OpenBSD на рабочей станции

Материал из OpenBSD-Wiki
Перейти к навигации Перейти к поиску

Вольный перевод статьи Eric Radman An OpenBSD Workstation.

Power Button Shutdown

This nifty option in /etc/sysctl.conf can only be set before entering securelevel 1, and allows you to shut off your computer gracefully by pressing the power button. 

hw.allowpowerdown=1

No More Annoying Beep

One of the many useful and unexpected things you'll learn in Absolute OpenBSD 2nd Edition is how to disable the annoying UNIX bell in /etc/wsconsctl.conf 

keyboard.bell.volume=0

As of the 5.4 release wsconsctl no longer seems to work. You an also disable the bell using 

# .xinitrc
xset -b

or 

# rc.conf.local
mixerctl inputs.spkr.mute=on

User-Mounted Media

It's nice to be able to mount DVDs or flash media without switching to root, which is what the operator group is for. 

# usermod -G operator eradman
# chmod g=rw /dev/cd0*

Then flip a kernel option and you're all set. 

# sysctl kern.usermount=1
$ mkdir -p mount/cdrom
$ mount /dev/cd0c mount/cdrom

Suspend & Resume

OpenBSD has very good ACPI support, see apmd(8). zzz and ZZZ are shortcuts for suspend and hibernate if apmd is run at startup. 

apmd_flags=""

X Configuration: .xinitrc

# .xinitrc

redshift -O 5600

while true; do
    batt="$(sysctl -n hw.sensors.acpibat0.watthour3 | cut -f1,2 -d" ")"
    xsetroot -name "$batt"
    sleep 60
done &
xsetroot -solid steelblue  &
exec dwm

redshift is a utility that makes designed to adjust the color temperature of your screen based on your surroundings, but it works equally as well for a manual color temperature adjustment. My IBM T60p appears cold, so I adjust the default of 6500K to 5600K.

Next I run a loop in the background that read the available battery life (Wh) and updates the window manager's display area.

Finally set the background color and start your favorite window manager.

Switch to an External Monitor

My screen at work is a bit larger then my laptop display (1400x1050 - 1650x1050), but I use a little docking script to switch to the external display. 

#!/bin/sh
xrandr --output LVDS --off
xrandr --output VGA-0 --off
xrandr --output DVI-0 --auto
redshift -O 6200

Connecting to a Projector

If you started X with the VGA connected, it probably picked a resolution common to both your screen and the external display. On my T60 it can be reset like so 

xrandr --output LVDS --mode 1400x1050

Use --query to find out what modes each display supports, then I set up a viewport that pans with the mouse pointer 

xrandr --output VGA-0 --mode 1024x768 --panning 1400x1050

I also add some additional logic in my .xinitrc to switch to the external display automatically if X is started while connected to an external monitor: 

xrandr --query | grep "DVI-0 connected" && ~/bin/docked-dvi
xrandr --query | grep "VGA-0 connected" && ~/bin/docked-vga

tmux

There's only a few tweaks I make to my terminal multiplexor's configuration. I frequently run entr in a smaller pane on the bottom 

bind-key C-t split-window -p 25

I don't know of a terminal color picker, but they can be printed with a shell loop. 

#!/bin/ksh

for i in `jot 255`; do
  printf "\033[38;5;${i}mcolour${i}\n"
done

Then I set status background and active border to bright green 

set -g status-bg colour118
set -g pane-active-border-fg colour118
set -g pane-border-fg colour30

Using Disk Encryption

OpenBSD provides software RAID by way of a virual host bust adaptor called softraid0. This HBA is also used for setting up disk encryption. To set use a disklabel (in my case for sd0g /home set the partition type to RAID 

$ sudo disklabel -E /dev/sd0c
Label editor (enter '?' for help at any prompt)
  g:         55641600        100653824    RAID
> m g
offset: [100653824]
size: [55641600]
FS type: [4.2BSD] RAID

Now configure it for crypto using -c C 

# bioctl -c C -l /dev/sd0g softraid0
New passphrase: My Crypto Pass Phrase
Re-type passphrase: My Crypto Pass Phrase
softraid0: CRYPTO volume attached as sd1

Mount it using the same command. The kernel log will show a new virtual device appear 

sd1 at scsibus2 targ 1 lun 0: <OPENBSD, SR CRYPTO, 005> SCSI2 0/direct fixed
sd1: 27168MB, 512 bytes/sector, 55641072 sectors

Now add a disklabel and format the encrypted volume 

$ sudo disklabel -E /dev/wd0c
$ sudo newfs /dev/rwd0a

Devices in OpenBSD may be mounted by device name or by disklabel UID which is a random id generated when the label is created. 

$ disklabel /dev/sd1c | grep uid
duid: 779d87bac3905122

It's this ID that we'll to mount the volume, in this way plugging in other drives won't confuse mount after we prompt the user for a password on boot. Adding the following to rc.local will ask for a password four times before giving up 

#/etc/rc.local
for attept in 1 2 3 4; do
  bioctl -c C -l c3e2f405c96a8e10.g softraid0 && break
  sleep 1
done
fsck /dev/rsd1a
mount -o nodev,nosuid,softdep 779d87bac3905122.a /home

If you would like to enable crypto on the entire boot volume see this post by Ted Unangst.

Источник — http://www.qbsd.ru/index.php?title=OpenBSD_на_рабочей_станции&oldid=326