Saturday, June 07, 2008

Review of Building a Server with FreeBSD 7

If you look at the reviews of Building a Server with FreeBSD 7 by Bryan Hong, you'll see my review for the self-published Building an Internet Server With FreeBSD 6 Posted, which I gave 4 our of 5 stars. No Starch took the first edition, worked with the author, and published this new book using FreeBSD 7.0 as the base OS. If I could post a new review at Amazon.com, I would also give this book 4 out of 5 stars.

I think BASWF7 is an excellent companion to Absolute FreeBSD, 2nd Ed by Michael Lucas. Much of my original review pertains to this new edition. The majority of the book explores how to get a variety of popular open source applications running on FreeBSD 7.0 using the ports tree. For each application, the following sections usually appear: summary, resources, required, optional, preparation, install, configure, testing, utilities, config files, log files, and notes. I am really confident I could sit down with the appropriate chapter and get a previously unfamiliar program like SquirrelMail running fairly quickly.

Does this focus make the book a "FreeBSD book?" To the extent you use FreeBSD to provide services to others, and you want to follow the "FreeBSD way" using the ports tree, I say "yes". If you want really specific FreeBSD OS information, use Michael Lucas' book.

I have a few comments that perhaps Bryan might answer here. First, why replace the OpenSSH and OpenSSL included in the base OS with those from the ports tree? (I'm not saying that's "wrong;" I'd just like to know his thoughts. Second, I recommend including some words on using Portsnap to update the ports tree, and pkg_add to install binary packages instead of compiling source through the ports tree. Third, consider replacing net/ntp with net/openntpd. Fourth, the beginning of the book seems to imply that only i386 and amd64 distributions are available. Finally, I don't like the labels attached to the TCP/IP layers in Appendix D.

Overall, I think those with beginning to intermediate FreeBSD system administration will really like this book. I would like to see Bryan accept suggestions for new applications to be included in the next edition for FreeBSD 8.0.

9 comments:

Alex said...

Richard,

Why would one want to use net/openntpd/ as opposed to ntpd(8) in the base os ?

- Alex

Joe said...

openntpd is much cleaner and simpler. ntpd has way too much cruft and complexity.

Anonymous said...

not that i have, but one reason i would use the ports tree openssh and openssl is because they are usually updated faster than the base, which is very helpful when a critical vulnerability is discovered. bind is a good example.

RickJ said...

We use openntpd on all our servers because you can configure it to only work in "client" mode whereas ntpd can only be used in peer mode.

bryanhong said...

Richard,

Thanks for your thoughts, your reviews are always constructive and allow me, as an author, to see things from a different perspective.

On to your questions..

I knew that the base OS versions of OpenSSH and OpenSSL would be outdated by the time the book came out. I wanted to give guidance on how to install the latest versions since they can have an effect on security. In the first edition of the book, I gave readers the choice of overwriting the base OS version or installing an independent copy. As you know, the editing process has a tendency to funnel things in one direction to minimize confusion. I chose to overwrite the base OS versions because it minimizes the possibility of inadvertently running the old version instead of the new.

There is an amazing landscape of tools out there. I wanted to keep things very brief and focused. I had to chose between explaining the many tools and methods available or go in a single linear progression. The linear approach keeps things as simple as possible, I felt folks would appreciate this. Your advice on mentioning Portsnap, pkg_add, and replacing ntp with openntpd make a lot of sense, thanks.

The TCP/IP labels in Appendix D are from the Internet Reference Model or DoD protocol model.

I'd be glad to accept suggestions for new applications for inclusion if there is another edition, it all depends on how this one does.. I hope to have a site up soon to give readers that ability to post suggestions and feedback.

Thanks again

Anonymous said...
This comment has been removed by a blog administrator.
billy said...

FreeBSD is an excellent unix variant, its said it the best for building servers on. I have one in my network at home just to play around with however i also use it as a fileserver. Plain old samba ;)

holzbau w├╝rzburg said...

Good JOb! :)

David said...

Bryan, you left us Mac users out in the cold! It would have been great if you included installation of perhaps the Avahi mDNSresponder and Netatalk to provide afp support. I know you can't please everyone but Mac's are on the rise and are UNIX based! Otherwise I really like your book!
Dave