![[OpenBSD]](../../images/smalltitle.gif)
OpenBSD for Beginners: After the Installation
Table of Contents
This document is intended for those who are not Unix gurus that happened to stumple upon this OpenBSD thing. You would need some experience on Unix-like systems (like, you should know what a shell is), but you're not really willing to spend a whole day doing programming or configurating servers. You're actually interested in USING the server or machine, rather than poking around the thing. Well then, why did you do that? Maybe some act of god (AOG). But let me tell you a likely story. The story you are about to read is true. The names have been changed to protect the innocent (theme music);
So my friend Lisa, who knows so-so well about computers, had to create her intranet server. She knew better than to rely on Micorosoft IIS, and she heard horror stories from a Red Hat Linux user who had been vandalized. Also, she did realize that many Linux distros had...she never used her Linux as a
She decided that she needed better security. She didn't have money to hire any security expert. So, she sent me an e-mail. "Well," I said. "I've been interested in this
"Hiroo, don't ggive me the gory details.
OpenBSD is not a very friendly OS. Well, if you get to know it, it can really become a reliable friend, but it just doesn't talk very much, and you sometimes feel as if this OS is deliberately trying to upset you or something, and you really want to shout, "Ah come on, lighten up a bit! You don't have to be so smug, huh?"
Well... it has to. A major reason for this is, their "secure by default" policy. They want to keep the system secure, which means they want to get rid of anything unnecessary. They only want to give out things that are absolutely necessary, and only if you specifically ask. It's difficult
After the Installation
Installation of OpenBSD is rather difficult and confusing, because you have to set up a lot of partitions. So, you have to
So, you're done with the installation. You log in.
The message will tell you that you shouldn't login as root. Make a mental note about it. You have mail, so read it using;
# mail
Fine. You should be able to read it. Get out of there, do ls and some basic stuff. Fine...except, you realize that the shell is not what you are used to in Linux. It's ... csh. You mistyped a command, and machine returned an error "no such file blah blah". Ooops. You try to bring back the command with the upper arrow... oh, it doesn't have history finction. You cant't even use backspace!!
Now, of course you know you're not in Linux land anymore, Toto, this is BSD land. csh is default. But of course, we know csh is evil, so let's switch to the trusty bash (or zsh or whatever).
Let's fix it. However, bash is not installed. Well, let's settle for second best, ksh;
Go to the prompt and
# ksh
There. Now, you can have history. Backspace works.
Now we feel like we can use longer commands without the fear of mistyping. So, first of all let's also do something about this unhelpful prompt. Can't you at least display the working directory here?
You know this is just a matter of dealing with .profile and .login file. Fire up emacs and... you realize that you don't have emacs. Which means that you have to use the..
Dreaded vi
Wow. vi. I forgot all about it. But we're not going to do any major things here, just create some simple configuration files. So there are only several things to remember.
vi has modes. There's the command mode, and there's the edit mode, and there's one more that you really don't want to bother. Command mode is where you issue commands. What you type in will not show up, and the editor will do crazy things.
Edit mode is where you do the usual typing and stuff. So all you need to know is:
- To go into edit mode, press i. To go into the command mode, press esc.
- If you want to actually type in characters, go to the edit mode and do it.
- To delete a character, you have to go back to the command mode. Press ESC.
And then, move the pointer (or cursor) to the character that you want to delete.Press x.
- When you're done, go to command mode, and press :wq
That's all you need to know.
Adding users.
The prompt tells you that you shouldn't log in as root, use su instead. OK then, let's create some lowly users and use that account. As Trent Reznor sang, "I will take my place/ in the great below."
This is easy.
Beware of the last question. You probably don't understand what this is asking you. It's asking if this user should be allowed to su. If you want the person to have that priveledge, answer "wheel" here.
Just as a lesson, I will assume here that you forgot this
Logging in
You realize that you can't.
This is because, if you want to become root, you have to be in the wheel group.
Adding users to the wheel group.
In order to
This time, it's OK. Except...
Setting up Kerberos
...Except, the machine gives an error message and tells you that there's no Kerberos ticket and this and that? What is this?
This is Kerberos, a security system that makes it unnecessary to pass around raw password data on the network. It's an authentication system.
The FAQ says that you can safely ignore it. But we got into OpenBSD because of its security thang, right? If we ignore the security stuff, we're better off using Linux. So I would like to be able to use it. Besides, error messages are annoyning, gives you the feeling that you're not doing something right. Ignoring it is degrading to youths, hurts your self respect and dignity.
So let's go.
The first thing you have to do BEFORE getting hands on kerberos is to get ntp running. Kerberos is sensitive to time differences, and you'll want to set your clocks right.
Install xntp3-blahblah.tgz
edit /etc/ntp.conf
server yamatohime.nmt.ne.jp
server azusa.miko.org
Then, you have to reboot. This is because the ntp daemon must start early in the process to be able to screw with time.
Adding users for root priviledge in Kerberos.
Kerberos is also used for authenticating su, so you have to tell kerberos about that, too.
kdb_edit
hiroo
root
And then, edit /root/.klogin
OK, now where getting somewhere.
