My choice of operating system

Published on 2022-10-26. Modified on 2023-10-25.

Since my article The flaws of distro hopping and asking other people about their OS of choice I have had a number of people writing to me asking for my specific advice regarding their choice of operating system, both for personal usage and for business usage. Last night I received yet another email from someone in the US who wrote to me about a difficult situation they where facing in the choice of operating system for their business usage. So I have decided to write a little bit about it. However, this article is not my professional advice. I don't know you and I don't know your situation and as such, I cannot advice you. Rather, this article is about what I do and why I do it.

Besides from my background in electronics, I have been blessed with a unique access to an absolute huge amount of hardware for the past 30+ years by knowing people in the industry of electronic waste management. Combined with the fact that I had the advantage of getting into the industry of telecommunications when I was only 15 years old and also my knowledge from my work both as an independent contractor and consultant, combined with the years of experience running multiple businesses - both alone and in partnerships with others, and last but not least, having a great thirst for trying to understand how things work under the hood, has all given me a specific perspective and a small amount of experience.

OpenBSD

When security matters, OpenBSD is ALWAYS my first choice. This is because, from my experience, nothing beats OpenBSD with regard to security.

The people and community who are involved in the project, the amazing passion of Theo de Raadt (the founder and leader of the project), the amount of careful planning and engineering that goes into OpenBSD, the simplicity of the design, all of it is fantastic.

The OpenBSD people are meticulous when it comes to their operating system and they have very clearly proved and demonstrated that their approach pays off. OpenBSD deserves so much more praise, support and contribution than what they are getting.

In my company we currently do all web development on OpenBSD servers running the current branch and I prefer to deploy anything Internet related on OpenBSD, both because of the simplicity OpenBSD provides and because of the increased level of protection and control, but also because you get almost all you need in the base system (no need to install any third party packages).

Whenever I build routers and firewalls, I use OpenBSD.

See my OpenBSD router guide for inspiration.

OpenBSD is useful for other things too. If your hardware is supported (there are no working drivers for NVIDIA), you can run it as a very good and secure desktop or laptop system as well.

OpenBSD is designed by people who love to work on the stuff they do. It's easy to understand how OpenBSD works and when something isn't working, it's easy to debug because OpenBSD has been designed to be simple. The default configuration in OpenBSD is always sane, and it's always secure by default, and as a system administrator you never have to worry about it.

I love OpenBSD.

FreeBSD

When performance and/or customization matters, FreeBSD is in my experience the ultimate Unix solution, especially when network performance is important. In the past, in the telecommunications industry, and still to this present day in some companies, FreeBSD is the only choice. This comes down to the level of customization and tuning you can perform on FreeBSD without having to change the source code. If you're not scared of compiling, you can build your own optimized kernels as well as optimize the build process for third party packages.

In the FreeBSD ports system system you can also easily change the compile time settings before compilation, this means that you can tailor and tune the third party software to your specific needs, without writing any code, which is actually what many FreeBSD users do with Poudriere.

Because third party software is cleanly isolated from the base system in FreeBSD, the FreeBSD ports system provides a rolling release of all third party software. If you prefer to use binary packages, the "latest" repository is also a rolling release (similar to Arch Linux), yet sometimes a couple of days behind the ports system. Still there is also a "quarterly" repository if you prefer a slower release of software.

Because OpenBSD and FreeBSD are complete operating systems, each developed by a single community project, everything is easier to design coherently. Linux is not a complete operating system. Linux is just a kernel, and it is developed by many different projects, companies and people, independently from everything else in Linux land.

This very nature of Linux makes it a bit more difficult to cooperate and often these projects clash and things sometimes stop working. The developers of systemd has more than once collided with the developers of the Linux kernel, causing serious problems - just as an example.

Often the developers of a Linux distribution has to fix problems in Linux land by "gluing" the system together in a working manner by patching their way out of potential problems.

When carefully planed, the result is a solid Linux distribution. However, on OpenBSD and FreeBSD all the different components are developed uniform. This means that if a change in one component has an impact on the entire system the developers can easier consider the full picture before implementing the change, and further plan and develop the impacted components as well. The BSD kernel, the init system, the userland tools, the ports and package manager, all of it are developed by the project members and integrated into one system, and as such, just as an example, the top command (see the ZFS ARC Stats section) on FreeBSD has integrated information about the ZFS ARC (Adaptive Replacement Cache).

Linux

Debian and Devuan

In the past, before the crazy political maneuverings of Red Hat and their systemd "world Linux domination plans", Debian was my absolute favorite Linux distribution to deploy, both on servers and on workstations. I really loved Debian, both because of the great community (back then, Debian was 100% community driven, not affected by big corporate tech agendas) and because of the philosophy of the project.

I am not mentioning the systemd part as a way of saying that I don't like Debian because of systemd, that's NOT what I am saying! I mention the systemd problem because that was when, according to my observations and understanding, that the Debian developers and the Debian community was split. A lot of people got hurt, and several of Debian's major contributors (through many years of hard work) left the project, and that was when, what I call, the "decline" of Debian began.

I think it's important to understand that the split was not really about systemd, even though systemd was what caused the problem to begin with. The split was more about how the traditional democratic process of running Debian was "hijacked", and how a huge part of the community was simply ignored.

You have to dig into the mailing list archives if you want to understand what really happened, but for historical reasons I have provided the message that was sent to the DNG mailing list on November, 27, 2014 to announce the Debian fork.

