|
What appears below are my personal notes I wish were part of my long-term memory but don't always seem to fit. I strive for accuracy and clarity and appreciate feedback. If applying any of this information anywhere, confirm for youself the correctness of your work as what you see below might very well be, albeit unintentionally, incorrect or misleading. These notes are here as an easy reference for myself.
Information worthy of a more formal presentation will appear elsewhere than this "Scratch" area. - ksb
The following are my FreeBSD notes. The intent here is not to duplicate the excellent documentation in the FreeBSD handbook, just to summarize what I've done and learned when getting things to work on my machines. The order is roughly the order needed when installing a new system from scratch and almost all of this is done as root.
I follow the "security branches" of the latest FreeBSD releases, for which I try to keep these notes accurate. I am more than open to feedback on any and all of this.
| Table of Contents | References |
If you want a dual boot machine with WinXP, install XP first, as described below, then install from the latest (6.2 as of this writing) released mini-install CD. I usually burn my own CD and follow the minimal install, then run sysinstall to pick up under the "Configure" option: root password, add a user for myself, time zone, mouse and pick up, under "Distributions" the man pages, sources for everything and the ports system via FTP as I will rebuild everything else.
I use the WinXP boot manager to dual-boot between WinXP and FreeBSD.
When first setting up a machine, install WinXP first, leaving a partition for FreeBSD. Then install FreeBSD in that partition. After installing FreeBSD it will boot directly to FreeBSD. Don't worry WinXP is still there, FreeBSD just sets the partition it is installed on as the active partition, meaning in DOS-speak the bootable one. This can be changed using FreeBSD's fdisk command:
fdisk -aand follow the prompts to set the WinXP partition as the active one so it will boot. Now it will boot straight to WinXP. Don't worry FreeBSD is still there...
Now under WinXP right-click on My Computer->Properties->Advanced->Startup and Recovery->Settings, then hit the Edit button to manually edit the startup options. This is easier than editing the C:\boot.ini file as you don't need to have any special prems. Add the line C:\BOOTSECT.BSD="FreeBSD" so the file looks something like this:
[boot loader] timeout=15 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn C:\BOOTSECT.BSD="FreeBSD"
Now, still under WinXP, put in the FreeBSD install CD and copy over the file \boot\boot1 to C:\BOOTSECT.BSD
After this, when booting up, WinXP's boot manager will start, present the list of operating systems defined in boot.ini and wait the timeout for you to pick one, or go with the default. The timeout and default can be changed in WinXP in that Startup and Recovery panel.
After an installation, taking a look at your /etc/rc.conf file is a good idea. Nearly all possible values for this file are in /etc/defaults/rc.conf (which defines the default values as it is sourced before /etc/rc.conf).
For example, on my laptop it defined both ethernet and wlan interfaces as "DHCP" so both interfaces came up at boot time. Since I don't know which network interface I'm going to use when starting my laptop, I'd rather neither come up by default. So I commented those out and bring them up manually depending on where I am.
/etc/make.conf is a pretty important file as it effects all make commands (i.e. building the kernel, the system and ports). I custimize it to the specific CPU, compiler optimizations, CVSup details and port tweaks. Start with the example in /usr/share/examples/etc/make.conf. Here's mine:
CPUTYPE?=pentium4 CFLAGS= -O2 -pipe -funroll-loops CXXFLAGS+= -fconserve-space COPTFLAGS= -O -pipe -funroll-loops NOPROFILE= true # Avoid compiling profiled libraries X_WINDOW_SYSTEM=xorg # Not needed after 5.X WITH_LAME= yes # Not sure where I picked this up from WITH_BDB_HIGHEST=yes # This apparently avoids a problem with portupgrade picking up old BDB versions # CVSup update flags. Edit SUPFILE settings to reflect whichever distribution # file(s) you use on your site (see /usr/share/examples/cvsup/README for more # information on CVSup and these files). To use, do "make update" in /usr/src. # SUP_UPDATE=yes # SUP= /usr/bin/csup SUPFLAGS= -g -L 1 -4 -1 SUPHOST= `/usr/local/bin/fastest_cvsup -c us -Q` #SUPFILE= /usr/share/examples/cvsup/standard-supfile SUPFILE= /root/csup/standard-supfile #PORTSSUPFILE= /usr/share/examples/cvsup/ports-supfile PORTSSUPFILE= /root/csup/ports-supfile #DOCSUPFILE= /usr/share/examples/cvsup/doc-supfile # Have the openssl port overwrite the base install of openssl (the # port then calls itself 'openssl-overwrite-base') OPENSSL_OVERWRITE_BASE=yes # openssl port WITH_OPENSSL_BASE=yes # Have the openssh-portable port overwrite the base install of openssh # (the port then call itself 'openssh-overwrite-base'). A comment in # /usr/ports/security/openssh-portable/Makefile indicates this var is # deprecated, presumably replace by the config option for the port, # but I'm leaving this in here since there doesn't appear to be a # similar structure in the openssl port. OPENSSH_OVERWRITE_BASE=yes # openssh-portable port
Other stuff gets added in there when you upgrade certian ports, like perl. I've also had to lower the compiler optimizations when building the Kernel. Look through dmesg and the gcc man page for the value of the CPUTYPE var. The CVSup stuff is very helpful, as all you then need to do to upgrade your port tree is to do a cd /usr/port/; make update. Before 6.2 you needed to have the cvsup port installed, but /usr/bin/csup (a cvsup replacement) is now part of the base. You will though want the faster_cvsup ports installed if using the above setting for SUPHOST.
