|
What appears below are my personal notes I wish were part of my long-term memory but don't always seem to fit. I strive for accuracy and clarity and appreciate feedback. If applying any of this information anywhere, confirm for youself the correctness of your work as what you see below might very well be, albeit unintentionally, incorrect or misleading. These notes are here as an easy reference for myself.
Information worthy of a more formal presentation will appear elsewhere than this "Scratch" area. - ksb
The following are my FreeBSD notes. The intent here is not to duplicate the excellent documentation in the FreeBSD handbook, just to summarize what I've done and learned when getting things to work on my machines. The order is roughly the order needed when installing a new system from scratch and almost all of this is done as root.
I follow the "security branches" of the latest FreeBSD releases, for which I try to keep these notes accurate. I am more than open to feedback on any and all of this.
| Table of Contents | References |
If you want a dual boot machine with WinXP, install XP first, as described below, then install from the latest (6.2 as of this writing) released mini-install CD. I usually burn my own CD and follow the minimal install, then run sysinstall to pick up under the "Configure" option: root password, add a user for myself, time zone, mouse and pick up, under "Distributions" the man pages, sources for everything and the ports system via FTP as I will rebuild everything else.
I use the WinXP boot manager to dual-boot between WinXP and FreeBSD.
When first setting up a machine, install WinXP first, leaving a partition for FreeBSD. Then install FreeBSD in that partition. After installing FreeBSD it will boot directly to FreeBSD. Don't worry WinXP is still there, FreeBSD just sets the partition it is installed on as the active partition, meaning in DOS-speak the bootable one. This can be changed using FreeBSD's fdisk command:
fdisk -aand follow the prompts to set the WinXP partition as the active one so it will boot. Now it will boot straight to WinXP. Don't worry FreeBSD is still there...
Now under WinXP right-click on My Computer->Properties->Advanced->Startup and Recovery->Settings, then hit the Edit button to manually edit the startup options. This is easier than editing the C:\boot.ini file as you don't need to have any special prems. Add the line C:\BOOTSECT.BSD="FreeBSD" so the file looks something like this:
[boot loader] timeout=15 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn C:\BOOTSECT.BSD="FreeBSD"
Now, still under WinXP, put in the FreeBSD install CD and copy over the file \boot\boot1 to C:\BOOTSECT.BSD
After this, when booting up, WinXP's boot manager will start, present the list of operating systems defined in boot.ini and wait the timeout for you to pick one, or go with the default. The timeout and default can be changed in WinXP in that Startup and Recovery panel.
After an installation, taking a look at your /etc/rc.conf file is a good idea. Nearly all possible values for this file are in /etc/defaults/rc.conf (which defines the default values as it is sourced before /etc/rc.conf).
For example, on my laptop it defined both ethernet and wlan interfaces as "DHCP" so both interfaces came up at boot time. Since I don't know which network interface I'm going to use when starting my laptop, I'd rather neither come up by default. So I commented those out and bring them up manually depending on where I am.
