From Segfault
Jump to navigation Jump to search



For a dynamic network configuration (read: DHCP), we'd use something like this in /etc/rc.conf:

ifconfig_bge0_ipv6="inet6 accept_rtadv"

If we need a static network configuration, use:

ifconfig_bge0="inet netmask"

Restart the network configuration:

/etc/rc.d/netif restart
/etc/rc.d/routing restart


Install missing packages:

pkg install bash bash-completion curl gnupg1 lsof pv rsync screen sudo vnstat
  • Change a user's shell via chsh[1]
  • Add vnstat_enable="YES" in /etc/rc.conf.

Encrypted swap

This can be done with geli pretty easily:[2]

Assuming /dev/ada0p3 is the original swap device:

$ swapoff /dev/ada0p3
$ dd if=/dev/urandom of=/dev/ada0p3 bs=1024k                                                   # For the paranoid :->

Add .eli to the /etc/fstab entry:

/dev/ada0p3.eli none       swap    sw      0       0

After everything is set up, it should look like this:

$ swapinfo 
Device          512-blocks     Used    Avail Capacity
/dev/ada0p3.eli    2097152    38776  2058376     2%

Note: crashdumps[3] may not be possible on encrypted swap partitions![4]


Move /tmp to volatile storage, either with mfs or tmpfs:

$ zfs destroy zroot/tmp
$ grep tmpfs /etc/fstab 
tmpfs       /tmp               tmpfs     rw,nosuid,mode=1777,size=256m 0 0

$ mount /tmp

If needed, mount procfs and Linux process and system file systems too:

$ tail -3 /etc/fstab 
proc        /proc              procfs    rw,noexec,nosuid,nodev 0 0
linproc     /compat/linux/proc linprocfs rw,noexec,nosuid,nodev 0 0
linsys      /compat/linux/sys  linsysfs  rw,noexec,nosuid,nodev 0 0


On this laptop I wanted to have the LCD shut off when the (text) console was idle[5][6]

$ cat /etc/rc.conf

Enable APM[7] in device.hints[8]

$ grep apm.0.disabled /boot/device.hints 


To enable S.M.A.R.T., use smartmontools:[9][10]

pkg install smartmontools
echo 'smartd_enable="YES"' >> /etc/rc.conf
cp -i /usr/local/etc/smartd.conf.sample /usr/local/etc/smartd.conf

Start smartd and

/usr/local/etc/rc.d/smartd start

The installation package should have created /usr/local/etc/periodic/daily/smart to check on monitored devices periodically.


FreeBSD memory notation is quite different, let's explain it in short:[11]

$ top -b -d 1 | grep -A3 ^Mem
Mem: 11M Active, 14M Inact, 106M Wired, 1846M Free
ARC: 43M Total, 9646K MFU, 32M MRU, 64K Anon, 672K Header, 1030K Other
     22M Compressed, 73M Uncompressed, 3.36:1 Ratio
Swap: 128M Total, 128M Free
Active Memory currently being used by a process
Inactive Memory that has been freed but is still cached since it may be used again.
Wired Memory in use by the Kernel. This memory cannot be swapped out
Cache Memory being used to cache data, can be freed immediately if required
Buffers Disk cache
Free Memory that is completely free and ready to use.
ARC Total
Compressed / Uncompressed


Update package repository catalogues, then update the installed packages:

pkg update                                                                                     # Use pkg-static if needed, e.g. after a major system upgrade
pkg upgrade

To update[12] the base system:

$ freebsd-update fetch 
Looking up mirrors... 5 mirrors found.
Fetching metadata signature for 9.3-RELEASE from done.
Fetching metadata index... done.
Inspecting system... 
Preparing to download files... done.
The following files will be added as part of updating to 9.3-RELEASE-p16:
The following files will be updated as part of updating to 9.3-RELEASE-p16:

$ freebsd-update install
Installing updates....done.

