Installing FreeBSD – Some Pointers

This is an introduction to FreeBSD that I’ve posted to the discuss@linux.mu mailing list. It may be helpful to somebody, so I’ll post it here too. It’s not very structured (it can be downright random even) and is not meant to be a tutorial. It’s only meant to give the reader a general feel for FreeBSD, give some pointers for a first installation, and highlight some gotchas.

One gotcha that you should be aware of is the fact that the xfree configuration from the installer (sysinstall) may be broken - it's never worked properly for me. So, just skip xfree configuration during the install. Do it after (easier anyway). I will be a waste of time installing the xfree that comes with the CD anyway, since it is outdated by now. You may also want to install xorg rather than xfree, and xorg is not on the FreeBSD release CD.

The best way to set up FreeBSD is to do a minimal install (plus cvsup and the ports system), update the OS, then start installing applications. However, be aware that updating the OS with the latest sources involves downloading the new sources - a pain on dialup. Re-compiling the world may take a few hours on old hardware. Note the distinction here. FreeBSD is an OS, Linux is a kernel. Updating the core of your FreeBSD system involves building a new kernel plus also building all the userspace utilities from updated sources.

Once you've updated the core of the OS, you can install other applications by compiling from source or by getting the binaries. At this point you'd probably want to install bash, xorg (or xfree), a desktop environment / window manager, and whatever else you need. Be prepared to spend a lot of time downloading stuff.

Some miscellaneous points:

1) /etc/rc.conf is the main configuration file for the system.

2) /etc/inetd.conf is where you can configure some internet services such as ftp, identd etc. Just look through the file and uncomment whatever you need.

3) To get you started, you will find it useful to read up on the following: cvsup (understand the different development branches that you can track, and decide which one is best for you), the ports system, portupgrade, how to build a new kernel (easy), how to build the world (easy). Look for Dru Lavigne's articles on the ports system and portupgrade on http://www.onlamp.com/bsd/. These are very helpful and well-written.

4) Firewalling in FreeBSD 5.x is done using either: ipfilter, ipfw, ipfw2, or pf. I recommend pf. It's in very active development, and has all sorts of goodies like bandwidth shaping, failover firewalling, OS fingerprinting (who's connecting to your box) through network stack identification, etc. It's also been ported from OpenBSD to FreeBSD and NetBSD - an indication that developers hold it in high regard. If you use iptables on linux, you'll find pf pretty easy to learn. pf is not installed by default. It is easy to install it though:

Install the /usr/ports/security/pf port:

cd /usr/ports/security/pf; make install clean

Then edit rc.conf and add the lines:

pf_enable="YES"
pf_logd="YES"
pf_conf="/usr/local/etc/pf.conf"

These lines will cause the system to load the pf kernel modules when you reboot. Write your firewall rules in /usr/local/etc/pf.conf. As a rule, configuration files for software that you install will go into /usr/local/etc. Configuration files for the base system live in /etc. Startup scripts (read on a reboot) for daemons that you install will go into /usr/local/etc/rc.d. To manually start pf, do ”/usr/local/etc/rc.d/pf.sh start". You can control pf from the command line by using pfctl (man pfctl for more details). Use tcpdump if you want to monitor the log in real time. You may also be interested in pftop (/usr/ports/security/pftop).

5) Whenever you cvsup, read /usr/ports/UPDATING. From time to time there may be some issues that you need to be aware of, and these will be written in the file. Definitely read the file after the first time you update your sources with cvsup. There are some gotchas that you will want to be aware of. It will save you a lot of grief.

6) FreeBSD has a Linux binary compatibility layer that enables you to run linux binaries. It is very fast, so don't worry about performance hits. It's very helpful for things like the macromedia flash plugin. Macromedia doesn't release one for FreeBSD, but FreeBSD can use the Linux version.

7) Take your time, read the FreeBSD handbook. It's good that you will have access to your desktop system while setting up FreeBSD on the laptop. It's a good idea to subscribe to the different mailing lists. If you have any questions, you can ask the folks in the FreeBSD-questions mailing list. Please don't post questions to FreeBSD-newbies.

The big difference that you will notice between FreeBSD and mainstream Linux distros (like mandrake, fedora, suse) is the fact that with FreeBSD you usually end up installing a minimal system, updating it with the latest sources, then "growing" the system by installing an x-server and other applications. You can maintain an up to date system - latest x-server, latest desktop environment, applications very easily (portupgrade -arR). That's why gentoo users love gentoo as well.