/etc/make.conf is a pretty important file as it effects all make commands (i.e. building the kernel, the system and ports). I custimize it to the specific CPU, compiler optimizations, CVSup details and port tweaks. Start with the example in /usr/share/examples/etc/make.conf. Here's mine:
CPUTYPE?=pentium4 CFLAGS= -O2 -pipe -funroll-loops CXXFLAGS+= -fconserve-space COPTFLAGS= -O -pipe -funroll-loops NOPROFILE= true # Avoid compiling profiled libraries X_WINDOW_SYSTEM=xorg # Not needed after 5.X WITH_LAME= yes # Not sure where I picked this up from WITH_BDB_HIGHEST=yes # This apparently avoids a problem with portupgrade picking up old BDB versions # CVSup update flags. Edit SUPFILE settings to reflect whichever distribution # file(s) you use on your site (see /usr/share/examples/cvsup/README for more # information on CVSup and these files). To use, do "make update" in /usr/src. # SUP_UPDATE=yes # SUP= /usr/bin/csup SUPFLAGS= -g -L 1 -4 -1 SUPHOST= `/usr/local/bin/fastest_cvsup -c us -Q` #SUPFILE= /usr/share/examples/cvsup/standard-supfile SUPFILE= /root/csup/standard-supfile #PORTSSUPFILE= /usr/share/examples/cvsup/ports-supfile PORTSSUPFILE= /root/csup/ports-supfile #DOCSUPFILE= /usr/share/examples/cvsup/doc-supfile # Have the openssl port overwrite the base install of openssl (the # port then calls itself 'openssl-overwrite-base') OPENSSL_OVERWRITE_BASE=yes # openssl port WITH_OPENSSL_BASE=yes # Have the openssh-portable port overwrite the base install of openssh # (the port then call itself 'openssh-overwrite-base'). A comment in # /usr/ports/security/openssh-portable/Makefile indicates this var is # deprecated, presumably replace by the config option for the port, # but I'm leaving this in here since there doesn't appear to be a # similar structure in the openssl port. OPENSSH_OVERWRITE_BASE=yes # openssh-portable port
Other stuff gets added in there when you upgrade certian ports, like perl. I've also had to lower the compiler optimizations when building the Kernel. Look through dmesg and the gcc man page for the value of the CPUTYPE var. The CVSup stuff is very helpful, as all you then need to do to upgrade your port tree is to do a cd /usr/port/; make update. Before 6.2 you needed to have the cvsup port installed, but /usr/bin/csup (a cvsup replacement) is now part of the base. You will though want the faster_cvsup ports installed if using the above setting for SUPHOST.
I used to have -ffast-math in CFLAGS and COPTFLAGS but that caused problems in Firefox (javascript failures at gmail login and failure to load any extensions).
The FreeBSD port system is very, very powerful. I currently use the portupgrade port to manage my ports, though I often see that there are better port management tools avaliable now. Perhaps someday, I'll "upgrade". I have a cron that runs periodically which updates the entire ports tree, then shows me which of my installed ports could be upgraded. To get all this going from a clean install:
cd /usr/ports make update
cd /usr/ports/sysutil/fastest_cvsup make install package-recursive clean
This depends on perl, so that will be installed if starting from a new install. After this is installed, you can change the SUPHOST value in /etc/make.conf back to the above value calling fastest_cvsup.
cd /usr/ports/ports-mgmt/portupgrade make install package-recursive clean
This depends on ruby and other ports, so they will be installed if starting from a new install.
cd /usr/ports/path/to/whatever make install package-recursive cleanor portupgrade
portinstall -pL /var/tmp/portupgrade/%s::%s.log whatever
to install new ports. That -L arg will put logs of the build under /var/tmp/portupgrade/ and the -p will create a package for the port (under /usr/ports/packages) which can make re-installing a port quickly done without rebuilding it.
cd /usr/ports make update # Does the actual update of the ports tree portsdb -Fu # Get a INDEX and update the port DB pkgdb -fFu # Rebuild the package DB. portversion -v | grep -v up-to-date # Show the ports which could be updated.
