
OpenBSD on a Laptop - perlgod
https://www.c0ffee.net/blog/openbsd-on-a-laptop/
======
gigatexal
This is probably the single coolest feature of OpenBSD: “Also, Chromium on
OpenBSD recently got unveil support. If you run it with --enable-unveil,
Chromium will be prevented (at the OS level) from accessing anything other
than your ~/Downloads folder.”

~~~
humblebee
Does anyone know how this works with profiles / cache? Does this force
something like incognito mode? Also does this mean you can't upload / select
files outside of the Downloads folder?

~~~
gigatexal
I wonder if it means no webcam access as that would require access to /dev?

------
floatboth
> many features that require toil to achieve on FreeBSD, such as suspend on
> lid close, working volume buttons, and decent battery life, work out of the
> box on OpenBSD

Suspend on lid close worked out of the box for me on FreeBSD, on a ThinkPad
X240. (Well, almost out of the box — had to disable the TPM in the firmware
setup, otherwise the TPM would prevent it from waking up.)

There's NO WAY battery life could be better on OpenBSD though. OpenBSD is not
even tickless!!

I measured the power consumption of the SoC with Intel's pcm tools, it's ~1W
when idling in GUI on FreeBSD. Does OpenBSD even have pcm.x? ;)

~~~
dijit
> There's NO WAY battery life could be better on OpenBSD though. OpenBSD is
> not even tickless!!

FWIW FreeBSD idled hot on my thinkpad x201 and x201s, where openbsd did not. I
got more battery from a slim Linux than openBSD, but FreeBSD was by far the
worst for battery life if you're comparing them.

~~~
floatboth
Odd. Did you load the GPU driver? Start powerd?

~~~
dijit
Yes. I was looking at power optimisations at the time and those were
suggestions. The issue was an idle load of 1.0 (nothing was noticably taking
cpu), and when I say idle I mean there was nothing being drawn on screen and
the browser was closed.

~~~
JdeBP
... but Sendmail was furiously trying to redeliver a massive mail queue of
daily security run output messages? (-:

There is more than just your WWW browser and X applications running on a
FreeBSD system.

~~~
dijit
Yes, of course, but maybe that's part of the problem.

FWIW, sendmail delivery to local mailboxes shouldn't need to retry, since
it'll just dump in roots spool folder.

------
stragulus
I like how most of the configuration in this setup is very similar to how I
configured systems as far back as mid-nineties. Most applications have a
simple single config file, and a single responsibility, true to Unix'
philosophy. My window manager needs haven't really changed during all this
time. Add a nice launcher that indexes your system and you have most of
everything you will need.

------
beefhash
> Full Disk Encryption with SoftRAID

It's worth noting that SoftRAID for encryption is mutually exclusive with
SoftRAID for redundancy: " _Note that "stacking" softraid modes (mirrored
drives and encryption, for example) is not supported at this time._"[1]

[1]
[https://www.openbsd.org/faq/faq14.html#softraid](https://www.openbsd.org/faq/faq14.html#softraid)

~~~
accrual
One can certainly stack softraid volumes but I think the FAQ indicates you
won't receive support if something goes wrong.

    
    
        # bioctl -c 1 -l /dev/sd1a,/dev/sd2a
        softraid0: RAID 1 volume attached as sd3
        # ...
        # bioctl -c C -l /dev/sd3a softraid0
        New passphrase:
        Re-type passphrase:
        softraid0: CRYPTO volume attached as sd4
        # 
    

I've personally used a setup like this since around OpenBSD 6.0.

~~~
beefhash
Interesting, I didn't know it worked. A comment on another site by stsp@[1]
suggested it doesn't.

[https://lobste.rs/s/ljdhug/install_openbsd_on_dedibox_with_f...](https://lobste.rs/s/ljdhug/install_openbsd_on_dedibox_with_full_disk#c_zgjnoa)

~~~
ben_bai
It does work if you do it manually. The nested softraid will not be assembled
at boot. Thus oficially unsupported.

