to do. If you want to change a USE flag, you add it to /etc/portage/package.use.

While I still prefer Gentoo's portage, I learned how to use FreeBSD's ports properly -- always running 'make config-recursive' first, for example. It's a well-designed system.

Man Pages

There's a man page for everything! And they're well-written! Gentoo has the best documentation of any Linux distro I've used, but FreeBSD is on another level. With a copy of the FreeBSD Handbook and the system man pages, I can actually get things done without tabbing over to Google every five minutes.

Separation of the Base System

It took me some time to see the benefits of having the base system and the ports tree be so separate. I'd come from Linux, where everything is a package you install. To get a core Linux system running, you need a collection of packages from various places which hopefully work together. On FreeBSD, everything necessary for the operation of the system is in the same SVN repository.

On Gentoo, there are situations like: "This week's update includes udev. And there's a note about it breaking things if you don't make the proper manual tweaks. Oh joy. Better set aside a few hours and hope the remote server comes back up afterward."

FreeBSD uses a hybrid system -- the base system has releases, but the ports are rolling release. This is a very elegant balance. I can keep getting the latest features from programs I care about, but I don't have to worry about a package update breaking my compiler or rendering my system unbootable. Seriously, when was the last time you needed a brand new feature from 'make', 'find', or 'ssh'?

Ports are installed with the prefix /usr/local/. So nginx's config file lives under /usr/local/etc/nginx/nginx.conf, but ssh's config file lives under /etc/ssh/sshd_config. This is nice for shared filesystems, backups, and many other things.

Init System

Gentoo uses OpenRC, which I liked well enough. But FreeBSD's BSD init is much cleaner. No more webs of symlinks, no more runlevels that you never use. Startup scripts are under /etc/rc.d/ and they're all controlled by /etc/rc.conf, which enables them and passes them arguments. Configuration by a simple text file is better than configuration by symlinks, any day.

Jails

Jails are one of FreeBSD's best features, by far. Jails are like a fancy chroot, with most of the features of a virtual machine. If you're running multiple webservers from the same physical box, you can put each one in a separate jail. That way if/when one of them gets attacked and the attacker manages to get a shell, he can only see a stock FreeBSD system with that one webserver running. He can't see your other services and he can't get out -- because it's a jail.

Jails don't do hardware emulation, which has a few important repercussions. First, you can't run an OS that isn't FreeBSD in a jail. Every jail is necessarily talking to the same kernel as the host system.

Second, you can spin up thousands of jails on one system without breaking a sweat. Each jail has negligible overhead. Compare this with running something like 12 VMs per host before you run out of resources.

Security

On FreeBSD, you can't ssh in as root with the default configuration. Users can't su to root unless they're in the wheel group. The root account gets status mails from the system every day. The 'freebsd-update' utility has an IDS command that scans your system for binaries that don't match the hash they're supposed to match. These are all examples of doing things correctly, that Linux does wrong.

Design

The FreeBSD system feels like a group of engineers sat down and drew up a brilliant design. Everything is so well thought out. Everything has its place. I don't have to hunt for things, because I know just where they belong. It's like a sturdy building.

Looking back at Linux, it feels like a treehouse where all this functionality is bolted on, but the right hand doesn't know what the left is doing. Every distro nails things together in a different way because nothing has a place where it belongs. Finding something takes effort.

I've only been using FreeBSD for a few months, but I'm already more comfortable with it than I ever was with Linux.

Community

The BSD community feels more mature and professional than the Linux community. Perhaps the average user is older, perhaps more of them use it in their job in some way, perhaps it's something else. But the difference is there.

Everyone is very approachable, and there's a shared passion. There isn't so much infighting over whose distro is better, whether systemd or upstart sucks more, or whether you agree with whatever crazy thing Linus or Stallman just said.

BSD License

I'm glad I was introduced to the BSD license, because it solves the problems I had with the GPL.

I've been working with UAVs professionally for agriculture, search and rescue, and environmental studies, doing system architecture and communication systems. There have been a few times when I wanted to use some existing code for my comm system, like mesh networking stacks. But I couldn't do it because it would require us to open source our control algorithms (the secret sauce). So I'm stuck reinventing the wheel.

Rather then waste time writing about all the reasons why I like the BSD license, I'll just point you to this excellent article.

The only point that I'd like to reinforce is that the BSD license encourages the development of common standards, while the GPL does not.

If you implement some new protocol in your spare time using the GPL, commercial entities wishing to compete for that market are likely to create their own protocol entirely because they can't use your code. Then Microsoft will inevitably come along with their own special protocol a year later. Now there are three competing standards to worry about.

If, however, you use the BSD license, things go differently. When a company comes along, they'll take your code and incorporate it into something with a fancy UI and cloud backup (their secret sauce). They spent their time on better things than rewriting your work, they can still keep their code secret, and they're compatible with the original protocol.

Then Microsoft comes along, takes your code, and makes a small incompatible change to it just because that's what Microsoft does. Now there are only one and a half standards, and everyone's product is better because they didn't have to reinvent the wheel.

Conclusion

FreeBSD is now my favorite operating system. All my servers run it. Servers and routers I install for family, friends, and clients run it. The embedded systems in my UAVs run it.

Linux was important for me because it showed me the problems with Windows and taught me to appreciate BSD. Had I grown up with FreeBSD, I doubt I'd appreciate it as much as I do.

I'd be remiss if I didn't mention PC-BSD. If you want FreeBSD, like desktop environments, and don't want to do more setup work than you have to, PC-BSD is right for you. It's basically FreeBSD with X preconfigured for you, some graphical utilities, and PBIs. It's just as easy to install and use as Ubuntu.

I'm looking forward to playing with the other BSDs too :)


published 2015-05-28