I have the following script which is run via cron periodically:
#!/bin/sh PATH=$PATH:/usr/local/bin:/usr/local/sbin:/usr/sbin LOG=/root/port_update.log #set -x cd /usr/ports && \ echo "==== Running: make update === `date` ====" > $LOG && \ make update >> $LOG && \ echo "==== Running: portsdb -Uu === `date` ====" >> $LOG && \ portsdb -Uu >> $LOG && \ echo "==== Running: pkgdb -fFu === `date` ====" >> $LOG && \ pkgdb -fFu >> $LOG && \ echo "==== Running: portupgrade -aFR --batch === `date` ====" >> $LOG && \ portupgrade -aFR --batch >> $LOG && \ echo "==== Running: portversion -v | grep -v up-to-date === `date` ====" >> $LOG && \ portversion -v | grep -v up-to-date | tee -a $LOG && \ echo "==== Done === `date` ====" >> $LOG
Note that this is nearly the same as above but it doesn't fetch the INDEX it rebuilds it locally from scratch - which takes a long time, (it also fetches all newly needed distfiles) but I do it via cron when I'm not waiting for it:
# crontab -l MAILTO=me@example.com # Update the ports tree 0 1 * * Sun,Tue,Thu /root/csup/port_update.sh
portupgrade -apL /var/tmp/portupgrade/%s::%s.logoptionally adding in a -x flag to skip certian ports for upgrading:
portupgrade -apL /var/tmp/portupgrade/%s::%s.log -x xorg\*
Here're some handy commands for investigating ports:
portversion -v | grep -v up-to-date | awk '{ print $1 }' | pkg_sortportupgrade -frpL /var/tmp/portupgrade/%s::%s.log gettextand it doesn't complete successfully rebuilding all the ports it needs to, to see which ports still need to be rebuilt, use the pkg_glob command excluding all ports newer than that 'base' port:
pkg_glob -r gettext -x '>=gettext' | pkg_sortFix whatever caused the first portupgrade to fail, then restart it from where it is, without rebuild all dependent packages again, via:
portupgrade -frpL /var/tmp/portupgrade/%s::%s.log gettext -x '>=gettext'
FreeBSD comes with a base system of tools and utilities, including the kernel. The sources for all this lives under /usr/src (which originally was populated using sysinstall).
The first thing is to get the latest sources for everything under /usr/src. Setting up /etc/make.conf as described above will help, specifically the stable-supfile. I use the one from the example dir changing only the host which strictly speaking won't be used if SUPHOST is specified in /etc/make.conf. This important thing in that file is that release=cvs and tag=RELENG_6_2 to pick up the "security branch". Updating the system sources can then be done by:
# cd /usr/src # make update
More details on this are here
What follows is a very abbreviated summary of the directions from the FreeBSD Handbook on Rebuilding "world".
# cd /usr/src/usr.sbin/mergemaster # ./mergemaster -p
# reboot # fsck -p # mount -u / # mount -a -t ufs # swapon -a
# cd /usr/src # make -j4 buildworld
# make -j4 buildkernel KERNCONF=FUZZ # make -j4 installkernel KERNCONF=FUZZ
# reboot (into single-user) # fsck -p # mount -u / # mount -a -t ufs # swapon -a
# cd /usr/src # make installworld
(I worked around a "touch: not found" error here by using "make installworld PATH=$PATH")
# mergemaster
When deciding on whether to delete or install files then mergemaster finds differences: the temporary ones (under ./etc/) are the new incoming ones. Unless it is a file I've modified, I take the new ("temporary") ones. Even when it is modified, I'll often take the new one and redo my edits later.
You're done:
# reboot
I then portupgrade -f the openssl-overwrite-base (security/openssl) and openssh-portable-overwrite-base (security/openssh-portable) ports (see the relevent /etc/make.conf and make config settings above) because the build/install world has installed the base versions.
To cvsup core system (kernel et al) sources: # cd /root/cvsup # Make sure tag in stable-supfile is correct (RELENG_4_10, RELENG 5_2, etc.) cvsup -g stable-supfile To rebuild the kernel: # cd /sys/i386/conf Now create a new config file for the new kernel. # cp GENERIC NEW_KERNEL Edit this config file. Change the name of the kernel, ident, and (un)comment drivers and devices as needed # cd /usr/src Compile the kernel. # make buildkernel KERNCONF=MYKERNEL Install the new kernel. # make installkernel KERNCONF=MYKERNEL # reboot You will now have a new /boot/kernel dir with the new kernel in it. The old one is in /boot/kernel.old, cp it if you want to save it.
Let X build your initial /etc/X11/XF86Config file for you (into
/root/XF86Config.new)
# XFree86 -configure
Another way to generate it is using:
# xf86cfg -textmode
For Matrox cards, the mga_hal port provides drivers for X, and the
mgapdesk port provides an GUI interface for generating the
/etc/X11/xorg.conf file (supporting multi-head).
If you need to figure out a ModeLine, use
# xvidtune
Then click the Show button to display the Modeline used.