I used to have -ffast-math in CFLAGS and COPTFLAGS but that caused problems in Firefox (javascript failures at gmail login and failure to load any extensions).
The FreeBSD port system is very, very powerful. I currently use the portupgrade port to manage my ports, though I often see that there are better port management tools avaliable now. Perhaps someday, I'll "upgrade". I have a cron that runs periodically which updates the entire ports tree, then shows me which of my installed ports could be upgraded. To get all this going from a clean install:
cd /usr/ports make update
cd /usr/ports/sysutil/fastest_cvsup make install package-recursive clean
This depends on perl, so that will be installed if starting from a new install. After this is installed, you can change the SUPHOST value in /etc/make.conf back to the above value calling fastest_cvsup.
cd /usr/ports/ports-mgmt/portupgrade make install package-recursive clean
This depends on ruby and other ports, so they will be installed if starting from a new install.
cd /usr/ports/path/to/whatever make install package-recursive cleanor portupgrade
portinstall -pL /var/tmp/portupgrade/%s::%s.log whatever
to install new ports. That -L arg will put logs of the build under /var/tmp/portupgrade/ and the -p will create a package for the port (under /usr/ports/packages) which can make re-installing a port quickly done without rebuilding it.
cd /usr/ports make update # Does the actual update of the ports tree portsdb -Fu # Get a INDEX and update the port DB pkgdb -fFu # Rebuild the package DB. portversion -v | grep -v up-to-date # Show the ports which could be updated.
I have the following script which is run via cron periodically:
#!/bin/sh PATH=$PATH:/usr/local/bin:/usr/local/sbin:/usr/sbin LOG=/root/port_update.log #set -x cd /usr/ports && \ echo "==== Running: make update === `date` ====" > $LOG && \ make update >> $LOG && \ echo "==== Running: portsdb -Uu === `date` ====" >> $LOG && \ portsdb -Uu >> $LOG && \ echo "==== Running: pkgdb -fFu === `date` ====" >> $LOG && \ pkgdb -fFu >> $LOG && \ echo "==== Running: portupgrade -aFR --batch === `date` ====" >> $LOG && \ portupgrade -aFR --batch >> $LOG && \ echo "==== Running: portversion -v | grep -v up-to-date === `date` ====" >> $LOG && \ portversion -v | grep -v up-to-date | tee -a $LOG && \ echo "==== Done === `date` ====" >> $LOG
Note that this is nearly the same as above but it doesn't fetch the INDEX it rebuilds it locally from scratch - which takes a long time, (it also fetches all newly needed distfiles) but I do it via cron when I'm not waiting for it:
# crontab -l MAILTO=me@example.com # Update the ports tree 0 1 * * Sun,Tue,Thu /root/csup/port_update.sh
portupgrade -apL /var/tmp/portupgrade/%s::%s.logoptionally adding in a -x flag to skip certian ports for upgrading:
portupgrade -apL /var/tmp/portupgrade/%s::%s.log -x xorg\*
Here're some handy commands for investigating ports:
portversion -v | grep -v up-to-date | awk '{ print $1 }' | pkg_sortportupgrade -frpL /var/tmp/portupgrade/%s::%s.log gettextand it doesn't complete successfully rebuilding all the ports it needs to, to see which ports still need to be rebuilt, use the pkg_glob command excluding all ports newer than that 'base' port:
pkg_glob -r gettext -x '>=gettext' | pkg_sortFix whatever caused the first portupgrade to fail, then restart it from where it is, without rebuild all dependent packages again, via:
portupgrade -frpL /var/tmp/portupgrade/%s::%s.log gettext -x '>=gettext'
FreeBSD comes with a base system of tools and utilities, including the kernel. The sources for all this lives under /usr/src (which originally was populated using sysinstall).
