FreeBSD Notes

Table of Contents

Rebuild kernel from source

Install the source code

svn checkout /usr/src
  • where the 10.2 is your current release
  • will automatically choose a mirror near you 1

Buildworld and kernel 2

System Administration Notes

Inspect system boot log

$ cat /var/run/dmesg.boot

Modify default editor from vi to nano

# For C based shell
$ setenv EDITOR </path/to/nano>

# To find path to nano
$ which nano

Check disk space usage by directory

$ sudo du -hd1 /usr

Expand Partition to Entire Drive

When a VPS is upgraded to a larger instance, the expanded drive is not recognized by the OS

  • Tutorial here
     $ gpart recover vtbd0
     $ gpart resize -i 2 vtbd0  # 2=what is shown on gpart show vtbd0
     $ growfs -y /
     # Verify extra displace exists
     $ df -h
    # Update /etc/fstab
  • On reboot, goes to mountroot prompt
    # do a ? to see list of available disks
    $ ufs:/dev/vtbd0s1

Reload sshd config

I usually change the default ssh port from 22 3 and disable root login by modifying the sshd conf. (not ssh conf)

/etc/rc.d/sshd reload

Edit Crontab

$ crontab -e

View traffic on network interfaces

$ systat -ifstat 1

How to manage FreeBSD Jails

Jails have been around years before docker and kubernetes were the rage.4

Manage Jails using ezjail-admin

# View list of available jails
$ jls  
# or 
$ jls -v

Log into existing jail

$ sudo ezjail-admin console <jailname>

# OR use jexec with number parameter where 
# parameter == JID from jls output 
$ sudo jexec 2 csh

# OR use execute a command in jail 
$ sudo jexec 1 hostname
# show host name of jail with id=1

Create new Jail

A condensed version of bsdnow

Create an ip address for jail

  • Find an ipaddress to set for jail

    Select the next ip address number

$ jls
  • Make an alias on your network card with your network settings
$ sudo ifconfig lo10 alias netmask 0xffffff00
  • Add network alias to /etc/rc.conf so it remembers on reboot
  • Your /etc/rc.conf file will look something like this
# Setup Jails
jail_sysvipc_allow="YES"    # For PostgresSQL


ifconfig_lo10_alias0="inet netmask"
ifconfig_lo10_alias1="inet netmask"
ifconfig_lo10_alias2="inet netmask"
ifconfig_lo10_alias3="inet netmask"
ifconfig_lo10_alias4="inet netmask"
ifconfig_lo10_alias5="inet netmask"
ifconfig_lo10_alias6="inet netmask"
  • Create the actual jail
    • use the ip address created above
    sudo ezjail-admin create busilogic-blog
  • To enable networking inside jail, copy the resolv.conf file
    sudo cp /etc/resolv.conf /usr/jails/busilogic-blog/etc/
    • Start the jail
    sudo service ezjail start busilogic-blog

Enable networking in jail

# Replace jail name with your jail created
$ cp /etc/resolv.conf /usr/jails/<jailname>/etc/

Using fetch fails with ssl auth error

Reason: Certificate verification failed

# Install ca root
$ pkg install ca_root_nss

# Then ln or cp the combined root certificates to /etc/ssl/cert.pem
$ ln -s /usr/local/share/certs/ca-root-nss.crt /etc/ssl/cert.pem

Starting PostGres in jail

$ su pgsql
$ pg_ctl -D /usr/local/pgsql/data initdb /usr/local/bin/pg_ctl -D /usr/local/pgsql/data -l /usr/local/pgsql/postgresql.log start


How to set up jenkins on FreeBSD

Adding more storage

If you need to upgrade your VPS to get additional storage, follow notes here.

Enable webdav on nginx

  • Install nginx from source

    To enable http webdav module You might have to install libxml2 libs as prerequisite for nginx to compile properly

  • Generate htpasswd 5
  • Update nginx config file 6
  • Use it to host secure items e.g. password manager on webdav with keepass 7

Sysvipc and jails on bsd