Best way to switch from Linux to BSD

[Jeremy Chadwick]

On Tue, Mar 29, 2011 at 01:32:23AM -0400, Jason Hsu wrote:
> I've been trying to switch from Linux to BSD for my everyday computing
> (email, word processing, spreadsheets, etc.), but I couldn't get
> things to work properly.  I've been so spoiled by the quickness and
> user-friendliness of antiX/Swift Linux and Puppy Linux for so long.  I
> have a backlog of stuff to do, so I'm sticking to Linux for now as my
> main OS.  However, I might try BSD in VirtualBox and on my laptop.
> 
> Are there any good tutorials for using BSD on the desktop?  I'm having
> much more difficulty finding good information on BSD than was the case
> for Linux.  In retrospect, this shouldn't be a surprise given that
> Linux is relatively mainstream while BSD is very obscure.

If desktop BSD is more your style, you might want to look into using
PC-BSD, which is based on FreeBSD.  You did mention it in the portion of
your text that I removed though.  But I have no experience with it (I
mainly use FreeBSD for servers).

To answer your Subject question directly: I can't speak for others, but
the way I did it was by giving up Linux entirely and forcing myself to
use FreeBSD.  Gaining familiarity took years upon years.  In no way
shape or form do I think I'm a "FreeBSD master" -- there is a lot of
change going on, and a lot of pieces to the OS that I do not understand.
That is just the nature of the beast, and applies to all OSes -- even
Windows.  I'm just now learning PowerShell at my workplace; my brain
feels like it's full.

Maybe a sympathy (empathy?) story will relieve some of your stress and
keep your spirits up.

I started with Linux 0.99pl45, installed on my 486 via floppies.  I
helped test CSLIP code since Oregon State at the time was putting some
new Annex dial-in boxes into place that offered CSLIP vs. SLIP.  The
concept of Slackware existed but was basically just "a thing to get
Linux on your machine"; there weren't other choices (to my knowledge).
The last Linux version I used heavily was the 1.3.x series, and did
experiment with the 2.0.x series as well.

There were 4 reasons I gave up on Linux (for our servers):

1) I was sick and tired of having to apply patches on top of patches.
To fix a serious bug or add a needed feature in the kernel, you'd have
to dig through mailing lists, find a patch -- usually 30-40KBytes in
size -- and apply it.  Then if you needed something else, you'd have to
do the same thing -- and the patches usually were from different people
and (key point) did not apply cleanly with one another.  In the late
1.3.x days I was literally applying 8 or 9 patches (anyone remember the
"ac" patchset from Alan Cox?  Still a sore spot for me), and having to
re-work them by hand almost every time.  Amusingly, parts of FreeBSD are
becoming like this, but the source code is still managed centrally and
you get everything you need from csup/src-all for a working system.

2) Package management didn't exist.  There was this "thing" ( ;-) ) that
eventually got created called RPM, but it didn't jibe with what
Slackware did, so you ended up with a mix-match system: some programs
built from source, others from RPMs.  I preferred to build everything
from source, dropped it all into /usr/src, made my own scripts to run
configure/make/etc. with the right arguments, and so on.  I did all the
dependency management myself by hand.  The experience I gained from this
still applies even today.

3) Our systems were rooted on two separate occasions.  On both occasions
the attackers gained access through combinations of badly-written
daemons and kernel exploits (and in the case of the latter, often ones
which hadn't been announced on lists; there was no official "security
mailing list" back then -- remember, no distros).  FreeBSD was known for
being more secure (not flawless, just better in this regard) at the
time.

There's also something that doesn't get discussed often enough: Linux is
incredibly popular and as such is a huge focus for l33t h4x0r k1dz.  The
BSDs are not so much a focus, which is a big plus.

Example: recently one of our users had his website compromised through a
PHP bug, and the attacker attempted to install a rootkit for Linux.
Naturally it broke (it even had "FreeBSD support" in it, but obviously
the kids didn't test it ever, which further supports my point).  I had
the users' website down for about 24 hours while I did a security
analysis, found the hole, restored his account from a 16-hour-old
backup, and immediately had him upgrade the software so he wouldn't be
compromised again.

4) The state of the firewall stack in Linux was -- and still is -- a
complete disgrace.  This actually *is* a slam against Linux.  :-)
ipfwadm, then ipchains, then iptables.  FreeBSD ipfw was a godsend
compared to those, and today, pf(4) blows everything out of the water.
One of my home routers is Linux-based and every time I have to bust out
"iptables -L" I want to throw up.  I "understand" it, I just think it's
a horrible way to represent and control a firewalling layer.

My personal opinion is that you're being impatient -- though your
concerns and questions being justified/legitimate, please don't get me
wrong or take that as an insult.  I've only seen you on the list
recently asking some good questions, but you may be feeling what I did
when I switched from Linux to FreeBSD -- very overwhelmed.  Everything
was so different, lots of useful or convenient things didn't seem to
exist (and still don't), and finding the BSD version of a Linux "thing"
was a scary ordeal.

Anyway...

I tend to recommend to people that they use whatever OS they prefer,
whatever works best for them, whatever meets their familiarity levels.
If that's Linux, awesome.  If NetBSD, awesome.  If Windows XP, awesome.
If OS X, awesome.  With virtualisation out there -- things like VMware
Workstation, Xen, etc. you can experiment with a new OS without leaving
your current one.  Maybe that would be a better choice for you right
now?

-- 
| Jeremy Chadwick                                   jdc at parodius.com |
| Parodius Networking                       http://www.parodius.com/ |
| UNIX Systems Administrator                  Mountain View, CA, USA |
| Making life hard for others since 1977.               PGP 4BD6C0CB |