How (and why) to Add User(s) to FreeBSD

This tutorial by user shows us how to add more users to an existing FreeBSD installation.

http://www.instructables.com/id/How-and-why-to-Add-Users-to-FreeBSD/?ALLSTEPS

2015-05-20_14-44-34While most system administrators and power users will roll their eyes at this Instructable, I present it simply to present another way of administering your FreeBSD system. Any novice sysadmin (if they are worth their salt) has done something stupid while logged into the “superuser” root account. I am not discouraging the use of root (when applicable), but allowing you a thin safety-net between any mistakes you might make.

Step 1: Decide on your (new) username and purpose

I have created user accounts that were compartmentalized. For example, one account was to solely update a webpage and associated database. Another was for my music server. While seemingly cumbersome, the less privileges you give a user account, the less problem you will have if someone breaks into the account and attempts to do harm.

For this Instructable, I am creating an account that will be equal to root (for all intents and purposes), but provide “safeguards” to make you think twice before executing a command. For these examples, I am naming the account knight… as in “protector of the realm.”

Step 2: Use adduser to…Add User

Being logged in as root (initially), type in:

[Read more…]

[FreeBSD-Announce] Updates regarding FreeBSD.org svn mirrors

This FreeBSD announcement is regarding mirror changes on svn.freebsd.org. As noted, the update serves to improve security and will not interrupt any activities.

Original: https://www.mail-archive.com/freebsd-announce@freebsd.org/msg00662.html

freebsd_logo_text

There have been some updates to the project-operated svn mirrors.  The current 
status is here:
  https://www.freebsd.org/doc/handbook/svn.html
The changes should improve robustness and security and are not intended to be 
disruptive.

Of note:
* "svn.freebsd.org" is now geo-dns routed to a mirror, with failover.
* "svn.freebsd.org" is now the recommended location for general use.
* https://svn.freebsd.org now has a real certificate and use of https is 
encouraged.
* The old mirror names are deprecated and no longer documented but are 
expected to continue to be usable for the foreseeable future.

For future checkouts, you should use svn.freebsd.org rather than the 
deprecated mirror names.

Before using the https method, you should ensure that you have the 
'security/ca_root_nss' package installed, for example:
# pkg install ca_root_nss

[Read more…]

Replacing MySQL with MariaDB in FreeBSD

In this tutorial, user iceflatline shows us how to replace MySQL with MariaDB in FreeBSD.

Original: https://www.iceflatline.com/2015/07/replacing-mysql-with-mariadb-in-freebsd/

MariaDB

In my post on how to install and configure Apache, MySQL, PHP and phpMyAdmin on FreeBSD (FAMP) for basic local web development activities, one of the components is the MySQL database server. But what if you prefer to use MariaDB?

MariaDB is an open source alternative to MySQL, and available under the terms of the GPL v2 license. It is developed by the MariaDB community with oversight by the MariaDB Foundation. For all practical purposes MariaDB is a drop-in replacement for the same MySQL version. All commands, interfaces, libraries and APIs that exist in MySQL also exist in MariaDB. For example, MySQL 5.1 and MariaDB 5.1 are compatible, as are MySQL 5.5 and MariaDB 5.5. MariaDB 10.0 is the drop-in replacement for MySQL 5.6, and can also replace MySQL 5.5.

This post will use the aforementioned post on how to install and configure Apache, MySQL, PHP and phpMyAdmin on FreeBSD as an example implementation and demonstrate how to install and configure MariaDB as a replacement for MySQL. I strongly encourage you to test these steps first before using them on your development or production environment. At the very least you should backup your database(s).

The versions of software discussed in this post are as follows:

  • FreeBSD 10.1-RELEASE (running as a guest OS under VMWare ESXi hypervisor 6.0.0
  • apache24 2.4.12
  • mysql56-server 5.6.24
  • mariadb55-server 5.5.43
  • mariadb100-server 10.0.17
  • mod_php56 5.6.11
  • php56 5.6.10
  • php56-extensions 1.0 [Read more…]

Linux, Solaris, and FreeBSD driver 352.30

NVIDIA Linux Graphics developer aplattner has released the latest update to their NVIDIA driver. For those using the Tesla K80 or GeForce 910M GPUs, support has been added for FreeBSD. Follow the link below to download for your distribution.

