# HardenedBSD as storage platform?



## daemontrainer (Oct 25, 2016)

Hello all,

I wasn't sure if this is the right forum section to post this, so I figured I'd post here.

Has anyone tried using HardenedBSD as a storage platform?
I thought it was a very close and recent fork of FreeBSD and so I thought tools like iSCSI target mode, smartmon, snort etc. would be available but I wasn't able to find much information on the subject...

So has anyone tried to do this? How was the success?

p.s. More general questions. 
How is the hardenedbsd's port tree overall? Is it significantly smaller than freebsd's due to LibreSSL being in base and things still being rebuild against that with some issues? Hows the ZFS version on Hardened, have they kept up with FreeBSD's upstream or are they substantially behind since they forked?
Thanks in advance!


----------



## drhowarddrfine (Oct 25, 2016)

I'm not going to look but I think it's just a pre-configured and pre-packaged FreeBSD, not a fork, and I'm not sure if asking about it here is allowed cause it follows under the prohibition to asking about other operating systems. Don't they have their own forum?


----------



## daemontrainer (Oct 25, 2016)

My apologies, I saw few other threads asking about NetBSD and such and thought it was ok to ask a general question.
But withdrawn I suppose.

FYI, its definitely not just "pre-configured FreeBSD". They've made major revisions to the kernel (ASLR and others) and swapped core libraries, so it is certainly a fork, not a pre-configured distribution. In general, I think GhostBSD is the only one that satisfies that definition. TrueOS diverged a year ago or so, obviously Dragonfly, Net and Open are not even remotely the same OSes etc. BSDs aren't big on "distros" and that's why I love them all ^^. So I was just wondering how far they have diverged from our Head and Stable.

Anyways, Mods, I apologies, I should have read the rules.
Feel free to close the thread.


----------



## Oko (Oct 25, 2016)

Disclaimer. I know personally one of two guys who are doing HardenedBSD.

HardenedBSD is not a fork of FreeBSD. It is security patched FreeBSD. It grow up out of frustrations of two guys who were looking at tons of security patches including their own (one of them wrote a PhD dissertation in the process) on the waiting list but never imported into the official FreeBSD tree due to purely political reasons.

Other than that security patches and saner security defaults HardenedBSD is just a vanilla FreeBSD. So far OPNsense have adopted it  as the official base for their product. There was some talk on PC-BSD website before the project died about adopting HardenedBSD for the base of PC-BSD.

Having said that it would be hard to advise organization without significant resources to adopt HardenBSD as the project is minuscule and depends only on two guys.  As somebody who is using at least at home the love labor of ten fold bigger community DragonFly I would argue that any project with less than 100 regular contributes should not be taken too seriously regardless of the abilities of their core crew.


----------



## gkontos (Oct 25, 2016)

Oko said:


> HardenedBSD is not a fork of FreeBSD. It is security patched FreeBSD. It grow up out of frustrations of two guys who were looking at tons of security patches including their own (one of them wrote a PhD dissertation in the process) on the waiting list but never imported into the official FreeBSD tree due to purely political reasons.



From their web site:


```
Why Fork FreeBSD?
HardenedBSD forked the FreeBSD codebase for ease of development. Prior to HardenedBSD's founding, Oliver and Shawn worked on separate repositories, occasionally causing collaboration issues. Unifying the codebases was a natural step in efficient, effective collaboration between the two individuals. Two years have passed since the unification of the work and HardenedBSD is growing faster than ever.
```


----------



## scottro (Oct 25, 2016)

https://encrypted-tbn0.gstatic.com/...w7ywah18_8oQvRVpI73mtZmvBEayszPfMfMPSpjSRC6uc

(Trolling).


----------



## daemontrainer (Oct 25, 2016)

Thank you all for info (and the laughs) ^^

I will not be trying Hardened outside of a VM for now.
It seems to me that the main issue is possible failed builds/failed functionality due to patches and some (LibreSSL) standard library swaps. For now I have no time to deal with that, but certainly worth a look in the future.


----------

