In the last post we installed FreeBSD, configured the keyboard, time zone and the first network interface, which gets it’s IP address via DHCP. In this post we’ll look at how we can configure the second interface, which gets a static IP address in the host only network. Once we’ve done that, we’ll update the system to the latest packages, have a look at the file system layout and kernel parameters so we can later on proceed with installing PostgreSQL.
Currently we only have the NAT interface configured. We could start working with the system in the VirtualBox console:
You’ll quickly notice that this is not much fun as the size of the terminal is fixed, rather small, and copy&paste is not working. Using a remote SSH connection is more convenient and we can already do that by using port forwarding with the NAT interface:
Having that ready we can connect with SSH:
dwe@ltdwe:~$ ssh -o Port=4444 root@localhost The authenticity of host '[localhost]:4444 ([127.0.0.1]:4444)' can't be established. ECDSA key fingerprint is SHA256:aq6Eb4lW5rDz+BTR9cLrK6uXiIqhSNuLBhYVH5w+f/o. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '[localhost]:4444' (ECDSA) to the list of known hosts. Password for [email protected]: Password for [email protected]:
Even if the password is correct, we’ll not be able to connect as root, as logins over ssh with root are not allowed. So, back to the console:
This is of course nothing you should do with serious installations, but for testing it is fine. Restarting services in FreeBSD is done with the “service” command:
From now on the SSH connection will accept root logins:
dwe@ltdwe:~$ ssh -o Port=4444 root@localhost Password for [email protected]: Last login: Thu Feb 18 22:42:21 2021 FreeBSD 12.2-RELEASE r366954 GENERIC Welcome to FreeBSD! Release Notes, Errata: https://www.FreeBSD.org/releases/ Security Advisories: https://www.FreeBSD.org/security/ FreeBSD Handbook: https://www.FreeBSD.org/handbook/ FreeBSD FAQ: https://www.FreeBSD.org/faq/ Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/ FreeBSD Forums: https://forums.FreeBSD.org/ Documents installed with the system are in the /usr/local/share/doc/freebsd/ directory, or can be installed later with: pkg install en-freebsd-doc For other languages, replace "en" with a language code like de or fr. Show the version of FreeBSD installed: freebsd-version ; uname -a Please include that output and any error messages when posting questions. Introduction to manual pages: man man FreeBSD directory layout: man hier Edit /etc/motd to change this login announcement. root@freebsd:~ $
That SSH is actually started when the system is booting, is controlled by rc.conf:
root@freebsd:~ $ cat /etc/rc.conf hostname="freebsd.it.dbi-services.com" keymap="ch.kbd" ifconfig_em0="DHCP" sshd_enable="YES" ntpd_enable="YES" # Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable dumpdev="AUTO" zfs_enable="YES"
Remember, we are not on Linux, there is no systemd, so everything is configured in plain files. Now, that we are logged in, lets bring the system to the latest packages. To do this in FreeBSD, there is the “freebsd-update” command. The first step is to fetch the updates (which will give you a list of files that will be updated), the second step is to actually install the updates:
root@freebsd:~ # freebsd-update fetch src component not installed, skipped Looking up update.FreeBSD.org mirrors... none found. Fetching public key from update.FreeBSD.org... done. Fetching metadata signature for 12.2-RELEASE from update.FreeBSD.org... done. Fetching metadata index... done. Fetching 2 metadata files... done. Inspecting system... done. Preparing to download files... done. Fetching 91 patches.....10....20....30....40....50....60....70....80....90 done. Applying patches... done. The following files will be updated as part of updating to 12.2-RELEASE-p3: /bin/freebsd-version /boot/kernel/autofs.ko /boot/kernel/kernel /boot/kernel/linux.ko /boot/kernel/linux64.ko /boot/kernel/mqueuefs.ko ... root@freebsd:~ # freebsd-update install src component not installed, skipped Installing updates...Scanning //usr/share/certs/blacklisted for certificates... Scanning //usr/share/certs/trusted for certificates... done.
