Miscellaneous Operating Systems/Hardware

OpenBSD/sgi - Page 1

http://undeadly.org/cgi?action=article& ... e=expanded

Looks like they're making progress again, v.cool
let's move this.
I was just about to make a post to let people know about the SGI port of OpenBSD. X11 support :)


good news. May be fun to play with :) I love the little O2 systems.

_________________
############################
Re-install with OpenBSD :)
Although only the O2 is currently supported, there are some recent commits for IP30 and IP27 and IP35 is being worked on too. Backwards support for IP22 doesn't seem to be that much of a priority looking at the thread, which is a shame - I'm happy with Irix on the faster machines but OpenBSD is increasingly useful on many older architectures as an alternative to linux. It's already effectively superseded linux on sparc32 now that nearly everyone has dropped support, and I'd really like it as an option on my older MIPS stuff, like the Indy currently running Debian under my desk. OpenBSD 4.3 is looking very promising.

_________________
hardware/software agnostic sadmin
Installing 4.3 as I type this message :)
Though I've always thought it a bit loopy to run anything but IRIX on SGI hardware, I notice that OpenBSD 4.3 has just been released, and that the SGI port (an O2 port, really) has gotten some attention:
Quote:
OpenBSD/sgi
Contains many new drivers, however the kernel requires an important errata fix.
* New gbe(4) driver for the SGI Graphics Back End (GBE) Frame Buffer on sgi.
* New mkbc(4) driver for the Moosehead PS/2 Controller on sgi.
* New power(4) driver for the power button on sgi.
* Support for X11 on sgi has been added.
* OpenBSD/sgi can now be installed using the glass console.

See http://www.openbsd.org/sgi.html#hardware for supported hardware.
Cool, I'll add it to my list of things to do. All the recent OSS progress has really made me wish I had more free time.

Also, what's up with the O2 case on the linked page? Is that an OpenBSD logo by the O2 logo or some kind of extra button hack?
tillin9 wrote:
Also, what's up with the O2 case on the linked page? Is that an OpenBSD logo by the O2 logo or some kind of extra button hack?

Looks like a sticker of the wireframe version of the OpenBSD "Puffy the Blowfish" logo . The OpenBSD folks usually bundle a sheet of stickers if you buy the official CD. :D

If you do try the 4.3 release on the O2, I'm sure that many Nekochanner's would be interested to hear what you think of it.
josehill wrote:
If you do try the 4.3 release on the O2, I'm sure that many Nekochanner's would be interested to hear what you think of it.

Perhaps you should merge this with the existing thread here , which links to an interesting article on the same subject.
kramlq wrote:
Perhaps you should merge this with the existing thread here , which links to an interesting article on the same subject.

Thanks -- I missed the earlier thread. Merger complete!
Looks like the Fuel, Octane and Origin 200 are now supported
http://www.undeadly.org/cgi?action=arti ... ed&count=0
To improve support the developers are looking for hardware donations
Quote:
Beside, there is some SGI hardware on want.html that is needed to further developments:

* a SGI Fuel or Origin (or Onyx) 300 and either an Origin (or Onyx) 350 or a Tezro (preferrably the rackmount version) needed in France (contact [email protected]);
*
* a SGI O2 workstation, preferably with a 300MHz or faster CPU, needed in London, England (contact [email protected]);
* a PCI cardcage for SGI Octane needed in Gorinchem, the Netherlands (contact [email protected]).
As much as I hate to say it, I think that'd work out well on an Origin 300 for a webserver. IRIX is kind of dated, security-wise, and I don't want to put a huge break-in target on the public Internet.

_________________
:O3000: :1600SW: :Indigo2IMP: :0300:

"Remember, if they can't find you handsome, they should at least find you handy."
iKitsune wrote:
I don't want to put a huge break-in target on the public Internet.


Nekochan runs on IRIX on the public internet.

_________________
Twitter: @neko_no_ko
IRIX Release 4.0.5 IP12 Version 06151813 System V
Copyright 1987-1992 Silicon Graphics, Inc.
All Rights Reserved.
nekonoko wrote:
iKitsune wrote:
I don't want to put a huge break-in target on the public Internet.


Nekochan runs on IRIX on the public internet.

So just out of interest, how is nekochan.net kept 'secure'?

_________________
:Indy: R4600PC 133 MHz

Mac Mini 2.5GHz 4GB RAM
Raspberry Pi
Dell XPS M1530
iKitsune wrote:
As much as I hate to say it, I think that'd work out well on an Origin 300 for a webserver. IRIX is kind of dated, security-wise, and I don't want to put a huge break-in target on the public Internet.

Since there's no graphics on an Origin, it's not like you're losing so much. I wonder if most exploits are operating system or application weaknesses, tho ? If it's applications then heck, we're already using the latest and greatest.
indyman007 wrote:
So just out of interest, how is nekochan.net kept 'secure'?


The same way you keep any system secure - make sure all public facing services are patched and up to date.

_________________
Twitter: @neko_no_ko
IRIX Release 4.0.5 IP12 Version 06151813 System V
Copyright 1987-1992 Silicon Graphics, Inc.
All Rights Reserved.
I'm just afraid of a breakin. I'm sure IRIX would be fine, but meh.

_________________
:O3000: :1600SW: :Indigo2IMP: :0300:

"Remember, if they can't find you handsome, they should at least find you handy."
iKitsune wrote:
I'm just afraid of a breakin. I'm sure IRIX would be fine, but meh.


Then keep your eyes on the advisories and swap in rebuilt binaries from your favorite FOSS system (Solaris would probably be closest, followed by GNU/Linux and then xBSD) when a compromise comes up.

The important ones will be the services you use (SSH/SSL, HTTP, FTP), and those are the most likely to be third-party anyway.

_________________
Damn the torpedoes, full speed ahead!

Systems available for remote access on request.

:Indigo: :Octane: :Indigo2: :Indigo2IMP: :Indy: :PI: :O200: :ChallengeL: :O2000R: (single-CM)
SAQ wrote:
The important ones will be the services you use (SSH/SSL, HTTP, FTP), and those are the most likely to be third-party anyway.


Yep, exactly right. I roll my own builds of all those (excepting a commercial, third-party FTP server), plugging them in usually within hours of release. I'm even running openssl-1.0.0-beta2 for grins :) I also offer all of the Nekochan builds for download if anyone desires to use them elsewhere.

Another part of the equation is the software you run on the stack (things like phpBB, Gallery, SquirrelMail, etc.). Those need to be kept up to date as well on any platform you ultimately choose.

Security is an ongoing process on any platform. The only truly secure system is one not connected to the public internet.

(And yes, hamei - I know php-5.3.0 was just released today. xcache doesn't support 5.3 just yet so I'm going to wait a little) ;)

_________________
Twitter: @neko_no_ko
IRIX Release 4.0.5 IP12 Version 06151813 System V
Copyright 1987-1992 Silicon Graphics, Inc.
All Rights Reserved.