To add mouse wheel support, try adding:
Option "Buttons" "5"
Option "ZAxisMapping" "4 5"
to the mouse "InputDevice" section.
To adjust the gamma, look at figure 2 here:
http://radsite.lbl.gov/radiance/refer/Notes/gamma.html and use xgamma to
make
the 2.2 look the closest. When you know what the gamma adjustment needs to
be, add a line like this:
Gamma 0.8
to the Monitor section.
fuzz has problems with loading the kernel drive at boot time, after rebooting do this: kldload snd_es137x.ko http://www.freebsdforums.org/forums/showthread.php?s=&threadid=19095 You can rebuild your kernel for your specific sound card, but loading a kernel module will work just fine. First find the snd_*.ko module to load. # cd /boot/kernel Try loading each one in a row or just load them all and see which one sticks: # kldload snd_* To see which one sticks, look at dmesg, /var/log/messages, or better yet: # cat /dev/sndstat Once you know what kind of sound card you have, look in /boot/default/loader.conf and search for the line that loads the module specific to your sound card. Add that to your /boot/loader.conf # less /boot/default/loader.conf # vi /boot/loader.conf (/boot/default/loader.conf is to /boot/loader.conf as /etc/default/rc.conf is to /etc/rc.conf) Loading the driver will (in 5.x) create the /dev entry. Try to send some noise to the sound card: # cat ~/.profile > /dev/dsp This may not work, better to try to use a cd or mp3 program. Here is another command that will list details about lots of hardware: pciconf -lv # LD_LIBRARY_PATH stuff: ldconfig -r # lists where libraries are picked up
Copied the itg2 entry from pesto:/etc/printcap. Namely:
-----
itg2:pt=PostScript:\
:mx#0:\
:lp=:\
:rm=itg-hp-lj2:\
:rp=raw:\
:if=/usr/local/libexec/psif:\
:lf=/var/log/lpd-errs:\
:sd=/usr/spool/lpd/itg2:
-----
and added that to /etc/printcap and:
changed: /usr/spool to /var/spool
removed the line: :if=/usr/local/libexec/psif:\
Ending up with:
itg2:pt=PostScript:\
:mx#0:\
:lp=:\
:rm=itg-hp-lj2:\
:rp=raw:\
:lf=/var/log/lpd-errs:\
:sd=/var/spool/lpd/itg2:
I tried leaving in the psif call with a 'portinstall lprps-letter' but I got
ioctl errors in /var/log/lpd-errs
Then:
mkdir /var/spool/lpd/itg2
Add
lpd_enable="YES"
to /etc/rc.conf
Add to user ~/.bashrc:
export PRINTER=itg2
Getting Shockwave Flash to run under FreeBSD is, without question, one of the biggest disappointments in running FreeBSD on the desktop. In short, Macromedia/Adobe doesn't support Flash on FreeBSD. There are efforts to implement open-source replacements but none seem ready yet.
Since Linux is supported, using emulation in some say is the alternative. The most straightforward would be to run all of Firefox or Opera under linux emulation, but for now, here's how I have Flash7 working under native Firefox. Unfortunately (or perhaps fortunately) sound doesn't work, so this isn't very good for YouTube but it gets rid of most of the broken media links.
cd /usr/local/lib/browser_plugins ln -s /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so . ln -s /usr/local/lib/npapi/linux-flashplugin/flashplayer.xpt .
I tried doing this with the linux-flashplugin9 port, but it didn't work. When hitting the about:plugin page (after starting firefox from a terminal command line) I would see:
$ firefox LoadPlugin: failed to initialize shared library /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so [Shared object "libfreetype.so.6" not found, required by "libflashplayer.so"]This seems like it should be a pretty simple thing to fix (by say adding a line in /etc/libmap.conf) but I think this requires support by the linuxpluginwrapper port (which doesn't appear to be getting much love these days...)
I should figure out how to use all of firefix or Opera under linux emulation for sound, etc.
nisdomainname="mynisdomain" # Set to NIS domain if using NIS (or NO). nis_client_enable="YES" # We're an NIS client (or NO). nis_client_flags="-s" # ksb - leres suggested it, can't remember why...
