FreeBSD
Contents
Update
Update package repository catalogues, then update the installed packages:
pkg update # Use pkg-static if needed, e.g. after a major system upgrade pkg upgrade
To update[1] the base system:
$ freebsd-update fetch Looking up update.FreeBSD.org mirrors... 5 mirrors found. Fetching metadata signature for 9.3-RELEASE from update5.freebsd.org... done. Fetching metadata index... done. Inspecting system... Preparing to download files... done. [...] The following files will be added as part of updating to 9.3-RELEASE-p16: The following files will be updated as part of updating to 9.3-RELEASE-p16: $ freebsd-update install Installing updates....done.
Upgrade
To upgrade[2] to another release, use:
$ uname -r 11.0-RELEASE $ freebsd-update -r 12.0-RELEASE upgrade Looking up update.FreeBSD.org mirrors... 5 mirrors found. Fetching metadata signature for 11.0-RELEASE from update2.freebsd.org... done. Fetching metadata index... done. Inspecting system... done. [...] Fetching metadata signature for 12.0-RELEASE from update2.freebsd.org... done. Fetching metadata index... done. Fetching 1 metadata patches. done. Applying metadata patches... done. Fetching 1 metadata files... done. Inspecting system... Fetching files from 11.0-RELEASE for merging... done. Preparing to download files... To install the downloaded upgrades, run "/usr/sbin/freebsd-update install". $ freebsd-update install Installing updates... Kernel updates have been installed. Please reboot and run "/usr/sbin/freebsd-update install" again to finish installing updates.
Note: since the kernel has already been updated, we may have to boot the old (9.3-RELEASE) kernel and continue with:
$ freebsd-update install Installing updates... Completing this upgrade requires removing old shared object files. Please rebuild all installed 3rd party software (e.g., programs installed from the ports tree) and then run "/usr/sbin/freebsd-update install" again to finish installing updates.
Update userland tools:
pkg update # Use pkg-static if needed, e.g. after a major system upgrade pkg upgrade
Continue with:
$ freebsd-update install Installing updates... done.
Now the updated kernel should be bootable and the upgrade should now be completed.
If all is well, and no freebsd-update rollback is required, /var/db/freebsd-update/files can be emptied:[3]
$ du -sh /var/db/freebsd-update/files; find /var/db/freebsd-update/files | wc -l 781M /var/db/freebsd-update/files 29428 $ find /var/db/freebsd-update/files/ -type f -mtime +30 -ls -delete
Postinstall
Network
For a dynamic network configuration (read: DHCP), we'd use something like this in /etc/rc.conf:
hostname="len" ifconfig_bge0="DHCP" ifconfig_bge0_ipv6="inet6 accept_rtadv"
If we need a static network configuration, use:
ifconfig_bge0="inet 10.0.0.3 netmask 255.255.255.0" defaultrouter=10.0.0.1 hostname=len.example.net
Restart the network configuration:
/etc/rc.d/netif restart /etc/rc.d/routing restart
Packages
Install missing packages:
pkg install bash bash-completion curl gnupg1 lsof pv rsync screen sudo vnstat
- Change a user's shell via
chsh[4] - Add
vnstat_enable="YES"in/etc/rc.conf.
Encrypted swap
This can be done with geli pretty easily:[5]
Assuming /dev/ada0p3 is the original swap device:
$ swapoff /dev/ada0p3 $ dd if=/dev/urandom of=/dev/ada0p3 bs=1024k # For the paranoid :->
Add .eli to the /etc/fstab entry:
/dev/ada0p3.eli none swap sw 0 0
After everything is set up, it should look like this:
$ swapinfo Device 512-blocks Used Avail Capacity /dev/ada0p3.eli 2097152 38776 2058376 2%
Note: crashdumps[6] may not be possible on encrypted swap partitions![7]
Screensaver
On this laptop I wanted to have the LCD shut off when the (text) console was idle[8][9]
$ cat /etc/rc.conf [...] apm_enable="YES" blanktime="60" saver="blank"
Enable APM[10] in device.hints[11]
$ grep apm.0.disabled /boot/device.hints hint.apm.0.disabled="0"
SMART
To enable S.M.A.R.T., use smartmontools:[12][13]
pkg install smartmontools echo 'smartd_enable="YES"' >> /etc/rc.conf cp -i /usr/local/etc/smartd.conf.sample /usr/local/etc/smartd.conf
Start smartd and
/usr/local/etc/rc.d/smartd start
The installation package should have created /usr/local/etc/periodic/daily/smart to check on monitored devices periodically.
