User Tools

Site Tools


project:kernellab:bsd

This is an old revision of the document!


Fundamentals of FreeBSD

Getting Started with FreeBSD

The Kernel Boot Process

The Kernel

FreeBSD Kernel Porting Guide

Do you like backdoors ?

Kernel Porting to ARM Board

NetBooting ARM/MIPS

Kernel Debug, BackTrace

Extended firmware interface (Efi)

Internal Talks

FreeBSD is not a Linux distribution

FreeBSD BSDCons

FreeBSD ASIANBSDCON 2018

FreeBSD ASIANBSDCON 2017

Tweaking a Running Kernel

Tuning tips

FreeBSD Broadcom Wi-Fi

Linux® emulation in FreeBSD

How to Become a FreeBSD Committer

Bios

Bhyve Hypervisor

Build ports

Reference

Portmaster

portmaster -L - Check all update for ports
portmaster -a - Upgrade ports
portmaster -af - Rebuild of installed application

Build ports with Poudriere

Create it ports tree for poudriere

poudriere ports -c

Configure poudriere, file system, ram, etc…

/usr/local/etc/poudriere.conf

List port tree

poudriere ports -l

PORTSTREE METHOD   TIMESTAMP           PATH
default   portsnap 2019-07-10 21:47:49 /usr/local/poudriere/ports/default

Create it jail for build and the target system

poudriere jail -c -j freebsd_11-2x64 -v 11.2-RELEASE -a amd64

List the jails

sudo poudriere jail -l

JAILNAME        VERSION          ARCH  METHOD TIMESTAMP           PATH
freebsd_11-2x64 11.2-RELEASE-p11 amd64 ftp    2019-07-10 20:48:07 /usr/local/poudriere/jails/freebsd_11-2x64

Copy your port files to /usr/local/poudriere/default/ and then build it port for example

sudo poudriere testport -o lang/halide -j freebsd_11-2x64

Debug ports

Just put the following line to /etc/make.conf. Then recompile port with debug symbol.

WITH_DEBUG=    yes

more information in

/usr/ports/Mk/bsd.port.mk

Debug Makefile

Debug makefile for your port

make -d A

Desktop tips

FoldingHome on FreeBSD

Steam on FreeBSD

Bitcoin Full Node

Tuning Power Laptops

Optimus on Freebsd - Hot fix

Comment out Nvidia-related parts from your xorg.conf :

...

Section "Device"
    Identifier  "Card0"
    Driver      "intel"
    BusID       "PCI:0:2:0"
EndSection

#Section "Device"
#   Identifier  "Card1"
#   Driver      "nvidia"
#   BusID       "PCI:1:0:0"
#EndSection

...

Then add the following bits to rc.conf(5) :

kld_list='i915kms'

NTPD synchronize

ntpdate_enable="YES"
ntpdate_hosts="in.pool.ntp.org"

Or manually update time and date

securelevel on 2 then you cannot set time only about second.

ntpdate -b pool.ntp.org
sudo service ntpd start

Disable Beep

# sysctl hw.syscons.bell=0

or if you use XFCE

set bell-style none

Change standard shell to fish

You must add line in /etc/shells for example fish shell

/usr/local/bin/fish

Change shell and path your favorite shell

chsh -s /usr/local/bin/fish

Paths for shell

If you need PATH for example compiler or some options

# ASAN settings
set -x ASAN_SYMBOLIZER_PATH /usr/local/llvm50/bin/llvm-symbolizer
set -x ASAN_OPTIONS verbosity=1
set -x ASAN_OPTIONS symbolize=1
set -x ASAN_OPTIONS detect_stack_use_after_scope=1

# UBSAN settings
set -x UBSAN_SYMBOLIZER_PATH /usr/local/llvm50/bin/llvm-symbolizer
set -x UBSAN_OPTIONS verbosity=2

# MSAN
set -x MSAN_SYMBOLIZER_PATH /usr/local/llvm50/bin/llvm-symbolizer
set -x MSAN_OPTIONS fsanitize-memory-track-origins=2
set -x MSAN_OPTIONS verbosity=2
set -x MSAN_OPTIONS symbolize=1

