.. title: FreeBSD Post Install Setup
.. slug: freebsd-post-install-setup
.. date: 2015-08-12 00:28:43 UTC
.. tags: freebsd
.. category:
.. link:
.. description:
.. type: text
FreeBSD Post Install Setup
=============================
After you have installed FreeBSD (10.1-RELEASE in my case) these steps
will help you set it up for use. I'd recommend going through this guide
and executing the sections in the order in which they appear here.
Disclaimer: I'm very new to FreeBSD so these are meant more for my notes
than a canonical guide for others. Read the `FreeBSD Handbook `_
instead.
.. TEASER_END: Read more
.. contents::
Create a User
------------------------------------
If you didn't create a user during install you can create one on first login.
As root::
root@host:~# pw usermod -n username -G wheel
Adding the user to the *wheel* group allows you to `sudo`.
Configure make
-------------------------------------
Create /etc/make.conf file ...::
root@host:~# vi /etc/make.conf
...with these contents::
CC=clang
CXX=clang++
CPP=clang-cpp
WRKDIRPREFIX=/tmp
CPUTYPE?=native
WITH_PKGNG=yes
Update FreeBSD
-------------------------------------
Update the FreeBSD base system::
root@host:~# freebsd-update fetch install
Setup Ports
--------------------------------------
::
root@host:~# cd /usr/ports
root@host:/usr/ports# make index
root@host:/usr/ports# portsnap fetch && portsnap extract && portsnap update
Install pkg-ng
--------------------------------------
Install pkgng, as root::
root@host:~# cd /usr/ports/ports-mgmt/pkg
root@host:/usr/ports/ports-mgmt/pkg# make
root@host:/usr/ports/ports-mgmt/pkg# make install clean
Configure Poudriere
--------------------------------------
Poudriere is a great way to custom build only the packages you need to control.
I set it up on one machine on my LAN and then use it to provide packages
to other machines.
Source of this section is `Making a binary package repository with poudriere `_.
Install Poudriere
++++++++++++++++++++++++++++++++++++++++
::
root@host:~# cd /usr/ports/ports-mgmt/poudriere
root@host:/usr/ports/ports-mgmt/poudriere# make install clean
Wait for it to build and install. Its dependencies will be installed
automatically. You'll just have to answer some questions.
Hint: stick with the defaults if you're just starting out.
Configure Poudriere
++++++++++++++++++++++++++++++++++++++++
::
root@host:~# cp /usr/local/etc/poudriere.conf.sample /usr/local/etc/poudriere.conf
root@host:~# vi /usr/local/etc/poudriere.conf
At least have these settings configured
::
## If you have a ZFS pool named tank, uncomment this
#ZPOOL=tank
## If you are only using UFS, uncomment this
#NO_ZFS=yes
FREEBSD_HOST=ftp://ftp.freebsd.org
RESOLV_CONF=/etc/resolv.conf
BASEFS=/usr/local/poudriere
USE_TMPFS=yes
DISTFILES_CACHE=/usr/ports/distfiles
USE_COLORS=no
POUDRIERE_DATA=${BASEFS}/data
CHECK_CHANGED_OPTIONS=verbose
CHECK_CHANGED_DEPS=yes
PKG_REPO_SIGNING_KEY=/usr/local/etc/ssl/keys/pkg.key
WRKDIR_ARCHIVE_FORMAT=txz
NOLINUX=yes
Check Out Ports Tree
++++++++++++++++++++++++++++++++++++++++
::
root@host:~# poudriere ports -c
Create a Jail
++++++++++++++++++++++++++++++++++++++++
Create a jail for Poudriere for FreeBSD 10.1-RELEASE and then update it.
::
root@host:~# poudriere jail -c -j 10_1-r-x64 -v 10.1-RELEASE -a amd64
root@host:~# poudriere jail -u -j 10_1-r-x64
Configure Jail
++++++++++++++++++++++++++++++++++++++++
::
root@host:~# vi /usr/local/etc/poudriere.d/10_1-r-x64-make.conf
It should at least have the following.