The first thing is to get the latest sources for everything under /usr/src. Setting up /etc/make.conf as described above will help, specifically the stable-supfile. I use the one from the example dir changing only the host which strictly speaking won't be used if SUPHOST is specified in /etc/make.conf. This important thing in that file is that release=cvs and tag=RELENG_6_2 to pick up the "security branch". Updating the system sources can then be done by:
# cd /usr/src # make update
More details on this are here
What follows is a very abbreviated summary of the directions from the FreeBSD Handbook on Rebuilding "world".
# cd /usr/src/usr.sbin/mergemaster # ./mergemaster -p
# reboot # fsck -p # mount -u / # mount -a -t ufs # swapon -aNote that if using ZFS, rather than the mount commands use:
# zfs set readonly=off zroot # zfs mount -a
# cd /usr/src # make -j4 buildworld
# make -j4 buildkernel KERNCONF=FUZZ # make -j4 installkernel KERNCONF=FUZZ
# reboot (into single-user) # fsck -p # mount -u / # mount -a -t ufs # swapon -a
# cd /usr/src # make installworld
(I worked around a "touch: not found" error here by using "make installworld PATH=$PATH")
# mergemaster -Ui
When deciding on whether to delete or install files then mergemaster finds differences: the temporary ones (under ./etc/) are the new incoming ones. Unless it is a file I've modified, I take the new ("temporary") ones. Even when it is modified, I'll often take the new one and redo my edits later.
You're done:
# reboot
I then portupgrade -f the openssl-overwrite-base (security/openssl) and openssh-portable-overwrite-base (security/openssh-portable) ports (see the relevent /etc/make.conf and make config settings above) because the build/install world has installed the base versions.
To cvsup core system (kernel et al) sources: # cd /root/cvsup # Make sure tag in stable-supfile is correct (RELENG_4_10, RELENG 5_2, etc.) cvsup -g stable-supfile To rebuild the kernel: # cd /sys/i386/conf Now create a new config file for the new kernel. # cp GENERIC NEW_KERNEL Edit this config file. Change the name of the kernel, ident, and (un)comment drivers and devices as needed # cd /usr/src Compile the kernel. # make buildkernel KERNCONF=MYKERNEL Install the new kernel. # make installkernel KERNCONF=MYKERNEL # reboot You will now have a new /boot/kernel dir with the new kernel in it. The old one is in /boot/kernel.old, cp it if you want to save it.
Let X build your initial /etc/X11/XF86Config file for you (into
/root/XF86Config.new)
# XFree86 -configure
Another way to generate it is using:
# xf86cfg -textmode
For Matrox cards, the mga_hal port provides drivers for X, and the
mgapdesk port provides an GUI interface for generating the
/etc/X11/xorg.conf file (supporting multi-head).
If you need to figure out a ModeLine, use
# xvidtune
Then click the Show button to display the Modeline used.
To add mouse wheel support, try adding:
Option "Buttons" "5"
Option "ZAxisMapping" "4 5"
to the mouse "InputDevice" section.
To adjust the gamma, look at figure 2 here:
http://radsite.lbl.gov/radiance/refer/Notes/gamma.html and use xgamma to
make
the 2.2 look the closest. When you know what the gamma adjustment needs to
be, add a line like this:
Gamma 0.8
to the Monitor section.
To get sound working you need to have the proper kernel module loaded for your sound card.
To see what kind of sound card the kernel saw at boot up:
$ dmesg | grep pcm pcm0: <HDA ATI R6xx HDMI PCM #0 HDMI> at cad 0 nid 1 on hdac0 pcm1: <HDA Realtek ALC888 PCM #0 Analog> at cad 2 nid 1 on hdac1 pcm2: <HDA Realtek ALC888 PCM #1 Digital> at cad 2 nid 1 on hdac1Or which one is already loaded:
$ cat /dev/sndstat FreeBSD Audio Driver (newpcm: 64bit 2009061500/amd64) Installed devices: pcm0: <HDA ATI R6xx HDMI PCM #0 HDMI> (play) pcm1: <HDA Realtek ALC888 PCM #0 Analog> (play/rec) default pcm2: <HDA Realtek ALC888 PCM #1 Digital> (play)So I want the hda driver. This output also show that I have multiple sound devices, see below for dealing with those.