------
brobdingnagians
On my desktop, I tried installing TrueOS and FreeBSD but kept having trouble
with the install, then the applications and KDE, then the drivers, things were
wonkie. Installed OpenBSD a couple of times and it all (mainly) just worked.
Eventually just stayed with OpenBSD and have been very happy, especially with
the excellent documentation, ease of installation and ease of use. I heard the
FreeBSD devs don't use it on their personal comps as much as OpenBSD devs do,
and what kind of sealed the deal for me. Thinking back, it was even easier
than most Linux installs I've done.

~~~
geggam
OpenBSD is the friendliest OS I know of. That said... it seems to be picky at
who it calls friend :)

------
gbrown_
This should probably also mention running syspatch.

[http://man.openbsd.org/syspatch](http://man.openbsd.org/syspatch)

~~~
fiddlerwoaroof
Cool, the biggest issue I’ve always had with FreeBSD is figuring out how to do
routine updates when I’ve installed ports.

~~~
floatboth
If you're building some ports with custom options, check out Synth:
[https://github.com/jrmarino/synth](https://github.com/jrmarino/synth)

It downloads binary packages when it can & builds ports in parallel while
showing a very nice ncurses UI :)

~~~
perlgod
Can second Synth. I always used it on laptops where a full poudriere setup
would have been overkill.

Also it’s written in Ada!

~~~
fiddlerwoaroof
Cool, as a Lisper I have to support niche languages :)

------
nimbius
Ive tried a BSD laptop before, and my concerns always boil down to the same
nonsense...can anyone offer some advice?:

\- how do i read ext4/fat/etc usb sticks from coworkers. \- is 3d or video
support good with AMD? \- soundcard and full disk encryption? what about EFI
boot?

~~~
snazz
\- reading ext4 is possible but hard (OpenBSD doesn’t support journaling
filesystems); you’re better off with ext2 or FAT \- video support with AMD
GPUs is good, much better than NVIDIA \- OpenBSD has a good sound stack that
supports most audio systems \- full disk encryption is easy to set up and
mentioned in the article \- UEFI and GPT work wonderfully on recent versions

~~~
kotajacob
What's the reason for missing journaling file systems? Lack of developers?
Design choice for code simplification? Security reasons? Or something else?

~~~
trasz
I guess the same as with support for, say, NTFS, plus less incentive to work
on it, since it’s less popular.

------
waterhouse
Question. I find it exceedingly useful that Mac OS has readline keybindings
enabled in most (all? I can't think of any counterexamples, including the
Spotlight overlay) of its text fields: control-A is head of line, control-E is
end of line, etc. I've been using control-N and control-P to move between
lines while editing this comment; it's simply a text field in Firefox.

Is it possible to turn on this functionality in OpenBSD?

------
floren
Why configure cwm to emulate i3 when you could just run i3?

Still, cool to see people running a BSD on a laptop, IIRC I ran NetBSD on my
old Thinkpad in college.

~~~
peatmoss
It’s in the OpenBSD distribution, which presumably means it undergoes the same
code auditing that the rest of OpenBSD does.

~~~
sverige
Yep, cwm is maintained by the OpenBSD devs and is part of base, so you don't
have to download a package for it. If you want, though, i3 is only a quick dl
away.

I used to have a kind of complicated cwm setup, but I got tired of that and
just use XFCE now. It runs great.

~~~
anthk
Ditto, but with JWM instead of XFCE. Minimalist, a rational set of
functionalities, click-to-focus-and-raise, plus a CDE-like colorscheme
borrowed from AIX.

As for the file manager, I use noice, but I woudn't mind this ported to
OpenBSD:

[http://www.musikwissenschaft.uni-
mainz.de/~ag/xplore/](http://www.musikwissenschaft.uni-mainz.de/~ag/xplore/)

~~~
peatmoss
I can’t decide whether the old motif widgets are ugly as sin or not. But for
whatever reason, I find the screenshot of that file manager to be salve for my
soul. Probably just nostalgia.