Nano tuning

set constantshow
set smooth
set autoindent
set casesensitive
set historylog
set morespace

syntax "comments" ".*"
color blue "^#.*"

## nanorc files
include "/usr/local/share/nano/asm.nanorc"
include "/usr/local/share/nano/awk.nanorc"
include "/usr/local/share/nano/c.nanorc"
include "/usr/local/share/nano/cmake.nanorc"
include "/usr/local/share/nano/css.nanorc"
include "/usr/local/share/nano/debian.nanorc"
include "/usr/local/share/nano/fortran.nanorc"
include "/usr/local/share/nano/gentoo.nanorc"
include "/usr/local/share/nano/groff.nanorc"
include "/usr/local/share/nano/html.nanorc"
include "/usr/local/share/nano/java.nanorc"
include "/usr/local/share/nano/makefile.nanorc"
include "/usr/local/share/nano/man.nanorc"
include "/usr/local/share/nano/mgp.nanorc"
include "/usr/local/share/nano/mutt.nanorc"
include "/usr/local/share/nano/nanorc.nanorc"
include "/usr/local/share/nano/objc.nanorc"
include "/usr/local/share/nano/ocaml.nanorc"
include "/usr/local/share/nano/patch.nanorc"
include "/usr/local/share/nano/perl.nanorc"
include "/usr/local/share/nano/php.nanorc"
include "/usr/local/share/nano/pov.nanorc"
include "/usr/local/share/nano/python.nanorc"
include "/usr/local/share/nano/ruby.nanorc"
include "/usr/local/share/nano/sh.nanorc"
include "/usr/local/share/nano/tcl.nanorc"
include "/usr/local/share/nano/tex.nanorc"
include "/usr/local/share/nano/xml.nanorc"

QT Creator - Debugging

I cannot debug C/C++ programs because message “No symbol table is loaded. Use the \”file\“ command” …

Best solution is install devel/gdb with path /usr/local/bin/gdb

Touchpad

Touchpad reference

Mount

Mount msdosfs

# ls /dev/da*
# mount_msdosfs /dev/da0 /media/usb

ReMount /etc/fstab

mount -av

Mount ext2/ext3/ext4

Fuse-ext2 mounts an ext2/ext3/ext4 partition or image file

For control kernels fuse modules is command:

kldstat

If you don't have fuse.ko module in the kernel you use this command

kldload fuse

Then mount your partition

fuse-ext2  /dev/your_partition /media/

Mount NTFS

For mounting ntfs file system you must kernel module loaded.

For control kernels fuse modules is command:

kldstat

and load FUSE kernel module:

kldload fuse

and then you can mount ntfs filesystem.

# ls /dev/da*
# ntfs-3g  /dev/your_partition  /mnt/

Automounting Removable Media

Uncomment in config file in /etc/auto_master

/media        -media        -nosuid

Add lines to /etc/devd.conf

notify 100 {
    match "system" "GEOM";
    match "subsystem" "DEV";
    action "/usr/sbin/automount -c";
};

Reload service

service automount reload
service devd restart

and added configuration /etc/rc.conf

autofs_enable="YES"

Introduction ZFS

Mount ZFS

zpool import

For control command mount.

Mount ZFS from Live CD

zpool import -fR /media zroot

Tuning zfs on i386

If you will have i386 OS you must set wm.kmem_size=“512M” and vm.kmem_size_max=“” is minimal value.

