OpenBSD

Openbsd-as-a-Desktop-OS

Upgrade OpenBSD

Patch Base System

syspatch

Upgrade system

sysupgrade

Upgrade Packages

pkg_add -u

Package Management

Search for a package

pkg_info -Q <searchterm>

Get Info about package

pkg_info <packagename>

install package

pkg_add <packagename>

System Enhancement

If you have an SSD you can edit /etc/fstab and add attribute softdep

Download and Configure Ports tree

ftp https://cdn.openbsd.org/pub/OpenBSD/$(uname -r)/{ports.tar.gz,SHA256.sig}
signify -Cp /etc/signify/openbsd-$(uname -r | cut -c 1,3)-base.pub -x SHA256.sig ports.tar.gz
tar xzvf /tmp/ports.tar.gz -C /usr

Install Pandoc via Cabal OpenBSD 6.7

Install Cabal

Cabal is a packagemanager for Haskell very much like pip is for Python. You can install it from ports:

doas pkg_add -i ghc cabal-install

Prepare system to compile programs via cabal

Enable wxallowed in /home and /tmp:

You can do so via editing your /etc/fstab like this (this is my personal fstab. don't blindly copy paste, you have to insert the wxallowed in the right place in your own /etc/fstab.

.b none swap sw
.a / ffs rw,softdep,noatime 1 1
.k /home ffs rw,softdep,wxallowed,noatime,nodev,nosuid 1 2
.d /tmp ffs rw,softdep,wxallowed,noatime,nodev,nosuid 1 2
.f /usr ffs rw,softdep,wxallowed,noatime,nodev 1 2
.g /usr/X11R6 ffs rw,softdep,noatime,nodev 1 2
.h /usr/local ffs rw,softdep,wxallowed,noatime,nodev 1 2
.j /usr/obj ffs rw,softdep,noatime,wxallowed,nodev,nosuid 1 2
.i /usr/src ffs rw,softdep,noatime,nodev,nosuid 1 2
.e /var ffs rw,softdep,noatime,nodev,nosuid 1 2

then reboot.

(optional) enable multithreating

If you want to enable hyperthreating tempoary, do:

doas sysctl hw.smt=1

if you want to make it permanent edit your /etc/sysctl.conf and paste the following at the end:

hw.smt=1

notice: without rebooting you have once to enable it manually, after the fist reboot, it will be active

sysctl hw.smt=1

you can check that hyperthreating is active, with programs like top or htop

raise ulimit:

put the following into your

~/.profile
ulimit -d 4096*1024

If you haven't relogged, you have to manually paste this everytime you open a terminal in which you want to compile, since it's a command for your shell.

ulimit -d 4096*1024

Correct you PATH

edit this into you .profile

PATH=$HOME/bin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/X11R6/bin:/usr/local/bin:/usr/local/sbin:/usr/games:$HOME/.cabal/bin/:.

install pandoc or pandoc-citeproc

if you want to convert LATEX you probably want pandoc-citeproc, it automatically pulls pandoc as dependency:

as a user (not root) execute:

ulimit -d 4096*1024
cabal update
cabal install pandoc-citeproc

This will need a lot of time and resources to compile, be pacient. Pandoc should now be able to be compiled.

After compilation is finished, don't be surpised if nothing happens when you execute pandoc and / or getting an error, read clearly, you may have the binary successfully compiled and it just couldn't symlink. you probably can find pandoc in:

~/.cabal/bin/pandoc

if nothig happens when you execute this binary, it probably does work as inteded anyways, try to give it an argument like:

~/.cabal/bin/pandoc -v

Congratulations! You have successfully compiled and installed pandoc in OpenBSD

OpenBSD virtualization OpenBSD 6.7

Setup

/etc/rc.conf.local

apmd_flags="-A"
dhcpd_flags=vether0
vmd_flags=
ntpd_flags="-s"

/etc/hostname.vether0

inet 192.168.30.1 255.255.255.0 NONE

/etc/dhcpd.conf

# Network:        192.168.11.0/255.255.255.0
# Domain name:    vmm.local
# Name servers:   192.168.11.1
# Default router: 192.168.11.1
# Addresses:      192.168.30.100 - 192.168.30.200

shared-network VMM-LOCAL {
    subnet 192.168.30.0 netmask 255.255.255.0 {
        range 192.168.30.100 192.168.30.200;

        option subnet-mask 255.255.255.0;
        option broadcast-address 192.168.30.255;
        option routers 192.168.30.1;
        option domain-name-servers 192.168.11.1;

#        host vm1 {
#            hardware ethernet 00:20:91:00:00:01;
#            fixed-address vm1.vmm.local;
#        }
    }
}

/etc/sysctl.conf

net.inet.ip.forwarding=1

/etc/pf.conf

set skip on lo

block return    # block stateless traffic
pass            # establish keep-state

# By default, do not permit remote connections to X11
block return in on ! lo0 proto tcp to port 6000:6010

ext_if="em0"
int_if="{ vether0 tap0 }"
set block-policy drop
set loginterface egress
match in all scrub (no-df random-id max-mss 1440)
match out on egress inet from !(egress:network) to any nat-to (egress:0)
pass out quick inet
pass in on $int_if inet
pass in on egress inet proto tcp from any to (egress) port 22

/etc/vm.conf

switch "local" {

   add vether0
   add tap0

}

vm "vm1.vm" {
    memory 512M
    kernel "/bsd.rd"
    disk "/vmm/vm1.img"
    interface {
        switch "local"
        lladdr 00:20:91:00:00:01
    }
}

Commands

vmmctl status
vmctl console 1
cu /dev/ttyp0
vmctl create /vmm/vm1.img -s 500M
vmctl start -c -b /bsd.rd -m 512M -i 1 -d /vmm/vm1.img
# X11 Forwarding
ssh -Y vm programmname