I must say though that I’m just as glad Motif has mostly faded into history.
It was... a challenging widget set to work with.

Now, I wish something like GNUStep had caught on. Maybe an independent BSD
implementation.

~~~
anthk
On Motif, Irix' theme was really great:
[http://www.inventinginteractive.com/2010/12/07/desktop-
uios-...](http://www.inventinginteractive.com/2010/12/07/desktop-uios-design-
history/) I woudln't mind a GTK theme adaptation. A Motif one exists in Gnome
Look, and it's more usable than you think.

------
robotmay
I was just thinking of swapping my largely-unused ThinkPad over to OpenBSD
yesterday, so this is extremely timely and useful :D

------
gigatexal
Great article. Been thinking of doing the same. Typo in the first paragraph
under “Installation”:

“Grab a USB stick and download the the the amd64 disk image:”

~~~
perlgod
Thanks!

------
Philipp__
How’s the battery life? OpenBSD is nice and nifty little UNIX experience,
definitely geared towards users who know what they are doing/wanting.

~~~
perlgod
About 7 hours on an oldish ThinkPad (T530) on a full charge:

    
    
      $ apm
      Battery state: high, 99% remaining, 430 minutes life estimate
      A/C adapter state: not connected
      Performance adjustment mode: auto (1200 MHz)

~~~
Philipp__
Wow that’s good! I want to get used x220 and new 9 cell battery. If I could
pull of 7-9h battery life I would consider it a great success. Btw i would be
using only StumpWM, Firefox and Emacs. For media consumption I got MacBooks.

~~~
carlesfe
On my x230 with the 44wh battery I get around 4-5 hrs with normal usage

------
oneplane
While this is a nice setup in case of a ThinkPad, this doesn't really work out
on practically anything else. I get that a lot of the FOSS, or somewhat more
specifically, the hardcore users use a ThinkPad, but the rest of the world
pretty much doesn't (at least no longer since Lenovo bought IBM's spun-off
computer bits). None of this stuff works on the generic MS Surface or Apple
Mac stuff you see in 99% of the use cases where people are capable of
installing an OS at all.

As nice as mobile support in OpenBSD is, and as nice as this guide is, it's
still super niche :(

~~~
LeoPanthera
Your specific examples are special cases. The Surface is essentially a
“Windows 10 machine”, and while Apple permits installation of Windows on Macs,
other operating systems are specifically not supported. (And macOS is already
BSD-esque anyway.)

These instructions will work fine on any normal, generic, PC laptop.

~~~
tracker1
Unless you're on older unsupported macbooks, I'm not sure I'd run something
that wasn't macOS unless under a VM. That's just me. Although, I don't like a
lot of the direction, or lack of with macOS.

I'll probably put a new system together around mid next year (leaning Ryzen 2
near release). Will decide on Hackintosh, Linux or BSD at that time. Most
likely hackintosh, but who knows. Linux (Elementary and Ubuntu) are finally
around where I would want it for a primary desktop.

------
reason-mr
Writer spent ages on the window manager. XFCE is much easier :
[https://sohcahtoa.org.uk/openbsd.html](https://sohcahtoa.org.uk/openbsd.html)

~~~
TurboHaskal
To be fair, I use cwm as well and the only configuration I made to it was
changing the font.

------
j7ake
I am interested in moving from OSX to Linux.

However, my muscle memory have made it difficult to use ctrl + key versus
command + key.

Is there an easy way (for example in Ubuntu?) to remap shortcuts so the copy
and paste is command + C and command + V? Also, the ctrl + C should still stop
processes in the terminal, so it's not as simple as swapping ctrl and command
for all processes... This problem has been bugging me a lot with linux and I
finding a solid solution would help a lot of OSX people switch to linux more
easily.

~~~
gjs278
the problem is with your previous operating system, not ours. I wish I could
flip the mac laptop to not use that command key.