This is little tunables more information on http://www.freebsd.cz/doc/handbook/zfs-advanced.html

vfs.zfs.prefetch_disable=0
vm.kmem_size="512M"
vm.kmem_size_max="768M"
vfs.zfs.arc_max="40M"
vfs.zfs.vdev.cache.size="5M"

Resize partition

We added space for virtual disk (VirtualBox, or other) but we have disk CORRUPT

lol@ ~/> gpart show ada0
=>      40  41942960  ada0  GPT  (39G) [CORRUPT]
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  37744640     3  freebsd-zfs  (18G)
  41940992      2008        - free -  (1.0M)

Fix is easy :

gpart recover ada0

Now we need resize partion 3.

lol@ ~/> gpart show 
=>      40  81919920  ada0  GPT  (39G)
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  37744640     3  freebsd-zfs  (18G)
  41940992  39978968        - free -  (19G)
lol@ ~/> zpool list
NAME    SIZE  ALLOC   FREE  EXPANDSZ   FRAG    CAP  DEDUP  HEALTH  ALTROOT
zroot  17.9G  17.3G   621M         -    76%    96%  1.00x  ONLINE  -

For device is Busy , we have set this value:

lol@ ~/> sysctl kern.geom.debugflags=16
kern.geom.debugflags: 0 -> 16

Now resize partition number 3

lol@ ~/> gpart show 
=>      40  81919920  ada0  GPT  (39G)
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  37744640     3  freebsd-zfs  (18G)
  41940992  39978968        - free -  (19G)

lol@ ~/> sudo gpart resize -i 3 ada0

ada0p3 resized

lol@ ~/> gpart show 
=>      40  81919920  ada0  GPT  (39G)
        40      1024     1  freebsd-boot  (512K)
      1064       984        - free -  (492K)
      2048   4194304     2  freebsd-swap  (2.0G)
   4196352  77723608     3  freebsd-zfs  (37G)

Last step with zfs pool:

lol@ ~/> sudo zpool set autoexpand=on zroot
lol@ ~/> sudo zpool online -e zroot ada0p3 ada0p3

Control space in zpool.Size of zroot is right.

lol@ ~/> zpool list
NAME    SIZE  ALLOC   FREE  EXPANDSZ   FRAG    CAP  DEDUP  HEALTH  ALTROOT
zroot    37G  17.3G  19.7G         -    36%    46%  1.00x  ONLINE  -
lol@ ~/Desktop> sudo sysctl kern.geom.debugflags=0
kern.geom.debugflags: 16 -> 0

Virtualbox

Virtuabox in FreeBSD

Added line with kernel module to /boot/loader.conf

vboxdrv_load="YES"

Added line for bridged or host-only networking to /etc/rc.conf

vboxnet_enable="YES"

Added to group

pw groupmod vboxusers -m yourusername
chown root:vboxusers /dev/vboxnetctl
chmod 0660 /dev/vboxnetctl

Permanent permisions added lines to /etc/devfs.conf

own     vboxnetctl root:vboxusers
perm    vboxnetctl 0660

FreeBSD as guest Virtualbox

Write to /etc/rc.conf

vboxguest_enable="YES"
vboxservice_enable="YES"

Wifi and FreeBSD

How to setup WIFI card

pciconf -l - look for if see wifi hardware
sudo ifconfig wlan0 create wlandev wpi0
sudo wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf

How to setup USB WIFI

Add kernel module to /boot/loader.conf

# Kernel module for wifi 
if_ath_load="YES"
if_iw_load="YES"

# Next wifi kernel modules
wlan_wep_load="YES"
wlan_ccmp_load="YES"
wlan_tkip_load="YES"

Add to configure /etc/rc.conf this lines. Configure you wifi device.

wlans_run0="wlan0"
create_args_wlan0="wlanmode sta country CZ indoor"

Look to your hardware if you have drivers.

