My choice of operating system
Published on 2022-10-26. Modified on 2022-11-11.
Since my article The flaws of distro hopping and asking other people about their OS of choice I have had a number of people writing to me asking for my specific advice regarding their choice of operating system, both for personal usage and for business usage. Last night I received yet another email from someone in the US who wrote to me about a difficult situation they where facing in the choice of operating system for their business usage. So I have decided to write a little bit about it. However, this article is not my professional advice. I don't know you and I don't know your situation and as such, I cannot advice you. Rather, this article is about what I do and why I do it.
My experience, unsurprisingly, is very similar to the system administrator and author Michael W. Lucas, who's non-fiction books I can highly recommend. I have no affiliation what so ever with Michael, and he don't know me, but I do know Michael from the BSD mailing lists and from his many talks about BSD, and I believe I have read most of his non-fiction books, several of them more than once, simply because they are just some of the best. His books are mostly based upon his own experience, spiced with yet the research and advice of many experts in the field. Michael's books are pragmatic, they are not about selling books for selling books, rather they are about solving real life IT problems, straight to the point.
I mention this because Michael's approach, which you will understand from his books, is very similar to mine and I would like to establish a relevant context to why I do things they way I do.
Besides from my background in electronics, I have been blessed with a unique access to an absolute huge amount of used hardware (for the past 30+ years) by knowing people in the industry of electronic waste management. Combined with the fact that I had the advantage of getting into the industry of telecommunications when I was only 15 or 16 years of age, which I then worked in, on and off for several years, and also my knowledge from my work both as an independent contractor and consultant, combined with running multiple businesses - both alone and in partnerships with others, and last but not least, having a great thirst for trying to understand how things work under the hood - and importantly why - has all given me a specific perspective and a small amount of experience.
Let's proceed to the subject..
When security matters, OpenBSD is ALWAYS my first choice. This is because, from my experience, nothing beats OpenBSD with regard to security. The people and the community who are involved in the project, the amazing passion of Theo de Raadt (the founder and leader of the project), the amount of careful planning and engineering that goes into OpenBSD, the simplicity of the design, is all really fantastic. The OpenBSD people are meticulous when it comes to their operating system and they have very clearly proved and demonstrated that this approach pays off. OpenBSD deserves so much more praise, support and contribution than what they are getting.
If your company uses OpenBSD and your company is profitable - please consider supporting the project! The same goes for any other open source tool you use! Support the projects you use, in any way you can.
I do my main web development on OpenBSD servers running the current branch and I prefer to deploy anything Internet related on OpenBSD, both because of the simplicity OpenBSD provides and because of the increased level of protection and control, but also because you get almost all you need in the base system (no need to install any third party packages).
Whenever I build routers and firewalls, I use OpenBSD.
TIP! See my OpenBSD router guide for inspiration.
OpenBSD is useful for other things too. If it supports your hardware (e.g. there are no working drivers for NVIDIA), you can run it as a very good desktop or laptop system as well.
Despite it's "small" community, OpenBSD is designed to be simple by people who love to work on the stuff they do. It's easy to understand how OpenBSD works and when something isn't working, it's easy to debug because OpenBSD has been designed to be simple. The default configuration in OpenBSD is always sane, and it's always secure by default, and as a system administrator you never have to worry about it.
When performance and/or customization matters, FreeBSD is in my experience the ultimate solution, especially when network performance is important. In the past, in the telecommunications industry, and still to this present day in some companies, FreeBSD is the only choice. This comes down to the level of customization and tuning you can perform on FreeBSD without having to change the source code. If you're not scared of compiling, you can build your own optimized kernels as well as optimize the build process for third party packages.
In the FreeBSD ports system system you can also easily change the compile time settings before compilation, this means that you can tailor and tune the third party software to your specific needs, without writing any code, which is actually what many FreeBSD users do with Poudriere.
Because third party software is isolated from the base system in FreeBSD, the FreeBSD ports system provides a rolling release of all third party software. If you prefer to use binary packages, the "latest" repository is also a rolling release, similar to Arch Linux, yet a couple of days behind the ports system. Still there is also a "quarterly" repository if you prefer a slower release of software.
NOTE! I am not a "fanboy". I just really like the design of both OpenBSD and FreeBSD and what these projects choose to focus on. This doesn't mean that there are never any problems, or that OpenBSD or FreeBSD are perfect, or anything like that. They are just great operating systems - each in their own respect and use case.
Because OpenBSD and FreeBSD are complete operating systems, each developed by a single community project, everything is easier to design coherently. Linux is not a completely operating system. Linux is just a kernel, and it is developed by about a gazillion different people, independently from everything else in Linux land. The Linux kernel is then combined with some kind of init system, a bootloader, the GNU userland, put together with some other tools, and some kind of package management system. All of it put together into an operating system by the developers and maintainers of a Linux distribution.
