OpenBSD Machine Setup
I recently decided to give OpenBSD a shot and wanted to document the process I used to get the system up and running for anyone else that might find this. These steps have been tested to work on OpenBSD 6.4.
Installing OpenBSD
My laptop doesn't have a supported wireless adapter, so I'm unable to download the file sets during the installation process. Because of that, I need to make sure I have the file sets included on the disk image. For my installation, I downloaded the installXX.fs disk image which includes the file sets. If your wireless adapter is supported and you have internet access during the installation process, you could use minirootXX.fs and download the file sets during installation.
I created a bootable USB flash drive with Rufus. Then, I booted my laptop up with the flash drive in UEFI mode. When prompted, I opted for the (S)hell
insetad of starting the installer so I could prepare the a special EFI system parittion where the UEFI bootloader would be copied after installation.
I installed to sd0
so I ran the following command to initialize the partition table.
fdisk -i -b 960 sd0
After this, I ran install
to start the installer. When I got to the portion about disk layout, I chose the OpenBSD
option.
After installation, when it prompted to reboot, I went back into the (S)hell
and ran the following commands to format the partition and copy the UEFI bootloader.
/mnt/sbin/newfs_msdos sd0i
mount /dev/sd0i /mnt2
mkdir -p /mnt2/efi/boot
cp /mnt/usr/mdec/BOOTX64.EFI /mnt2/efi/boot
I then rebooted the machine and everything came up without an issue.
Setting up doas
You'll want to setup doas
so you can run commands with root permissions without having to be logged in as root. This will also allow you to skip having to enter a password. doas
is OpenBSD's version of sudo
.
# echo 'permit nopass username' > /etc/doas.conf
Improving Disk Performance
To increase disk performance, there are a couple of options we can enable in /etc/fstab
.
The noatime
option will stop updating the time that files are accessed. This means that reading a file won't also include a write to update the access time, so it can reduce disk activity.
The softdep
option makes metadata stop being written immediately and instead will write it "in an ordered fasion to keep the on-disk state of the file system consistent." It can result in significant speedups for file create/delete operations. This can only be used with partitions formatted with the Fast File System (FFS).
To apply these changes, replace any rw
in /etc/fstab
with rw,softdep,noatime
. Make a backup to /etc/fstab.bak
incase anything goes wrong, you can go back to the old version without any trouble.
# sed -i.bak 's/rw/rw,softdep,noatime/' /etc/fstab
Reboot after this to apply the changes when the file systems are mounted again.
Installing firmware for USB Wireless Adapter
As I mentioned above, my laptop's built in wireless adapter (Broadcom BCM4313) isn't supported at all by OpenBSD. In order to get an internet connection, I bought an Edimax EW-7811Un for $10 off of Amazon which is supported by the urtwn firmware. The connection is a bit lackluster, I'm maxing out at around 7Mpbs down and 500Kbps up, however it's very small and doesn't have a huge antenna sticking out.
In order to get the firmware, I had to download it from the OpenBSD firmware server and save it to a flash drive on another computer. Once I got the firmware on a flash drive, I popped it in, figured out which parition I had written it to, mounted it, and installed it.
When you insert your flash drive, the name of the device will show up in xconsole. It will look similar to this:
sd1 at scsibus4 targ 1 lun 0: <Samsung, Flash Drive, 1100>
sd1: 30594MB, 512 bytes/sector, 62656641 sectors
After seeing this, I could tell that my USB flash drive was labeled sd1
.
I then needed to figure out which partition I had written it to. I've heard you can assume i
, but I like to double check.
# disklabel sd1
# size offset fstype
c: ###### 0 unused
i: ###### #### MSDOS
From this I could tell that my information was on the i
partition, because it's formatted using MSDOS.
I then mounted and installed the firmware.
# mkdir -p /mnt/usb
# mount /dev/sd1i /mnt/usb
# fw_update -p /mnt/usb urtwn
Setting up the Wireless Connection
OpenBSD 6.4 introduced support to auto-join wireless networks. What this means is that OpenBSD can remember all of the networks you want to connect to along with all of their security settings. It will then decide which network to connect to and automatically switch when that network is no longer available and another is in range.
