FreeBSD Handbook

The FreeBSD Documentation Project

Welcome to FreeBSD! This handbook covers the installation and day to day use of FreeBSD 8.3-RELEASE and FreeBSD 9.1-RELEASE. This manual is a work in progress and is the work of many individuals. As such, some sections may become dated and require updating. If you are interested in helping out with this project, send email to the FreeBSD documentation project mailing list. The latest version of this document is always available from the FreeBSD web site (previous versions of this handbook can be obtained from http://docs.FreeBSD.org/doc/). It may also be downloaded in a variety of formats and compression options from the FreeBSD FTP server or one of the numerous mirror sites. If you would prefer to have a hard copy of the handbook, you can purchase one at the FreeBSD Mall. You may also want to search the handbook.


Table of Contents
Preface
I. Getting Started
1 Introduction
1.1 Synopsis
1.2 Welcome to FreeBSD!
1.3 About the FreeBSD Project
2 Installing FreeBSD 9.X and Later
2.1 Synopsis
2.2 Hardware Requirements
2.3 Pre-Installation Tasks
2.4 Starting the Installation
2.5 Introducing bsdinstall
2.6 Installing from the Network
2.7 Allocating Disk Space
2.8 Committing to the Installation
2.9 Post-Installation
2.10 Troubleshooting
2.11 Using the Live CD
3 Installing FreeBSD 8.X and Earlier
3.1 Synopsis
3.2 Hardware Requirements
3.3 Pre-installation Tasks
3.4 Starting the Installation
3.5 Introducing Sysinstall
3.6 Allocating Disk Space
3.7 Choosing What to Install
3.8 Choosing Your Installation Media
3.9 Committing to the Installation
3.10 Post-installation
3.11 Troubleshooting
3.12 Advanced Installation Guide
3.13 Preparing Your Own Installation Media
4 UNIX Basics
4.1 Synopsis
4.2 Virtual Consoles and Terminals
4.3 Permissions
4.4 Directory Structure
4.5 Disk Organization
4.6 Mounting and Unmounting File Systems
4.7 Processes
4.8 Daemons, Signals, and Killing Processes
4.9 Shells
4.10 Text Editors
4.11 Devices and Device Nodes
4.12 Binary Formats
4.13 For More Information
5 Installing Applications: Packages and Ports
5.1 Synopsis
5.2 Overview of Software Installation
5.3 Finding Software
5.4 Using Binary Packages
5.5 Using pkgng for Binary Package Management
5.6 Using the Ports Collection
5.7 Post-installation Activities
5.8 Dealing with Broken Ports
6 The X Window System
6.1 Synopsis
6.2 Understanding X
6.3 Installing X11
6.4 X11 Configuration
6.5 Using Fonts in X11
6.6 The X Display Manager
6.7 Desktop Environments
II. Common Tasks
7 Desktop Applications
7.1 Synopsis
7.2 Browsers
7.3 Productivity
7.4 Document Viewers
7.5 Finance
8 Multimedia
8.1 Synopsis
8.2 Setting Up the Sound Card
8.3 MP3 Audio
8.4 Video Playback
8.5 Setting Up TV Cards
8.6 MythTV
8.7 Image Scanners
9 Configuring the FreeBSD Kernel
9.1 Synopsis
9.2 Why Build a Custom Kernel?
9.3 Finding the System Hardware
9.4 Kernel Drivers, Subsystems, and Modules
9.5 Building and Installing a Custom Kernel
9.6 The Configuration File
9.7 If Something Goes Wrong
10 Printing
10.1 Synopsis
10.2 Introduction
10.3 Basic Setup
10.4 Advanced Printer Setup