A brute force way of finding a sound driver would be to load all of them:
# cd /boot/kernel # kldload snd_* # load them alland see what stuck, using either of:
$ kldstat | grep snd_ $ cat /dev/sndstat
Once you know what kind of sound card you have, look in /boot/default/loader.conf and search for the line that loads the module specific to your sound card. Add that to your /boot/loader.conf
# emacs /boot/default/loader.conf /boot/loader.conf # grep snd_ /boot/loader.conf snd_hda_load="YES" # Intel High Definition Audio (Controller)
Loading the driver will (in FreeBSD 5.x or later) usually create the /dev/dsp sound device entry for you. If it exists, then try to send some noise to it:
# cat ~/.profile > /dev/dspIf this works, then you're done. All sound aware apps should pick this up and use it for sound.
In the case that the /dev/dsp device does not get created automatically after a reboot, as was my case because I have multiple sound cards, (one on the main board, one on the video card) try the following:
Figure out which of the existing /dev/dsp* devices to use. I ran the following loop:
# for d in /dev/dsp*; do echo $d; cat ~/.profile > $d; sleep 1; done6 times, with the speakers plugged into each of the 6 different ports in the back of the machine. Eventually I figured out it was /dev/dsp1.0 and the lower middle yellow port.
To put that info into place, I ran:
# sysctl hw.snd.default_unit=1Surprisingly, a /dev/dsp was not created, but Skype started making sounds at me, so it worked!
To make that permanent I added the following to /etc/sysctl.conf
# to make /dev/dsp point to /dev/dsp1.0 hw.snd.default_unit=1
After the next reboot, the /dev/dsp device was there and sound still worked.
Copied the itg2 entry from pesto:/etc/printcap. Namely:
-----
itg2:pt=PostScript:\
:mx#0:\
:lp=:\
:rm=itg-hp-lj2:\
:rp=raw:\
:if=/usr/local/libexec/psif:\
:lf=/var/log/lpd-errs:\
:sd=/usr/spool/lpd/itg2:
-----
and added that to /etc/printcap and:
changed: /usr/spool to /var/spool
removed the line: :if=/usr/local/libexec/psif:\
Ending up with:
itg2:pt=PostScript:\
:mx#0:\
:lp=:\
:rm=itg-hp-lj2:\
:rp=raw:\
:lf=/var/log/lpd-errs:\
:sd=/var/spool/lpd/itg2:
I tried leaving in the psif call with a 'portinstall lprps-letter' but I got
ioctl errors in /var/log/lpd-errs
Then:
mkdir /var/spool/lpd/itg2
Add
lpd_enable="YES"
to /etc/rc.conf
Add to user ~/.bashrc:
export PRINTER=itg2
Getting Shockwave Flash to run under FreeBSD is, without question, one of the biggest disappointments in running FreeBSD on the desktop. In short, Macromedia/Adobe doesn't support Flash on FreeBSD. There are efforts to implement open-source replacements but none seem ready yet.
Since Linux is supported, using emulation in some say is the alternative. The most straightforward would be to run all of Firefox or Opera under linux emulation, but for now, here's how I have Flash7 working under native Firefox. Unfortunately (or perhaps fortunately) sound doesn't work, so this isn't very good for YouTube but it gets rid of most of the broken media links.
cd /usr/local/lib/browser_plugins ln -s /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so . ln -s /usr/local/lib/npapi/linux-flashplugin/flashplayer.xpt .
I tried doing this with the linux-flashplugin9 port, but it didn't work. When hitting the about:plugin page (after starting firefox from a terminal command line) I would see:
$ firefox LoadPlugin: failed to initialize shared library /usr/local/lib/npapi/linux-flashplugin/libflashplayer.so [Shared object "libfreetype.so.6" not found, required by "libflashplayer.so"]This seems like it should be a pretty simple thing to fix (by say adding a line in /etc/libmap.conf) but I think this requires support by the linuxpluginwrapper port (which doesn't appear to be getting much love these days...)