Memory
FreeBSD memory notation is quite different, let's explain it in short:[14]
$ top -b -d 1 | grep -A1 ^Mem Mem: 112M Active, 687M Inact, 158M Wired, 8268K Cache, 87M Buf, 12M Free Swap: 1024M Total, 41M Used, 983M Free, 3% Inuse
| Active | Memory currently being used by a process |
| Inactive | Memory that has been freed but is still cached since it may be used again. |
| Wired | Memory in use by the Kernel. This memory cannot be swapped out |
| Cache | Memory being used to cache data, can be freed immediately if required |
| Buffers | Disk cache |
| Free | Memory that is completely free and ready to use. |
Building
Check out the source and pick a release:
git clone https://github.com/freebsd/freebsd.git /usr/src # Needs to be writable, of course. git checkout -b local_12 origin/release/12.0.0
Let's not build as root but as a different user:
pw group add -n wsrc -M root,dummy chgrp wsrc /usr/obj/ chmod g+w /usr/obj/
Kernel
While explained in the handbook, here's the short version.[15]
cd /usr/src/ export MAKEOBJDIRPREFIX=/usr/obj # Adjust as needed, if needed at all. export LD=ld.lld # A newer linker may be needed for now.[16] export JOBS=$(/sbin/sysctl -n hw.ncpu) make -j$JOBS buildkernel KERNCONF=$(uname -i) doas make installkernel KERNCONF=$(uname -i) # sudo or doas needed
If we were to create a different configuration:
cd /usr/src/sys/$(uname -m)/conf/ cp GENERIC MYCONF
Edit MYCONF as needed set KERNCONF=MYCONF and build as shown above.
Reboot - and if all goes well, our new kernel should be running.
The running kernel configuration can be displayed with sysctl kern.conftxt or config -x /boot/kernel/kernel.
Userland
If needed, we can build the whole system from source. Assuming we have a current source tree, here's the short version:
cd /usr/src export MAKEOBJDIRPREFIX=/usr/obj # Adjust as needed, if needed at all. export JOBS=$(/sbin/sysctl -n hw.ncpu) unset LD # No LD override is needed here![17] make -j$JOBS buildworld export LD=ld.lld # A newer linker may be needed for now.[16] make -j$JOBS buildkernel doas make installkernel # sudo or doas needed
Boot into the new kernel, and if the system comes back online, install world:
cd /usr/src doas make installworld # sudo or doas needed
Update configuration files with mergemaster
doas mergemaster -Ui
Reboot again into the updated system.
Links
References
- ↑ Applying Security Patches
- ↑ Performing Major and Minor Version Upgrades
- ↑ can /var/db/freebsd-update/ be safely deleted?
- ↑ chpass(1)
- ↑ 18.13. Encrypting Swap
- ↑ Kernel Debugging
- ↑ Crash dumps and encrypted swap
- ↑ green_saver does not switch DVI monitor power off
- ↑ Should green_saver.ko shut off a laptop's backlight?
- ↑ FreeBSD on Laptops: APM
- ↑ 13.4. Device Hints
- ↑ smartmontools
- ↑ Monitoring your HDD using SMART and Nagios
- ↑ What do the different memory counters in FreeBSD mean?
- ↑ How To Customize and Recompile Your Kernel on FreeBSD 10.1
- ↑ 16.0 16.1 Can't build kernel anymore: amd64 kernel requires linker ifunc support
- ↑ Buildowrld tries to use old ld, and fails
