Copyright 2015 Barry Allard
(cd /usr/ports/devel/gmake && make install clean clean-depends)
(cd /usr/ports/shells/bash-static && make install clean clean-depends) && chsh -s `which bash`
grep bash /etc/shells
FreeBSD installation "sets" (aka "Components")
- Usual defaults: none of
games lib32 ports src doc doc:/usr/share/docnon-man page docslib32: 32-bit compat libs for 64-bit systemssrc:/usr/srcKernel and userland sourcesports:/usr/ports, unnecessary since it be created (downloaded) at any time viaportsnap fetch extract
sedis BSD sed (GNU sed is porttextproc/gsed)makeis BSD make (GNU make isdevel/gmake)awkis BSD awk (GNU awk (gawk) islang/gawk)shis BSD Bourne shell, notbash(bash isshells/bash)viis the original Bill Joy editor (vim iseditors/vim)straceisdtrusswatchiscmdwatch(sysutils/cmdwatch)libtoolis indevel/libtoolgitis indevel/gitperlis inlang/perl5.22pythonis inlang/python27rubyis inlang/ruby22- The built-in system OpenSSL is rarely current (latest is
security/openssl) - The default downloading tool is
fetch(curlisftp/curl) readlinelib isdevel/readlineclangis the default compiler- There is no service process manager (i.e.,
upstart,systemd), so runit/daemontools can be useful - Root shell defaults to
csh sudois not part of the base system, so usesuuntilsecurity/sudois installedsed -i s/a/b/ whatever->sed -i '' s/a/b/ whateverfind -name foo->find . -name foo
- Update the system (base system only, not ports):
freebsd-update fetch install && reboot - System configuration:
/etc/rc.conf
- Audit all ports for latest known security issues
pkg audit -F - Setup pf
- Restart a service
service {{service_name}} restart - Make a service always run at boot:
/etc/rc.confappend{{service_name}}_enable=YES - Port installed config files are usually in
/usr/local/etchowever they can also be in/etc - Start a service without permanently enabling it
service {{service_name}} onestart
- List all packages installed
pkg info - Packages FS hierarchy:
/usr/local - Install a prebuilt binary package (could be old):
pkg install foo - Update ports (build files, not packages at
/usr/ports):portsnap fetch extract upgrade - Update all installed ports:
(cd /usr/ports/ports-mgmt/portmaster && make install clean clean-depends) && portmaster -a --delete-packages --no-confirm - More ports doc:
man ports - Build and install package from source:
(cd /usr/ports/{{category}}/{{portname}} && make install clean clean-depends) - Search for a port:
(cd /usr/ports && make search name=foo) - Ports development https://github.com/freebsd/freebsd-ports
- Upgrade perl5 from 5.18 to 5.22
portmaster -o lang/perl5.22 lang/perl5.18 - Most common
/etc/fstabadditions
# bash requires fdescfs(5) mounted on /dev/fd
fdesc /dev/fd fdescfs rw 0 0
# htop requires linprocfs
linprocfs /compat/linux/proc linprocfs rw 0 0
- Needs
lang/perl5.22andmisc/compat6xbefore installing via./vmware-tools-install.pl em[0-9]+are the fastest adapters- turn off tso
sysctl net.inet.tcp.tso=0 && touch /etc/sysctl.conf && echo net.inet.tcp.tso=0 >> /etc/sysctl.conf
Season to taste with these:
# add to /etc/rc.conf
keyrate="fast" # for fast people
moused_enable="YES" # turn on the pseudo-graphical mouse
moused_flags="-A 1.2 -m 2=3 -m 3=2" # For Linux-like console "paste" compatibility on VMware Fusion
allscreens_flags="-h 4000 MODE_352" # For higher-res SVGA console on VMware Fusion and 4000 lines of scrollback
- Time synchronization: ntimed (
net/ntimed) is far more efficient, accurate and secure than either ntpd or openntpd
- Run Xen dom0 (run Linux, FreeBSD, Windows, etc., no XAPI however)
- ZFS (FreeNAS... which is mostly just a Django app on top of FreeBSD)
- Docker alternative: ezjail
- The fastest, carrier-grade UDP network stack on the planet
- Far, far slimmer syscall ABI
- Run Linux binaries
- Run Varnish on ridiculously huge, bare-metal boxen
- Appliance like pfSense or your-fancy-enterprise-app-and-gigabucks-startup-here (see also nanobsd)