Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
FreeBSD Cheatsheet

FreeBSD 10 Cheatsheet

MIT License

Copyright 2015 Barry Allard

Latest version here

Common Tasks

Install GNU make

    (cd /usr/ports/devel/gmake && make install clean clean-depends)

Install Bash

    (cd /usr/ports/shells/bash-static && make install clean clean-depends) && chsh -s `which bash`
    grep bash /etc/shells

FreeBSD installation "sets" (aka "Components")

  • Usual defaults: none of games lib32 ports src doc
  • doc: /usr/share/doc non-man page docs
  • lib32: 32-bit compat libs for 64-bit systems
  • src: /usr/src Kernel and userland sources
  • ports: /usr/ports, unnecessary since it be created (downloaded) at any time via portsnap fetch extract

Linux differences

  • sed is BSD sed (GNU sed is port textproc/gsed)
  • make is BSD make (GNU make is devel/gmake)
  • awk is BSD awk (GNU awk (gawk) is lang/gawk)
  • sh is BSD Bourne shell, not bash (bash is shells/bash)
  • vi is the original Bill Joy editor (vim is editors/vim)
  • strace is dtruss
  • watch is cmdwatch (sysutils/cmdwatch)
  • libtool is in devel/libtool
  • git is in devel/git
  • perl is in lang/perl5.22
  • python is in lang/python27
  • ruby is in lang/ruby22
  • The built-in system OpenSSL is rarely current (latest is security/openssl)
  • The default downloading tool is fetch (curl is ftp/curl)
  • readline lib is devel/readline
  • clang is the default compiler
  • There is no service process manager (i.e., upstart, systemd), so runit/daemontools can be useful
  • Root shell defaults to csh
  • sudo is not part of the base system, so use su until security/sudo is installed
  • sed -i s/a/b/ whatever -> sed -i '' s/a/b/ whatever
  • find -name foo -> find . -name foo

System

  • Update the system (base system only, not ports): freebsd-update fetch install && reboot
  • System configuration: /etc/rc.conf

Security

  • Audit all ports for latest known security issues pkg audit -F
  • Setup pf

Services

  • Restart a service service {{service_name}} restart
  • Make a service always run at boot: /etc/rc.conf append {{service_name}}_enable=YES
  • Port installed config files are usually in /usr/local/etc however they can also be in /etc
  • Start a service without permanently enabling it service {{service_name}} onestart

Ports/packages

  • List all packages installed pkg info
  • Packages FS hierarchy: /usr/local
  • Install a prebuilt binary package (could be old): pkg install foo
  • Update ports (build files, not packages at /usr/ports): portsnap fetch extract upgrade
  • Update all installed ports: (cd /usr/ports/ports-mgmt/portmaster && make install clean clean-depends) && portmaster -a --delete-packages --no-confirm
  • More ports doc: man ports
  • Build and install package from source: (cd /usr/ports/{{category}}/{{portname}} && make install clean clean-depends)
  • Search for a port: (cd /usr/ports && make search name=foo)
  • Ports development https://github.com/freebsd/freebsd-ports
  • Upgrade perl5 from 5.18 to 5.22 portmaster -o lang/perl5.22 lang/perl5.18
  • Most common /etc/fstab additions
# bash requires fdescfs(5) mounted on /dev/fd
fdesc	/dev/fd		fdescfs		rw	0	0

# htop requires linprocfs
linprocfs   /compat/linux/proc   linprocfs   rw   0  0

VMware Guest Tools

  • Needs lang/perl5.22 and misc/compat6x before installing via ./vmware-tools-install.pl
  • em[0-9]+ are the fastest adapters
  • turn off tso sysctl net.inet.tcp.tso=0 && touch /etc/sysctl.conf && echo net.inet.tcp.tso=0 >> /etc/sysctl.conf

Bare-metal and virtualized console niceities

Season to taste with these:

# add to /etc/rc.conf
keyrate="fast"                       # for fast people
moused_enable="YES"                  # turn on the pseudo-graphical mouse
moused_flags="-A 1.2 -m 2=3 -m 3=2"  # For Linux-like console "paste" compatibility on VMware Fusion
allscreens_flags="-h 4000 MODE_352"  # For higher-res SVGA console on VMware Fusion and 4000 lines of scrollback

Bare-metal and virtualized other

  • Time synchronization: ntimed (net/ntimed) is far more efficient, accurate and secure than either ntpd or openntpd

Setup SSH securely

Go here

Other nifty things FreeBSD can do

  • Run Xen dom0 (run Linux, FreeBSD, Windows, etc., no XAPI however)
  • ZFS (FreeNAS... which is mostly just a Django app on top of FreeBSD)
  • Docker alternative: ezjail
  • The fastest, carrier-grade UDP network stack on the planet
  • Far, far slimmer syscall ABI
  • Run Linux binaries
  • Run Varnish on ridiculously huge, bare-metal boxen
  • Appliance like pfSense or your-fancy-enterprise-app-and-gigabucks-startup-here (see also nanobsd)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment