.. title: FreeBSD Post Install Setup .. slug: freebsd-post-install-setup .. date: 2015-08-12 00:28:43 UTC .. tags: freebsd .. category: .. link: .. description: .. type: text FreeBSD Post Install Setup ============================= After you have installed FreeBSD (10.1-RELEASE in my case) these steps will help you set it up for use. I'd recommend going through this guide and executing the sections in the order in which they appear here. Disclaimer: I'm very new to FreeBSD so these are meant more for my notes than a canonical guide for others. Read the `FreeBSD Handbook `_ instead. .. TEASER_END: Read more .. contents:: Create a User ------------------------------------ If you didn't create a user during install you can create one on first login. As root:: root@host:~# pw usermod -n username -G wheel Adding the user to the *wheel* group allows you to `sudo`. Configure make ------------------------------------- Create /etc/make.conf file ...:: root@host:~# vi /etc/make.conf ...with these contents:: CC=clang CXX=clang++ CPP=clang-cpp WRKDIRPREFIX=/tmp CPUTYPE?=native WITH_PKGNG=yes Update FreeBSD ------------------------------------- Update the FreeBSD base system:: root@host:~# freebsd-update fetch install Setup Ports -------------------------------------- :: root@host:~# cd /usr/ports root@host:/usr/ports# make index root@host:/usr/ports# portsnap fetch && portsnap extract && portsnap update Install pkg-ng -------------------------------------- Install pkgng, as root:: root@host:~# cd /usr/ports/ports-mgmt/pkg root@host:/usr/ports/ports-mgmt/pkg# make root@host:/usr/ports/ports-mgmt/pkg# make install clean Configure Poudriere -------------------------------------- Poudriere is a great way to custom build only the packages you need to control. I set it up on one machine on my LAN and then use it to provide packages to other machines. Source of this section is `Making a binary package repository with poudriere `_. Install Poudriere ++++++++++++++++++++++++++++++++++++++++ :: root@host:~# cd /usr/ports/ports-mgmt/poudriere root@host:/usr/ports/ports-mgmt/poudriere# make install clean Wait for it to build and install. Its dependencies will be installed automatically. You'll just have to answer some questions. Hint: stick with the defaults if you're just starting out. Configure Poudriere ++++++++++++++++++++++++++++++++++++++++ :: root@host:~# cp /usr/local/etc/poudriere.conf.sample /usr/local/etc/poudriere.conf root@host:~# vi /usr/local/etc/poudriere.conf At least have these settings configured :: ## If you have a ZFS pool named tank, uncomment this #ZPOOL=tank ## If you are only using UFS, uncomment this #NO_ZFS=yes FREEBSD_HOST=ftp://ftp.freebsd.org RESOLV_CONF=/etc/resolv.conf BASEFS=/usr/local/poudriere USE_TMPFS=yes DISTFILES_CACHE=/usr/ports/distfiles USE_COLORS=no POUDRIERE_DATA=${BASEFS}/data CHECK_CHANGED_OPTIONS=verbose CHECK_CHANGED_DEPS=yes PKG_REPO_SIGNING_KEY=/usr/local/etc/ssl/keys/pkg.key WRKDIR_ARCHIVE_FORMAT=txz NOLINUX=yes Check Out Ports Tree ++++++++++++++++++++++++++++++++++++++++ :: root@host:~# poudriere ports -c Create a Jail ++++++++++++++++++++++++++++++++++++++++ Create a jail for Poudriere for FreeBSD 10.1-RELEASE and then update it. :: root@host:~# poudriere jail -c -j 10_1-r-x64 -v 10.1-RELEASE -a amd64 root@host:~# poudriere jail -u -j 10_1-r-x64 Configure Jail ++++++++++++++++++++++++++++++++++++++++ :: root@host:~# vi /usr/local/etc/poudriere.d/10_1-r-x64-make.conf It should at least have the following. :: WITH_PKGNG=yes # Only required for versions before 10.0 CPUTYPE?=native # Example, for an Atom CPU CC=clang # Highly recommended over GCC, CXX=clang++ # but only needed for 8.X and 9.X CPP=clang-cpp # since it's the default in 10.0 FETCH_BEFORE_ARGS=-p4 -T 10 MASTER_SITE_BACKUP?