I should figure out how to use all of firefix or Opera under linux emulation for sound, etc.
nisdomainname="mynisdomain" # Set to NIS domain if using NIS (or NO). nis_client_enable="YES" # We're an NIS client (or NO). nis_client_flags="-s" # ksb - leres suggested it, can't remember why...
To install the postgresql ports (81-client and 81-server):
# portinstall postgresql*
Then add postgresql_enable="YES" to /etc/rc.conf or the following init and start commands won't work.
To initialize the database, run
# /usr/local/etc/rc.d/010.pgsql.sh initdbThis also set up all the files under ~pgsql
To start, stop or check status of PostgreSQL use:
# /usr/local/etc/rc.d/010.pgsql.sh start|stop|status
FreeBSD's PostgreSQL port now by default logs to syslog. See ~pgsql/data/postgresql.conf for more info
Create a new database user (the -e is just to see the SQL commands used):
# su - pgsql $ bash [pgsql@fuzz ~]$ createuser -e foouser Shall the new role be a superuser? (y/n) n Shall the new role be allowed to create databases? (y/n) y Shall the new role be allowed to create more new roles? (y/n) n CREATE ROLE foouser NOSUPERUSER CREATEDB NOCREATEROLE INHERIT LOGIN; CREATE ROLE
Create a new database, as the pgsql user (the -e is just to see the SQL commands used):
$ createdb -e foodb
Try logging into the new db as the new user:
psql -U foouser -d foodb
# To turn on TCP connections from other hosts: # In ~pgsql/data/postgresql.conf tcpip_socket = true # In ~pgsql/data/pg_hba.conf, add a line like the following: host foo foo 192.168.1.10 255.255.255.255 trust # This will allow anyone on 192.168.1.10 to log in to the foo db as the foo user. That command there would be: psql -h 192.168.1.10 -U foo -d foo # For the JDBC drivers: portinstall postgresql-jdbc su - pgsql Look through post-install-notes
This doesn't seem to work entirely... Create /etc/ntp.conf: ---- server chronos01.lbl.gov prefer server tic.lbl.gov server toc.lbl.gov restrict default ignore driftfile /var/db/ntp.drift ---- To immediately update the system time (with /etc/ntp.conf in place): # ntpd -gq To have ntpd started with system startup, ddd into /etc/rc.conf: ntpd_enable="YES" To start ntpd manually without restarting: # ntpd -p /var/run/ntpd.pid -f /var/db/ntpd.drift
linux_enable="YES"Use kldstat to list currently loaded kernel modules. To add it without rebooting:
kldload /boot/kernel/linux.ko
portinstall -L /var/tmp/portupgrade/%s::%s.log linux_base-fc-4
Looking through the logs will give lots of good info on this port.
linprocfs /compat/linux/proc linprocfs rw 0 0To mount it immediately (I think I've got this right...):
mount -t linprocfs linprocfs /compat/linux/proc
domainname your NIS domain ypserver your NIS domain serverthen add nis to the passwd, shadow & group lines of nsswitch.conf:
passwd: files nis shadow: files nis group: files nis
Static IP
---------
Add (something simlar) the following to /etc/rc.conf
hostname="fuzz.lbl.gov"
ifconfig_em0="inet 131.243.2.59 netmask 255.255.255.0"
defaultrouter="131.243.2.1"
DHCP
----
Add the following to /etc/rc.conf
ifconfig_em0="syncdhcp" # The 'sync' will cause other network services
# to wait for the interface to get a license
# before proceeding (and failing)
To get your hostname sent to the DHCP server (which might then be
configured to add you into DNS) add the following to your /etc/dhclient.conf
send host-name "icepad";
Wireless
--------
This is a bit trickier.
Rebuild kernel to support the ath driver by adding
device ath
device ath_hal
device wlan
ifconfig will now show the ath0 interface
Bring it up so to search for SSIDs
# ifconfig ath0 up
Search for SSIDs by either:
# wiconfig ath0 -l
(This lists stations but doesn't show signal strengths for some reason)
or
# dstumbler ath0
(This lists stations, doesn't show signal strengths)
or
# dstumbler ath0 -s
(This lists only one station but does show it's strength.)
Attach to a particular station:
# ifconfig ath0 up ssid
or if you need a wepkey
# ifconfig ath0 up ssid wepmode on wepkey <0x0123456789>
The get DHCP info:
dhclient ath0
To release an existing DHCP license:
dhclient em0 -r