10.5 Using Printers
10.6 Alternatives to the Standard Spooler
10.7 Troubleshooting
11 Linux® Binary Compatibility
11.1 Synopsis
11.2 Installation
11.3 Installing Mathematica®
11.4 Installing Maple
11.5 Installing MATLAB®
11.6 Installing Oracle®
11.7 Advanced Topics
III. System Administration
12 Configuration and Tuning
12.1 Synopsis
12.2 Initial Configuration
12.3 Core Configuration
12.4 Application Configuration
12.5 Starting Services
12.6 Configuring the cron Utility
12.7 Using rc(8) Under FreeBSD
12.8 Setting Up Network Interface Cards
12.9 Virtual Hosts
12.10 Configuring the System Logger, syslogd
12.11 Configuration Files
12.12 Tuning with sysctl(8)
12.13 Tuning Disks
12.14 Tuning Kernel Limits
12.15 Adding Swap Space
12.16 Power and Resource Management
12.17 Using and Debugging FreeBSD ACPI
13 The FreeBSD Booting Process
13.1 Synopsis
13.2 The Booting Problem
13.3 The Boot Manager and Boot Stages
13.4 Kernel Interaction During Boot
13.5 Device Hints
13.6 Init: Process Control Initialization
13.7 Shutdown Sequence
14 Users and Basic Account Management
14.1 Synopsis
14.2 Introduction
14.3 Modifying Accounts
14.4 Limiting Users
14.5 Groups
15 Security
15.1 Synopsis
15.2 Introduction
15.3 Securing FreeBSD
15.4 DES, Blowfish, MD5, SHA256, SHA512, and Crypt
15.5 One-time Passwords
15.6 TCP Wrappers
15.7 Kerberos5
15.8 OpenSSL
15.9 VPN over IPsec
15.10 OpenSSH
15.11 File System Access Control Lists (ACLs)
15.12 Monitoring Third Party Security Issues
15.13 FreeBSD Security Advisories
15.14 Process Accounting
16 Jails
16.1 Synopsis
16.2 Terms Related to Jails
16.3 Introduction
16.4 Creating and Controlling Jails
16.5 Fine Tuning and Administration
16.6 Application of Jails
17 Mandatory Access Control
17.1 Synopsis
17.2 Key Terms in This Chapter
17.3 Explanation of MAC
17.4 Understanding MAC Labels
17.5 Planning the Security Configuration
17.6 Module Configuration
17.7 The mac_seeotheruids(4) Module
17.8 The mac_bsdextended(4) Module
17.9 The mac_ifoff(4) Module
17.10 The mac_portacl(4) Module
17.11 The mac_partition(4) Module
17.12 The MAC Multi-Level Security Module
17.13 The MAC Biba Module
17.14 The MAC LOMAC Module
17.15 Nagios in a MAC Jail
17.16 User Lock Down
17.17 Troubleshooting the MAC Framework
18 Security Event Auditing
18.1 Synopsis
18.2 Key Terms in This Chapter
18.3 Installing Audit Support
18.4 Audit Configuration
18.5 Administering the Audit Subsystem
19 Storage
19.1 Synopsis
19.2 Device Names
19.3 Adding Disks
19.4 RAID
19.5 USB Storage Devices
19.6 Creating and Using CD Media
19.7 Creating and Using DVD Media
19.8 Creating and Using Floppy Disks
19.9 Creating and Using Data Tapes
19.10 Backups to Floppies
19.11 Backup Strategies
19.12 Backup Basics
19.13 Network, Memory, and File-Backed File Systems
19.14 File System Snapshots
19.15 File System Quotas
19.16 Encrypting Disk Partitions
19.17 Encrypting Swap Space
19.18 Highly Available Storage (HAST)
20 GEOM: Modular Disk Transformation Framework
20.1 Synopsis
20.2 GEOM Introduction
20.3 RAID0 - Striping
20.4 RAID1 - Mirroring
20.5 RAID3 - Byte-level Striping with Dedicated Parity