~~~
leadingthenet
Why? It's much, much more comfortable once you get used to it.

~~~
gjs278
doubtful. the command key does not need to exist. every other operating system
gets along fine without it. apple is not even consistent either. as soon as
you open up their terminal, you’re stuck in this bizarre land where you have
to ctrl+c and cmd+c for different tasks. linux splits paste into either a
mouse click or shift+insert to avoid all this.

~~~
saagarjha
> you’re stuck in this bizarre land where you have to ctrl+c and cmd+c for
> different tasks

Which I find quite reasonable, personally. If I want to copy text, it's
Command-C everywhere in the system, even in the terminal–no Command-Shift-C or
similar "hack". If I want to send a SIGINT to a program it's Control-C, as it
should be.

------
DanBC
This looks like a useful guide.

> If you're even a little paranoid, you should start by overwriting the disk
> with random data. We'll assume your hard disk is sd0—you can use dmesg to
> check. The c suffix is OpenBSD's way of specifying the entire disk.
    
    
       dd if=/dev/urandom of=/dev/rsd0c bs=1m
    

Can I check: why would you do this rather than using ATA SECURE ERASE command?

Having a blob of random data on my drive would mean crossing international
borders is potentially unpleasant.

------
simonebrunozzi
Does anyone know if OpenBSD can run properly on a Macbook?

~~~
ben_bai
MacBook G4 sure... newer ones may have problems. To new users/new hardware I
would recommend an usb stick with the network installer and then try to
install to the usb stick and check what is working.

Also check if you PC is listed here.
[https://dmesgd.nycbug.org/index.cgi?do=index&fts=apple](https://dmesgd.nycbug.org/index.cgi?do=index&fts=apple)

~~~
b3b0p
You are tempting me to pick up my 1 of 2 favorite laptops (or both) of ever
that I owned: The 12 and 17 inch Aluminum Powerbook G4. Makes me wonder what
kind of mods I can do to it now?

------
anthk
Nice, but if you like click to focus and raise VM's you can try JWM, is great
and with very few deps, almost NIL.

------
vtail
Amazing guide! You have a typo - a second ‘chown’ in mail setup section should
be ‘chmod’

~~~
perlgod
Thank you!

~~~
vtail
Some more: 1) .cwmrc has a parse error around chrome command - fixed by adding
quotes around “chrome —enable-unveil”

2) I copied your fonts.conf exactly, and see “Fontconfig error, line 2: syntax
error”. Can’t figure out yet what’s going on.

~~~
perlgod
Thanks. I think the issue is DOCTYPE, here’s the real file that I use hosted
on GitHub, haven’t had any problems with it.

[https://github.com/cullum/dotfiles/blob/master/fontconfig/.c...](https://github.com/cullum/dotfiles/blob/master/fontconfig/.config/fontconfig/fonts.conf)

------
quickben
"You won't find nearly as many online resources about setting up OpenBSD,
because honestly, you really don't need any. "

That was the the last thing I wanted to read when wondering if openbsd will
fit on my Ryzen machine.

~~~
ori_b
You don't need a third party blog, it's in the documentation[1]: "All versions
of the AMD Athlon 64 processors and their clones are supported."

The other drivers are the ones you need to worry about -- check the man pages,
which list the supported hardware. For example:
[https://man.openbsd.org/radeon.4](https://man.openbsd.org/radeon.4)

The attitude isn't "You shouldn't need documentation". The attitude is
"OpenBSD should ship with documentation good enough that nobody feels the need
to write up the results of sleuthing around".

[1][https://www.openbsd.org/amd64.html](https://www.openbsd.org/amd64.html)

~~~
quickben
Thanks, I'll check that out.

------
ape4
A small detail, why do we still have to specify the blocksize (bs=1m) to dd.
Can't it have a better default than 512 bytes.

~~~
LeoPanthera
In most cases, 128k is actually the optimal block size, and is
(microscopically) faster than 1m. And also uses a tiny bit less ram.

~~~
ape4
Seems like a good default. I was expecting tons of comments telling me that it
had to stay at .5 K for various arcane reasons.

~~~
ben_bai
I can't even imagine the suffering with broken shell scripts if the defaults
change.