Time to configure our second interface. To get the name of the interfaces there is “ifconfig”:
root@freebsd:~ # ifconfig -a em0: flags=8843 metric 0 mtu 1500 options=81009b ether 08:00:27:c1:d7:d6 inet 10.0.2.15 netmask 0xffffff00 broadcast 10.0.2.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 em1: flags=8802 metric 0 mtu 1500 options=81009b ether 08:00:27:39:4e:9a media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 lo0: flags=8049 metric 0 mtu 16384 options=680003 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 groups: lo nd6 options=21
The first one (em0) is our NAT interface, the second on (em1) is the one attached to the host only network. Configuring network interfaces is also done via /etc/rc.conf:
hostname="freebsd.it.dbi-services.com" keymap="ch.kbd" ifconfig_em0="DHCP" ifconfig_em1="inet 192.168.22.17 netmask 255.255.255.0" sshd_enable="YES" ntpd_enable="YES" # Set dumpdev to "AUTO" to enable crash dumps, "NO" to disable dumpdev="AUTO" zfs_enable="YES"
Once you restarted the network, the second interface is ready:
root@freebsd:~ # service netif restart Stopping dhclient. Stopping Network: lo0 em0 em1. lo0: flags=8048 metric 0 mtu 16384 options=680003 groups: lo nd6 options=21 em0: flags=8c02 metric 0 mtu 1500 options=81009b ether 08:00:27:c1:d7:d6 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 em1: flags=8c02 metric 0 mtu 1500 options=81009b ether 08:00:27:39:4e:9a media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 Starting Network: lo0 em0 em1. lo0: flags=8049 metric 0 mtu 16384 options=680003 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 groups: lo nd6 options=21 em0: flags=8843 metric 0 mtu 1500 options=81009b ether 08:00:27:c1:d7:d6 inet 10.0.2.15 netmask 0xffffff00 broadcast 10.0.2.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29 em1: flags=8843 metric 0 mtu 1500 options=81009b ether 08:00:27:39:4e:9a inet 192.168.22.17 netmask 0xffffff00 broadcast 192.168.22.255 media: Ethernet autoselect (1000baseT ) status: active nd6 options=29
Port forwarding to the NAT interface is not anymore required from now on, as you can directly connect to the second interface:
dwe@ltdwe:~$ ssh [email protected] The authenticity of host '192.168.22.17 (192.168.22.17)' can't be established. ECDSA key fingerprint is SHA256:aq6Eb4lW5rDz+BTR9cLrK6uXiIqhSNuLBhYVH5w+f/o. Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '192.168.22.17' (ECDSA) to the list of known hosts. Password for [email protected]: Last login: Thu Feb 18 23:29:46 2021 from 10.0.2.2 FreeBSD 12.2-RELEASE r366954 GENERIC Welcome to FreeBSD! Release Notes, Errata: https://www.FreeBSD.org/releases/ Security Advisories: https://www.FreeBSD.org/security/ FreeBSD Handbook: https://www.FreeBSD.org/handbook/ FreeBSD FAQ: https://www.FreeBSD.org/faq/ Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/ FreeBSD Forums: https://forums.FreeBSD.org/ Documents installed with the system are in the /usr/local/share/doc/freebsd/ directory, or can be installed later with: pkg install en-freebsd-doc For other languages, replace "en" with a language code like de or fr. Show the version of FreeBSD installed: freebsd-version ; uname -a Please include that output and any error messages when posting questions. Introduction to manual pages: man man FreeBSD directory layout: man hier Edit /etc/motd to change this login announcement.
I really like how easy it is to configure the network. One line in the correct file, and you’re done.
When we installed FreeBSD in the last post, we opted for ZFS as the file system, and this is how it looks like:
root@freebsd:~ $ df -h Filesystem Size Used Avail Capacity Mounted on zroot/ROOT/default 26G 1.1G 25G 4% / devfs 1.0K 1.0K 0B 100% /dev zroot/tmp 25G 96K 25G 0% /tmp zroot 25G 96K 25G 0% /zroot zroot/usr/home 25G 96K 25G 0% /usr/home zroot/usr/src 25G 96K 25G 0% /usr/src zroot/usr/ports 26G 711M 25G 3% /usr/ports zroot/var/audit 25G 96K 25G 0% /var/audit zroot/var/crash 25G 96K 25G 0% /var/crash zroot/var/log 25G 144K 25G 0% /var/log zroot/var/mail 25G 96K 25G 0% /var/mail zroot/var/tmp 25G 96K 25G 0% /var/tmp
The installer created one zpool and several file systems within that pool:
root@freebsd:~ $ zpool list NAME SIZE ALLOC FREE CKPOINT EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT zroot 27.5G 1.79G 25.7G - - 0% 6% 1.00x ONLINE - root@freebsd:~ $ zfs list NAME USED AVAIL REFER MOUNTPOINT zroot 1.79G 24.9G 96K /zroot zroot/ROOT 1.09G 24.9G 96K none zroot/ROOT/default 1.09G 24.9G 1.09G / zroot/tmp 96K 24.9G 96K /tmp zroot/usr 711M 24.9G 96K /usr zroot/usr/home 96K 24.9G 96K /usr/home zroot/usr/ports 711M 24.9G 711M /usr/ports zroot/usr/src 96K 24.9G 96K /usr/src zroot/var 624K 24.9G 96K /var zroot/var/audit 96K 24.9G 96K /var/audit zroot/var/crash 96K 24.9G 96K /var/crash zroot/var/log 144K 24.9G 144K /var/log zroot/var/mail 96K 24.9G 96K /var/mail zroot/var/tmp 96K 24.9G 96K /var/tmp
With ZFS you have all the nice features such as RAID, de-duplication, compression, snapshots and much more. There is a dedicated page in the FreeBSD wiki if you want dig deeper and play around with ZFS.