20.6 GEOM Gate Network Devices
20.7 Labeling Disk Devices
20.8 UFS Journaling Through GEOM
21 File Systems Support
21.1 Synopsis
21.2 The Z File System (ZFS)
21.3 Linux® Filesystems
22 The Vinum Volume Manager
22.1 Synopsis
22.2 Disks Are Too Small
22.3 Access Bottlenecks
22.4 Data Integrity
22.5 Vinum Objects
22.6 Some Examples
22.7 Object Naming
22.8 Configuring Vinum
22.9 Using Vinum for the Root Filesystem
23 Virtualization
23.1 Synopsis
23.2 FreeBSD as a Guest OS
23.3 FreeBSD as a Host OS
24 Localization - i18n/L10n Usage and Setup
24.1 Synopsis
24.2 The Basics
24.3 Using Localization
24.4 Compiling i18n Programs
24.5 Localizing FreeBSD to Specific Languages
25 Updating and Upgrading FreeBSD
25.1 Synopsis
25.2 FreeBSD Update
25.3 Portsnap: a Ports Collection Update Tool
25.4 Updating the Documentation Set
25.5 Tracking a Development Branch
25.6 Synchronizing Source
25.7 Rebuilding “world”
25.8 Deleting Obsolete Files, Directories and Libraries
25.9 Tracking for Multiple Machines
26 DTrace
26.1 Synopsis
26.2 Implementation Differences
26.3 Enabling DTrace Support
26.4 Using DTrace
26.5 The D Language
IV. Network Communication
27 Serial Communications
27.1 Synopsis
27.2 Introduction
27.3 Terminals
27.4 Dial-in Service
27.5 Dial-out Service
27.6 Setting Up the Serial Console
28 PPP and SLIP
28.1 Synopsis
28.2 Using User PPP
28.3 Using Kernel PPP
28.4 Troubleshooting PPP Connections
28.5 Using PPP over Ethernet (PPPoE)
28.6 Using PPP over ATM (PPPoA)
28.7 Using SLIP
29 Electronic Mail
29.1 Synopsis
29.2 Using Electronic Mail
29.3 sendmail Configuration
29.4 Changing Your Mail Transfer Agent
29.5 Troubleshooting
29.6 Advanced Topics
29.7 SMTP with UUCP
29.8 Setting Up to Send Only
29.9 Using Mail with a Dialup Connection
29.10 SMTP Authentication
29.11 Mail User Agents
29.12 Using fetchmail
29.13 Using procmail
30 Network Servers
30.1 Synopsis
30.2 The inetd “Super-Server”
30.3 Network File System (NFS)
30.4 Network Information System (NIS/YP)
30.5 Automatic Network Configuration (DHCP)
30.6 Domain Name System (DNS)
30.7 Apache HTTP Server
30.8 File Transfer Protocol (FTP)
30.9 File and Print Services for Microsoft® Windows® Clients (Samba)
30.10 Clock Synchronization with NTP
30.11 Remote Host Logging with syslogd
31 Firewalls
31.1 Introduction
31.2 Firewall Concepts
31.3 Firewall Packages
31.4 PF and ALTQ
31.5 The IPFILTER (IPF) Firewall
31.6 IPFW
32 Advanced Networking
32.1 Synopsis
32.2 Gateways and Routes
32.3 Wireless Networking
32.4 Bluetooth
32.5 Bridging
32.6 Link Aggregation and Failover
32.7 Diskless Operation
32.8 PXE Booting with an NFS Root File System
32.9 ISDN
32.10 Network Address Translation
32.11 IPv6
32.12 Asynchronous Transfer Mode (ATM)
32.13 Common Address Redundancy Protocol (CARP)
V. Appendices
A. Obtaining FreeBSD
A.1 CDROM and DVD Publishers
A.2 FTP Sites
A.3 BitTorrent
A.4 Anonymous CVS (Deprecated)
A.5 Using CTM
A.6 Using Subversion
A.7 Subversion Mirror Sites
A.8 Using CVSup (Deprecated)
A.9 CVS Tags
A.10 rsync Sites
B. Bibliography
B.1 Books & Magazines Specific to FreeBSD
B.2 Users' Guides
B.3 Administrators' Guides