To install the postgresql ports (81-client and 81-server):
# portinstall postgresql*
Then add postgresql_enable="YES" to /etc/rc.conf or the following init and start commands won't work.
To initialize the database, run
# /usr/local/etc/rc.d/010.pgsql.sh initdbThis also set up all the files under ~pgsql
To start, stop or check status of PostgreSQL use:
# /usr/local/etc/rc.d/010.pgsql.sh start|stop|status
FreeBSD's PostgreSQL port now by default logs to syslog. See ~pgsql/data/postgresql.conf for more info
Create a new database user (the -e is just to see the SQL commands used):
# su - pgsql $ bash [pgsql@fuzz ~]$ createuser -e foouser Shall the new role be a superuser? (y/n) n Shall the new role be allowed to create databases? (y/n) y Shall the new role be allowed to create more new roles? (y/n) n CREATE ROLE foouser NOSUPERUSER CREATEDB NOCREATEROLE INHERIT LOGIN; CREATE ROLE
Create a new database, as the pgsql user (the -e is just to see the SQL commands used):
$ createdb -e foodb
Try logging into the new db as the new user:
psql -U foouser -d foodb
# To turn on TCP connections from other hosts: # In ~pgsql/data/postgresql.conf tcpip_socket = true # In ~pgsql/data/pg_hba.conf, add a line like the following: host foo foo 192.168.1.10 255.255.255.255 trust # This will allow anyone on 192.168.1.10 to log in to the foo db as the foo user. That command there would be: psql -h 192.168.1.10 -U foo -d foo # For the JDBC drivers: portinstall postgresql-jdbc su - pgsql Look through post-install-notes
This doesn't seem to work entirely... Create /etc/ntp.conf: ---- server chronos01.lbl.gov prefer server tic.lbl.gov server toc.lbl.gov restrict default ignore driftfile /var/db/ntp.drift ---- To immediately update the system time (with /etc/ntp.conf in place): # ntpd -gq To have ntpd started with system startup, ddd into /etc/rc.conf: ntpd_enable="YES" To start ntpd manually without restarting: # ntpd -p /var/run/ntpd.pid -f /var/db/ntpd.drift
linux_enable="YES"Use kldstat to list currently loaded kernel modules. To add it without rebooting:
kldload /boot/kernel/linux.ko
portinstall -L /var/tmp/portupgrade/%s::%s.log linux_base-fc-4
Looking through the logs will give lots of good info on this port.
linprocfs /compat/linux/proc linprocfs rw 0 0To mount it immediately (I think I've got this right...):
mount -t linprocfs linprocfs /compat/linux/proc
domainname your NIS domain ypserver your NIS domain serverthen add nis to the passwd, shadow & group lines of nsswitch.conf:
passwd: files nis shadow: files nis group: files nis
Static IP --------- Add (something simlar) the following to /etc/rc.conf hostname="fuzz.lbl.gov" ifconfig_em0="inet 131.243.2.59 netmask 255.255.255.0" defaultrouter="131.243.2.1" DHCP ---- Add the following to /etc/rc.conf ifconfig_em0="dhcp" To get your hostname sent to the DHCP server (which might then be configured to add you into DNS) add the following to your /etc/dhclient.conf send host-name "icepad"; Wireless -------- This is a bit trickier. Rebuild kernel to support the ath driver by adding device ath device ath_hal device wlan ifconfig will now show the ath0 interface Bring it up so to search for SSIDs # ifconfig ath0 up Search for SSIDs by either: # wiconfig ath0 -l (This lists stations but doesn't show signal strengths for some reason) or # dstumbler ath0 (This lists stations, doesn't show signal strengths) or # dstumbler ath0 -s (This lists only one station but does show it's strength.) Attach to a particular station: # ifconfig ath0 up ssidor if you need a wepkey # ifconfig ath0 up ssid wepmode on wepkey <0x0123456789> The get DHCP info: dhclient ath0 To release an existing DHCP license: dhclient em0 -r