# Look for if see wifi hardware (wpi, run0)
pciconf -l 

# Create a device with name wlan0
sudo ifconfig wlan0 create wlandev wpi0

# Create wpa_supplicant configure file with ssid network 
sudo wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf

# Scan your wifi networks
ifconfig wlan0 up scan 
SSID/MESH ID    BSSID              CHAN RATE   S:N     INT CAPS
lol        00:13:46:49:41:76   11   54M -90:96   100 EPS  WPA WME
trololo    00:11:95:c3:0d:ac    1   54M -83:96   100 EPS  WPA

# IP address from DHCP server
sudo dhclient wlan0

GELI

Install CD -> Partition -> Shell

gpart create -s gpt vtbd0
gpart add -t freebsd-boot -s 512k -a 4k vtbd0
gpart add -t freebsd-ufs -a 1M vtbd0
gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 vtbd0

geli init -b -g vtbd0p2
geli attach vtbd0p2

newfs -j /dev/vtbd0p2.eli
mount /dev/vtbd0p2.eli /mnt

- /tmp/bsdinstall_etc/fstab
/dev/vtbd0p2.eli / ufs rw,noatime 1 1

- /tmp/bsdinstall_boot/loader.conf
geom_eli_load="YES"

exit (installer will continue)

Change  /dev/vtbd0p2.eli to gptid/rawuuid (gpart list):
/dev/gptid/015ceb9a-90a4-11e6-b8fc-1392a9ed1847 / ufs rw,noatime 1 1

FreeBSD Security

Security on FreeBSD

To check the status of the securelevel on a running system: Add to /etc/sysctl.conf

kern.securelevel=2
security.bsd.see_other_uids=0
security.bsd.stack_guard_page=1
net.inet.ip.random_id=1

more : https://www.freebsd.org/doc/faq/security.html

Enabling and Utilizing Process Accounting

Tracking information such as CPU statistics and executed commands.

touch /var/account/acct
chmod 600 /var/account/acct
accton /var/account/acct
echo 'accounting_enable="YES"' >> /etc/rc.conf

Troubleshooting with FreeBSD

SSH

Too many authentication failures

If You are not able to authenticate via ssh and message “Too many authentication failures” is logged in /var/log/auth.log you probably have more than 2 keys loaded in your ssh agent that are failing to authenticate. To solve this unload keys you are not using from ssh agent (ssh-add -d path/ ssh-add -D), use ssh -i path_to_key or create an appropriate section in your ~/.ssh/config with IdentityFile.

BOOT on FreeBSD

Fatal double fault FreeBSD 10.3 - i386 , FreeBSD 11 - i386

The fatal double fault is a problem on FreeBSD - i386 with ZFS file system.

As described in /usr/src/UPDATING entry 20121223, rebuilding the kernel with options KSTACK_PAGES=4 has been observed to resolve the boot-time crash. This, however, is not an ideal solution for inclusion in the GENERIC kernel configuration, as increasing KSTACK_PAGES implicitly decreases available usermode threads in an environment that is already resource-starved.

You must do this steps for new kernel:

# mkdir -p /usr/src
# svnlite co svn://svn.freebsd.org/base/releng/10.2 /usr/src
# make -C /usr/src kernel-toolchain
# printf "include GENERIC\noptions KSTACK_PAGES=4\n" > /usr/src/sys/i386/conf/ZFS
# make -C /usr/src buildkernel KERNCONF=ZFS
# make -C /usr/src installkernel KERNCONF=ZFS

For FreeBSD 10.3 - More information on page https://www.freebsd.org/releases/10.3R/errata.html For FreeBSD 11.0 - More information on page https://www.freebsd.org/releases/11.0R/errata.html

How to boot from live CD

If is a problem with boot on FreeBSD and cannot run the system. Back to FreeBSD menu and choose option 3. ( Escape to loader prompt ) For help in command line is command help or ? (list of commands ) help set are options for the command set

For boot from CD is commnad

set boot_cdrom (for mount filesystem)
boot

Look for a mounted filesystem with command mount.If you haven't zfs filesystem mounted you must run command and connect zpool :

zpool import -f zroot

How to mount disk with geli from live CD

Boot live system …

geli attach /dev/ada0p3
password: 

The command mount only part of filesystem. For example /usr; /tmp; /var; but not /boot

zpool import -f /mnt zroot

The command mount /boot etc..

zfs mount zroot/ROOT/default
project/kernellab/bsd.1588361166.txt.gz · Last modified: 2020/05/01 19:26 by maxfx