B.4 Programmers' Guides
B.5 Operating System Internals
B.6 Security Reference
B.7 Hardware Reference
B.8 UNIX® History
B.9 Magazines and Journals
C. Resources on the Internet
C.1 Mailing Lists
C.2 Usenet Newsgroups
C.3 World Wide Web Servers
C.4 Email Addresses
D. PGP Keys
D.1 Officers
D.2 Core Team Members
D.3 Developers
FreeBSD Glossary
Index
Colophon
List of Tables
2-1. Partitioning Schemes
3-1. Sample Device Inventory
3-2. Partition Layout for First Disk
3-3. Partition Layout for Subsequent Disks
3-4. FreeBSD 7.X and 8.X ISO Image Names and Meanings
4-1. Disk Device Codes
19-1. Physical Disk Naming Conventions
22-1. Vinum Plex Organizations
27-1. DB-25 to DB-25 Null-Modem Cable
27-2. DB-9 to DB-9 Null-Modem Cable
27-3. DB-9 to DB-25 Null-Modem Cable
27-4. Signal Names
32-1. Station Capability Codes
32-2. Reserved IPv6 Addresses
List of Figures
2-1. FreeBSD Boot Loader Menu
2-2. Typical Device Probe Results
2-3. Selecting Installation Media Mode
2-4. Keymap Selection
2-5. Selecting Keyboard Menu
2-6. Setting the Hostname
2-7. Selecting Components to Install
2-8. Installing from the Network
2-9. Choosing a Mirror
2-10. Selecting Guided or Manual Partitioning
2-11. Selecting from Multiple Disks
2-12. Selecting Entire Disk or Partition
2-13. Review Created Partitions
2-14. Manually Create Partitions
2-15. Manually Create Partitions
2-16. Manually Create Partitions
2-17. Final Confirmation
2-18. Fetching Distribution Files
2-19. Verifying Distribution Files
2-20. Extracting Distribution Files
2-21. Setting the root Password
2-22. Choose a Network Interface
2-23. Scanning for Wireless Access Points
2-24. Choosing a Wireless Network
2-25. WPA2 Setup
2-26. Choose IPv4 Networking
2-27. Choose IPv4 DHCP Configuration
2-28. IPv4 Static Configuration
2-29. Choose IPv6 Networking
2-30. Choose IPv6 SLAAC Configuration
2-31. IPv6 Static Configuration
2-32. DNS Configuration
2-33. Select Local or UTC Clock
2-34. Select a Region
2-35. Select a Country
2-36. Select a Time Zone
2-37. Confirm Time Zone
2-38. Selecting Additional Services to Enable
2-39. Enabling Crash Dumps
2-40. Add User Accounts
2-41. Enter User Information
2-42. Exit User and Group Management
2-43. Final Configuration
2-44. Manual Configuration
2-45. Complete the Installation
3-1. FreeBSD Boot Loader Menu
3-2. Typical Device Probe Results
3-3. Selecting Country Menu
3-4. Selecting Keyboard Menu
3-5. Selecting Usage from Sysinstall Main Menu
3-6. Selecting Documentation Menu
3-7. Sysinstall Documentation Menu
3-8. Sysinstall Main Menu
3-9. Sysinstall Keymap Menu
3-10. Sysinstall Main Menu
3-11. Sysinstall Options
3-12. Begin Standard Installation
3-13. Select Drive for FDisk
3-14. Typical fdisk Partitions Before Editing
3-15. Fdisk Partition Using Entire Disk
3-16. Sysinstall Boot Manager Menu
3-17. Exit Select Drive
3-18. Sysinstall Disklabel Editor
3-19. Sysinstall Disklabel Editor with Auto Defaults
3-20. Free Space for Root Partition
3-21. Edit Root Partition Size
3-22. Choose the Root Partition Type
3-23. Choose the Root Mount Point
3-24. Sysinstall Disklabel Editor
3-25. Choose Distributions