I chose Debian back at about year 2000 after about two years of testing other major Linux distributions both privately and business wise. The very first Linux distribution I ran was Red Hat Linux at about 1997/1998, coming straight from Windows, knowing nothing about Unix at the time, but having done tons of work mainly with Microsoft Windows, but also OS/2 and some other operating systems. I then tried some of the other Linux projects, like Slackware, Mandrake (now called Mandriva), SUSE Linux (now OpenSUSE), and a few others.

One of the technical reasons for my decision to run with Debian back then was the development of the apt-get package manager - which I absolutely loved. At the time the RPM package format was the dominating format in the Linux world, but it presented a real challenge with its dependency hell. Debian solved that greatly with apt-get and I never looked back.

From that moment forward I always rejected to work with any kind of RPM based distribution. That decision is not relevant today as many other great package managers have since been developed for the RPM package format, but it was a major contributing factor to my decision back then.

Furthermore, in the telecommunications industry, we mainly used FreeBSD and Debian, because both had great communities and stability. With Debian there where never any surprises, which - as you may know - is something that is really important for a system administrator.

I believe that it is important to understand that there is a major difference between a Linux distribution that is mainly run by a tech company and a distribution that is developed 100% by a true open source and free software driven community.

You don't want to suffer from big corporate decisions affecting your favorite OS, just like what happened with the sudden and unilaterally termination of CentOS by Red Hat, which actually caused a kind of panic for many companies.

For example, both OpenBSD and FreeBSD are 100% community driven projects that takes great care of not being affected by corporate tech agendas. Companies can contribute financially and with code, which they do, and occasionally they hire one or more of the developers if they need some specific software developed for the platform, but they cannot effect the course of the project or change things. BSD is made for the developers, by the developers, and you can then use it as well. Debian used to be like that too, but eventually big tech managed to influence the decision making process, and well, in my personal and humble opinion, Debian stopped being Debian.

See my other article: The delusions of Debian.

Devuan was, for that exact reason, forked from Debian with the release of Debian 8 when some of the developers and community members were alienated due to the project's adoption of systemd and subsequent removal of support for other existing init systems. The Devuan community members removed systemd from Debian and created Devuan. Today Devuan is lot more like what Debian used to be, yet it is still a small project by comparison, and unfortunatly still greatly dependent upon Debian.

I want to point out that I actually like the init part of systemd, and I can even succumb to the binary format of the journal, what I don't like is all the rest of systemd. Had systemd stayed an init system, which it originally was released as, that would be fine with me. All the rest of systemd is, whether you choose to look at it as a bunch of independent subsystems, such as Lennart Poettering tries to sell it, or one huge blob, the fact of the matter is that it now has all its big tech agenda tentacles deeply integrated into everything, and now that Microsoft has hired Lennart, they are already beginning to effect the course of Linux in even more profound ways (this was originally predicted by the "resistance movement to systemd").

The Open letter to the Linux world by Christopher Barry is still a really good and relevant read about systemd! You can also download a PDF version here.

Arch Linux

Arch Linux is another really great Linux distribution and its Wiki has some of the very best Linux documentation on the Internet.

One of the things I really like about Arch is it's pragmatic philosophy. Also, Arch doesn't change stuff from upstream third party packages like Debian does. Sometimes "The Debian Way", gets in the way, and you just want things to be as close to the original upstream setup as possible.

Take a look at Arch compared to other distributions.

I really wish that Arch Linux had decided not to go with systemd as an init system and had chosen something like runit instead, systemd doesn't fit well with the design of Arch and it adds loads of complexity.

As mentioned on the Arch Wiki:

Arch is not designed for any particular type of use. Rather, it is designed for a particular type of user. Arch targets competent users who enjoy its 'do-it-yourself' nature, and who further exploit it to shape the system to fit their unique needs. Therefore, in the hands of its target user base, Arch can be used for virtually any purpose. Many use Arch on both their desktops and workstations. And of course, archlinux.org, aur.archlinux.org and almost all of Arch's infrastructure runs on Arch.

I have run Arch Linux for years on both desktop systems and on online servers as well.

When I want to be as close to Arch Linux as possible, but want or need to avoid systemd, I generally run Artix Linux.

Alpine Linux

I also use Alpine Linux.

I cannot say it better than what is written on the Alpine Linux about page:

Alpine Linux is an independent, non-commercial, general purpose Linux distribution designed for power users who appreciate security, simplicity and resource efficiency.

Alpine Linux is a very simple distribution that will try to stay out of your way. It uses its own package manager called apk, the OpenRC init system, script driven set-ups and that's it! This provides you with a simple, crystal-clear Linux environment without all the noise. You can then add on top of that just the packages you need for your project, so whether it’s building a home PVR, or an iSCSI storage controller, a wafer-thin mail server container, or a rock-solid embedded switch, nothing else will get in the way.

Alpine Linux was designed with security in mind. All userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection. These proactive security features prevent exploitation of entire classes of zero-day and other vulnerabilities.

I can also recommend Drew DeVault's blog post Alpine Linux does not make the news.

Final thoughts

I prefer simplicity and control (text based configuration and do-it-yourself rather than GUI), which is why I have never liked distributions like Ubuntu, Linux Mint or Fedora. Furthermore, these "bloated" distributions have - in my experience - always been increasingly error-prone. Maybe they try too hard to cater to the migrating user from Microsoft Windows with all their fancy GUI tools, I don't know, but the end result is less control, more mistakes and more errors.

In any case, I am aware of all the other independent Linux distributions. I am also aware of both NetBSD and DragonflyBSD. I have just never found any use for any of those.

Have a nice one!