Postinstall

Network

For a dynamic network configuration (read: DHCP), we'd use something like this in /etc/rc.conf:

hostname="len"
ifconfig_bge0="DHCP"
ifconfig_bge0_ipv6="inet6 accept_rtadv"

If we need a static network configuration, use:

ifconfig_bge0="inet 10.0.0.3 netmask 255.255.255.0"
defaultrouter=10.0.0.1
hostname=len.example.net

Restart the network configuration:

/etc/rc.d/netif restart
/etc/rc.d/routing restart

Packages

Install missing packages:

pkg install bash bash-completion curl gnupg1 lsof pv rsync screen sudo vnstat

Change a user's shell via chsh^[1]
Add vnstat_enable="YES" in /etc/rc.conf.

Encrypted swap

This can be done with geli pretty easily:^[2]

Assuming /dev/ada0p3 is the original swap device:

$ swapoff /dev/ada0p3
$ dd if=/dev/urandom of=/dev/ada0p3 bs=1024k                                                   # For the paranoid :->

Add .eli to the /etc/fstab entry:

/dev/ada0p3.eli none       swap    sw      0       0

After everything is set up, it should look like this:

$ swapinfo 
Device          512-blocks     Used    Avail Capacity
/dev/ada0p3.eli    2097152    38776  2058376     2%

Note: crashdumps^[3] may not be possible on encrypted swap partitions!^[4]

`fstab`

Move /tmp to volatile storage, either with mfs or tmpfs:

$ zfs destroy zroot/tmp
$ grep tmpfs /etc/fstab 
tmpfs       /tmp               tmpfs     rw,nosuid,mode=1777,size=256m 0 0

$ mount /tmp

If needed, mount procfs and Linux process and system file systems too:

$ tail -3 /etc/fstab 
proc        /proc              procfs    rw,noexec,nosuid,nodev 0 0
linproc     /compat/linux/proc linprocfs rw,noexec,nosuid,nodev 0 0
linsys      /compat/linux/sys  linsysfs  rw,noexec,nosuid,nodev 0 0

Screensaver

On this laptop I wanted to have the LCD shut off when the (text) console was idle^[5]^[6]

$ cat /etc/rc.conf
[...]
apm_enable="YES"
blanktime="60"
saver="blank"

Enable APM^[7] in device.hints^[8]

$ grep apm.0.disabled /boot/device.hints 
hint.apm.0.disabled="0"

SMART

To enable S.M.A.R.T., use smartmontools:^[9]^[10]

pkg install smartmontools
echo 'smartd_enable="YES"' >> /etc/rc.conf
cp -i /usr/local/etc/smartd.conf.sample /usr/local/etc/smartd.conf

Start smartd and

/usr/local/etc/rc.d/smartd start

The installation package should have created /usr/local/etc/periodic/daily/smart to check on monitored devices periodically.

Memory

FreeBSD memory notation is quite different, let's explain it in short:^[11]

$ top -b -d 1 | grep -A3 ^Mem
Mem: 11M Active, 14M Inact, 106M Wired, 1846M Free
ARC: 43M Total, 9646K MFU, 32M MRU, 64K Anon, 672K Header, 1030K Other
     22M Compressed, 73M Uncompressed, 3.36:1 Ratio
Swap: 128M Total, 128M Free

Active	Memory currently being used by a process
Inactive	Memory that has been freed but is still cached since it may be used again.
Wired	Memory in use by the Kernel. This memory cannot be swapped out
Cache	Memory being used to cache data, can be freed immediately if required
Buffers	Disk cache
Free	Memory that is completely free and ready to use.
ARC Total
MFU
MRU
Anon
Header
Other
Compressed / Uncompressed
Ratio

Update

Update package repository catalogues, then update the installed packages:

pkg update                                                                                     # Use pkg-static if needed, e.g. after a major system upgrade
pkg upgrade

To update^[12] the base system:

$ freebsd-update fetch 
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for 9.3-RELEASE from update5.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... 
Preparing to download files... done.
[...]
The following files will be added as part of updating to 9.3-RELEASE-p16:
The following files will be updated as part of updating to 9.3-RELEASE-p16:

$ freebsd-update install
Installing updates....done.

Or, in one go with a typescript:

script -a update.log sh -c "freebsd-update fetch && freebsd-update install"

Upgrade

To upgrade^[13] to another release, use:

$ uname -r
11.0-RELEASE

$ freebsd-update -r 12.0-RELEASE upgrade
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching metadata signature for  11.0-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Inspecting system... done.
[...]
Fetching metadata signature for 12.0-RELEASE from update2.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system...
Fetching files from  11.0-RELEASE for merging... done.
Preparing to download files...