3-26. Confirm Distributions
3-27. Choose Installation Media
3-28. Selecting an Ethernet Device
3-29. Set Network Configuration for ed0
3-30. Editing inetd.conf
3-31. Default Anonymous FTP Configuration
3-32. Edit the FTP Welcome Message
3-33. Editing exports
3-34. System Console Configuration Options
3-35. Screen Saver Options
3-36. Screen Saver Timeout
3-37. System Console Configuration Exit
3-38. Select Your Region
3-39. Select Your Country
3-40. Select Your Time Zone
3-41. Select Mouse Protocol Type
3-42. Set Mouse Protocol
3-43. Configure Mouse Port
3-44. Setting the Mouse Port
3-45. Enable the Mouse Daemon
3-46. Test the Mouse Daemon
3-47. Select Package Category
3-48. Select Packages
3-49. Install Packages
3-50. Confirm Package Installation
3-51. Select User
3-52. Add User Information
3-53. Exit User and Group Management
3-54. Exit Install
3-55. Network Configuration Upper-level
3-56. Select a default MTA
3-57. Ntpdate Configuration
3-58. Network Configuration Lower-level
22-1. Concatenated Organization
22-2. Striped Organization
22-3. RAID-5 Organization
22-4. A Simple Vinum Volume
22-5. A Mirrored Vinum Volume
22-6. A Striped Vinum Volume
22-7. A Mirrored, Striped Vinum Volume
32-1. PXE Booting Process with NFS Root Mount
List of Examples
2-1. Using an Existing Partition
2-2. Shrinking an Existing Partition
2-3. Creating Traditional Split Filesystem Partitions
3-1. Using an Existing Partition Unchanged
3-2. Shrinking an Existing Partition
4-1. Sample Disk, Slice, and Partition Names
4-2. Conceptual Model of a Disk
5-1. Downloading a Package Manually and Installing It Locally
12-1. Creating a Swapfile on FreeBSD
13-1. boot0 Screenshot
13-2. boot2 Screenshot
13-3. An Insecure Console in /etc/ttys
14-1. Adding a User on FreeBSD
14-2. rmuser Interactive Account Removal
14-3. Interactive chpass by Superuser
14-4. Interactive chpass by Normal User
14-5. Changing Your Password
14-6. Changing Another User's Password as the Superuser
14-7. Adding a Group Using pw(8)
14-8. Adding User Accounts to a New Group Using pw(8)
14-9. Adding a New Member to a Group Using pw(8)
14-10. Using id(1) to Determine Group Membership
15-1. Using SSH to Create a Secure Tunnel for SMTP
19-1. Using dump over ssh
19-2. Using dump over ssh with RSH Set
19-3. Using mdconfig to Mount an Existing File System Image
19-4. Creating a New File-Backed Disk with mdconfig
19-5. Configure and Mount a File-Backed Disk with mdmfs
19-6. Creating a New Memory-Based Disk with mdconfig
19-7. Creating a New Memory-Based Disk with mdmfs
20-1. Labeling Partitions on the Boot Disk
27-1. Adding Terminal Entries to /etc/ttys
29-1. Configuring the sendmail Access Database
29-2. Mail Aliases
29-3. Example Virtual Domain Mail Map
30-1. Reloading the inetd Configuration File
30-2. Mounting an Export with amd
30-3. Installing Django with Apache2, mod_python3, and PostgreSQL
30-4. Apache Configuration for Django/mod_python
32-1. LACP Aggregation with a Cisco® Switch
32-2. Failover Mode
32-3. Failover Mode Between Wired and Wireless Interfaces
32-4. Branch Office or Home Network
32-5. Head Office or Other LAN