Original: https://devtalk.nvidia.com/default/topic/860119/linux-solaris-and-freebsd-driver-352-30/

351px-Nvidia_logo

Release highlights since 352.21:

  • Added support for the following GPU:
    • Tesla K80
    • GeForce 910M
  • Fixed a bug that caused poor video post-processing performance in VDPAU when operating on a large number of video streams simultaneously.
  • Updated nvidia-installer to use modprobe(8) when leaving the NVIDIA kernel module loaded after installation, instead of insmod(8) or libkmod. This allows the kernel module to honor any configuration directives that apply to it in /etc/modprobe.d when it is loaded.
  • Fixed a bug that allowed console messages from the Linux kernel to be drawn over the user interface of nvidia-installer.

[README | Linux x86 | Linux x86_64 | Linux ARM | Solaris | FreeBSD x86 | FreeBSD x86_64]

Aaron Plattner
NVIDIA Linux Graphics

FreeBSD now has NUMA? Why’d it take so long?

Adrian Chadd, known for his extensive WiFI work, writes about his findings of NUMA (non-uniform memory access) in FreeBSD.

Original: http://adrianchadd.blogspot.com/2015/07/freebsd-now-has-numa-whyd-it-take-so.html

https://svnweb.freebsd.org/base?view=revision&revision=285387

I just committed “NUMA” to FreeBSD. Well, no, I didn’t. I did almost no actual NUMA-y work in FreeBSD. I just exposed the existing NUMA stuff in FreeBSD out and re-enabled it.

FreeBSD-9 introduced basic NUMA awareness in the physical allocator (sys/vm/vm_phys.c.) It implemented first-touch page allocation, and then fell back to searching through the domains, round-robin style. It wasn’t perfect, for some workloads it was apparently okay. But it had some shortcomings – it wasn’t configurable, UMA and other subsystems didn’t know about NUMA domains, and the scheduler really didn’t know about NUMA domains. So I’m sure there are plenty of workloads which it didn’t work for.

That was all ripped out before FreeBSD-10. FreeBSD-10 NUMA just implements round-robin physical page allocation. It still tracks the per-domain physical memory regions, but it doesn’t do any kind of NUMA aware allocation. From what I can gather, it was removed until something ‘better’ would land.

However, nothing (yet) has landed. So I decided I’d take a look into it. I found that for a lot of simple workloads (ie, where you’re doing lots of anonymous memory allocation – eg, you’re doing math crunching) the FreeBSD-9 model works fine. It’s also a perfectly good starting point for experimenting.

So all my NUMA work in -HEAD does is provide an API to exactly the above. It doesn’t teach the kernel APIs about domain aware allocations – there’s currently no way to ask for memory from a specific domain when calling UMA, or contigmalloc, etc. The scheduler doesn’t know about NUMA, so threads/processes will migrate off-socket very quickly unless you explicitly limit things. Devices don’t yet do NUMA local work – the ACPI code is in there to enumerate which NUMA domain they’re in, but it’s not used anywhere just yet.

Then what is it good for?

[Read more…]

Ethereum on Different Operating Systems (self.ethereum)

FreeBSD user /u/aedigix shows us how to get Ethereum set up on FreeBSD. Ethereum is a virtualized platform for decentralized applications.