According to Peter Hessler, the developer that worked on auto-join:
It basically uses the Apple algorithm that is used on iPhones. As long the signal strength is good enough: Strongest security, then 5GHz, then 11n vs not-n, then pure signal strength. You can also force it to choose a different one with "nwid foo". The auto-join algorithm will take the saved security settings for "foo" and apply them when it attempts to connect.
We want our network connection to automatically come up when we boot. In order to do this, we'll need to create a /etc/hostname.if
file. You'll replace the extension if
with your wireless interface name. For me, the file is /etc/hostname.urtwn0
. When I was first setting up my wireless connection, I thought that hostname
needed to be replaced with the actual hostname of my machine. That is NOT the case, my file is literally named /etc/hostname.urtwn0
.
To use auto-join, we'll use the join
option followed by the network id and any necessary wpakey
or nwkey
arguments.
join NETWORKID wpakey PASSWORD
join coffee-shop
join "wepnetwork" nwkey "12345"
dhcp
inet6 autoconf
up
You can list as many join
statements as you'd like and OpenBSD will switch between them as the networks disappear and become available.
Overriding DNS Servers
The wireless router provided by my ISP doesn't allow me to set my DNS servers that are broadcast by its DHCP server. Since I don't want to use my ISP's DNS servers, I need to tell dhclient
not to write the DNS servers it gets when establishing my network connection.
Create a /etc/dhclient.conf
file and enter the following:
supersede domain-name-servers 1.1.1.1, 1.0.0.1;
ignore domain-name;
This will replace the DNS servers that dhclient
gets from the network's DHCP server with the servers you specify, Cloudflare's DNS in this case. My ISP also tries to set a search domain, which I'm telling dhclient
to ignore.
You may want to use prepend
insetad of supersede
for the DNS servers. Doing this would make dhclient
prefer the DNS servers you specify, but fall back to the DNS servers it got via DHCP.
Setting up the Install URL
Now that we have our internet connection setup, we're going to want to install system patches and add packages. Before we can do that, though, we'll want to make sure we have a mirror set in /etc/installurl
. This tells the OpenBSD tools where it should attempt to download packages and patches. This is setup by default in 6.4, but if yours is empty for some reason, set it.
I chose to use the CDN so I don't have to worry about which mirror is closest. This is also the default in 6.4.
# echo 'https://cdn.openbsd.org/pub/OpenBSD' > /etc/installurl
Installing System Patches
To update your system with the latest patches, run syspatch
. This will install patches for issues that have been fixed since the release of the version you're installing. If there are no patches to install, this will do nothing.
You can check which patches will be installed by looking over the errata.
# syspatch
Install Firmware
We manually downloaded and installed the firmware for our wireless adapter because we didn't already have an internet connection. Now that we have a connection, we can download the rest of the firmware that our computer might need.
# fw_udpate
Configuring Power Management
If you're running on a laptop, you may want to enable the Advanced Power Management daemon or apmd
. This will automatically tune your performance to help conserve battery and will also automatically hibernate or suspend your machine if your battery drops below the specified percentage.
With these commands we're telling rc
to start apmd
when the system starts, setting the flags for rc
to pass apmd
when it starts, and starting it manually.
The flags we're telling rc
to pass to apmd
are:
-A
to start in automatic performance adjustment mode-z 7
to automatically suspend the system if the battery is at or below 7% battery, and the system is currently not plugged in.
Check man apmd
for more options.
# rcctl enable apmd
# rcctl set apmd flags -A -z 7
# rcctl start apmd
apmd(ok)
References
While I was setting up my machine, I found and used several guides. I've decided to merge them into a single post for myself, and anyone else that might find this, to reference later.
Also, the OpenBSD man pages are very thorough and accessible. For more information on any of the steps in this post, check out the man pages.
# man fdisk
# man doas
# man doas.conf
# man fstab
# man mount
# man disklabel
# man fw_update
# man ifconfig
# man hostname.if
# man dhclient.conf
# man syspatch
# man apmd
# man rcctl