X windows
So, your shell is fixed, you can log in without any errors. Next, let's move to X. You type startx, and.... no such command.
Oh yeah, come to think of it, the installer asked you nothing about video boards and monitors.
We from the Linux world is so spoilt now. We expect the installer to do everything. But not around here, and when we look back into our memories, yes, Slackware was something like this. You first started Linux and after you did your first round of ls and more and man and vi, you started to configure X. It's back to the good old days...
In order to configure X, you use XF86Setup. Before you start, you need to know about your system, especially your video card and your monitor.
First, I think you'll panic because you're mouse doesn't
Go through all this.
Yeah! You have X running. But since there's this security thing, don't use X unless it's very necessary. And don't even mention KDE and/or Gnome.
If you are using an LCD monitor, the background may seem to be flickering. You don't have to start over, just set the background color right, and it wil go away. You should have FVWM running, so click mouse button 1 (left button) on the desktop, and Select Fvwm Moduless -> Background.
After this, add /usr/X11R6/bin to people's PATH. It's probabbly better to do this on their startup file. Edit .profile
By this time, you're getting used to vi, but you're not really happy with it. Let's get emacs, or whatever other software that you feel you need.
Getting some software
Ok, let's get into X as a normal user. Fine, it's fvwm but we can live (for a while) with it.
But, you realize that it's bare, and there's hardly anything that you can do with it. You can ftp to a site and get some stuff, but you realize that there isn't even bzip2! We need to add some software.
Installing software the easy way: packages
Mounting the CD-ROM
I assume here that you have the OpenBSD CD-ROM. If you don't, that's your problem, but look around in the FAQ and stuff for help.
So you do
mount -t iso9660 /dev/cdrom /mnt
And you get an error message. Because this is BSD land. Do:
mount_cd9660 /dev/cd0a /mnt
Oh, if you don't have /mnt directory already, create it by
# mkdir /mnt
Now, let's go to the packages for easy software installation. It is in /mnt/2.7/packages/i386/ so let's go there.
cd /mnt/2.7/packages/i386/
In order to install softwares, you have to be root.
bzip2
#pkg_add -v bzip2-blahblahblah.tgz
Please use the -v option, although you don't need it. But it's always better to understand what's going on.
That was easy. Keep doing the same thing with the small stuff, like less, kterm, nkf (I'm Japanese, I need these!), rxvt, bash, zsh... These are simple, because they don't have to worry about dependencies. But then, you realize that they are rilli old...nkf 1.62? What is this? But better than none. Make a mental note to update it later.
OK, then let's move onto a big one, like... XEmacs.
The procedure is pretty much the same.
# pkg_add -v xemacs-2.04-mule.tgz
However, you notice that this time, the machine is doing a lot (A LOT!) of thinking. Keep waiting. Don't do anything stupid.
The thing is, the package is checking for dependencies. Also, the XEmacs package is huge to begin with.
There, you are seeing some messages now.
The messages tell you that,
1) This package conflicts with the emacs package
2) You need to get other packages.
But there's not much you can do here. Leave it, and the installer will take care of it. They don't do much about 1, but as for 2, it automatically gets these packages and installs them for you. Just like rpm.
Now, it's installing files, and you get all these lists, and then it stops once in a while to think... This is the reason that -v option is recommended. Without it, nothing gets displayed here, and you might think something's wrong.
...and now, the installation is done. Other packages concerning some graphics also got installed. Fine.
OK, let's give it a shot.
$ xemacs
[1] 2963
$ /usr/libexec/ld.so: xemacs: libintl.so.1.0: No such file or directory
[1] + Done (1)
Uh oh, something is missing. How can that be? So, this package thing is not perfect, after all.
How do I get libintl.so.1.0? Or more generally, how do you find out which package has your desired missing file? Well, I'm not really sure. Someone, tell me. It just so happens that libintl.so.1.0 is a part of gettext. This is wierd, since my friend tells me that XEmacs shouldn't rely at all on gettext... but there you go. So in this case, just grab the gettext package. Now, xemacs runs properly.
Ahhhh, finally, we really feel like editing files!
ports
ports is an automated process of...
- ftp ing the source package
- checking the integrity and applying the necessary packages
- configureing, compiling and installing
...the software with a single command. It's easy. Great. Wish Linux had these. Well, on the otherhand, it's not so easy to set up in the beginning.
Theres' ports.tgz on the CD-ROM. On the 2nd CD-ROM. Get that, and untar it under /usr.
cd /usr
tar xvzf tar.tgz
Getting Software the not-so-easy way: Make
Well... if you're used to it, this may be easier than using ports. So, let's try lv. lv is a great software. It's a pager, encoding converter, and regular expression engine all rolled into one. It is also one of the few softwares that really handle Unicode utf-8.
Fine. Let's do Ruby. Ruby is an object oriented script language
Internationalization
This is a weak area for OpenBSD.
Putting it to some use
All right. Let's make this thing do something useful. Since security was the big thing here, let's make it do some network jobs;
dhcp
I guess you probably know already, but if you have several machines in your hoyse and you want to network them, this is a nice thing.
Secure Web Server