The very nature of Linux makes it a bit more difficult to cooperate and often these projects clash and things sometimes stop working. The developers of systemd has more than once collided with the developers of the Linux kernel, causing serious problems - just as an example.
On Linux this gives a large range of choices from the components required to build the Linux kernel to all the rest of the system. When carefully planed, the result is a solid Linux distribution, however the many choices can lead to a lack of unity. On OpenBSD and FreeBSD all the different components are developed uniform. This means that if a change in one component has an impact on the entire system the developers can easier consider the full picture before implementing the change, and further plan and develop the impacted components as well. The BSD kernel, the init system, the userland tools, the ports and package manager systems, all of it are developed by the project members and integrated into one system, and as such, just as an example, the top command on FreeBSD has integrated information about the ZFS Arch.
Often the developers of a Linux distribution has to fix problems in Linux land by "gluing" the system together in a working manner by patching their way out of potential problems.
Now, enough about BSD. I also love Linux! They are all Unix like operating systems after all.
Despite my political - not technical - advice about why you should migrate everything from Linux to BSD, part 1 and part 2, I also run Linux.
In the past, before the crazy political maneuverings of Red Hat and their systemd "world Linux domination plans", Debian was my absolute favorite Linux distribution to deploy, both on servers and on workstations. I really loved Debian, both because of the great community (back then, Debian was 100% community driven, not affected by big corporate tech agendas) and because of the philosophy of the project.
Now, I am not mentioning the systemd part as a way of saying that I don't like Debian because of systemd, that's NOT what I am saying! I mention the systemd problem because that was when, according to my observations and understanding, that the Debian developers and the Debian community was split. A lot of people got hurt, and several of Debian's major contributors (through many years of hard work) left the project, and that was when, what I call, the "decline" of Debian began.
I think it's important to understand that the split was not really about systemd, even though systemd was what caused the problem to begin with. The split was more about how the traditional democratic process of running Debian was "hijacked", and how a huge part of the community was simply ignored.
NOTE! You have to dig into the mailing list archives yourself if you want to understand what really happened, but for historical reasons I have provided the message that was sent to the DNG mailing list on November, 27, 2014 to announce the Debian fork.
I chose Debian back at about 2000 after a couple of years of testing other major Linux distributions both privately and business wise. The very first Linux distribution I ran was Red Hat Linux at about 1997/98, coming straight from Windows, knowing absolutely nothing about Unix at the time, but having done tons of work mainly with Microsoft Windows, but also OS/2 and some other operating systems. I then tried some of the other Linux projects, like Mandrake (now called Mandriva), and SUSE Linux (now OpenSUSE), and a few others.
One of the technical reasons for my decision to run with Debian back then was the development of the apt-get package manager - which I absolutely loved. At the time the RPM package format was the dominating format in the Linux world, but it presented a real challenge with its dependency hell. Debian solved that greatly with apt-get and I never looked back.
From that moment forward I always rejected to work with any kind of RPM based distribution. That decision is not relevant today as many other great package managers has been developed even for the RPM package format, but it was a major contributing factor to my decision back then.
Furthermore, in the telecommunications industry, we mainly used FreeBSD and Debian, and like FreeBSD, Debian was famous for its great community and stability. With Debian there where never any surprises, which - as you may know - is something that is really important for a system administrator.
NOTE! I believe that it is important to understand that there is a major difference between a Linux distribution that is mainly run by a tech company and a distribution that is developed 100% by a true open source and free software driven community.
You don't want to suffer from big corporate decisions affecting your favorite OS, just like what happened with the sudden and unilaterally termination of CentOS by Red Hat, which actually caused a kind of panic for many both small and big companies.
For example, OpenBSD is a 100% community driven project that takes great care of not being affected by corporate tech agendas, the same goes for FreeBSD. Companies can contribute financially and with code, and occasionally they hire one or more of the developers if they need some specific software developed for the platform, but they cannot effect the course of the project or change things. OpenBSD is made for the developers, by the developers, and you can then use it as well. Debian used to be like that too, but eventually big tech managed to influence the decision making process, and well, in my personal and humble opinion, Debian stopped being Debian.
Devuan was, for that exact reason, forked from Debian with the release of Debian 8 when some of the developers and community users were alienated due to the project's adoption of systemd and subsequent removal of support for other existing init systems. The Devuan community members removed systemd from Debian and created Devuan. Today Devuan is lot more like what Debian used to be, yet it is still a small project by comparison.
TIP! Also see my article: The delusions of Debian.
Today I use Devuan instead of Debian. I know both of these systems very well because of the many years of usage. After systemd, when I was still using Debian on a few of my machines, I only used the init part of systemd, whereas all the other systemd related tools where simply not used as I have never had any need for any of it.