To install the downloaded upgrades, run "/usr/sbin/freebsd-update install".

$ freebsd-update install
Installing updates...
Kernel updates have been installed.  Please reboot and run
"/usr/sbin/freebsd-update install" again to finish installing updates.

Reboot, then continue with:

$ freebsd-update install
Installing updates... done.

Now the updated kernel should be bootable and the upgrade should now be completed.

If all is well, and no freebsd-update rollback is required, /var/db/freebsd-update/files can be emptied:^[14]^[15]

$ du -sh /var/db/freebsd-update/files; find /var/db/freebsd-update/files | wc -l
781M    /var/db/freebsd-update/files
29428

$ find /var/db/freebsd-update/files/ -type f -mtime +30 -ls -delete

If needed, update userland tools:

pkg update                                                                                     # Use pkg-static if needed, e.g. after a major system upgrade
pkg upgrade

Building

Check out the source and pick a release. But let's checkout via its (readonly) Git mirror, it's so much faster:

git clone https://github.com/freebsd/freebsd.git /usr/src
git checkout -b local_12 origin/release/12.0.0

Let's not build as root but as a different user:

pw group add -n wsrc -M root,dummy
chgrp wsrc /usr/obj/
chmod g+w  /usr/obj/

Kernel

While explained in the handbook, here's the short version.^[16]

cd /usr/src/
export MAKEOBJDIRPREFIX=/usr/obj                                                               # Adjust as needed, if needed at all.
export LD=ld.lld                                                                               # A newer linker may be needed for now.^[17]
export JOBS=$(/sbin/sysctl -n hw.ncpu)

make -j${JOBS} buildkernel   KERNCONF=$(uname -i)
doas make      installkernel KERNCONF=$(uname -i)                                              # sudo or doas needed

If we were to create a different configuration:

cd /usr/src/sys/$(uname -m)/conf/
cp GENERIC MYCONF

Edit MYCONF as needed set KERNCONF=MYCONF and build as shown above.

Reboot - and if all goes well, our new kernel should be running.

The running kernel configuration can be displayed with sysctl kern.conftxt or config -x /boot/kernel/kernel.

Userland

If needed, we can build the whole system from source. Assuming we have a current source tree, here's the short version:

cd /usr/src
export MAKEOBJDIRPREFIX=/usr/obj                                                               # Adjust as needed, if needed at all.
export JOBS=$(/sbin/sysctl -n hw.ncpu)

unset LD                                                                                       # No LD override is needed here!^[18]
make -j${JOBS} buildworld

export LD=ld.lld                                                                               # A newer linker may be needed for now.^[17]
make -j${JOBS} buildkernel
doas make      installkernel                                                                   # sudo or doas needed

Boot into the new kernel, and if the system comes back online, install world:

cd /usr/src
doas make installworld                                                                         # sudo or doas needed

Update configuration files with mergemaster

doas mergemaster -Ui

Reboot again into the updated system.

Ports

Again, the handbook has this topic pretty much covered. Let's only show some examples here:

Fetch and extract a current port snapshot into /usr/ports:

portsnap fetch
portsnap extract

Or, when updating an already existing /usr/ports tree:

portsnap fetch
portsnap update

We can also use Git to checkout the ports tree:

git clone https://github.com/freebsd/freebsd-ports.git /usr/ports                              # SVN variant: svn checkout https://svn.FreeBSD.org/ports/head /usr/ports 
                                                                                               #              svn update /usr/ports

Install a port:

$ cd /usr/ports/*/cowsay && pwd
/usr/ports/games/cowsay

$ make install

Uninstall with:

$ make deinstall

Links

References

[1] ss(1)

[2] 18.13. Encrypting Swap

[3] Kernel Debugging

[4] Crash dumps and encrypted swap

[5] reen_saver does not switch DVI monitor power off

[6] Should green_saver.ko shut off a laptop's backlight?

[7] FreeBSD on Laptops: APM

[8] 13.4. Device Hints

[9] smartmontools

[10] Monitoring your HDD using SMART and Nagios

[11] What do the different memory counters in FreeBSD mean?

[12] Applying Security Patches

[13] Performing Major and Minor Version Upgrades

[14] /var/db/freebsd-update/ be safely deleted?

[15] Is it safe to clean /var/db/freebsd-update/files ?

[16] How To Customize and Recompile Your Kernel on FreeBSD 10.1

[LD-17] 17.0 ^17.1 Can't build kernel anymore: amd64 kernel requires linker ifunc support

[18] Buildowrld tries to use old ld, and fails

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

FreeBSD

Contents