Original: https://www.reddit.com/r/ethereum/comments/3e8eqx/ethereum_on_different_operating_systems/ctcidxe

ETHEREUM_NAV-BAR-LOGO

For go-ethereum If you install go 1.4 you can just do the following:

git clone git@github.com:ethereum/go-ethereum.git
cd go-ethereum && git checkout tags/<latest stable> && make geth 

For cpp-ethereum/solidity compiler This is a little bit more involved but I am able to build on FreeBSD 10 and 11 using the following steps:

Dependencies which should be available in Fedora’s yum repo, FreeBSD/Gentoo ports, etc….

llvm35 gcc48 cmake boost-all-1.55.0 ncurses automake libtool unzip gmp leveldb yasm miniupnpc readline curl cryptopp libmicrohttpd libjson++ argtable opencl ode npm doxygen gmake cmake

On FreeBSD I have to build jsoncpp and libjson-rpc-cpp manually with the following steps:

jsoncpp

git clone git@github.com:open-source-parsers/jsoncpp.git
cd jsoncpp && git checkout tags/1.6.2
mkdir build && cd build
cmake -DCMAKE_CXX_FLAGS="-fPIC" ..
gmake
gmake install

libjson-rpc-cpp

cd libjson-rpc-cpp
git checkout tags/v0.5.0
mkdir build && cd build
cmake -DCMAKE_CXX_FLAGS="-fPIC" ..
gmake
gmake install

Then build cpp-ethereum:

git clone git@github.com:ethereum/cpp-ethereum.git
cd cpp-ethereum && git checkout develop
mkdir build && cd build
cmake -DFATDB=1 -DUSENPM=1 -DETHASHCL=1 -DEVMJIT=1 -DLLVM_DIR=/usr/local/lib/llvm-3.5/share/llvm/cmake ..
gmake -j8

OPNsense 15.7.4 Released

The developers of OPNsense have released version 15.7.4. Changes noted are updated sudo, FreeBSD, languages, menu, firmware, and dashboard fixes, etc. Follow the link below to download the latest version.

Download: http://mirrors.nycbug.org/pub/opnsense/releases/mirror/

Original: https://opnsense.org/opnsense-15-7-4-released/

opnsense

Hello friends,

another week it is, this time with a rather exciting TCP state fix in the FreeBSD kernel. We’ve also taken the time to work through most of the code base to eradicate code warnings and now enable them by default in the crash reporter. We’re half-expecting another stable update early next week just to make sure your infrastructure keeps running as smoothly as possible.

Here are the the full patch notes:

  • updated sudo 1.8.14p3 [1], pcre 8.37_2 [2], and FreeBSD 10.1-RELEASE-p15 [3]
  • firmware: fix upgrade when using opnsense-devel package
  • proxy: fix config write for multiple interfaces
  • crash reporter: raise PHP log level to warnings after an extensive cleanup
  • dashboard: made widgets translatable (contributed by Fabian Franz)
  • firewall logs: usability improvements (contributed by Fabian Franz)
  • languages: Simplified Chinsese 64% complete
  • languages: German 40% complete
  • menu: fixed navigation for PPPoE edit

Stay safe,
Your OPNsense team

[1] http://www.sudo.ws/stable.html#1.8.14p3
[2] https://bugs.exim.org/show_bug.cgi?id=1651
[3] https://www.freebsd.org/security/advisories/FreeBSD-SA-15:13.tcp.asc

FreeBSD 10.2-BETA2 Now Available

The developers of FreeBSD have made available version 10.2-BETA2. See below for the documented changes.

Download link:

  ftp://ftp.freebsd.org/pub/FreeBSD/releases/ISO-IMAGES/10.2/

Original: https://lists.freebsd.org/pipermail/freebsd-stable/2015-July/082771.html

freebsd-logo-large

The second BETA build of the 10.2-RELEASE release cycle is now
available.

Installation images are available for:

o amd64 GENERIC
o i386 GENERIC
o ia64 GENERIC
o powerpc GENERIC
o powerpc64 GENERIC64
o sparc64 GENERIC

The image checksums follow at the end of this email.

FreeBSD/arm SD card images are available for:

o BEAGLEBONE
o CUBOX-HUMMINGBOARD
o GUMSTIX
o RPI-B
o PANDABOARD
o WANDBOARD

Note:  For convenience for those without console access to supported arm
devices, a default 'freebsd' user exists for ssh(1) login.  The password
is 'freebsd', which it is strongly recommended to change after gaining
access to the system.  Additionally, the 'root' user password is 'root',
which is also recommended to change.

[Read more…]