Or, in one go with a typescript:

script -a update.log sh -c "freebsd-update fetch && freebsd-update install"


To upgrade[13] to another release, use:

$ uname -r

$ freebsd-update -r 12.0-RELEASE upgrade
Looking up mirrors... 5 mirrors found.
Fetching metadata signature for  11.0-RELEASE from done.
Fetching metadata index... done.
Inspecting system... done.
Fetching metadata signature for 12.0-RELEASE from done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
Inspecting system...
Fetching files from  11.0-RELEASE for merging... done.
Preparing to download files...

To install the downloaded upgrades, run "/usr/sbin/freebsd-update install".

$ freebsd-update install
Installing updates...
Kernel updates have been installed.  Please reboot and run
"/usr/sbin/freebsd-update install" again to finish installing updates.

Reboot, then continue with:

$ freebsd-update install
Installing updates... done.

Now the updated kernel should be bootable and the upgrade should now be completed.

If all is well, and no freebsd-update rollback is required, /var/db/freebsd-update/files can be emptied:[14][15]

$ du -sh /var/db/freebsd-update/files; find /var/db/freebsd-update/files | wc -l
781M    /var/db/freebsd-update/files

$ find /var/db/freebsd-update/files/ -type f -mtime +30 -ls -delete

If needed, update userland tools:

pkg update                                                                                     # Use pkg-static if needed, e.g. after a major system upgrade
pkg upgrade


Check out the source and pick a release. But let's checkout via its (readonly) Git mirror, it's so much faster:

git clone /usr/src
git checkout -b local_12 origin/release/12.0.0

Let's not build as root but as a different user:

pw group add -n wsrc -M root,dummy
chgrp wsrc /usr/obj/
chmod g+w  /usr/obj/


While explained in the handbook, here's the short version.[16]

cd /usr/src/
export MAKEOBJDIRPREFIX=/usr/obj                                                               # Adjust as needed, if needed at all.
export LD=ld.lld                                                                               # A newer linker may be needed for now.[17]
export JOBS=$(/sbin/sysctl -n hw.ncpu)

make -j${JOBS} buildkernel   KERNCONF=$(uname -i)
doas make      installkernel KERNCONF=$(uname -i)                                              # sudo or doas needed

If we were to create a different configuration:

cd /usr/src/sys/$(uname -m)/conf/

Edit MYCONF as needed set KERNCONF=MYCONF and build as shown above.

Reboot - and if all goes well, our new kernel should be running.

The running kernel configuration can be displayed with sysctl kern.conftxt or config -x /boot/kernel/kernel.


If needed, we can build the whole system from source. Assuming we have a current source tree, here's the short version:

cd /usr/src
export MAKEOBJDIRPREFIX=/usr/obj                                                               # Adjust as needed, if needed at all.
export JOBS=$(/sbin/sysctl -n hw.ncpu)

unset LD                                                                                       # No LD override is needed here![18]
make -j${JOBS} buildworld

export LD=ld.lld                                                                               # A newer linker may be needed for now.[17]
make -j${JOBS} buildkernel
doas make      installkernel                                                                   # sudo or doas needed

Boot into the new kernel, and if the system comes back online, install world:

cd /usr/src
doas make installworld                                                                         # sudo or doas needed

Update configuration files with mergemaster

doas mergemaster -Ui

Reboot again into the updated system.


Again, the handbook has this topic pretty much covered. Let's only show some examples here:

Fetch and extract a current port snapshot into /usr/ports:

portsnap fetch
portsnap extract

Or, when updating an already existing /usr/ports tree:

portsnap fetch
portsnap update

We can also use Git to checkout the ports tree:

git clone /usr/ports                              # SVN variant: svn checkout /usr/ports 
                                                                                               #              svn update /usr/ports

Install a port:

$ cd /usr/ports/*/cowsay && pwd

$ make install

Uninstall with:

$ make deinstall