::
WITH_PKGNG=yes # Only required for versions before 10.0
CPUTYPE?=native # Example, for an Atom CPU
CC=clang # Highly recommended over GCC,
CXX=clang++ # but only needed for 8.X and 9.X
CPP=clang-cpp # since it's the default in 10.0
FETCH_BEFORE_ARGS=-p4 -T 10
MASTER_SITE_BACKUP?= http://ftp2.us.freebsd.org/pub/FreeBSD/ports/distfiles/${DIST_SUBDIR/}
OPTIONS_UNSET= DEBUG HELP STATIC GNUTLS DOCS EXAMPLES IPV6 MANPAGES PTH IDN LIBIDN NLS DBUS SOUND ALSA PULSEAUDIO DOCBOOK CUPS TESTS HTMLDOCS BONJOUR GSSAPI APIDOCS
Choose the Packages You Want to Build
++++++++++++++++++++++++++++++++++++++++
Add the packages you want to build to a file.
::
root@host:~# vi /usr/local/etc/poudriere-list
For example, I'm building these packages.
::
editors/nano
editors/vim
lang/go
lang/python3
ports-mgmt/portmaster
ports-mgmt/poudriere
security/sudo
shells/bash
Setup for Signing Packages
++++++++++++++++++++++++++++++++++++++++
Create RSA key for signing the packages.
::
root@host:~# mkdir -p /usr/local/etc/ssl/keys /usr/local/etc/ssl/certs
root@host:~# chmod 600 /usr/local/etc/ssl/keys
root@host:~# openssl genrsa -out /usr/local/etc/ssl/keys/pkg.key 4096
root@host:~# openssl rsa -in /usr/local/etc/ssl/keys/pkg.key -pubout > /usr/local/etc/ssl/certs/pkg.cert
Update Poudriere Ports
++++++++++++++++++++++++++++++++++++++++
Update the ports tree before building packages.
::
root@host:~# poudriere ports -u
Build Packages
++++++++++++++++++++++++++++++++++++++++
::
root@host:~# poudriere bulk -f /usr/local/etc/poudriere-list -j 10_1-r-x64
Configure for Local Poudriere Repo
++++++++++++++++++++++++++++++++++++++++
Configure your machine to use the local Poudriere repo.
::
root@host:~# mkdir -p /usr/local/etc/pkg/repos
root@host:~# vi /usr/local/etc/pkg/repos/poudriere.conf
Add this to the file. Make sure the url doesn't end in a slash.
::
poudriere: {
url: "file:///usr/local/poudriere/data/packages/10_1-r-x64-default",
mirror_type: "file",
signature_type: "pubkey",
pubkey: "/usr/local/etc/ssl/certs/pkg.cert",
enabled: yes
}
Refresh pkgng Repo Info
++++++++++++++++++++++++++++++++++++++++
::
root@host:~# pkg update
Install Packages from Poudriere
++++++++++++++++++++++++++++++++++++++++
::
root@host:~# pkg install -r poudriere bash vim go python3 portmaster portaudit
Install Bash
----------------------------------------
If you're coming from Linux like me you're used to using bash. Since I'm
building bash myself in Poudriere (see above) I'll use that version.
::
root@host:~# pkg install -r poudriere bash
root@host:~# mount -t fdescfs fdesc /dev/fd
root@host:~# echo "fdesc /dev/fd fdescfs rw 0 0" >> /etc/fstab
Now change the shell for your non-root user::
user@host:~$ chsh -s /usr/local/bin/bash
FreeBSD, Poudriere, pkg-ng Update
----------------------------------------
This is a recurring sysadmin task: keep your computer updated.
Install OS Updates
+++++++++++++++++++++++
Install OS updates for the current release installed on your computer.
::
root@host:~# freebsd-update fetch install
Upgrade OS to New Release
+++++++++++++++++++++++++++++
Upgrade to new release, e.g. from 10.1-RELEASE to 10.2-RELEASE.
::
root@host:~# freebsd-update upgrade -r 10.2-RELEASE
root@host:~# freebsd-update install
root@host:~# reboot
root@host:~# freebsd-update install
Upgrade Poudriere
+++++++++++++++++++++++++++++
::
root@host:~# poudriere jail -u -j 10_1-r-x64
root@host:~# poudriere ports -u
root@host:~# poudriere bulk -f /usr/local/etc/poudriere-list -j 10_1-r-x64
Package Updates
+++++++++++++++++++++++++++++
To check for outdated packages that need to be updated.
::
root@host:~# pkg update
root@host:~# pkg version -l "<"
Install package updates only from your local Poudriere repo.
::
root@host:~# pkg upgrade -r poudriere
Install all other package updates from FreeBSD repo.
::
root@host:~# pkg upgrade
Ports Updates
+++++++++++++++++++++++++++++
::
root@host:~# cd /usr/ports
root@host:~# portsnap fetch update