The default shell on FreeBSD is not bash, but tcsh.
root@freebsd:~ $ echo $SHELL /bin/csh
If you are not happy with that, you can install bash using the pkg command. When pkg is used for the first time it needs to bootstrap itself:
root@freebsd:~ # pkg search bash The package management tool is not yet installed on your system. Do you want to fetch and install it now? [y/N]: y Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:12:amd64/quarterly, please wait... Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done Installing pkg-1.16.1... Extracting pkg-1.16.1: 100% pkg: Repository FreeBSD missing. 'pkg update' required bash-5.1.4 GNU Project's Bourne Again SHell bash-completion-2.11,2 Programmable completion library for Bash bash-static-5.1.4 GNU Project's Bourne Again SHell bashtop-0.9.25_1 Linux/OSX/FreeBSD resource monitor checkbashisms-2.19.6 Check for the presence of bashisms erlang-mochiweb-basho-2.9.0p2 Erlang library for building lightweight HTTP servers (Basho fork) mybashburn-1.0.2_4 Ncurses CD burning bash script p5-Bash-Completion-0.008_2 Extensible system to provide bash completion p5-Term-Bash-Completion-Generator-0.02.8_2 Generate bash completion scripts switchBashZsh-1.1 Portable shell setup for Bash/Zsh across FreeBSD/Linux/Cygwin
Because we care about warnings we’ll update first, and then install bash:
root@freebsd:~ # pkg update Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. root@freebsd:~ # pkg install bash Updating FreeBSD repository catalogue... FreeBSD repository is up to date. All repositories are up to date. Updating database digests format: 100% The following 4 package(s) will be affected (of 0 checked): New packages to be INSTALLED: bash: 5.1.4 gettext-runtime: 0.21 indexinfo: 0.3.1 readline: 8.0.4 Number of packages to be installed: 4 The process will require 11 MiB more space. 2 MiB to be downloaded. Proceed with this action? [y/N]: y [1/4] Fetching bash-5.1.4.txz: 100% 1 MiB 1.5MB/s 00:01 [2/4] Fetching indexinfo-0.3.1.txz: 100% 6 KiB 5.8kB/s 00:01 [3/4] Fetching readline-8.0.4.txz: 100% 353 KiB 361.2kB/s 00:01 [4/4] Fetching gettext-runtime-0.21.txz: 100% 165 KiB 168.8kB/s 00:01 Checking integrity... done (0 conflicting) [1/4] Installing indexinfo-0.3.1... [1/4] Extracting indexinfo-0.3.1: 100% [2/4] Installing readline-8.0.4... [2/4] Extracting readline-8.0.4: 100% [3/4] Installing gettext-runtime-0.21... [3/4] Extracting gettext-runtime-0.21: 100% [4/4] Installing bash-5.1.4... [4/4] Extracting bash-5.1.4: 100% [root@freebsd ~]# bash --version GNU bash, version 5.1.4(0)-release (amd64-portbld-freebsd12.2) Copyright (C) 2020 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law.
Pretty much the same as in Linux, is setting kernel parameters. All the parameters can be either set with “sysctl” or directly in sysctl.conf:
[root@freebsd ~]# sysctl -a | head kern.ostype: FreeBSD kern.osrelease: 12.2-RELEASE kern.osrevision: 199506 kern.version: FreeBSD 12.2-RELEASE r366954 GENERIC kern.maxvnodes: 112396 kern.maxproc: 7396 kern.maxfiles: 64209 kern.argmax: 524288 kern.securelevel: -1 [root@freebsd ~]# cat /etc/sysctl.conf | head # $FreeBSD: releng/12.2/sbin/sysctl/sysctl.conf 337624 2018-08-11 13:28:03Z brd $ # # This file is read when going to multi-user and its contents piped thru # ``sysctl'' to adjust kernel values. ``man 5 sysctl.conf'' for details. # # Uncomment this to prevent users from seeing information about processes that # are being run under another UID. #security.bsd.see_other_uids=0 vfs.zfs.min_auto_ashift=12
We have configured the network, updated the system and we know how to search for, and install packages, and we know how we can set kernel parameters. Ready for installing PostgreSQL, in the next post.