hokatichenci
Gawd
- Joined
- Oct 28, 2004
- Messages
- 722
I'm looking for something very secure to replace my gentoo hardened selinux machine that currently runs some basic services (rsync+non transparent squid). I'm toying with OpenBSD 3.9 at the moment, though I'm running into a few issues.
Primarily, how hard is it to update the base system? I see theres 11 errata security warnings out, but it seems the only way is to on at least one system download the 3.9 source, patch, and compile/install. So is it really that challenging to do? It doesn't sound so bad, but I'm used to having some package management of the base system.
LDAP Authentication - has anyone gotten this working? Since OpenBSD lacks PAM/NSS, it seems like the only option is using a plugin for bsd auth for authentication, and there is no way to get user names/id's off ldap. Am I right?
Ports vs. Package - A lot of sites point to using the binary packages, though a lot of others point to using ports. Is there any difference between two of the same versions besides binary vs compiled? Are security issues addressed quicker in one or the other?
Thanks in advance for any help.
Primarily, how hard is it to update the base system? I see theres 11 errata security warnings out, but it seems the only way is to on at least one system download the 3.9 source, patch, and compile/install. So is it really that challenging to do? It doesn't sound so bad, but I'm used to having some package management of the base system.
LDAP Authentication - has anyone gotten this working? Since OpenBSD lacks PAM/NSS, it seems like the only option is using a plugin for bsd auth for authentication, and there is no way to get user names/id's off ldap. Am I right?
Ports vs. Package - A lot of sites point to using the binary packages, though a lot of others point to using ports. Is there any difference between two of the same versions besides binary vs compiled? Are security issues addressed quicker in one or the other?
Thanks in advance for any help.