I want to point out that I actually like the init part of systemd, and I can even succumb to the binary format of the journal, what I really don't like is all the rest of systemd. Had systemd stayed an init system, which it originally was released as, that would be fine with me. All the rest of systemd is, whether you choose to look at it as a bunch of independent subsystems, such as Lennart Poettering tried to sell it, or one huge blob, the fact of the matter is that it (as predicted by the "resistance movement") has all its big tech agenda tentacles deeply integrated into everything, and now that Microsoft has hired Lennart, they are already beginning to effect the course of Linux in profound ways. The Open letter to the Linux world by Christopher Barry is still a really good and relevant rant about systemd that I highly recommend reading.
Anyway, other Linux distributions I use are:
Artix Linux is Arch Linux without systemd. The developers of Artix is another project that decided to fork their favorite Linux distribution and remove systemd. Arch Linux was one of my favorite distributions and I began replacing some Debian machines with Arch in about 2009. I have deployed Arch Linux on production machines because I really like the simple design of Arch and how well Arch tracks upstream for third party packages. It's one of the very best distributions in that regard. Deploying Arch on servers require a little planning because of the nature of its rolling release and bleeding edge delivery, but I have never had a single problem.
As mentioned on the Arch Wiki:
Arch is not designed for any particular type of use. Rather, it is designed for a particular type of user. Arch targets competent users who enjoy its 'do-it-yourself' nature, and who further exploit it to shape the system to fit their unique needs. Therefore, in the hands of its target user base, Arch can be used for virtually any purpose. Many use Arch on both their desktops and workstations. And of course, archlinux.org, aur.archlinux.org and almost all of Arch's infrastructure runs on Arch.
The same goes for Artix Linux.
Arch Linux has some of the very best Linux documentation on the Arch Wiki and one of the things I also really like about Arch is its pragmatic philosophy. Furthermore, Arch doesn't change stuff from upstream third party packages like Debian does. Sometimes "The Debian Way", gets in the way, and you just want things to be as close to the original upstream setup as possible.
Take a look at Arch compared to other distributions.
I really wish that Arch Linux had decided not to go with systemd as an init system and had chosen something like runit instead, systemd doesn't fit well with the design of Arch and it adds loads of complexity. Hence, as a great alternative to Arch, I run Artix Linux. Artix Linux is an independent distribution with a really friendly community. Artix Linux provides several alternatives to systemd, my personal favorite being runit. Artix Linux still uses the Arch Linux third party PKGBUILD scripts, which they then change in order to fit their requirements. This means that Artix Linux is, more or less, Arch Linux, just without systemd.
Like Devuan, Artix Linux is a small project compared to Arch, but I really hope that both these project keeps growing.
Last, but not least, perhaps my favorite Linux distribution from a technical perspective is Void Linux. The reason for my passion for Void is the resemblance to the BSDs. It's really simple, well designed and easy to work with, perhaps because the original developer, Juan RP, was a NetBSD developer. Void Linux also has a small community, a community that does things "their own way". I have written about Void Linux in my article, Void Linux - a great and unique Linux distribution.
Void Linux has its XBPS source packages collection, which resembles the ports system from BSD.
Like Artix Linux, Void Linux is not for novice Linux users. You need to be able to 'do-it-yourself'. If you believe an operating system should configure itself, run out of the box, and include a complete default set of software and desktop environment on the installation media, then Void is not for you.
I also use Alpine Linux, which I have also talked a little about in my article Some of the great GNU/Linux distributions.
I cannot say it better than what is written on the Alpine Linux about page:
Alpine Linux is an independent, non-commercial, general purpose Linux distribution designed for power users who appreciate security, simplicity and resource efficiency.
Alpine Linux is a very simple distribution that will try to stay out of your way. It uses its own package manager called apk, the OpenRC init system, script driven set-ups and that's it! This provides you with a simple, crystal-clear Linux environment without all the noise. You can then add on top of that just the packages you need for your project, so whether it’s building a home PVR, or an iSCSI storage controller, a wafer-thin mail server container, or a rock-solid embedded switch, nothing else will get in the way.
Alpine Linux was designed with security in mind. All userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection. These proactive security features prevent exploitation of entire classes of zero-day and other vulnerabilities.
Final thoughts
I am not interested in any of the other Linux distributions. Either because I have experienced problems with them, or simply because they do not provide anything which one of my other favorite distributions don't provide. I generally prefer simplicity and do-it-yourself, which is why I have never liked any of the big distributions like Ubuntu or Fedora.
In any case, I am aware of all the other independent Linux distributions, like Gentoo Linux, Rocky Linux, Alma Linux, NixOS and others, but the above mentioned systems are the ones I personally prefer. I am also aware of both NetBSD and DragonflyBSD, yet I have never found any use for either of these great flavors of BSD.
Have a nice one!