= http://ftp2.us.freebsd.org/pub/FreeBSD/ports/distfiles/${DIST_SUBDIR/} OPTIONS_UNSET= DEBUG HELP STATIC GNUTLS DOCS EXAMPLES IPV6 MANPAGES PTH IDN LIBIDN NLS DBUS SOUND ALSA PULSEAUDIO DOCBOOK CUPS TESTS HTMLDOCS BONJOUR GSSAPI APIDOCS Choose the Packages You Want to Build ++++++++++++++++++++++++++++++++++++++++ Add the packages you want to build to a file. :: root@host:~# vi /usr/local/etc/poudriere-list For example, I'm building these packages. :: editors/nano editors/vim lang/go lang/python3 ports-mgmt/portmaster ports-mgmt/poudriere security/sudo shells/bash Setup for Signing Packages ++++++++++++++++++++++++++++++++++++++++ Create RSA key for signing the packages. :: root@host:~# mkdir -p /usr/local/etc/ssl/keys /usr/local/etc/ssl/certs root@host:~# chmod 600 /usr/local/etc/ssl/keys root@host:~# openssl genrsa -out /usr/local/etc/ssl/keys/pkg.key 4096 root@host:~# openssl rsa -in /usr/local/etc/ssl/keys/pkg.key -pubout > /usr/local/etc/ssl/certs/pkg.cert Update Poudriere Ports ++++++++++++++++++++++++++++++++++++++++ Update the ports tree before building packages. :: root@host:~# poudriere ports -u Build Packages ++++++++++++++++++++++++++++++++++++++++ :: root@host:~# poudriere bulk -f /usr/local/etc/poudriere-list -j 10_1-r-x64 Configure for Local Poudriere Repo ++++++++++++++++++++++++++++++++++++++++ Configure your machine to use the local Poudriere repo. :: root@host:~# mkdir -p /usr/local/etc/pkg/repos root@host:~# vi /usr/local/etc/pkg/repos/poudriere.conf Add this to the file. Make sure the url doesn't end in a slash. :: poudriere: { url: "file:///usr/local/poudriere/data/packages/10_1-r-x64-default", mirror_type: "file", signature_type: "pubkey", pubkey: "/usr/local/etc/ssl/certs/pkg.cert", enabled: yes } Refresh pkgng Repo Info ++++++++++++++++++++++++++++++++++++++++ :: root@host:~# pkg update Install Packages from Poudriere ++++++++++++++++++++++++++++++++++++++++ :: root@host:~# pkg install -r poudriere bash vim go python3 portmaster portaudit Install Bash ---------------------------------------- If you're coming from Linux like me you're used to using bash. Since I'm building bash myself in Poudriere (see above) I'll use that version. :: root@host:~# pkg install -r poudriere bash root@host:~# mount -t fdescfs fdesc /dev/fd root@host:~# echo "fdesc /dev/fd fdescfs rw 0 0" >> /etc/fstab Now change the shell for your non-root user:: user@host:~$ chsh -s /usr/local/bin/bash FreeBSD, Poudriere, pkg-ng Update ---------------------------------------- This is a recurring sysadmin task: keep your computer updated. Install OS Updates +++++++++++++++++++++++ Install OS updates for the current release installed on your computer. :: root@host:~# freebsd-update fetch install Upgrade OS to New Release +++++++++++++++++++++++++++++ Upgrade to new release, e.g. from 10.1-RELEASE to 10.2-RELEASE. :: root@host:~# freebsd-update upgrade -r 10.2-RELEASE root@host:~# freebsd-update install root@host:~# reboot root@host:~# freebsd-update install Upgrade Poudriere +++++++++++++++++++++++++++++ :: root@host:~# poudriere jail -u -j 10_1-r-x64 root@host:~# poudriere ports -u root@host:~# poudriere bulk -f /usr/local/etc/poudriere-list -j 10_1-r-x64 Package Updates +++++++++++++++++++++++++++++ To check for outdated packages that need to be updated. :: root@host:~# pkg update root@host:~# pkg version -l "<" Install package updates only from your local Poudriere repo. :: root@host:~# pkg upgrade -r poudriere Install all other package updates from FreeBSD repo. :: root@host:~# pkg upgrade Ports Updates +++++++++++++++++++++++++++++ :: root@host:~# cd /usr/ports root@host:~# portsnap fetch update